Blocking Unknown/Unresolved IP's

go-san

Registered
Feb 12, 2005
3
0
151
How can I block all unknown/unresolved IP addresses? I want to stop spam on my site but IP spoofers are preventing me from blocking IP addresses. Specifically, how can I use the IP Manager to block unknown/unresolved IP addresses? Also, would this be a bad idea?
 

go-san

Registered
Feb 12, 2005
3
0
151
Is this posted in the wrong forum or does no one know how to answer the question?
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
You don't say how you want to block IP address, or how you want to distinguish them. There's no such thing as an unknown IP address, do you mean an IP address without a rDNS PTR record? If so, then you cannot block those within the IP Manager and I don't know why you would want to, since that would simply block anyone browsing to your web site who didn't have an rDNS record setup by their ISP.

If you want to block SMTP servers from sending email to your server that don't have an rDNS PTR record correctly configured, then you can do so by adding the following ACL to the exim ACL configuration:
Code:
  require verify = reverse_host_lookup
         message = Your mail server IP address ($sender_host_address) has no reverse DNS PTR
 

go-san

Registered
Feb 12, 2005
3
0
151
chirpy said:
You don't say how you want to block IP address, or how you want to distinguish them. There's no such thing as an unknown IP address, do you mean an IP address without a rDNS PTR record? If so, then you cannot block those within the IP Manager and I don't know why you would want to, since that would simply block anyone browsing to your web site who didn't have an rDNS record setup by their ISP.

If you want to block SMTP servers from sending email to your server that don't have an rDNS PTR record correctly configured, then you can do so by adding the following ACL to the exim ACL configuration:
Code:
  require verify = reverse_host_lookup
         message = Your mail server IP address ($sender_host_address) has no reverse DNS PTR
I was refering to rDNS. Thank you.