[SURBL-Discuss] Re: [RulesEmporium] Rbldns and wildcards
Jeff Chan
jeffc at surbl.org
Sat Apr 24 01:44:48 CEST 2004
On Friday, April 23, 2004, 6:06:47 PM, Dallas Engelken wrote:
> dnset Set of (possible wildcarded) domain names with associated A and
> TXT values. Similar to ip4set, but instead of IP addresses,
> data consists of domain names (not in reverse form). One domain
> name per line, possible starting with wildcard (either with
> starâdot (*.) or just a dot). Entry starting with exclamation
> sign is exclusion. Default value for all subsequent lines may
> be specified by a line starting with a colon.
> Wildcards are interpreted as follows:
> example.com
> only example.com domain is listed, not subdomains
> thereof. Not a wildcard entry.
> *.example.com
> all subdomains of example.com are listed, but not examâ
> ple.com itself.
> .example.com
> all subdomains of example.com and example.com itself are
> listed. This is a shortcut: to list a domain name itself
> and all itâs subdomains, one may either specify two lines
> (example.com and *.example.com), or one line (.examâ
> ple.com).
> Instead of listing FQDN's, why not just list the TLD with a dot
> in front... For example, list .mailnotice.biz instead of
> t.mailnotice.biz in case they change to some other letter in
> front of their
> TLD.
There was a thread discussing BIND's lack of caching of wildcards
earlier:
http://lists.surbl.org/pipermail/discuss/2004-April/000178.html
Not sure if rbldnsd falls under the same category, but in either
case we've taken a different approach to remove the subdomains/host
names on both the data and client sides so that we're only comparing
base domains between them. If mailnotice.biz is the base domain
then that's all we look for in the SURBL and all we should be
extracting from the message body URI.
In other words we're deliberately using base domains everywhere
and not (wildcarded) subdomains.
Jeff C.
More information about the Discuss
mailing list