On Thu, 29 Jan 1998, Marek Jedlinski wrote:
Somebody else has asked about the load that frequent executing of
rblcheck might put on a system, so I won't ask that one again ;)
Feel free to ask. ;-) The load is rather minimal. However, if it starts to
become a problem, you can get authorization from the MAPS project to do
local zone transfers of the RBL DNS maps. Hence, all your lookups will be
local, and the load problem is basically solved.
(1) Could rblcheck optionally grok human-readable domain names and
look up the IP number itself?
Hmmm. I can do so, but I'll also be sure to put really big warnings in the
documentation about it. Why? Because if you have control of a domain, you
can make it resolve to -ANY- IP address you want. This is a trivial thing
to do. Hence, someone could make evilspammer.com resolve to 127.0.0.1,
which would always succeed. Conversely, someone could hack or poison your
DNS server, and make yourdomain.com resolve to 127.0.0.2, which will
always fail, a rather unpleasant idea.
The rule: never trust DNS. (Mind you, that's sort of what you're doing
with the RBL itself, but anyway. ;-)
(2) About portability. Rblcheck compiled nicely right out of the box
on my ISP's RedHat Linux. Any chance it would also compile on a win32
system, so folks like me could run it (manually) from their windows
boxes? Sometimes it might be useful (or plain iteresting) to check
whether a site it blocked by rbl, and it'd be even nicer to be able to
do it without telnetting to my shell account first. (Note: I haven't
even tried yet, seeing as I don't have a C compiler installed at the
moment. But my knowledge of C is minimal and in case of any
compilation problems I probably wouldn't have an idea if I;m
attempting the impossible or if a one-line fix of the Makefile would
suffice... Would the win32 port of gcc or djgpp do?)
The Win32 port of GCC (Cygnus' win32 port of GCC) -might- work. I say
might because you'll need a port of the resolver library. Most stuff I've
written like this compiles right out of the box under cygwin32, but I've
never tried DNS utilities. One catch with these kind of things is that
they're generally always console-mode apps (ie. run in a DOS window, or a
CMD.EXE window under NT).
Since I currently live in a Windows-free world, I can't really do a port
for you. If I can find someone to do a compile of it under Windows,
though, I'll definitely let everyone know.
I'll add support for lookups of domain names, but believe me when I say
that I'm not going to make it easy, or default behavior. ;-)
--
-------------------. emarshal at logic.net .---------------------------------
Edward S. Marshall `-----------------------' http://www.logic.net/~emarshal/
Spammers: Please email my blacklisting service at
"spam(_at_)logic(_dot_)net".