I do exactly this -- except that I use tinydns as my DNS server. It
gives me one line of log data for each request. It is suprising what
junk you get as well. Most of the traffic appears to be probes for
something.....
Philip
Greg Connor wrote:
Forgive me if this is a frequent topic... I recently joined and could
not easily find archives for the list.
I would like to log whether anyone is looking up my spf records, and
for which hosts. Specifically I was thinking of something as hinted
in the draft, like
v=spf1 exists:%{ir}.%{l1r+-}._spf.%{d} +mx +ptr -all
which might expand to "1.2.0.192.someuser._spf.example.com".
So, even if I have an _spf domain with no data in it, I could log the
queries against my DNS servers and get an idea of who is checking SPF,
and who is sending the bad mail.
Has anyone done something like this? I will probably do so just as an
experiment. If someone has done this, I would be interested in your
named config info, and/or let me know if there is interest and I will
update folks on my results.
Thanks
gregc
--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.3.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription, please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.3.txt
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡