Forum Discussion
paul_adomeit_70
Nimbostratus
NimbostratusDNS requests with NAME::lookup
I've been toying a few ideas to protecting our inbound mail servers. It's normal when we have thousands of concurrent inbound mail connections and the majority is spam (we are like everyone else). We have a few ways of having our mail servers use iControl push differnet lists/irules to big-ip but nothing that's 'great'.
One simple thing that big-ip could help out in is making a DNS request for the senders SPF records (TXT). A quick compare of the client IP address to the SPF record and we have just shut off the spam bots.
The iRule would fire when the client is accepted, use the NAME::lookup procedure see if anything matches the IP::client_addr.
It appears that NAME::lookup will only work with A records and PTR records. Has anyone had any luck getting other types of records?
-p
2 Replies
paul_adomeit_70I opened a case with support. F5 has been pretty reasonable with some of our previous requests. If this seems important to F5 and there's not a huge amount of development work, it would not suprise me to see the features added in the not to distant future.
I'll update this thread in case folks are interested. And....if you are looking for extended DNS lookup functionality in iRules, add it here and be heard!!!
-p- Thanks Paul.
Opening a case is definitely the right move.
Please post back if you get a CR for that request.
...and if you are looking for extended DNS lookup functionality in iRules, the best way to raise visibility of a feature request within the F5 Product Development team is actually to have multiple customers open cases with F5 Support requesting the feature. The more cases that are linked to a CR, the more attention the request will get.
You can open a case at the Support portal and request it be linked to any relevant CRs: http://websupport.f5.com/ (Click here)
/deb
