Re: nslookup question

Kyle R . Burton on Wed, 30 Oct 2002 10:54:53 -0500

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: nslookup question

From: "Kyle R . Burton" <mortis@voicenet.com>

To: phl@lists.pm.org

Subject: Re: nslookup question

Date: Wed, 30 Oct 2002 10:36:44 -0500

Reply-to: phl@lists.pm.org

Sender: owner-phl@lists.pm.org

> I'm trying to fix the security problem in formmail.pl to automatically > configure itself. The fix that is out there checks the passed recipient field > against an array of acceptable recipients. The problem on an active > server is the script has to be updated every time a new recipient is added. > > The following subroutine is designed to take the recipient email > address and test to see if the domain name resolves to the IP address > of the server. > > my ($Email) = @_; > return 0 unless $Email; # Invalid if no passed eamil address > ($UserID,$Domain) = split("\@",$Email); > $Text = `nslookup $Domain`; # Get the output from nslookup > ($Junk,$Junk,$IPaddress) = split("Address: *",$Text); > $IPaddress =~ s/\s+$//; # Remove trailing whitespace > ($IPaddress eq $ENV{SERVER_ADDR}) ? return 1 : return 0; > > It works fine if the domain name is a valid domain name. If > it isn't the following line of text is displayed. > > *** ns1.request.net can't find usats.abc: Non-existent host/domain > > What seems to be happening is that nslookup prints once > if there is a valid domain name and the output is captured in $Text. > However, it appears to be printing twice for an invalid domain name > and the second print is not captured. Is there a work around to this > problem? I've made attempts in the past to write a cgi from mailer that is robust against spoofing, and is still flexible in allowing users to specifiy in the html file the recipient(s) for the email: http://www.bgw.org/projects/perl/mailer.cgi.txt It's approach might help you acheive a solution that doesn't necesarily have to rely on external services (or at least dns). Kyle -- ------------------------------------------------------------------------------ Wisdom and Compassion are inseparable. -- Christmas Humphreys mortis@voicenet.com http://www.voicenet.com/~mortis ------------------------------------------------------------------------------ **Majordomo list services provided by PANIX <URL:http://www.panix.com>** **To Unsubscribe, send "unsubscribe phl" to majordomo@lists.pm.org**

References:

nslookup question
From: Urb LeJeune <urb@usats.com>

Prev by Date: Re: nslookup question

Next by Date: Re: nslookup question

Previous by thread: Re: nslookup question

Next by thread: Re: nslookup question

Index(es):

Date

Thread