limiting pop access to gmail servers ?
cronfy
cronfy at gmail.com
Mon May 2 07:12:32 UTC 2011
Hi,
> BUT, I suspect there are a LOT of possible IPs that google will use to pop
> mail
> > from us ...
>
> You are right about that. According to my pop logs, my servers have
> encounter about 1000 different IPs from google (920 actually).
> Domain names are always like mail-[a-z][a-z][0-9]-[a-z][0-9][0-9]*.
> google.com
> By the way, I'm in europe, I'm not sure USA, Australia or Japan would see
> the same gmail POP clients.
>
You can make active checks for incoming connections. If reverse DNS record
is valid (ip -> resolves to name -> resolves to same ip) and it matches '.*
google.com$' regexp, then it is Google.
--
Олег Петрачев
More information about the freebsd-security
mailing list