Adding ASN info

Carmichael, Alistair Alistair.Carmichael at
Tue May 20 13:35:33 IST 2008

A thought although not directly based on ASN but it would be possible to
reject certain client's connection based on country of origin using the
postfix MTA with mysql support. You could have one table housing the
geoip database and another with country codes and actions against that,
add something like: 
to postfix in the smtpd_client_restrictions and use a slightly more
complex query which could look like:
SELECT action FROM geoip_country LEFT JOIN countryblock ON
geoip_country.iso_country_code=countryblock.code WHERE begin_num <
Of course in this example my second table is called countryblock and has
columns "code" and "action"
This isn't a system I by any means use on my mail servers but I do use a
similar system to stop spam bots signing up to a web forum I look after
using a similar technique.

-----Original Message-----
From: mailscanner-bounces at
[mailto:mailscanner-bounces at] On Behalf Of Steve
Sent: 20 May 2008 12:09
To: MailScanner discussion
Subject: Re: Adding ASN info

Hugo van der Kooij wrote:
> Hash: SHA1
> Hi,
> Has anyone done any work on adding ASN info to a message in the way
> procmail filter does it? I would prefer to do this in postfix but a
> custom call in MailScanner before SA is called upon would do as well.
> It sounds like a fun idea to let the ASN info become part of the
> Bayesian selection. And we might add a decision to block all messages
> from certain countries. All I ever got from Nigeria are messages with
> wacky deals.

SpamAssassin can do this natively if you want to Bayes to consider the

 From MailWatch v2:

sub ip_to_asn {
  my $ip = shift;
  my $revip = join(".", reverse split(/\./,$ip));

  use Net::DNS;
  my $res = Net::DNS::Resolver->new;
  my $query = $res->search("$","TXT");

  if($query) {
   my @answer = $query->answer;
   my $asn = $answer[0]{char_str_list}[0];
   return $asn;
  return '4294967295';

You could hack this into MailScanner's then in 'sub new{' 
after the variables are initialized add:

$global::MS->{mta}->AddHeader($this, 'X-MailScanner-ASN:', 

And that would do the equivalent to your procmail script.

However - I wouldn't recommend either way as has been 
known to slow and/or offline at times and it will adversely affect your 
scanning and delivery times (I disabled this function in MWv2 for this 

If you really need this and have RAM to spare, then rsync the zone file 
and serve it locally (BIND format only however; it's not possible to use


