Re: limiting pop access to gmail servers ?


BUT, I suspect there are a LOT of possible IPs that google will use to pop
from us ...

You are right about that. According to my pop logs, my servers have
encounter about 1000 different IPs from google (920 actually).
Domain names are always like mail-[a-z][a-z][0-9]-[a-z][0-9][0-9]*.
By the way, I'm in europe, I'm not sure USA, Australia or Japan would see
the same gmail POP clients.

You can make active checks for incoming connections. If reverse DNS record
is valid (ip -> resolves to name -> resolves to same ip) and it matches '.*$' regexp, then it is Google.

Олег Петрачев
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"