[Exim] Stopping reverse DNS lookups

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Ian Marsh
Data:  
Para: Exim Users
Asunto: [Exim] Stopping reverse DNS lookups
Hi!

I have been working on setting up exim as the mail daemon on a
firewall. What I need it to do is to not do reverse DNS lookups on
specified IP address ranges. These ranges cover the hosts on the
internal network, they don't have DNS entries in either the internal or
external DNS servers (exim only has access to the external DNS anyway).

From running an 'exim -bh <ip>' test it appears that the fact that we
have entries in the 'relay_domains' and 'host_accept_relay' lists is
making exim to the reverse lookups. All this appears to be regardless of
what I put in the 'host_lookup' entry:

host_lookup = !172.0.0.0/8
host_accept_relay = 172.0.0.0/8

I realize that the '+allow_unknown' option in a host-list will do want
I want but as far as I can tell this is an all-or-nothing approach. As
the docs say, it's rather easy for someone to make use of this 'feature'
and spam off your server.

Does anyone have any ideas for a more selective approach?

Thanks,
Ian Marsh