Author: Dave C. Date: To: Andrew CC: exim-users Subject: Re: [Exim] host_accept_relay
Ok, I took a closer look, and I see the problem..
Under section "7.15 Host lists" of the specfile..
It deliniates a number of items which can appear..
One of them reads:
- . If the item is of the form net-<search-type>;<search-data> then
-the text form of the IP address of the subject host is used unmasked
-as the lookup key. This is not the same as specifying net32 for an
-IPv4 address or net128 for an IPv6 address, because the mask value is
-not included in the key. However, IPv6 addresses are still converted
-to an unabbreviated form, using lower case letters and full stops as
-separators.
And at the end,
-The remaining items are wildcarded patterns for matching against the
-host name.
'lsearch' (without a 'net-' specification) is not included in the list.
So apparently if an lsearch is used in a host list, it must be host
names. I would do as follows:
And then arrange for the file to contain straight IP's (without /32
appended) That *should* do what you want..
On Sat, 5 Aug 2000, Andrew wrote:
> ----- Original Message -----
> Sent: Saturday, August 05, 2000 7:55 AM
> Subject: Re: [Exim] host_accept_relay
>
>
> > You can put IP addresses or networks in host_accept_relay - they don't
> > have to be host names. If you are accepting based on IP address, make
> > sure the IP addresses are listed BEFORE any items which are host
> > names.. Once exim hits a hostname, it has to do a reverse lookup, and
> > if it fails it rejects without going any further.
> I have +warn_unknown in hosts_reject_reciepients so it ain't that
> I use ip's for all the host_accept_relay
> config
> -
> host_accept_relay = "203.23.53.0/24:lsearch;/usr/exim/popauth"
> -
> the popauth file contains ips
> I've tried with /32 and without
> I've tried swaping the order of ips
> ip's in the file that do have a reversable entry work fine
> all I get is this on a unreversable IP that is in the list
> >>> host in host_accept_relay? no (failed to find host name or lookup
> deferred)
> 203.123.75.1 is the ip I've been testing with :)
> this is exim 3.14 btw
> > Alternatively, if your clients are using relatively new POP clients,
> > you might want to look into setting up AUTH-SMTP...
> >
> might be an option though maybe more painfull for clients
> I will look into it though
> thanx
> cya
> Andrew
>
>
> --
> If you think nobody cares about you, try missing a couple of payments.
>
>