Re: [Exim] host_reject_recipients leaking a few subnets

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Philip Hazel
CC: Bill Duncan, exim-users
Subject: Re: [Exim] host_reject_recipients leaking a few subnets

I'm not sure if this has been discussed before or not, but, in exim 4
will there be a way to have a file containing network specifications
with varying bitmask legnths in it (possibly some negated), that one
will be able to do a lookup in with a single IP address as the key?



On Mon, 24 Sep 2001, Philip Hazel wrote:

> On Sun, 23 Sep 2001, Bill Duncan wrote:
>
> > For example, I might list "10.0.0.0/8" near the top of the file, and further
> > down in the file I might have more specific subnets with examples in comments.
> > Like "10.20.0.0/16" might be listed as a separate item with comments describing
> > why.
> >
> >
> > I reference the file like this in the config file:
> >
> >    HOST_REJECT    = /usr/exim/etc/reject_host.txt

>
> That won't work. Read up about the difference between file inclusions
> like that and lookup types. For a file like that, Exim reads
> sequentially. Therefore, the 10.0.0.0/8 will always take precedence.
>
> With a large number of entries, you may be better off using some kind of
> lookup, e.g. net-cdb, but with several different network sizes, you'll
> have to use several lookups, e.g.
>
> host_reject = net16-cdb;/the/file : net-8;/the/file : ...
>
>


--