On Mon, 25 Mar 2002, Dean Brooks wrote:
> My concern upon reading this would be that if a particular RBL site
> had a total failure of all their name servers for whatever reason, it
> could render an entire Exim site inoperable.
> Is that true or would the local DNS resolver simply timeout and return
> a negative match and allow the message through?
Exim has got too complicated for my brain to remember it all any more. :-)
TFM says "If a DNS lookup times out or otherwise fails to give a
decisive answer, Exim behaves as if the host is not on the relevant
list." I presume that I implemented what I wrote, but that contradicts
what was posted:
> > > I've setup exim to use a few rbls but if the connection to the rbl
> > > timesout, exim temporarily rejects the msg. How can I configure exim
> > > 4.01 to accept the message instead of temp. rejecting?
I didn't check the code before I wrote:
> > There is no way to do this at present, short of modifying the code.
But actually, my comment is right and TFM is telling lies.
It looks like I changed things between Exim 3 and Exim 4, and did not
change the manual. Clearly something that got overlooked.
> If this is indeed the case, can the equivalent of a "/timeout_ok" flag
> on dnslists be appropriate or is their a technical problem with that?
No, there isn't a problem. I'm trying to rethink what happened. Is
suspect that I decided the original rule wasn't appropriate, because you
can use dnlists for both "white lists" and "black lists", and a single
default would not be right for all kinds. So I made it defer, but then
didn't implement any means of overriding that.
I've made a note to add some options. However, this is too late for
4.02, which will be released later today.
Philip
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.