[Exim] Per-user dnslist exceptions

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
M\Marc MERLIN at ->
Delete this message
Reply to this message
Author: Jason L Tibbitts III
Date:  
To: exim-users
Subject: [Exim] Per-user dnslist exceptions
I'm getting used to Exim 4.04 and am using the following bits in
acl_check_rcpt to use DNS-based blocking lists: 

  deny    message       = rejected because $sender_host_address is in a block list at $dnslist_domain\n$dnslist_text
          dnslists      = relays.osirusoft.com : bl.spamcop.net
          !hosts        = net-lsearch;/etc/exim/whitelist_ips
          !hosts        = lsearch;/etc/exim/whitelist_hosts
          !local_parts  = lsearch;/etc/exim/no_blocklist_users


  warn    message       = X-Warning: $sender_host_address is in a block list at $dnslist_domain
          log_message   = found in $dnslist_domain
          dnslists      = relays.osirusoft.com


  warn    message       = X-Warning: $sender_host_address is in a block list at $dnslist_domain
          log_message   = found in $dnslist_domain
          dnslists      = bl.spamcop.net



This works well; I can opt a user out of filtering without turning it
off globally, and I can also whitelist individual hosts or IPs, but I
do have some questions.

First off, are the '!' marks in the first stanza in the right place?
I can either invert the condition or invert, uh, what's to the left of
the equals sign, but I don't know if it makes a difference.

Is there any way to avoid having to do the two !hosts lookups, one
net-lsearch for IP addresses and one lsearch for the domain name?

Is it necessary to use multiple warn stanzas to get a separate
X-Warning: header for each blocklist? It appears that the hosts in
dnslists are checked in order and the test short-circuits. Is there
any downside to doing it this way (other than a few additional lookups
that would have otherwise short-circuited)?

Any idea how I would go about having per-user lists of whitelisted
hosts? I played with various ways to get $local_part into the
filename of an lsearch but I just didn't make any progress. Or is it
better to do this in the user's filter? (I want to be able to bounce
the message instead of dropping it on the floor, and I don't yet know
enough about filters to know if I can do that or not.) 

Thanks for any assistance,
--
  Jason L Tibbitts III - tibbs@??? - 713/743-3486 - 660PGH - 94 PC800
       System Manager:  University of Houston Department of Mathematics



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Exim not transferring outgoing mail[Exim] mail list alias for virtual domains->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)