Hi Nico,
my opinion is that at that point the acl for allowing the +local_domains
(the internal hosts) WITHOUT having the exim mta to do a DNSBLs check is
too late.
Is this in fact so or am I simply wrong?
What I want is (I think so) simple: Hosts from our internal network must
have immediate access to the exim mta plus that exim mta must not do an
DNSBL check for those hosts.
For !+local_domains and !+relay_from_hosts the check should be okay ... and
a must....
Michael
>> begin acl
>>
>> acl_check_rcpt:
>>
>> accept hosts = :
>> deny local_parts = ^.*[@%!/|] : ^\\.
>> accept local_parts = postmaster
>> domains = +local_domains
>> accept domains = +local_domains
> ^^^^^^^^^^^^^^^^^^
> This accepts anything to your local domains, before the check is
> done, remove it and .....
>> accept hosts = +local_networks : +relay_from_hosts
>> require verify = sender
>> deny hosts = !+vrfy_hosts : !+expn_hosts
>> message = relaying denied !!! - as we said... we don't
>> respect spammers!
>> deny message = rejected because $sender_host_address is in a
>> black list at $dnslist_domain\n$dnslist_text
>> log_message = found in $dnslist_domain
>> dnslists = relays.ordb.org : or.orbl.org :
sbl.spamhaus.org
>> : opm.blitzed.org
>> domains = !+local_domains
>
>Place it here:
> accept domains = +local_domains
>
>
>> deny message = relaying denied !!! - as we said... we don't
>> respect spammers!
>> ==============================================
