[Exim] Re: Why is this so? ACL problem...

Página Inicial
Delete this message
Reply to this message
Autor: Bernard Massot
Data:  
Para: exim-users
Assunto: [Exim] Re: Why is this so? ACL problem...
On Wed, Mar 26, 2003 at 04:14:59PM +0100, Michael Jakscht wrote:
> I'm expieriencing a problem with the following check_rcpt ACL.
> The problem is that as you can see in the debug output the
> host_lookup isn't matched and the first ACL entry "accept hosts"
> is not matched too.
> But the third one is a match. I don't understand it!
> Hope someone can explain me this weird behaviour ;-)
>
> host_lookup = !+friends_with_broken_mx : *

It'd be better written just "host_lookup = !+friends_with_broken_mx".

> mail:~/.ssh # less /etc/exim/friends_with_broken_mx
> 62.159.202.98
> 193.190.200.4
> 81.88.34.3
> *.tle.de
> 62.180.229.130
> mail:~/.ssh #

Quoted from chapter 10.10 of the doc :
«The remaining types of pattern that can appear in host lists require
Exim to know the name of the remote host. They are all wildcarded names
of different kinds. [...]
If the remote host name is not already known when Exim encounters one of
these patterns, a system function (gethostbyaddr() or getipnodebyaddr()
if available) is used to find it from the IP address. This typically
causes a reverse DNS lookup to occur. [...] Consequently, a name cannot
always be found, and this may lead to unwanted effects.
If the DNS lookup fails, that is, if there is no reverse DNS entry for
the IP address, Exim behaves as if the host does not match the list.
This may not always be what you want to happen. [...] »

So put 62.180.229.130 *before* *.tle.de because Exim queries the DNS
to know if 62.180.229.130 is in *.tle.de and fails.
--
Bernard Massot