> > Usage:
> > deny dnslists = some.blacklist.org!=127.0.0.3,127.0.0.4
> >
> > This is only an example. This means that if the IP is on the blacklist and
> > matches the list, it will fail (thus will NOT deny).
> >
>
> I'm not sure I see the point. Can you describe how this is better than:
>
> deny dnslists = some.blacklist.org
> !dnslists = some.blacklist.org=127.0.0.3,127.0.0.4
>
> As best I can tell, this does the same thing; if the host is in the
> blacklist, deny, UNLESS the blacklist result was 127.0.0.3 or 127.0.0.4.
If you're using a single blacklist, it really doesn't do anything different.
However, I'm not using a single blacklist.
Something like:
deny dnslists = sbl.spamhaus.org : \
list.dsbl.org : \
dnsbl.njabl.org!=127.0.0.3 : \
relays.ordb.org
Without the patch, I'd have to write:
deny dnslists = sbl.spamhaus.org : \
list.dsbl.org
deny !dnslists = dnsbl.njabl.org=127.0.0.3
dnslists = dnsbl.njabl.org
deny dnslists = relays.ordb.org
Which looks easier to maintain?
I didn't put the message = lines in there or if you want to exclude some
hosts from rbl checks.
Does this make it any clearer?
--
Lab tests show that use of micro$oft causes cancer in lab animals
