On Wed, Jun 18, 2003 at 06:27:44PM -0700, Kevin W. Reed wrote:
[...]
> we blocked any site that arrived without a valid reverse
> dns lookup. We didn't care what the result was, just that there was one.
> We also overrode that with a list of users that would get email anyway.
> The configuration looked like:
> host_lookup = !/usr/local/exim4/host_lookup-exempt : \
> !/usr/local/exim4/net_lookup-exempt : \
> 0.0.0.0/0
[...]
Hello,
Unless I am completely wrong, this does not reject anything, it just
tells exim to try to make a reverse lookup for every incoming host for
logging. I am not that fit with exim3, but you'd probably have to use
something like
host_reject = ${if eq {$host_lookup_failed}{1} {*}{}}
For exim4 you'd use something *similar* (completely untested!) to this
as acl_smtp_connect:
# accept connections from whitelisted hosts.
accept hosts = /usr/local/exim4/host_lookup-exempt : \
/usr/local/exim4/net_lookup-exempt
# deny if reverse_host_lookup fails, continue acl otherwise.
require verify = reverse_host_lookup
# accept all other connections
accept
cu andreas
--
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
