Jerry Jorgenson wrote:
> On 20 Jul 2003 13:15:56 +0100
> Thanks, Adam. That was it. I knew it must be something dumb like that, so
> now the acl reads
>
> deny dnslists = ! /etc/mail/allow_access_list : relays.ordb.org ...
> message = rejected because $sender_host_address ...
> log_message = found in RBL $dnslist_domain
>
> And it works perfectly. Thanks so much.
>
No, that's still not right. You're providing the contents of your
"allow_access_list" as a list of DNSBLs to check, and then inverting
the results of thoses tests (which will always fail because they're
not actually DNSBLs).
What you need is:
deny ! hosts = /etc/mail/allow_access_list
dnslists = relays.ordb.org ...
message = rejected because $sender_host_address ...
log_message = found in RBL $dnslist_domain
This does the following:
1) If the sending host is in your allow_access_list, stop processing
this ACL rule and go on to the next one.
2) Check the sending host's IP address against your chosen list of DNSBLs.
3) Set the message and log_message if the IP address was found in a DNSBL.
