On Wed, 13 Aug 2003, Walt Reed wrote:
> I have a local blocklist that looks like such:
>
> 200.0.0.0/8
> 202.30.0.0/15
> *.client.comcast.net
> *.client2.attbi.com
>
> I would like to use something like this instead:
>
> 200.0.0.0/8 Rejected due to excessive spam from netblock 200/8
> 202.30.0.0/15 no access from $sender_host_address
> *.client.comcast.net Rejected: use your ISP's mail relay
> *.client2.attbi.com Rejected: use your ISP's mail relay
>
> Right now, I am using an ACL like this:
> deny ! hosts = /etc/exim4/whitelist
> hosts = /etc/exim4/blocklist
> message = Rejected: $sender_host_address blocked - see http://example.com/block/
You would have to use a lookup, and because you have both names and
networks, and different kinds of network, you would have to use several
lookups. Because these need to be alternatives, you would have to use
several different statements. It all gets very messy:
deny !hosts = /etc/exim4/whitelist
hosts = partial-lsearch;/etc/exim4/blocklist
deny !hosts = /etc/exim4/whitelist
hosts = net8-lsearch;/etc/exim4/blocklist
deny !hosts = /etc/exim4/whitelist
hosts = net15-lsearch;/etc/exim4/blocklist
The repeated whitelist test is inefficient. It could be improved by
turning it into a named list, for which the result is cached.
Alternatively, depending on how your configuration works, you could put
accept hosts = /etc/exim4/whitelist
earlier, to remove the need to keep testing.
The repeated scanning of the file is also inefficient, though you could
of course turn it into a dbm or cdb file, which would be better, and
worthwhile if there are more than, say 30 or 40 entries.
> First, is it possible to have an exim variable such as
> $sender_host_address in the data and have it expanded (not a big
> priority...)
$sender_host_address is set, but is not used directly in single-key
lookups. It is implied by the "net-" prefix to the lookup type.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book