Re: [Exim] Verisign pulls a fast one

Top Page
Delete this message
Reply to this message
Author: Wakko Warner
Date:  
To: Chris Edwards
CC: exim-users
Subject: Re: [Exim] Verisign pulls a fast one
> What about a site who have a defunct DNSBL in their MTA config ?
>
> Given an SMTP connect from a.b.c.d, they lookup d.c.b.a.relays.old-rbl.com
> - a query which will now succeed, (returning 64.94.110.11), so all mail
> may be blocked - aka "doing an osirusoft" :)
>
> Infact, all it takes is for one of *our* DNSBLs to drop out of the tld for
> some reason and we are screwed. A colleague (Hi Alan) suggests:
>
> > if we know what value the RBL is supposed to return, we can
> > just write e.g dnslist = rbl.example=127.1.0.2 in our recipes, that
> > should do it. But that gets to be a drag when there are 31 possible
> > return values... does it support e.g rbl.example=127.0.0.0/24
>
> Is there any easy way to do this ?


I did a patch for this that's in 4.20+
rbl.example!=64.94.110.11

It does not IIRC, support netblocks.

--
Lab tests show that use of micro$oft causes cancer in lab animals