[Exim] (Documentation) dnslists in ACL - /additional_data

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Alan J. Flavell
Datum:  
To: Exim users list
Betreff: [Exim] (Documentation) dnslists in ACL - /additional_data
This refers to e.g
http://www.exim.org/exim-html-4.20/doc/html/spec_37.html#IX2185

or to the corresponding section of spec.txt in the current release.

The documentation says

| You can change the name that is looked up by
| adding additional data to a "dnslists" item, introduced by a slash.
| For example,

|
|     deny  message  = Sender's domain is listed at $dnslist_domain
|           dnslists = dsn.rfc-ignorant.org/$sender_address_domain




So far, so good. What was not obvious to me, one way or the other,
until I tried it, was that if one has parsed-out an IP address of
interest, for example by means of a regex, and wants to test it by
means of this mechanism against an IP-based DNSrbl, then one must
explicitly reverse the order of the octets in order to form the string
value to supply to the right of the "/".

The point of this posting was to suggest that the documentation might
make that point more explicit. Hope that's useful.


To be honest, I haven't put this to any good practical use yet, but I
have some ideas based on IP addresses parsed out of things like

X-Authentication warning: ... [11.22.33.44] claimed to be foo.bar

as possible "laundered spam" indicators, when the IP in question
checks out as a DNSrbl'ed open proxy.