----- Original Message -----
From: "Philip Hazel" <ph10@???>
To: "James P. Roberts" <punster@???>
> On Wed, 31 Dec 2003, James P. Roberts wrote:
>
> > **********
> > 38.14. DNS lists keyed on domain names
> ^^^^^^^^^^^^^^^^^^^^^
>
> Note that this is different from DNS lists for IP addresses.
Got it.
>
> > tld.example.dsn.rfc-ignorant.org
> >
> > I am confused by the doc. The example address looks
> > backwards, as the tld is normally at the end of a
> > valid address.
>
> My bad usage of "tld". Should be something else.
>
> > As I understand DNS lists (RBLs), one usually submits
> > a request using a **reversed** dotted string with
> > the list domain appended.
>
> That is true for traditional DNS list lookups for IP addresses. It isn't
> true for the newer domain-based lists.
Understood.
>
> > My question is, if I want to check IP 1.2.3.4
> > against a dnslist, in an ACL, do I use:
> >
> > dnslists = cbl.abuseat.org/1.2.3.4
> > or
> > dnslists = cbl.abuseat.org/4.3.2.1
> > ?
>
> Aha! You are trying to subvert the feature for lookup up by domain
> names, and use it for looking up an IP address. In that case you will
> have to do the inverting yourself.
We used to say about pilots (when I was a Handling Qualities engineer), that
if you put a button or switch in the cockpit, no matter how you label it or
try to hide it, someday, a pilot WILL hit that button or flip that switch,
even if it causes what we not-so-euphemistically called "catastrophic loss of
aircraft." ;)
>
> > If Exim does NOT do the inversion; then, although
> > the doc is technically correct as is, it is
> > confusing to see tld first in the example address.
>
> True. I should revise that documentation.
>
> Philip
Thanks,
Jim
