[Exim] SORBS blacklist - how to ignore one component only?

Top Page
Delete this message
Reply to this message
Author: Richard.Hall
Date:  
To: exim-users
Subject: [Exim] SORBS blacklist - how to ignore one component only?
Greetings,

I know something similar has been asked, and answered, before, but I
couldn't find an answer to my specific question. Apologies if I missed
it.

Conventional wisdom has it that

a) the SORBS blacklists are generally a Good Thing
b) but the Spam Database component is Not Such A Good Thing
(my experience tends to confirm this)
c) allowance can be made for this by using the following in ACLs

       deny dnslists = dnsbl.sorbs.net!=127.0.0.6


So far, so good. However, as long as _one_ of the A records returned is
127.0.0.6, the deny rule will fail, even if some or all of the other
possible A records are also returned.

Question - how can I ignore the 127.0.0.6, and thus have the deny rule
take effect, if it is not the only value returned? For example

18:42:48 4027 check dnslists = dnsbl.sorbs.net!=127.0.0.6
18:42:48 4027 DNS list check: dnsbl.sorbs.net!=127.0.0.6
18:42:48 4027 new DNS lookup for 232.117.13.24.dnsbl.sorbs.net
18:42:48 4027 DNS lookup of 232.117.13.24.dnsbl.sorbs.net (A) succeeded
18:42:48 4027 DNS lookup for 232.117.13.24.dnsbl.sorbs.net succeeded
(yielding 127.0.0.6, 127.0.0.3)
18:42:48 4027 => but we are not accepting this block class because
18:42:48 4027 => there was an exclude match for =127.0.0.6

i.e. 127.0.0.3 is good enough for me, so I don't care that 127.0.0.6 is
also returned.

AFAICS the only way to do this is to explicitly include all the other
possible values, as in

    deny dnslists = dnsbl.sorbs.net=127.0.0.2,127.0.0.3,127.0.0.4,.......


Hopefully I am missing something obvious?

Doh! The answer just came to me. Apologies for wasting your bandwidth, but
I might as well send this anyway, just in case it helps someone else ...

    deny  dnslists  = dnsbl.sorbs.net
          condition = ${if eq {$dnslist_value} {127.0.0.6} {0} {1}}


HTH,
Richard Hall