Philip Hazel wrote:
>> In my opinion this is the only right behaviour.
>
> Only in your special case. Not in the general case. You haven't
> considered the possibility of negative entries. Consider, for example,
>
> some_hostlist_item = !x.y.z : *
Okay, I understand.
>> If any DNS-server in the world failes to resolve host A, this failure
>> must not have any effect of the delivery of messages by host B.
>
> Then you need to re-arrange your configuration somehow. For a small
> number of hosts, one can abandon the named list and end up with ACLs of
> this type:
>
> accept hosts = a.b.c
> accept hosts = x.y.z
> accept hosts = ....
>
> However, this is not ideal, and doesn't scale.
This should be the right way - even if it doesn't scale.
>> In reality my hostlist contains more than 500 hosts -
>
> That will be a big performance hit because of the way Exim searches the
> list linearly.
Yes, but worked fine more than a year long with exim-4.11.
> You can avoid having to SIGHUP Exim if you put the data in a file (even
> if it is a linear list).
Good idea.
> Better performance would be obtained from some
> kind of indexed lookup (e.g. cdb).
Is there any db support by exim to implement this?
> If you are generating the list automatically, why don't you
> generate IP addresses rather than host names?
A change of an IP address will appear more than once a second -
handled by the DNS server. The host names only change about 1 or
2 times a hour, when a customer registeres a new domain. So
sending SIGHUP was not the problem so far.
> However, that doesn't precisely match your report. But maybe it should
> have read "didn't match the list ITEM". I'm afraid I can't remember
> (4.14 was released a year ago), but I strongly suspect this is the
> change that is giving you trouble.
Yes, this sounds reasonable.
> I'm afraid I don't really know what to suggest except some scheme that
> passes only IP addresses to Exim (do the DNS lookups in advance?)
This solution would actualize the extern file (to avoid SIGHUP)
more than once a second. Perhaps this is the better way instead
of let exim make a search by doing lots of DNS lookups for every
message to deliver (yet about 5 messages in 1 minute).
Thanks,
Frank