Hi,
I found, that in exim-4.14 this feature/big is appeared:
(cite from ChangeLog)
73. A complete host name (no wildcards) in a host list causes a forward lookup
for the IP address. If this failed, Exim was behaving as if the host didn't
match the list, instead of giving an error (as it does when a reverse
lookup fails).
Philip or somebody else comments, please, this change. In the mail-archive i did not
find corresponding discussion :(.
Thank you.
According to Andrew V Stikheev:
> According to Andrew V Stikheev:
> > According to Philip Hazel:
> > > On Wed, 19 May 2004, Andrew V Stikheev wrote:
> > >
> > > > If in a hosts list (hostlist,smtp_ratelimit_hosts,rfc1413_hosts,...)
> > > > a non-existent domain is included, then exim doesn't try to match
> > > > the verified host with the list items after the non-existent domain
> > > > and treats the verified host as not present in the hosts list.
> > > > If a "+include_unknown" string is present in the list prior to non-existent
> > > > domain, then exim treats the verified host as present in the hosts list.
> > >
> > > As specified.
> Also I want to add, that a result of verifying depends on the order of hosts in
> the hostlist:
>
> 1) hostlist relay_from_hosts = non-existent-domain : 192.168.0.1
> Relay from 192.168.0.1 not permitted.
>
> 2) hostlist relay_from_hosts = 192.168.0.1 : non-existent-domain
> Relay from 192.168.0.1 permitted.
>
> Is it also specified?
> > >
> > > > For example:
> > > >
> > > > 1) hostlist relay_from_hosts = non-existent-domain : 192.168.0.1
> > > >
> > > > In this case relay from 192.168.0.1 not permitted.
> > >
> > > Correct. Exim assumes you have screwed up by specifying a non-existent
> > > host. So it takes a cautious line.
> > But it's wrong assumption, because it's may be a temporary dns problem,
> > for example a error after regular reconfiguration. In this situation
> > relay not permitted from all hosts until I'm fixed this error in dns.
> > Relay from all hosts not permitted because of the problem with only the one.
> > Imho, it's a wrong strategy.
> >
> > What about a smtp_ratelimit_hosts? In this case the rate limit is disabled for
> > all hosts. Is it right?
> >
> > >
> > > > 2) hostlist relay_from hosts = +include_unknown : non-existent-domain
> > > >
> > > > In this case relay permitted from any host.
> > >
> > > Sounds like you want a new feature called +ignore_unknown.
> > It will be the best solution. By default :)?
> > >
> > > --
> > >
> > --
> > P.S. I'm not recieved your letter to sand@???, so i can't reply.
> > -------------------------------------------------
> > Andrew V Stikheev Russian Institute
> > E-mail: sand@??? for
> > Phone:+7 095 192-9179 Public Networks
> >
>
>
> --
> -------------------------------------------------
> Andrew V Stikheev Russian Institute
> E-mail: sand@??? for
> Phone:+7 095 192-9179 Public Networks
>
--
-------------------------------------------------
Andrew V Stikheev Russian Institute
E-mail: sand@??? for
Phone:+7 095 192-9179 Public Networks
