Hi
I have a somewhat strange problem with an ACL check. Exim issues 451/defers to servers whose IPs fail a reverse lookup with "SERVFAIL". I have done a "host <ip>" on a number of different servers to exclude a local dns problem. An exim4 -bh <ip> shows that reverse dns lookup is the problem.
The strangeness is that in different ACLs Exim seems to treat the SERVFAIL differently.
In acl_check_mail the following does not result in a 451 with a SERVFAIL IP.
warn message = X-Broken-Reverse-DNS: $sender_host_address
!verify = reverse_host_lookup
log_message = acl_mail: (warn-only) Cannot reverse DNS $sender_host_address
delay = 5s
In acl_check_rcpt a check of a different sort (also warn only) that includes "!verify = reverse_host_lookup" results in a 451 for the same IP.
I now use "condition = ${if def:h_X-Broken-Reverse-DNS: {1}}" instead, which seems to solve the problem, but am wondering about why the other method resulted in a 451.
Any ideas?
Cheers,
Ryan
