On 5 Feb 2006, at 22:08, Fred Viles wrote:
> On 5 Feb 2006 at 19:16, Giuliano Gavazzi wrote about
> "[exim] problem with certain DNS loo":
>
> | let me cut it short:
> |
> | set acl_c9 = ${lookup dnsdb{ns=152/29.160.221.217.in-addr.arpa}
> | {$value}{none}}
> |
> | should give ns.ondecorte.net and instead it gives none.
>
> It may be relevant that the zone is also delegated to a lame server
> (ns.humph.com).
it is not relevant as far as I can see, but, yes, thank you!, I think
I know why it happened.... (now fixed).
The problem might be the / in 152/29.160.221.217.in-addr.arpa.
Look at this (session from the relevant IP to the server, merged
named queries and exim log, acl below), the query is simply not
performed:
06-Feb-2006 08:46:53.485 client 127.0.0.1#50194: view home: query:
157.160.221.217.in-addr.arpa IN PTR +
[...]
06-Feb-2006 08:47:09.391 client 127.0.0.1#50202: view home: query:
157.160.221.217.sbl.spamhaus.org IN A +
06-Feb-2006 08:47:09.391 client 127.0.0.1#50203: view home: query:
elfo.org IN MX +
06-Feb-2006 08:47:09.393 client 127.0.0.1#50204: view home: query:
elfo.org IN MX +
06-Feb-2006 08:47:09.396 client 127.0.0.1#50205: view home: query:
elfo.org IN MX +
06-Feb-2006 08:47:17.399 client 127.0.0.1#50206: view home: query:
157.160.221.217.in-addr.arpa IN CNAME +
2006-02-06 08:47:17 IU99ML-000910-NR cname: 157.152/29.160.221.217.in-
addr.arpa
2006-02-06 08:47:17 IU99ML-000910-NR lookup key:
152/29.160.221.217.in-addr.arpa
2006-02-06 08:47:17 IU99ML-000910-NR result: none
06-Feb-2006 08:47:17.400 client 127.0.0.1#50207: view home: query:
160.221.217.in-addr.arpa IN NS +
2006-02-06 08:47:17 IU99ML-000910-NR <= xxxxxx @elfo.org
H=tempesta.elfo.org [217.221.160.157] P=smtp S=272
2006-02-06 08:47:17 IU99ML-000910-NR => xxxxxx <xxxxxx @humph.com>
R=localuser T=local_delivery
2006-02-06 08:47:17 IU99ML-000910-NR Completed
warn !authenticated = *
set acl_c9 = ${lookup dnsdb{cname=${if match {$sender_host_address}\
<<< PERFORMED
{\N^(\d+)\.(\d+)\.(\d+)\.(\d+)$\N}\
{$4.$3.$2.$1.in-addr.arpa}fail}}{$value}{none}}
logwrite = cname: $acl_c9
condition = ${if !eq{$acl_c9}{none}}
set acl_c9 = ${if match {$acl_c9}{\N^(\d+)\.(.+)$\N}{$2}fail}
logwrite = lookup key: $acl_c9
set acl_c9 = ${lookup dnsdb{ns=$acl_c9}{$value}{none}} <<< NOT
PERFORMED
logwrite = result: $acl_c9
the lookup that is not performed should give ns.ondecorte.net
ns.humph.com.
warn !authenticated = *
condition = ${if eq{$acl_c9}{none}}
set acl_c9 = ${lookup dnsdb{ns=${if match {$sender_host_address}\
<<< PERFORMED
{\N^(\d+)\.(\d+)\.(\d+)\.(\d+)$\N}\
{$3.$2.$1.in-addr.arpa}fail}}{$value}{none}}
condition = ${if eq{$acl_c9}{none}} <<< OUT
set acl_c9 = ${lookup dnsdb{ns=${if match {$sender_host_address}\
{\N^(\d+)\.(\d+)\.(\d+)\.(\d+)$\N}\
{$2.$1.in-addr.arpa}fail}}{$value}{none}}
condition = ${if eq{$acl_c9}{none}}
set acl_c9 = ${lookup dnsdb{ns=${if match {$sender_host_address}\
{\N^(\d+)\.(\d+)\.(\d+)\.(\d+)$\N}\
{$1.in-addr.arpa}fail}}{$value}{none}}
warn !authenticated = *
message = X-HUMPH-Peer-rDNS: ${tr {$acl_c9}{\r\n}{\ }}
