Auteur: Marc Perkel Date: À: exim-users Sujet: [exim] How about an ACL before connecting?
This would be a great feature unless it's already in there and I missed it.
I'd like an ACL that ran when a host attempts to connect but Exim hasn't
yet established a connection so I can test the IP address against a
black list or rDNS and decide not to connect at all instead od
connecting and returning a code at all.
Why? you might ask? Qmail!
Let's say I'm using Spamcop, a good blacklist, but not quite good enough
to block. If I do a DEFER on normal servers they would retry the next
higher MX. (Sort of fast greylisting). But Qmail won't do that and will
retry forever on the same MX after a defer.
But - if I refuse to connect at all then Qmail will retry on the higher
MX records. This if a server is wrongly blacklisted then when it retries
it will succeed. The idea is that windows infected zombie servers don't
retry.
Also - in the ACL I might want to record the IP that attempted to
connect in a MySQL database to track attempts.
So - if this isn't in there I think I might post it as a feature request.