[exim] hosts = *.kolido.net not matched, even the PTR exists…

Top Page
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-users
Subject: [exim] hosts = *.kolido.net not matched, even the PTR exists?
Hello,

in my ACL there I've a rule

    deny    hosts = *.kolido.net


But exim accepts connections from 91.184.48.154.

If I check the DNS, I find that
    91.184.48.154's PTR ms105.nl.kolido.net
though
    ms105.nl.kolido.net A 193.239.6.105


So the PTR does not fit to the A record.
It's what exim gets too:

    exim4 -C /etc/exim4/exim4.conf.t -oMi 212.80.235.130 -bhc 91.184.48.154
    >>> host in hosts_connection_nolog? no (option unset)
    >>> host in host_lookup? yes (matched "*")
    >>> looking up host name for 91.184.48.154
    >>> IP address lookup yielded ms105.nl.kolido.net
    >>> gethostbyname2 looked up these IP addresses:
    >>>   name=ms105.nl.kolido.net address=193.239.6.105
    >>> checking addresses for ms105.nl.kolido.net
    >>>   193.239.6.105
    >>> no IP address for ms105.nl.kolido.net matched 91.184.48.154
    >>> 91.184.48.154 does not match any IP address for ms105.nl.kolido.net


Ok.

    >>> processing "deny"
    >>> check hosts = *.kolido.net
    >>> sender host name required, to match against *.kolido.net
    >>> host in "*.kolido.net"? no (failed to find host name for 91.184.48.154)
    >>> deny: condition test failed



If I understand the spec, (section 10.13), there is nothing mentioned
about "double" checking the PTR:

    By default, in order to find a host name, Exim first does a reverse DNS lookup;
    if no name is found in the DNS, the system function (gethostbyaddr() or
    getipnodebyaddr() if available) is tried. The order in which these lookups are
    done can be changed by setting the host_lookup_order option.


    There are some options that control what happens if a host name cannot be
    found. These are described in section 10.14 below.


    As a result of aliasing, hosts may have more than one name. When processing any
    of the following types of pattern, all the host's names are checked:


    * If a pattern starts with "*" the remainder of the item must match the end
      of the host name. For example, "*.b.c" matches all hosts whose names end in
      .b.c. This special simple form is provided because this is a very common


Exim looks for the hostname (via DNS or some system function) and then
tries to match it to the list. Period. Nothing about first checking
the resulting PTR.

I'm not sure if I managed to explain (my/the ?) problem.


    Best regards from Dresden
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -