------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
http://www.exim.org/bugzilla/show_bug.cgi?id=457
------- Comment #5 from ph10@??? 2007-02-05 10:11 -------
On Sat, 3 Feb 2007, holmgren@??? wrote:
> > The thing about
> >
> > hosts = <hostlist>
> >
> > in an ACL is that there is an "implied" identification for the host,
> > consisting of both the name and the IP address and Exim uses one or the
> > other, as needed, depending on the host list item.
>
> I'm not convinced: when a client connects, all Exim knows is the IP
> address. A reverse DNS lookup is performed in order to get a host
> name. I can't see how the IP address of a connected client is any
> different from an arbitrary IP address.
Aha! I think I understand now the point you are trying to make.
> Looking up the address records of a.b.c.d and comparing each of them to
> 192.168.1.1 probably makes most sense. But it isn't really necessary to allow
> host names there if you can say
*That* is the point that was confusing me. I didn't appreciate that you
were only really talking about
${if match_host{<ip address>}{<host list>}...
^^^^^^^^^^
The problem I have always had with match_host is that I think of a
client host as "having both an IP address and a name" and the user has
to specify which (e.g. by saying lsearch or net-lsearch). I was not
thinking in terms of "match_host starts from just an IP address". If you
only allow an IP address there, it is as you say, no different from
"hosts" in an ACL.
Philip
--
Configure bugmail:
http://www.exim.org/bugzilla/userprefs.cgi?tab=email
