On 27/02 22:31, Peter Bowyer wrote:
> On 27/02/07, Peter Farmer <pfarmer@???> wrote:
> > Hi all,
> >
> > I'm having some trouble with my acl_smtp_rcpt ACL, basically in the acl is a
> > deny line which should deny all the hosts/networks in the flat file. However
> > for 1 ip address is seems to not work.
>
> > #spam source
> > 81.37.0.0/16
> > #spam source
> > 84.199.21.0/24
> > 194.183.111.85/32
>
> > >>> check hosts = /tmp/spamblock-nets
> > >>> host in "/tmp/spamblock-nets"? no (malformed IPv4 address or address
> > >>> mask)
>
> This looks like it might be a bug, because the spec says
>
> "A mask value of 32 for an IPv4 address is the same as no mask at all;
> just a single address matches. "
>
> Did you try that IP address without the /32? Are there any other lines
> in your file with /32 netmasks?
>
> Bugzilla is your friend....
>
Ok without /32 I get the same:
# /opt/IRT9exim/bin/exim -C /tmp/configure -bh 194.183.111.85
<snippet>
>>> using ACL "check_recipient"
>>> processing "deny"
>>> check hosts = /tmp/spamblock-nets
>>> host in "/tmp/spamblock-nets"? no (malformed IPv4 address or address
>>> mask)
</snippet>
Interestingly if I put the IP address at the top of the list (with or without
the /32) I get the following:
# /opt/IRT9exim/bin/exim -C /tmp/configure -bh 194.183.111.85
<snippet>
>>> using ACL "check_recipient"
>>> processing "deny"
>>> check hosts = /tmp/spamblock-nets
>>> host in "/tmp/spamblock-nets"? yes (matched "194.183.111.85" in
>>> /tmp/spamblock-nets)
>>> deny: condition test succeeded
550 Administrative prohibition
LOG: H=(194.183.111.85) [194.183.111.85] F=<pfarmer@???> rejected
RCPT <pfarmer@???>
quit
221 relay1.psi.neteu.net closing connection
</snippet>
I've run exim_checkaccess over the whole list and found a few more as well.
The actually server is running 4.65, but I've also tested on 4.66.
Should I open a bug?
Cheers
--
Peter Farmer
