On 10.10.2007, at 21:30, W B Hacker wrote:
> Wolfgang Hennerbichler wrote:
>>
>> The file looks like this (example IP's):
>>
>> cat /etc/exim4/relay_access
>> !10.0.0.1
>> 10.0.0.0/8
>>
>> basically I want to prevent 10.0.0.1 from relaying. So I have this
>> ACL:
>> accept hosts = /etc/exim4/relay_access
>> which works. As I want to re-use that list in a router, I'd like to
>> put it in a host-list. So I have thought of something like this:
>
> We do almost the identical thing as your pre-hostlist example.
>
> But having never thought to apply the 'negation' simply maintain
> two files,
> ....
before you replied, I decided to do something different - don't know
if this is considered hack-ish or not:
I set an ACL variable if somebody is actively relaying. I do this
with one simple line in the ACL:
accept hosts = /etc/exim4/relay_access
set acl_c1 = true
so now I can deal with this variable in my router-condition:
condition = ${if and { {!eq {$received_protocol}{spam-scanned}} {<
{$message_size }{300K}} {!eq {$acl_c1}{true}} } }
I hope this is "a good way" to do this.
> CAVEAT: AFAIK hostlists AND DNS lookups are cached by Exim, but
> results of SQL
> or flat-file reads are NOT. So there can be a performance hit.
the file is very small (not more than 10 lines). I rely on OS-Caching
to not make that my performance bottleneck.
thanks for your reply;
wogri
--
wogri@???
http://www.wogri.com
http://www.einradfilm.at
