Re: [exim] No Reverse DNS

Top Page
Delete this message
Reply to this message
Author: Marc Haber
Date:  
To: exim-users
Subject: Re: [exim] No Reverse DNS
On Thu, 28 Feb 2008 22:50:25 +0000, Dave Evans
<exim-users-20071221@???> wrote:
>On Thu, Feb 28, 2008 at 02:11:06PM -0600, Matt wrote:
>> I have this to block connections with no reverse DNS:
>> # : no reverse dns
>> #defer !verify     = reverse_host_lookup
>> #      message     = Reverse DNS lookup failed for host $sender_host_address

>>
>> I had to disable it though since it blocked some of my own users.
>>
>> Is there a way to get it to ignore connections listed here?
>
>Yes, and the answer is pretty much the same as the answer to your other
>question from yesterday. Basically you need to add extra conditions: e.g. a
>"!hosts" condition, to exclude certain hosts, or a !authenticated condition,
>to exclude authenticated users.


Generally, I like Tony's idea of having different "MTA personalities",
invoking a completely different set ot ACLs depending on which IP/port
combination a client connected to.

And rejecting based on missing reverse DNS has way too much false
positives.

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber         |   " Questions are the         | Mailadresse im Header
Mannheim, Germany  |     Beginning of Wisdom "     | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834