On Thu, 28 Feb 2008 22:50:25 +0000, Dave Evans
<exim-users-20071221@???> wrote:
>On Thu, Feb 28, 2008 at 02:11:06PM -0600, Matt wrote:
>> I have this to block connections with no reverse DNS:
>> # : no reverse dns
>> #defer !verify = reverse_host_lookup
>> # message = Reverse DNS lookup failed for host $sender_host_address
>>
>> I had to disable it though since it blocked some of my own users.
>>
>> Is there a way to get it to ignore connections listed here?
>
>Yes, and the answer is pretty much the same as the answer to your other
>question from yesterday. Basically you need to add extra conditions: e.g. a
>"!hosts" condition, to exclude certain hosts, or a !authenticated condition,
>to exclude authenticated users.
Generally, I like Tony's idea of having different "MTA personalities",
invoking a completely different set ot ACLs depending on which IP/port
combination a client connected to.
And rejecting based on missing reverse DNS has way too much false
positives.
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
