On Thu, 2008-03-27 at 11:12 -0600, Russell Wilton wrote:
> I run Exim 4.52 on RedHat Ent Linux 4.6
>
> I am implementing Spamhaus DNS block lists and have set up my own rbl
> DNS server
> for the purpose, as required by our volume of mail. We have set our
> main DNS servers
> to forward requests for the dnsbl zone to my new rbl DNS server, but we
> are having difficulty
> meeting Spamhaus' requirement that we restrict access to only our own
> machines. We
> have a fairly complicated DNS setup and our DNS expert says he has been
> unable to
> find a way to restrict forwarding without breaking something else.
>
> It occurs to me that if there was some option for the dnslists condition
> that would let me
> specify the DNS server to use, I could scrap the forwarding and just
> restrict access to
> the rbl DNS server to only my mail systems. I have read the docs fairly
> closely but
> I don't see any mention of this type of functionality. Am I missing
> something? Is there
> some other way to do this? Any pointers greatly appreciated.
>
> --
> Russell D. Wilton E Mail: WILTON@???
> Info Tech Systems Analyst Voice: (403) 329-2525
> University of Lethbridge FAX: (403) 382-7108
> 4401 University Drive Lethbridge, Alberta, CANADA T1K 3M4
>
>
You could simply create an A record like "MailServer1-rbl.example.com"
that points to your RBL DNS server and just use it from the exim dnsbl
ACL. You may not need to do any forwarding at all.
Jeff