Re: [exim] conditional dnslists

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] conditional dnslists
Mohit Tewari wrote:
> Hi,
> I am novice as far as exim configuration and syntax is used in exim.conf.
> We are using RBL list for filtering, however some of our customers do not
> want any RBL filtering for their domains, so I have set up an option in the
> database, which I check when the mail comes in to see if that domain has RBL
> checking set to on or not if yes than only check against the dnslists else
> continue without checking, I am trying to accomplish this as follows:
>
> Query to get the value from the database if RBL filtering is to be used or
> not
>
> USE_RBL  = \
>     ${lookup mysql{ \
>       SELECT entity_option.value \
>       FROM   entity,entity_option,optn \
>       WHERE  entity.id=entity_option.entity_id \
>       AND    entity_option.option_id=optn.id \
>       AND    optn.name='useRBL' \
>       AND    ( \
>         entity.name='${quote_mysql:$local_part@$domain}' \
>         OR entity.name='$domain' \
>         OR entity.name='default_domain' \
>       ) \
>     }} \

>
> Then Building the dnslists as follows
>
> dnslists = dnsbl.sorbs.net
> condition = ${if == {USE_RBL} {1}}
>
> I am trying to execute the dnslists only if the value from the query
> (USE_RBL) returns a value of 1.
> However this is not being accomplished.
> Appreciate any help in this regards.
> Thanks,
> Tewari


We do it the other way 'round.

Instead of using the user or domain prefs to decide to check an RBL or
not, we just go ahead and check local and remote BL's on all traffic,
save separate and cumulative flags (hit/no hit) and/or 'point scores',
drop 'em outright only if the sins are serious enough to clearly ID the
senders as bad actors.

Lookups done, (once only) scores & flags for the survivors are carried
forward in acl_m variables.

User/domain preferences can then be compared to flags and scores at one
or more later stages - whole domains during the session, individual user
deliveries in-session for soem, in router/transport sets for others.

There are more total lines of configure-file code, but each part of it
is dead-simple and can be more selectively skipped based on other flags.

I'd also suggest that complex SQL 'WHERE AND OR' code will ordinarily
reqire more machine resources than comparably complex Exim acl code.

Better to use SQL for storage and retreival and let Exim do the
comparisons and decision-making.

HTH,

Bill