On Thu, Apr 30, 2009 at 04:33:16PM +0100, Terry ( 1stKMH ) wrote:
> Hi, I'm the one who posted the rdns acl some time ago.
> What I did to avoid false positives is to extract from this list in
> here (http://phpweby.com/software/ip2country) the countries I receive
> most of the legit mail, reducing it to /24 or larger nets.
> After that you some thousands of entries that skip this acl improving
> greatly the false positives problem.
Your original example was not a false positive. The reverse DNS for
69.56.235.170 did not forward-resolve properly. From the Exim spec:
"Looking up a host's name from its IP address consists of more than
just a single reverse lookup. Exim checks that a forward lookup of at
least one of the names it receives from a reverse lookup yields the
original IP address."
If you want to only check whether reverse DNS exists at all, with no
regard to the subsequent forward-DNS check, you can use something along
the lines of this:
defer
!condition = ${lookup dnsdb{defer_never,ptr=$sender_host_address}{yes}}
log_message = REVERSE DNS: no PTR found for $sender_host_address
message = Sender's ISP has no reverse DNS for $sender_host_address.
I personally think it's better to use a defer in this case, rather than
a deny, to deal with intermittent DNS failures of some sort.
Please note that you will need to have enabled "LOOKUP_DNSDB=yes" in the
Exim Makefile during compilcation for access to the dnsdb lookup mechanism.
I rather wish it was enabled by default, as it's quite useful for certain
types of lookups.
--
Dean Brooks
dean@???