Re: [exim] Usage of dnsdb primary mx

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Phil Pennock
Date:  
À: exim-users
Anciens-sujets: Re: [exim] Usage of dnsdb primary mx
Sujet: Re: [exim] Usage of dnsdb primary mx
On 2009-05-27 at 14:34 -0700, Phil Pennock wrote:
[lowest priority MX using dnsdb]
> > ${reduce{<\n ${lookup dnsdb{mx=googlemail.com}}}{65535 .}{${if <{${extract{1}{ }{$item}}}{${extract{1}{ }{$value}}}{$item}{$value}}}}
>
> Note that this will reject a legitimate singleton MX at priority 65535.
> It's better to just use a higher-than-16bit-unsigned start value. Eg,
> 70000. It will also result in "65535 ." being returned for the NOERROR
> empty response case; eg, a lookup where there's an A record but no MX.
>
> So the fix is to use 70000 as the initial seed and then check for
> "70000 ." for errors. In an ACL, you might have:
>
> warn set acl_m_lowest_mx = ${reduce{<\n ${lookup dnsdb{mx=$domain}}}{70000 .}{${if <{${extract{1}{ }{$item}}}{${extract{1}{ }{$value}}}{$item}{$value}}}}
>
>   deny condition = ${if eq{$acl_m_lowest_mx}{70000 .}}
>        message = "No MX records found for $domain"

>
> Otherwise, because comparators like eq{} don't store the two tested
> values in variables for use later in the expansion, you're stuck
> re-evaluating -- which should be fast, because the results will be
> cached, but not pretty. Even if we regard my first response as pretty,
> this one does not qualify.
>
> ${if !eq{${reduce{<\n ${lookup dnsdb{mx=$domain}}}{70000 .}{${if <{${extract{1}{ }{$item}}}{${extract{1}{ }{$value}}}{$item}{$value}}}}}{70000 .}{${reduce{<\n ${lookup dnsdb{mx=$domain}}}{70000 .}{${if <{${extract{1}{ }{$item}}}{${extract{1}{ }{$value}}}{$item}{$value}}}}}fail}
>
> However, just because it's not pretty, that doesn't mean it doesn't
> work. Exim provides enough flexibility to let you do whatever you want,
> rather than constraining you to the solutions which are provided by the
> more normal convenience features.


Please note that as well as not being pretty, it's excessively
complicated. There's a much easier way to achieve the same thing, and
it's much closer to the original.

No MX results for $domain cause the dnsdb lookup to fail. The key point
is to make the ${lookup} itself fail. We can do this simply:
${lookup dnsdb{...}{$value}fail}

So all that's needed is:
${reduce{<\n ${lookup dnsdb{mx=$domain}{$value}fail}}{70000 .}{${if <{${extract{1}{ }{$item}}}{${extract{1}{ }{$value}}}{$item}{$value}}}}

That's much easier. I've just mentally said doh a few times.

Regards,
-Phil