On 22/06/10 07:46, Vadnais, Kevin wrote:
> Is this some kind of DNS issue? Is there a convenient way to reject all
> gmail.ca addresses. I'd rather not do that as it seems like a horrible way
> of dealing with what seems like a more systemic issue.
gmail.ca is a real domain held by markmonitor.com on behalf of Google.
It seems that someone has either pointed it to the wrong DNS servers, or
recently retired dns1/dns2.emarkmonitor.com but has not yet updated the
domain. As a result all queries return SERVFAIL and in this case, Exim
is behaving as it should. SERVFAIL is a temporary failure and can be
caused by local lookup problems as well as foreign ones like this. If
Exim rejected email based on this lookup result, I suspect you would be
subject to seemingly random rejects on otherwise good mails.
Any attempts to send from the domain will be greeted with the 451 error
you specified and never be delivered so long as gmail.ca remains a
defunct zone. Essentially a permanent reject, especially for stupid
spambots. All it does in terms of harm is add a few extra log lines.
If you want to reject all MAIL FROM addresses from certain domains, you
can stick them in a file and do an lsearch (or some other lookup) based
on ${domain:$sender_address} in acl_smtp_mail/acl_smtp_rcpt.
$ dig gmail.ca
; <<>> DiG 9.7.0-P1 <<>> gmail.ca
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 25443
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;gmail.ca. IN A
--
The Exim Manual
http://docs.exim.org/
