Szerző: Brian Spraker Dátum: Címzett: Exim-users Tárgy: [exim] Blacklisting/Whitelisting reverse DNS domain names
I've got another funny one going on here after changing over to MySQL lists
instead of flat files.
When I blacklist a reverse DNS domain name, it works - but whitelisting will not
work.
In essence - here is what I'm doing. When my server checks the reverse dns on
the IP address of the connected party, it will return the reverse dns (of
course).
I then run the reverse DNS through a check to see if it is either whitelisted or
blacklisted. Whitelist checks always come first.
As an example, I entered "*il.comcast.net" into my blacklist. I then telnet
into the mail server from an IP with a reverse dns of bla-bla.il.comcast.net, it
works and informs me that my reverse DNS domain has been locally blacklisted
(which is the message I want it to say).
Blacklist ACL:
hosts = ${lookup mysql{SELECT domain FROM exim_domain_blacklist }}
Very simple and it works.
HOWEVER, I then add "*il.comcast.net" into my whitelist table - and it fails to
allow me to complete the SMTP mail. Since whitelist is checked first, it should
skip right over the blacklist ACL (which is what occurs when I check host IP,
sender domain, and sender e-mail address in other ACLs).
Whitelist ACL:
hosts = ${lookup mysql{SELECT domain FROM exim_domain_whitelist }}
Very simple and exactly the same as the Blacklist ACL - except the different
table.
So why would the blacklist work - but the whitelist doesn't?