Re: [exim] Failed to expand ACL string

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: John Horne
CC: Exim users
Subject: Re: [exim] Failed to expand ACL string
On 2011-02-07 at 12:08 +0000, John Horne wrote:
> Hello,
>
> Using Exim 4.74, in the ACL checking the sender address I have the
> following snippet:
>
>   accept  senders = :
>   deny    set acl_m_spf_dns = ${lookup dnsdb {>\n; txt=           
>                                  $sender_address_domain}}

>
> (The above 'deny' is all one line.) However in my log file I am getting
> error messages about this. For example:
>
>     2011-02-07 11:37:15 H=(mail.aston.ro) [95.64.115.74]:35564
>     temporarily rejected MAIL <alert@???>: failed to
>     expand ACL string "${lookup dnsdb {>\n; txt=
>        $sender_address_domain}}": lookup of ">

>
> From the docs, the use of '>\n;' seems to be correct, so I am a little
> unsure what the problem is. Anyone any ideas?


Any chance of getting the non-truncated error message, perhaps by
replicating at the { exim -be } command-prompt, or doing so with
debugging turned on?

Running exim -be:
> ${lookup dnsdb {>\n; txt=95.64.115.74}}



So, no output, looks fine.

The only way I've managed to get close to an error message is by trying:
> ${lookup dnsdb {>\\n; txt=95.64.115.74}}

Failed: lookup of ">\n; txt=95.64.115.74" gave DEFER: unsupported DNS record type

Is it possible that the snippet you provided has different quoting in
the actual configuration than you cited above?

If things work at the { exim -be } prompt, then perhaps you could try:

exim -oMa 95.64.115.74 -d+acl+expand -bs

and then an SMTP transaction, to see the expansions happen?

-Phil