On 2011-02-07 at 12:08 +0000, John Horne wrote:
> Hello,
>
> Using Exim 4.74, in the ACL checking the sender address I have the
> following snippet:
>
> accept senders = :
> deny set acl_m_spf_dns = ${lookup dnsdb {>\n; txt=
> $sender_address_domain}}
>
> (The above 'deny' is all one line.) However in my log file I am getting
> error messages about this. For example:
>
> 2011-02-07 11:37:15 H=(mail.aston.ro) [95.64.115.74]:35564
> temporarily rejected MAIL <alert@???>: failed to
> expand ACL string "${lookup dnsdb {>\n; txt=
> $sender_address_domain}}": lookup of ">
>
> From the docs, the use of '>\n;' seems to be correct, so I am a little
> unsure what the problem is. Anyone any ideas?
Any chance of getting the non-truncated error message, perhaps by
replicating at the { exim -be } command-prompt, or doing so with
debugging turned on?
Running exim -be:
> ${lookup dnsdb {>\n; txt=95.64.115.74}}
So, no output, looks fine.
The only way I've managed to get close to an error message is by trying:
> ${lookup dnsdb {>\\n; txt=95.64.115.74}}
Failed: lookup of ">\n; txt=95.64.115.74" gave DEFER: unsupported DNS record type
Is it possible that the snippet you provided has different quoting in
the actual configuration than you cited above?
If things work at the { exim -be } prompt, then perhaps you could try:
exim -oMa 95.64.115.74 -d+acl+expand -bs
and then an SMTP transaction, to see the expansions happen?
-Phil