[exim-dev] [Bug 1289] 10.14: Is there a wrong example?

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: 1289
Ημερομηνία:  
Προς: exim-dev
Αντικείμενο: [exim-dev] [Bug 1289] 10.14: Is there a wrong example?
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1289




--- Comment #1 from regid23@??? 2012-08-26 01:23:51 ---
Section 10.18 also specifically claims that

    It can test IP addresses without doing any DNS lookups


However, based on the discussion in that section, the following patch seems to
me more correct. Due to being relate to the discussion in section 10.14, I
also propose to change the sections order.

--- a/spec.xfpt 2012-08-26 02:31:59.000000000 +0300
+++ b/spec.xfpt 2012-08-26 02:53:22.000000000 +0300
@@ -8240,15 +8240,7 @@ any hosts whose name it cannot find.

 .next
 If any item that follows &`+ignore_unknown`& requires information that cannot
-be found, Exim ignores that item and proceeds to the rest of the list. For
-example:
-.code
-accept hosts = +ignore_unknown : friend.example : \
-               192.168.4.5
-.endd
-accepts from any host whose name is &'friend.example'& and from 192.168.4.5,
-whether or not its host name can be found. Without &`+ignore_unknown`&, if no
-name can be found for 192.168.4.5, it is rejected.
+be found, Exim ignores that item and proceeds to the rest of the list. An
example is discussed in section &<<SECTmixwilhos>>& below.
 .endlist


Both &`+include_unknown`& and &`+ignore_unknown`& may appear in the same
@@ -8270,6 +8262,39 @@ host lists such as whitelists.



+.section "Mixing wildcarded host names and addresses in host lists" &&&
+         "SECTmixwilhos"
+.cindex "host list" "mixing names and addresses in"
+If you have name lookups or wildcarded host names and IP addresses in the same
+host list, you should normally put the IP addresses first. For example, in an
+ACL you could have:
+.code
+accept hosts = 10.9.8.7 : *.friend.example
+.endd
+The reason for this lies in the left-to-right way that Exim processes lists.
+It can test IP addresses without doing any DNS lookups, but when it reaches an
+item that requires a host name, it fails if it cannot find a host name to
+compare with the pattern. If the above list is given in the opposite order,
the
+&%accept%& statement fails for a host whose name cannot be found, even if its
+IP address is 10.9.8.7.
+
+If you really do want to do the name check first, and still recognize the IP
+address, you can rewrite the ACL like this:
+.code
+accept hosts = *.friend.example
+accept hosts = 10.9.8.7
+.endd
+If the first &%accept%& fails, Exim goes on to try the second one. See chapter
+&<<CHAPACL>>& for details of ACLs. Alternatively, you can use
+&`+ignore_unknown`&, which was discussed in section &<<SECTbehipnot>>& above,
+like this:
+.code
+accept hosts = +ignore_unknown : friend.example : \
+               10.9.8.7
+.endd
+
+
+
 .section "Host list patterns for single-key lookups by host name" &&&
          "SECThoslispatnamsk"
 .cindex "unknown host name"
@@ -8325,35 +8350,6 @@ See section &<<SECThoslispatsikey>>&.)




-.section "Mixing wildcarded host names and addresses in host lists" &&&
-         "SECTmixwilhos"
-.cindex "host list" "mixing names and addresses in"
-If you have name lookups or wildcarded host names and IP addresses in the same
-host list, you should normally put the IP addresses first. For example, in an
-ACL you could have:
-.code
-accept hosts = 10.9.8.7 : *.friend.example
-.endd
-The reason for this lies in the left-to-right way that Exim processes lists.
-It can test IP addresses without doing any DNS lookups, but when it reaches an
-item that requires a host name, it fails if it cannot find a host name to
-compare with the pattern. If the above list is given in the opposite order,
the
-&%accept%& statement fails for a host whose name cannot be found, even if its
-IP address is 10.9.8.7.
-
-If you really do want to do the name check first, and still recognize the IP
-address, you can rewrite the ACL like this:
-.code
-accept hosts = *.friend.example
-accept hosts = 10.9.8.7
-.endd
-If the first &%accept%& fails, Exim goes on to try the second one. See chapter
-&<<CHAPACL>>& for details of ACLs.
-
-
-
-
-
 .section "Address lists" "SECTaddresslist"
 .cindex "list" "address list"
 .cindex "address list" "empty item"



--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email