Re: [exim] db based IP blacklist

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: Alexander Nagel
CC: 'exim-users@exim.org'
Subject: Re: [exim] db based IP blacklist
On 2012-10-27 at 21:51 +0200, Alexander Nagel wrote:
> I have a simple IP list in my PostGreSQL with inet as type in the table.
> Currently i have this snippet in my exim4.conf file in the
> acl_smtp_connect part.
>
> drop
> condition = ${if eq{$sender_host_address}{${lookup pgsql{PG_Q_BLACKLIST}}}}
> message = REJECTED - You are blacklisted
> log_message = REJECTED - $sender_host_address is blacklisted.
>
> This works with a single IP address. But I want to add whole ranges of
> IP addresses like 192.1.0.0/24
> How do I have to change the condition?


Something like this, untested:

condition = ${lookup pgsql{\
    SELECT COUNT(*) FROM blacklist WHERE entry >>= '${sender_host_address}' LIMIT 1
    } {$value}{no}}


The >>= operator is PostgreSQL for "contains or equals"; you don't care
how many matches there are, so just finding one is enough (LIMIT 1), and
you don't care about any values, you just want to know if it's present.
So the COUNT(*) should return 0 or 1 (because of the LIMIT 1).

At which point, you already have a value which condition will interpret.
The {no} fallback is just paranoia.

Normally you'd use ${quote_pgsql:...} for the inserted variable, but
$sender_host_address is an IPv4 or IPv6 address, so should be safe.

Does that help?