[exim] Relaying and DNS lookups

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Paul Walsh
Date:  
À: exim-users@exim.org
Nouveaux-sujets: Re: [exim] Relaying and DNS lookups
Sujet: [exim] Relaying and DNS lookups

   I've been bitten by this a number of times and wondered if anyone had
   a) done the same, and b) come up with a solution....
   In the configuration file of our outbound mail gateway I have a host
   list relay_hosts of all hosts allowed to relay mail. In the  ACL for
   acl_smtp_rcpt I have the following:
     accept  hosts = +relay_hosts
   #
   # If we've got this far it means the source and recipient are outside
   our control
   # and thus someone is trying to use us as a relay.
   #
     deny    message = relay not permitted
   This is all fine and dandy until the entry for one of the hosts in
   relay_hosts is deleted from DNS.  As Exim works its way through the
   list to verify if a sending host is allowed to relay mail, it hits the
   entry for the now defunct host, tries a forward DNS lookup to get an
   IP address to compare with that of the sending host and, because the
   lookup fails, immediately considers the sending host to not be in the
   list thus causing delivery to fail with the "relay not permitted"
   message.  Unfortunately, any attempt to relay mail by a host in the
   list after the defunct host also results in a "relay not permitted"
   rejection.
   I'm trying to determine if it's possible to have Exim parse the entire
   list, only rejecting if the sending IP address didn't match any of
   those returned by looking up each host, or at the very least flag up
   some sort of warning that the host list contains addresses that can't
   be resolved.
   Thoughts?
-- 
Paul Walsh 


Head of Unix/Linux Systems Services,
Corporate ICT,
Birmingham City University,
City North Campus, Perry Barr,
BIRMINGHAM B42 2SU, UK 
Tel:    +44 (0)121 331 5708
Fax:    +44 (0)121 356 2875
Mobile: +44 (0)7974 150 421