Re: [exim] Per-ACL DNS lookup configuration?

Top Page

Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Per-ACL DNS lookup configuration?
On 16/01/16 13:29, David North wrote:
> Digging into the manual, I see one possibility is to add foo.example.com
> to the dns_again_means_nonexist list. This is domain-specific, though -
> ideally, I'd like to be able to put something in the ACL to mean "DNS
> lookup failures should be treated as a non-match for that entry in the
> list". Is this possible?


dns_again_means_nonexist is a bit of a blunt tool. Presumably you'd
rather not just say "*" there as it affects every lookup Exim does.

How about storing IPs in your local blacklist DB, not names?
Yes, you have to look them up manually when you enter them,
and you're not covered against spammers that shift a name
around IPs.

Alternatively, getting more complex: in ACL write
a "forany" condition taking your list of addresses,
doing an explicit dnsdb lookup sequence, and checking the
list of IPs against the sender_host_address?

(I say sequence as you should check for both MX and A/AAAA...)
--
Cheers,
Jeremy