Re: [exim] Per-ACL DNS lookup configuration?

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMDavid North at <-
MChris Siebenmann at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Per-ACL DNS lookup configuration?
On 16/01/16 13:29, David North wrote:
> Digging into the manual, I see one possibility is to add foo.example.com
> to the dns_again_means_nonexist list. This is domain-specific, though -
> ideally, I'd like to be able to put something in the ACL to mean "DNS
> lookup failures should be treated as a non-match for that entry in the
> list". Is this possible?

dns_again_means_nonexist is a bit of a blunt tool. Presumably you'd
rather not just say "*" there as it affects every lookup Exim does.

How about storing IPs in your local blacklist DB, not names?
Yes, you have to look them up manually when you enter them,
and you're not covered against spammers that shift a name
around IPs.

Alternatively, getting more complex: in ACL write
a "forany" condition taking your list of addresses,
doing an explicit dnsdb lookup sequence, and checking the
list of IPs against the sender_host_address?

(I say sequence as you should check for both MX and A/AAAA...)
--
Cheers,
Jeremy


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] Per-ACL DNS lookup configuration?Re: [exim] Strange problem with mime_acl_check.->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)