Re: [exim] Per-ACL DNS lookup configuration?

Top Page

Reply to this message
Author: David North
Date:  
To: Chris Siebenmann
CC: exim-users
Subject: Re: [exim] Per-ACL DNS lookup configuration?
On 16/01/16 20:43, Chris Siebenmann wrote:
>> This in turn lead to all my incoming mail being deferred by exim -
>> extract from debug output:
>>
>>>>> no IP address found for host foo.example.com (during SMTP connection
>> from (somewhere) [128.66.0.1])
>>>>> foo.example.com in dns_again_means_nonexist? no (option unset)
>>>>> host in "foo.example.com"? list match deferred for foo.example.com
>>>>> deny: condition test deferred in ACL "acl_check_rcpt"
>> 451 Temporary local problem - please try later
>> LOG: H=(somewhere) [128.66.0.1] F=<foo@???> temporarily rejected
>> RCPT <bar@???>
>>
>> Obviously, I don't want some spammer's inability to run a nameserver to
>> defer all my incomimg mail.
>
> I think that what you want to do here is add +ignore_defer to the front
> of the hosts list you're generating based on the DB query.
>
> If you also use IP addresses or netblocks in the DB, you may want
> +ignore_unknown here too. Otherwise an IP address without good reverse
> DNS may cause some amount of your IP addresses (or netblocks) to not
> match.
>
> (This is covered in the documentation in chapter 10 section 16 and
> section 14, but it's easy to miss; I did, years ago, with similar
> effects to what you're seeing here.)


Thanks, that's exactly what I was looking for and is having the desired
effect.

Cheers,
David

--
David North | www.dnorth.net