[exim] Matching a client's IP address against a hostlist

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
MJeremy Harris at ->
Delete this message
Reply to this message
Author: Mike Brudenell
Date:  
To: Exim Users
Subject: [exim] Matching a client's IP address against a hostlist
Dear all,

Apologies for what I think (hope!) will be a basic question but I've drawn
a blank. I'm sure it must be possible somehow, but…

I have a *hostlist* named *mail_server_hosts* that will contain textual DNS
names of hosts, and possibly some numeric IP addresses). For example,

hostlist mail_server_hosts = mta.york.ac.uk : mta2.york.ac.uk :
144.32.1.0/24


I know that I can test the host transmitting a message to me against this
in an ACL using *hosts*. For example,

accept hosts = +mail_server_hosts


What I would like to do though is to use string expansion to match see if
the IP address of the connecting host is present in the list and then
select one of two values. This is for an *accept* ACL that accepts a
message if it's coming from a client listed in *+relay_from_hosts* but
select a different value for a control depending on whether or not it's
also listed in *+mail_server_hosts*.

What I instinctively tried is something like this, expecting Exim to work
its magic and resolve the textual DNS names into the one or more IP
addresses associated with them:

hostlist relay_from_hosts = <; 144.32.0.0/16 ; 2001:0630:0061::/48
hostlist mail_server_hosts = mta.york.ac.uk : mta2.york.ac.uk 

accept  hosts   = +relay_from_hosts
        control = ${if match_ip {$sender_host_address} {+mail_server_hosts}
\
                       {cutthrough_delivery} \
                       {submission/sender_retain}}
        control = dkim_disable_verify



However this fails, logging

list matching forced to fail: cannot match host name in match_ip list


and re-reading the *Specification* explained that the second argument to
match_ip had to "restricted host list that can match only an IP address,
not a host name".

I've scoured the string expansions section but can't spot anything that
will let me achieve this. Is it possible? If so, what's the magic
incantation please?

Or must I do it as separate *accept* ACLs, in which case is it OK to have
two *hosts* lines within a single ACL and will this require both to be true?

With many thanks,
Mike B-)

--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811

Web: www.york.ac.uk/it-services
Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Troubleshoot callout cache not workingRe: [exim] Matching a client's IP address against a hostlist->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)