Re: [exim] Matching a client's IP address against a hostlist

Page principale
Ce message fait partie du fil suivant :
MArborescence complète du fil triée par date
MMike Brudenell à <-
M 
Supprimer ce message
Répondre à ce message
Auteur: Mike Brudenell
Date:  
À: Exim Users
Sujet: Re: [exim] Matching a client's IP address against a hostlist
*Double-ouch!!*

I've reworked my accept ACL with the broken string expansion into a two
separate ACLs. The first identifies hosts in *+mail_server_hosts* and
selects *cutthrough_delivery*; the second does traditional delivery in
*submission* mode.

Why the double-ouch?

I tested in by hand using my normal

exim -bhc clientipaddress -oMi serveripaddress.port -v -d+all

and hand-cranked the SMTP.

When I used an IP address that resulted in traditional delivery with
submission mode all was fine: the fake session ran through and told me what
Exim would do, finishing by showing me the Exim message id and telling me
it's fake.

When I tested with a different IP address that instead selected
cutthrough_delivery my test message *really did get sent*! (And the Exim
message id shown me at the end telling me it's a fake really is assigned to
the message.)

Eeek! I'll rummage in the bug tracker system and see if this is known
about/fixed in a version after 4.82; if not I'll report it.

Thought I'd record it here in case it helps someone else now or in the
future.

Cheers,
Mike B-)


On 24 February 2016 at 15:19, Mike Brudenell <mike.brudenell@???>
wrote:

> Ouch! You're right: too much effort. I'll take the two ACL route.
>
> Many thanks again,
> Mike B-)
>
> On 24 February 2016 at 15:14, Jeremy Harris <jgh@???> wrote:
>
>> On 24/02/16 14:57, Mike Brudenell wrote:
>> > Does anyone have any thoughts on whether it's possible to do the
>> equivalent
>> > of a *hosts* type match within a string expansion?
>>
>> Yes. But it's more effort than it's worth.
>>
>> - walk list-to-match
>> - spot IP addresses vs. names
>> - do dnsdb lookups
>> - walk multiple returns
>> - compare against sender_ip
>> - go round again having remembered ipv6
>
>
> --
> Systems Administrator & Change Manager
> IT Services, University of York, Heslington, York YO10 5DD, UK
> Tel: +44-(0)1904-323811
>
> Web: www.york.ac.uk/it-services
> Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm
>



--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811

Web: www.york.ac.uk/it-services
Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm
Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] Matching a client's IP address against a hostlistRe: [exim] Troubleshoot callout cache not working->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)