On Mon, 11 May 2020, Jeremy Harris via Exim-users wrote:
> Question for the list:
>
> Should the behaviour of the "dnslist" condition
> be changed to default to "=127.0.0.0&127.0.0.0" ?
> Oops, just "&127.0.0.0". After the dnsbl name.
>
> The existing behaviour is to return true if
> any value is retrieved.
>
> The rationale would be that most operational DNSBLs
> return values in the 127.0.0.0/8 range, but that
> dead ones a) tend to apparently list the world
> b) get replaced by parked domain websites, so
> return some value outside that range.
>
> The upside would be that you don't suddenly start
> rejecting all your mail. The downside is that you'd
> never notice, and fix it.
The idea sounds tempting to me.
However, 44.26 ACL conditions says:
There are too many different variants
of [dnslists] to describe briefly here.
I think it could confuse debugging to implement this mask "under the
covers". It *would* be reasonable to have an example in the sample
config which has eg.
example.com&127.0.0.0
Put another way, how would the new default "&127.0.0.0"
interact with an ACL condition like
deny dnslists = spamhaus.example/<|192.168.1.2|192.168.6.7|...
(from spec.txt 44.32) ?
Answer: I'd rather not think about that.
--
Andrew C. Aitchison Kendal, UK
andrew@???
