[exim-dev] [Bug 2631] Option to restrict dnslists to specific networks and log a warning if they return IP addresses outside this range

Author: admin
Date:
To: exim-dev
Old-Topics: [exim-dev] [Bug 2631] New: Option to restrict dnslists to specific networks and log a warning if they return IP addresses outside this range
Subject: [exim-dev] [Bug 2631] Option to restrict dnslists to specific networks and log a warning if they return IP addresses outside this range

https://bugs.exim.org/show_bug.cgi?id=2631

--- Comment #21 from Simon Arlott <bugzilla.exim.simon@???> ---
My ACLs for dnslists are populated from a ${lookup ...} so it's not practical
to go making lots of individual special case checks against IP addresses.
Here's one example but there are 24 of them:

warn
        condition           = ${if isip4{$sender_host_address}{yes}{no}}
        condition           =
${lookup{$acl_m_acl}lsearch*{/redacted/acls/deny-ip4}{yes}{no}}
        dnslists            = \
                ${sg{\

${lookup{$acl_m_acl}lsearch*{/redacted/acls/deny-ip4}{$value}{invalid}}\
                }{ }{:}}
        set acl_m_block_any = ${if
lt{$acl_m_block_any}{1}{1}{$acl_m_block_any}}
        set acl_m_reason    = ${if eq{$acl_m_reason}{}{}{$acl_m_reason\n}}
        set acl_m_reason    = ${acl_m_reason}$sender_host_address is blocked by
$dnslist_domain.\n$dnslist_text
        set acl_m_debug     = $acl_m_debug\
                ${map{<,$dnslist_value}{ \

${lookup{$dnslist_domain=$item}lsearch{/redacted/dnslists}{deny/ip4/$value}{deny/ip4/$dnslist_domain$item}}\
                }}

--
You are receiving this mail because:
You are on the CC list for the bug.

This message is part of the following thread:
	the complete thread tree sorted by date
	admin at

[exim-dev] [Bug 2631] Option to restrict dnslists to specifi…