On 6 Feb 2006, at 13:34, Philip Hazel wrote:
The reason for the existence of dns_check_names_pattern is that some
resolvers give (gave?) temporary errors instead of "no such record"
when
presented with a name containing "strange" characters. There shouldn't
actually be a need for dns_check_names_pattern.
this is enough for me to put
dns_check_names_pattern =
as my resolver (tested with dig)
returns NXDOMAIN. I am not sure this will be a guarantee of any sort,
as the temporary
error might sneak in from another server if the character is legal
but does confuse the target
server.
Atch, I though I would test this against microsoft so I typed:
dig p/d.microstoft.com
;; QUESTION SECTION:
;p/d.microstoft.com. IN A
;; ANSWER SECTION:
p/d.microstoft.com. 3600 IN A 64.49.213.238
what the...? (you'll find that it's just a wildcard record.)
With dns_check_names_pattern my ACL works as expected. Now it's just
a question of
waiting for some more spam to get that far...
g
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
