On Thu, 2008-04-03 at 13:32 +0100, Giddings, Bret wrote: > deny hosts = +blocked_hosts
To cut a long explanation short, Exim needs to do a reverse lookup if domains exist within that file. It knows the IP of the incoming connection; in order to match that to a domain it needs to lookup the PTR of the calling IP address, and then match the text domain from the file against the returned data. If the file contained "graemef.net", and I sent a mail using my MX, then it would lookup the PTR for 82.113.142.73, get a result of boom.graemef.net, and then match graemef.net against it - it would reject my connection. It's not a very efficient way of doing things, since it requires DNS lookups to return a valid value (which could be a valid PTR, or could just as easily be NXDOMAIN). If the nameserver being queried decides to stall under load, then Exim will stall, waiting for it to return results. You have two things to look at: 1. Why your system's resolver(s) were stalling, and 2. Whether using a hostlist with domain names in it is useful. For now, I'd say the answer to (2) is clearly "no". Graeme -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
