On 2008-09-21 at 16:07 -0700, Phil Pennock wrote:
> On 2008-09-21 at 15:49 -0700, Marc Perkel wrote:
> > Looking up NZ records as follows:
> >
> > set acl_c_ns = ${lookup dnsdb{ns=$acl_c_sender_host_domain}{$value}fail}
> >
> > But what I want to do is look up each nameserver to see if any match a
> > black list. How would I do that?
>
> forany{<list>}{<condition>}
Oh, right, there's no dnsbl{} expansion. Perhaps there should be,
returning something ${extract...}-able.
Okay, use zns (to deal with mail domains which are sub-domains of where
the zone cut is), map an A lookup, accept that this won't support IPv6
and get by with this, pending a future Exim release to do things
"better". (I have no time to write a patch today)
This first uses 0.0.0.0 as a dummy unmatched value for cases where there
is no A record (ns-nl1.globnix.net is one of mine which only has AAAA,
or cases where it's a broken delegation) by way of demonstration.
Your base is to make a list of the IP addresses:
${map{${lookup dnsdb{>: zns=$acl_c_sender_host_domain}}}{${lookup dnsdb{>:
a=$item}{$value}{0.0.0.0}}}}
and assign it to, say, acl_c_nsips which will let you just use
$acl_c_nsips for the list of all IP addresses (with optional bogus
0.0.0.0 in there).
Eg, looking for mail.spodhuis.org (pretending it's a mail domain):
212.13.204.40:0.0.0.0:70.85.31.202:193.202.115.177:193.201.200.77
So let's strip those bogus entries now that this demonstrates why I'm
filtering:
set acl_c_nsips = ${filter {${map{${lookup dnsdb{>:
zns=$acl_c_sender_host_domain}}}{${lookup dnsdb{>: a=$item}}}}}{!eq{$item}{}}}
So then:
set acl_c_nsips_rev = ${map{$acl_c_nsips}{${if
match{$item}{\N^(\d+)\.(\d+)\.(\d+)\.(\d+)$\N}{$4.$3.$2.$1}}}}
Now you have a list of the reverse-dotted-quad IPv4 addresses of the NS
resolvers for the first NS found walking up DNS from the mail domain.
Now you use forany. :)
${if forany{$acl_c_nsips_rev}{!eq{${lookup
dnsdb{a=$item.zen.spamhaus.org}}}{}} {EVIL}{grudging-pass}}
Regards,
-Phil
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
