On Mon, 11 May 2020, Jeremy Harris via Exim-users wrote:
Question for the list:
Should the behaviour of the "dnslist" condition
be changed to default to "=127.0.0.0&127.0.0.0" ?
Oops, just "&127.0.0.0". After the dnsbl name.
The existing behaviour is to return true if
any value is retrieved.
The rationale would be that most operational DNSBLs
return values in the 127.0.0.0/8 range, but that
dead ones a) tend to apparently list the world
b) get replaced by parked domain websites, so
return some value outside that range.
The upside would be that you don't suddenly start
rejecting all your mail. The downside is that you'd
never notice, and fix it.
The idea sounds tempting to me.
However, 44.26 ACL conditions says:
There are too many different variants
of [dnslists] to describe briefly here.
I think it could confuse debugging to implement this mask "under the
covers". It *would* be reasonable to have an example in the sample
config which has eg.
example.com&127.0.0.0
Put another way, how would the new default "&127.0.0.0"
interact with an ACL condition like
deny dnslists = spamhaus.example/<|192.168.1.2|192.168.6.7|...
(from spec.txt 44.32) ?
Answer: I'd rather not think about that.
--
Andrew C. Aitchison Kendal, UK
[email protected]
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
