[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Exclude IP or mailserver name from rbl lookup
On Fri, May 02, 2003 at 09:14:45AM -0600, Daryle A. Tilroe wrote:
> Matti Aarnio wrote:
> > I usually list my priority serviced customer networks/hosts
> > with IP address/net literals in smtp-policy.relay file.
> > Those will never get RBL lookups. Often they don't get
> > any other verifications either.
>
> I initially thought of this but for my problem, excluding
> a customer's mta from blacklist lookup, it is not the
> correct solution. I do not want to allow them to relay
> through us.
Right. If I were you, I would:
a) use third RBL variant:
#| Third RBL variant: Late block with RBL+DUL+RSS
_rbl0 rcpt-dns-rbl +:.....
_rbl1 test-rcpt-dns-rbl +
b) Build another aliases:
_default_ip_norbl relaycustomer - acceptifmx - senderokwithdns +
which is straight copy from "[0.0.0.0]/0" label entry without
its "= _rbl0" suffix.
Then put
[1.2.3.0]/24 = _default_ip_norbl
address labels into smtp-policy.relay(.manual) file.
The trick is, that "=" refrerral operator is not recursive!
That is, items following it in produced database will be ignored:
[1.2.3.0]/24 = _default_ip_norbl = _full_rights
That "_full_rights" 'macro' won't have effect at all.
(Consider '=' as "jump", the result is that a global buffer
gets overwritten in the interpreter, and there is nowhere
to return to...)
> In this particular instance it probably was
> not a big hole but consider the case where a person might
> want to exclude a large ISP block from RBL lookups because
> they have temporarily got them selves on, say, the spamcop
> blacklist. I do not want to create a large open relay for
> all their customers just to make sure I get email from them
> while they get off the blacklist.
>
> Daryle A. Tilroe
--
/Matti Aarnio <mea@nic.funet.fi>
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi