Bug#387078: exim4-config: local_host_whitelist man page entries a
bit confusing
Ross Boylan
ross at betterworld.us
Tue Sep 12 16:09:56 UTC 2006
On Tue, Sep 12, 2006 at 09:39:08AM +0200, Marc Haber wrote:
> On Mon, Sep 11, 2006 at 11:15:19PM -0700, Ross Boylan wrote:
> > The man page describing local_host_whitelist could be a little clearer.
> >
> > First, there is no subhead in the DESCRIPTION section for
> > local_host_whitelist.
> >
> > Second, the fact that this file was only mentioned under
> > local_host_blacklist, along with the text "For convenience, as an
> > additional method to whitelist addresses from being blocked, an
> > explicit whitelist is read in from
> > /etc/exim4/local_host_whitelist. Entries in the whitelist override
> > corresponding blacklist entries. " supported the 2nd of 2
> > interpretations:
> > 1) if the sending host is on the whitelist, the message will be
> > accepted.
> > 2) if the sending host is on the blacklist and the whitelist, it will
> > not be blocked because of the whitelist, but it might be blocked for
> > other reasons.
> >
> > I think, after looking at the code, that 1) is what is happening.
>
> Right.
I don't seem to be getting the behavior of 1).
/etc/exim4/local_host_whitelist
63.123.252.6
but I still get
2006-09-12 02:48:48 Direct remote connection from 63.123.252.6 claiming to be EXCHFR102.domain-01.com
2006-09-12 02:49:08 no IP address found for host EXCHFR102.domain-01.com (during SMTP connection from (EXCHFR102.domain-01.com) [63.123.252.6])
2006-09-12 02:49:48 63.123.252.6 pretending to be EXCHFR102.domain-01.com
2006-09-12 02:50:09 H=(EXCHFR102.domain-01.com) [63.123.252.6]
F=<xxx at xxxxxxxxx> rejected RCPT <xxx at xxx>:
[edresses obscured].
I did an invoke-rc.d exim4 reload before this (though I don't think
that should have been necessary).
I've customized my rules significantly, not only enabling the check of
reverse DNS but plugging in some of my own ACL's or fragments. I need
to check exactly what's going on.
>
> > At the moment, it happens to be what I want (in particular, someone
> > is sending me mail from a machine without proper DNS entries).
> >
> > So I think it would be good to give local_host_whitelist a separate
> > entry, and to clarify if interpreation 1, 2, or something else is
> > correct.
>
> I agree. Can you give a text proposal or a patch for the man page?
>
I can do that after I make sure I understand how it's working. As I
said, I suspect it's just some local stuff that is breaking the
expected behavior.
Ross
More information about the Pkg-exim4-maintainers
mailing list