[Pkg-exim4-users] More resilient "local_host_whitelist"ing?

Daniel Collis-Puro dan at endpoint.com
Wed Sep 6 14:13:10 UTC 2006

Exim folks,

We've set up a proxying spam/virus filter via exim-daemon-heavy and all
the usual suspects(spamassassin, clamav, dcc, pyzor, razor, various
rbls) - 'tis a thing of beauty: fast, efficient, accurate and no

Anyway: we'd like to ensure that a set of hosts never get mail rejected
at the exim level by listing them in the default "local_host_whitelist"
config, but we also don't want to do "ad hoc" DNS caching by entering IP
addresses in that file.


The problem with putting hostnames in that file is that - when a
hostname can't resolve - exim issues a temporary reject to every message
it sees. EVERY message. Until the hostname resolves again.

We've got a caching DNS server in place on this box (helps with RBL
lookups IMMENSELY), but we don't control the DNS for all the domains we
need to whitelist.


Is there an easy way to set up the stanza below (in
conf.d/acl/20_exim4-config_whitelist_local_deny) to "defer" lookups when
a whitelisted hostname can't be resolved, just like you can defer other

         hosts = ${if exists{CONFDIR/local_host_whitelist}\

To me - deferring whitelisted domain lookups would be ideal : we
wouldn't have to stay aware of IP address changes on whitelisted
hostnames, and exim would just continue to process a message when a
whitelisted domain has a DNS hiccup.

If not, then we'll probably just implement a cron job to take our
desired list of hostnames and dump the IP addresses they resolve to into

Thanks in advance!


Daniel Collis-Puro
Software Engineer
End Point Corp.
dan at endpoint.com
(office) 781-477-0885
(cell)   781-775-1338

More information about the Pkg-exim4-users mailing list