git://git.exim.org
/
exim.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
38a522b
)
Docs: more notes on dnslists
author
Jeremy Harris
<jgh146exb@wizmail.org>
Sat, 13 Feb 2021 15:16:47 +0000
(15:16 +0000)
committer
Jeremy Harris
<jgh146exb@wizmail.org>
Sat, 13 Feb 2021 15:16:47 +0000
(15:16 +0000)
doc/doc-docbook/spec.xfpt
patch
|
blob
|
history
diff --git
a/doc/doc-docbook/spec.xfpt
b/doc/doc-docbook/spec.xfpt
index edba1232fabed75ad7b64834d58eb747178f29fc..782343fd08862737e205a95bf38b3aa42753abc3 100644
(file)
--- a/
doc/doc-docbook/spec.xfpt
+++ b/
doc/doc-docbook/spec.xfpt
@@
-32496,6
+32496,13
@@
Section &<<SECTaddmatcon>>& below describes how you can distinguish between
different values. Some DNS lists may return more than one address record;
see section &<<SECThanmuldnsrec>>& for details of how they are checked.
different values. Some DNS lists may return more than one address record;
see section &<<SECThanmuldnsrec>>& for details of how they are checked.
+.new
+Values returned by a properly running DBSBL should be in the 127.0.0.0/8
+range. If a DNSBL operator loses control of the domain, lookups on it
+may start returning other addresses. Because of this, Exim now ignores
+returned values outside the 127/8 region.
+.wen
+
.section "Variables set from DNS lists" "SECID204"
.cindex "expansion" "variables, set from DNS list"
.section "Variables set from DNS lists" "SECID204"
.cindex "expansion" "variables, set from DNS list"
@@
-32632,6
+32639,14
@@
deny dnslists = relays.ordb.org
.endd
which is less clear, and harder to maintain.
.endd
which is less clear, and harder to maintain.
+Negation can also be used with a bitwise-and restriction.
+The dnslists condition with only be trus if a result is returned
+by the lookup which, anded with the restriction, is all zeroes.
+For example:
+.code
+deny dnslists = zen.spamhaus.org!&0.255.255.0
+.endd
+