diff options
author | Philip Hazel <ph10@hermes.cam.ac.uk> | 2007-01-17 11:17:58 +0000 |
---|---|---|
committer | Philip Hazel <ph10@hermes.cam.ac.uk> | 2007-01-17 11:17:58 +0000 |
commit | 431b736177e2cdfd0b4da4c8545d8b732286abe1 (patch) | |
tree | d7e40e4cdb12e9c0297384aaa05d03b8ad3230db /doc/doc-txt/NewStuff | |
parent | 22ad45c9e84aa0caab29371080c66e02f2b0aea2 (diff) |
Fix negated dnslists item bug; add == and =& features, courtesy Brad
Jorsch.
Diffstat (limited to 'doc/doc-txt/NewStuff')
-rw-r--r-- | doc/doc-txt/NewStuff | 70 |
1 files changed, 69 insertions, 1 deletions
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index a24a21226..960f93ce8 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/NewStuff,v 1.126 2007/01/15 15:59:22 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/NewStuff,v 1.127 2007/01/17 11:17:58 ph10 Exp $ New Features in Exim -------------------- @@ -38,6 +38,74 @@ Version 4.67 setting of 10 for smtp_accep_max_nonmail, the connection will in any case be aborted before 20 non-mail commands are processed. + 2. When an item in a dnslists list is followed by = and & and a list of IP + addresses, in order to restrict the match to specific results from the DNS + lookup, the behaviour was not clear when the lookup returned more than one + IP address. For example, consider the condition + + dnslists = a.b.c=127.0.0.1 + + What happens if the DNS lookup for the incoming IP address yields both + 127.0.0.1 and 127.0.0.2 by means of two separate DNS records? Is the + condition true because at least one given value was found, or is it false + because at least one of the found values was not listed? And how does this + affect negated conditions? + + The behaviour of = and & has not been changed; however, the text below + documents it more clearly. In addition, two new additional conditions (== + and =&) have been added, to permit the "other" behaviour to be configured. + + A DNS lookup may yield more than one record. Thus, the result of the lookup + for a dnslists check may yield more than one IP address. The question then + arises as to whether all the looked up addresses must be listed, or whether + just one is good enough. Both possibilities are provided for: + + . If = or & is used, the condition is true if any one of the looked up + IP addresses matches one of the listed addresses. Consider: + + dnslists = a.b.c=127.0.0.1 + + If the DNS lookup yields both 127.0.0.1 and 127.0.0.2, the condition is + true because 127.0.0.1 matches. + + . If == or =& is used, the condition is true only if every one of the + looked up IP addresses matches one of the listed addresses. Consider: + + dnslists = a.b.c==127.0.0.1 + + If the DNS lookup yields both 127.0.0.1 and 127.0.0.2, the condition is + false because 127.0.0.2 is not listed. You would need to have + + dnslists = a.b.c==127.0.0.1,127.0.0.2 + + for the condition to be true. + + When ! is used to negate IP address matching, it inverts the result, giving + the precise opposite of the behaviour above. Thus: + + . If != or !& is used, the condition is true if none of the looked up IP + addresses matches one of the listed addresses. Consider: + + dnslists = a.b.c!&0.0.0.1 + + If the DNS lookup yields both 127.0.0.1 and 127.0.0.2, the condition is + false because 127.0.0.1 matches. + + . If !== or !=& is used, the condition is true there is at least one looked + up IP address that does not match. Consider: + + dnslists = a.b.c!=&0.0.0.1 + + If the DNS lookup yields both 127.0.0.1 and 127.0.0.2, the condition is + true, because 127.0.0.2 does not match. You would need to have + + dnslists = a.b.c!=&0.0.0.1,0.0.0.2 + + for the condition to be false. + + When the DNS lookup yields only a single IP address, there is no difference + between = and == and between & and =&. + Version 4.66 ------------ |