Mailing List Archive

Checking if a list of domains contains a domain contained in another list?
I don't know if this check can be accomplished in Exim at all - but here
it goes. I need to know if any of the results of a dnsdb lookup which
returns multiple records exists in a predefined dnslist. I'm guessing
this is not really possible, I just thought I'd check.

To expand a bit, I need to know if any of the MX servers of a domain
exists in a dnslist of whitelisted domains. The code below works fine if
the dnsdb MX query returns only one record, but obviously doesn't work
if there are multiple MX records:


domainlist no_extended_callout_mxs = *.fussy_mx1.com : *.fussy_mx2.com

condition = ${if match_domain {${lookup
dnsdb{mx=$sender_address_domain}}}{+no_extended_callout_mxs}}


For example the mx query might return:

10 mx1.exampledomain.com
20 mx2.exampledomain.com
0 exampledomain-com.mail.protection.outlook.com


For example I'm interested in the *.outlook.com domain - I want to know
if it is in the list of mx's - but I am essentially comparing a list
(the list of mx records) with another list (of whitelisted domains)-
which I guess is not possible.

I can't do a straight comparison using the $sender_address_domain, as I
am trying to whitelist domains which use mx's of certain hosting
platforms (such as those hosted on various MS cloud platforms) - which
are really fussy about extended callout verfication (but a major source
of spam at the same time, ironically!)

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Checking if a list of domains contains a domain contained in another list? [ In reply to ]
On 27/02/18 18:35, Sebastian Arcus via Exim-users wrote:
> condition = ${if match_domain {${lookup
> dnsdb{mx=$sender_address_domain}}}{+no_extended_callout_mxs}}
>
>
> For example the mx query might return:
>
> 10 mx1.exampledomain.com
> 20 mx2.exampledomain.com
> 0 exampledomain-com.mail.protection.outlook.com
>
>
> For example I'm interested in the *.outlook.com domain - I want to know
> if it is in the list of mx's - but I am essentially comparing a list
> (the list of mx records) with another list (of whitelisted domains)-
> which I guess is not possible.

Have a look at the foreach/forany expansion conditions, and to
trim the mx priorities away from the mx lookup try the map expansion.

--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Checking if a list of domains contains a domain contained in another list? [ In reply to ]
On 27/02/18 19:18, Jeremy Harris via Exim-users wrote:
> On 27/02/18 18:35, Sebastian Arcus via Exim-users wrote:
>> condition = ${if match_domain {${lookup
>> dnsdb{mx=$sender_address_domain}}}{+no_extended_callout_mxs}}
>>
>>
>> For example the mx query might return:
>>
>> 10 mx1.exampledomain.com
>> 20 mx2.exampledomain.com
>> 0 exampledomain-com.mail.protection.outlook.com
>>
>>
>> For example I'm interested in the *.outlook.com domain - I want to know
>> if it is in the list of mx's - but I am essentially comparing a list
>> (the list of mx records) with another list (of whitelisted domains)-
>> which I guess is not possible.
>
> Have a look at the foreach/forany expansion conditions, and to
> trim the mx priorities away from the mx lookup try the map expansion.

Thank you very much for that suggestion - somehow I never noticed the
foreach/forany operators. As to the mx priorities, I just used the mxh
type lookup which removes them - so it worked out perfectly. I've
enclosed below what I ended up with - in case it helps others:


domainlist no_extended_callout_mxs = *.fussy_mx1.com : *.fussy_mx2.com

condition = ${if forany {${lookup dnsdb{>:
mxh=$sender_address_domain}}} {match_domain
{$item}{+no_extended_callout_mxs}} {true} {false} }


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/