[rbldnsd] Excluding a CIDR range
Matthew Sullivan
matthew at sorbs.net
Fri Dec 2 00:29:39 MSK 2005
Chris Gabe wrote:
> It seems that the ! directive works only on individual ip addresses,
> not address ranges.
> I need to exclude a long list of CIDRs, effectively something like this
> !1.2/16
> !3.4.5/24
> .... (many more entries)
> Short of expanding these all out, is there any way to effect this?
>
This one can be answered in the archives...
exclusions will always work if the CIDR mask is smaller than 24 (ie 25
-> 32). However because of the way rbldnsd stores each entry internally
if you have the following:
1.2.0.0/16
!1.2.3.0/24
1.3.4.128/25
!1.3.4.0/24
1.4.4.0/22
!1.4.5.0/24
Then the range 1.2.3.0/24 *will* be excluded,. but 1.3.4.128/25 *will
not* be excluded, and 1.4.5.0/24 *will* be excluded. The boundaries for
this behavior are /8, /16 and /24.
Regards,
Mat
PS: I still think we should have some sort of 'super exclude' which
always overrides so people can whitelist their own ranges there the MTA
has no mechanism for this.
More information about the rbldnsd
mailing list