[bug] 'Invalid netblock' when enabling dnsbl exemption

[rmoesbergen]

When adding a dnsbl exemption, we get the following error when a new inbound connection is made over IPV6:

On the outside exim reports a 'temporary local problem': mx01-asd2.solvinity.com has IPv6 address 2a00:1558:2801:4::2:0

Ncat: Connected to 2a00:1558:2801:4::2:0:25. 220 mx01-asd2.solvinity.com ESMTP Baruwa Fri, 23 Sep 2016 15:52:49 +0200 HELO helo 250 mx01-asd2.solvinity.com Hello helo [2a01:7c8:aab5:4f6::1] MAIL FROM:xxx@asp4all.nl 250 OK RCPT TO: xxx@asp4all.nl 451 Temporary local problem - please try later

In the logs on the server, we see: 2016-09-23 15:53:17 H=lnx1971vm.asp4all.nl (helo) [2a01:7c8:aab5:4f6::1] F=xxx@asp4all.nl temporarily rejected RCPT xxx@asp4all.nl: failed to expand ACL string "${if and {{eq {${lookup{$sender_host_address}cdb{/var/lib/baruwa/data/db/skip_dnsbl.cdb}{0}{1}}}{1}}{eq {${perl{ip_in_network}{/var/lib/baruwa/data/db/skip_dnsbl.cdb}{$sender_host_address}}}{false}}}}": Invalid netblock: 212.54.47.255-42.1.7.200.170.181.4.246.0.0.0.0.0.0.0.1 at /usr/share/baruwa/baruwa-exim.pl line 62

This blocks all incoming e-mail using ipv6... Disabling the dnsbl whitelists solves the issue. Looks like another ipv6 vs. ipv4 bug...

[rmoesbergen]

More info: this started when we upgraded to:

baruwa-salt-0.0.9-7.el6.noarch

Which says: '- FIX: DNSBL Excemptions logical bugs'.

[akissa]

Yes this is an ipv6->ipv4 bug. How urgent is this for you ?

[rmoesbergen]

I'd say 'Medium'. We can't use dnsbl whitelists now. I hope the dnsbl's behave themselves...

I see quite some bugs/features tied to version '2.1.4'. Is there a timeframe set for the release of this version?

[akissa]

Fix has been released for this, please test and update. 2.1.4 is due in december - https://github.com/baruwaproject/baruwa2/milestones

[rmoesbergen]

Tested and works. Thanks for the quick fix!