[milters] Archive

Lists Index Date Thread Search

Article: 1163
From: Anthony Howe
Date: 2006-10-01 05:03:05 -0400
Subject: Re: Milter-sender and access file question

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Rose, Bobby wrote:
> Is it possible to skip sender verification on a specific mail from to a
> specific rcpt to?  I'm not sure if the NEXT action would do this or not
> based on the examples on the man page.

No. There currently does NOT exist any means to black/white list combos 
like sender/recipient, sender/client, sender/recipient/client, etc.

The NEXT action is the opposite of SKIP and intended for pattern lists 
where none of the patterns match and so you want to resume the access 
lookup following the pattern list entry.

For example:

milter-sender-connect:10.0		OK
milter-sender-connect:10.0.1		[10.0.1.32/29]REJECT NEXT

I can white list all of 10.0.0.0/16, except a small subnet on 
10.0.1.32/29. First sendmail has no CIDR support, but using a pattern 
list I can specify a LHS that acts as a selector for the general range 
and then a RHS pattern list with a CIDR for a more precise check. So if 
a host 10.0.1.167 connects, it should be white listed, but the 10.0.1 
would match, but the CIDR pattern would not. NEXT action resumes the 
access lookup so that I'll find the 10.0 white list entry.

The above could have been written also like:

milter-sender-connect:10.0		[10.0.1.32/29]REJECT OK

-- 
Anthony C Howe          Skype: SirWumpus                    SnertSoft
+33 6 11 89 73 78         AIM: SirWumpus    Sendmail Milter Solutions
http://www.snert.com/     ICQ: 7116561
     http://www.snertsoft.com/

Lists Index Date Thread Search