From: DAve
Date: 2007-08-31 09:31:35 -0400
Subject: Re: Milter-ahead and milter-gris. Using the access

Anthony Howe wrote:
> DAve wrote:
>> OK, had a few internal things to sort out, but it is working and now I 
>> am really confused. My access file looks like so,
>> Connect:10.0.241.	OK
> No trailing dot when matching parts of an IP address.
> Connect:10.0.241	OK
>> milter-gris-Connect:	OK
> This white lists EVERYTHING through milter-gris. Since your original 
> Connect line was specified incorrectly, that would explain the problem 
> as to why no white list entry was found.
> This could be diagnosed by increasing the log output with:
> 	versbose=info,trace,db
> The verbose=db show all the access DB lookups and you would see that no 
> match is being found. It would also clarify the lookup sequence. Please 
> note though on a busy server this generates LOTS of output.

Figured that out running verbose=all yesterday afternoon. Corrected and 
working. Not a problem for traffic as this is running on a dev box and 
and sees no traffic except what I provide to it.

>> OK RELAY = yes, affirmative
> RELAY was change in libsnert 1.64 to be ignored by default (sort of like 
> SKIP). To restore previous behaviour specify +smdb-relay-ok. From 
>     +	Added smdb-relay-ok option. When enabled, a right hand side
>     	access.db value of RELAY will be treated the same as a white
>     	list OK value, which is technical correct according to the
>     	sendmail definition. However, some sites want to "filter before
>     	relay" and so do not want to treat RELAY as a white list entry.
>> REJECT ERROR = no, negative
>> SKIP = continue
> SKIP in C or Perl speak would be more equivalent to "break" loop 
> statement, ie. it stops any further access.db lookups for the current 
> token. It is a form of short circuit word. See the sendmail cf/README 
> for their original terse description.

Still trying to wrap my head around these, possibly I need a vacation, 
or a week < 60 hours.



