[milters] Archive

Lists Index Date Thread Search

Article: 1668
From: DAve
Date: 2007-08-31 09:31:35 -0400
Subject: Re: Milter-ahead and milter-gris. Using the access

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Anthony Howe wrote:
> Removal...........: milters-request@milter.info?subject=remove
> More information..: http://www.milter.info/#Support
> --------------------------------------------------------
> 
> DAve wrote:
>> OK, had a few internal things to sort out, but it is working and now I 
>> am really confused. My access file looks like so,
>>
>> Connect:10.0.241.	OK
> 
> No trailing dot when matching parts of an IP address.
> 
> Connect:10.0.241	OK
> 
>> milter-gris-Connect:	OK
> 
> This white lists EVERYTHING through milter-gris. Since your original 
> Connect line was specified incorrectly, that would explain the problem 
> as to why no white list entry was found.
> 
> This could be diagnosed by increasing the log output with:
> 
> 	versbose=info,trace,db
> 
> The verbose=db show all the access DB lookups and you would see that no 
> match is being found. It would also clarify the lookup sequence. Please 
> note though on a busy server this generates LOTS of output.

Figured that out running verbose=all yesterday afternoon. Corrected and 
working. Not a problem for traffic as this is running on a dev box and 
and sees no traffic except what I provide to it.

> 
> 
>> OK RELAY = yes, affirmative
> 
> RELAY was change in libsnert 1.64 to be ignored by default (sort of like 
> SKIP). To restore previous behaviour specify +smdb-relay-ok. From 
> CHANGES.TXT 1.64
> 
>     +	Added smdb-relay-ok option. When enabled, a right hand side
>     	access.db value of RELAY will be treated the same as a white
>     	list OK value, which is technical correct according to the
>     	sendmail definition. However, some sites want to "filter before
>     	relay" and so do not want to treat RELAY as a white list entry.
> 
>> REJECT ERROR = no, negative
>> SKIP = continue
> 
> SKIP in C or Perl speak would be more equivalent to "break" loop 
> statement, ie. it stops any further access.db lookups for the current 
> token. It is a form of short circuit word. See the sendmail cf/README 
> for their original terse description.
> 

Still trying to wrap my head around these, possibly I need a vacation, 
or a week < 60 hours.

Thanks,

DAve


-- 
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?

Maybe they forgot who made that choice possible.

Lists Index Date Thread Search