[milters] Archive

Lists Index Date Thread Search

Article: 1117
From: Anthony Howe
Date: 2010-10-18 04:26:28 -0400
Subject: Re: tagless access.db entries and milters

On 14/10/2010 13:25, Andrew Lyon whispered from the shadows...:
> The only option to avoid using tagless entries seems to be adding
> entries like this:
> 
> To:domain.com "550 User Unknown"
> To:a.valid.user@domain.com        OK
> milter-spiff-To:a.valid.user@domain.com        SKIP
> milter-clamc-To:a.valid.user@domain.com       SKIP
> To:another.valid.user@domain.com        OK
> milter-spiff-To:another.valid.user@domain.com        SKIP
> milter-clamc-To:another.valid.user@domain.com        SKIP
> 
> Which seems messy and will increase the size of the access.db by quite
> a large number of records.
> 
> Is there another way?

The milters default to using the Sendmail access.db with the idea of
centralising the data in one key-value database. There is no reason that
the access.db could be split into two: a pure Sendmail only access.db
and a milter.db in which the milters' access-db option is altered to
point to /etc/mail/milter.db.

This means separating the data into two files, but this might be the
wiser course of action in certain situations. This allows for
configuring libsnert with --enable-access-tagless and relinking the
milters. This separation of data decouples from the dependency on
Sendmail's access.db past & future changes and allows more flexibility
in the milters.

The alternative is to added yet another tag (to replace the tagless
form), ie. "snertsoft-milter:" or "milter-all:" (or some such), that
all
SnertSoft milters check. I don't fancy this change as it increases the
number of lookups required (same as if tagless were enabled).

The separation of Sendmail ACL and milter ACL data seems wiser.

-- 
Anthony C Howe            Skype: SirWumpus                  SnertSoft
                        Twitter: SirWumpus      BarricadeMX & Milters
http://snert.com/      http://nanozen.info/     http://snertsoft.com/

Lists Index Date Thread Search