From: Anthony Howe
Date: 2010-10-18 04:26:28 -0400
Subject: Re: tagless access.db entries and milters
On 14/10/2010 13:25, Andrew Lyon whispered from the shadows...:
> The only option to avoid using tagless entries seems to be adding
> entries like this:
> To:domain.com "550 User Unknown"
> To:firstname.lastname@example.org OK
> milter-spiff-To:email@example.com SKIP
> milter-clamc-To:firstname.lastname@example.org SKIP
> To:email@example.com OK
> milter-spiff-To:firstname.lastname@example.org SKIP
> milter-clamc-To:email@example.com SKIP
> Which seems messy and will increase the size of the access.db by quite
> a large number of records.
> Is there another way?
The milters default to using the Sendmail access.db with the idea of
centralising the data in one key-value database. There is no reason that
the access.db could be split into two: a pure Sendmail only access.db
and a milter.db in which the milters' access-db option is altered to
point to /etc/mail/milter.db.
This means separating the data into two files, but this might be the
wiser course of action in certain situations. This allows for
configuring libsnert with --enable-access-tagless and relinking the
milters. This separation of data decouples from the dependency on
Sendmail's access.db past & future changes and allows more flexibility
in the milters.
The alternative is to added yet another tag (to replace the tagless
form), ie. "snertsoft-milter:" or "milter-all:" (or some such), that
SnertSoft milters check. I don't fancy this change as it increases the
number of lookups required (same as if tagless were enabled).
The separation of Sendmail ACL and milter ACL data seems wiser.
Anthony C Howe Skype: SirWumpus SnertSoft
Twitter: SirWumpus BarricadeMX & Milters
http://snert.com/ http://nanozen.info/ http://snertsoft.com/
Copyright 2009, 2012 by SnertSoft. All rights reserved.