Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Alexandre Balistrieri (balisir.inpe.br)
Date: Thu Jun 28 2007 - 12:29:56 CDT
On Thursday 28 June 2007, mouss wrote:
> Alexandre Balistrieri wrote:
> > On Wednesday 27 June 2007, mouss wrote:
> >> Alexandre Balistrieri wrote:
> >>> It seems that the flow's control is better using OK or DUNNO with
> >>> separate restriction's stages. OK goes to the next stage and DUNNO goes
> >>> to the next line into stage. Let me know if i am in right track.
> >> It's too late to assess your statement, but I see what you mean. This is
> >> however rarely needed. see below. and in your case, you are repeating
> >> the same checks, so that's useless.
> > It seems that it has a trend in using only smtpd_recipient_restrictions.
> > Then why not to substitute all for smtpd_uce_restrictions?
> you're misunderstading me. I said to use smtpd_recipient_restrictions
> only _because_ you were repeating the _same_ checks all over again. It
> is ok to do
Sorry, i did not can to explain my conclusion.
I have seen several smtpd_recipient_restrictions examples with all
restrictions together but no useful example with smtpd_*_restrictions.
I will put it all together again.
> smtpd_helo_restrictions =
> smtpd_sender_restrictions =
> smtpd_recipient_restrictions =
> but in your setup, you are duplicating a dozens of checks (probably to
> whitelist some clients/sender/...). so you had to add permit_sasl_auth
> in many places to allow your outlook to go.
> PS. whitelisting based on sender address is dangerous. These things are
> easily forged.
thank you for your help.