|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Magnus Bäck (magnus
dsek.lth.se)
Date: Sun Feb 03 2008 - 15:37:06 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sunday, February 03, 2008 at 20:47 CET,
Leonardo Rodrigues Magalhães <leolistassolutti.com.br> wrote:
[...]
> Could you explain me, just to clarify about this questions, what
> would be the difference on using OK and DUNNO on this kind of check ?
OK terminates the traversal of the whole restriction list and
returns OK (possibly causing the message to be accepted if no
other smtpd_xxx_restrictions rejects the message) while DUNNO
only terminates the current restriction without returning any
result. In this particular case, it prevents the DUNNO clients
from getting caught by the 0.0.0.0/0 catchall and thus being
subject to reject_unknown_reverse_client_hostname. Had you used
OK instead you would also have escaped from r_u_r_c, but you
would also bypass all remaining restrictions and effectively
whitelist the client. That would probably not be desirable.
--
Magnus Bäck
magnusdsek.lth.se
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]