On Tue, Feb 19, 2008 at 02:29:16PM -0000, ondrej_v0 wrote: > Very different: > 1. racl tls /.*/ won't work. You probably wanted to say racl tls_re /.*/ > 2. It only work for those who present their private certificate which > is very, very rare. In most cases MTA's have no private certificate > 3. My fix enable to whitelist even those w/o a private certificate... What about mathing clients that do not present a certificate? That way, you can match any certificate, including none (with two ACL), and you can also allow TLS with a certificate but not TLS without a certificate. -- Emmanuel Dreyfus manu@...
Message
Re: [milter-greylist] Re: whitelist STARTTLS compliant senders
2008-02-19 by Emmanuel Dreyfus