Milter-greylist

Remy Card <Remy.Card@...> wrote:

>       The patch against milter-greylist 1.5.8 is enclosed.  Comments are
> welcome!

Well we started talking about this by private e-mail...

It's being a long time I had the envy of replacing the testmode by
something more general. My idea was to implement access lists. Something
like this:

rcpt-acl bypass /.*@.../ 
rcpt-acl greylist /.*@.../
rcpt-acl greylist /webmaster@.*.example.com/
rcpt-acl bypass webmaster@...

And last match win. Default is to greylist anything, except if testmode
is on.

testmode and rcpt would still be available but would be deprecated in
favor of rcpt-acl. testmode would be equivalent to starting the config
by rcpt-acl bypass /.*/

For the future, we could add sub access-lists (a la head/group in
IPfilter), but that can be kept for later.

The problem I have with that approach is the relation to the addr,
domain and from keywords. addr-acl domain-acl and from-acl could be
added, but should we have a global ACL for all keywoards, or a
per-keyword ACL. Given that rcpt is used quite differently than addr,
domain and from, a per-keyword ACL could be better. I'd like opinions
about this.

The difference with your norcpt proposal is that you stop on the first
match, as I understand. I think it could be interesting to build ACLs.

Opinions?

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...