On Thu, Sep 30, 2004 at 03:38:29PM +0200, Cyril Guibourg wrote: > Emmanuel Dreyfus <manu@...> writes: > > > Another problem is that it does not cope very well with the rcpt-acl > > idea. Maybe we can come to a much more general acl syntax. Anyone has > > a proposition? Squid has already invented this particular wheel, yes? from squid.conf (with changes)... # TAG: acl # Defining an Access List # # acl aclname acltype string1 ... # acl aclname acltype "file" ... # # when using "file", the file should contain one item per line # # acltype is one of the types described below # # By default, regular expressions are CASE-SENSITIVE. To make # them case-insensitive, use the -i option. # # acl aclname src ip-address/netmask ... (clients IP address) # acl aclname src addr1-addr2/netmask ... (range of addresses) # # acl aclname srcdomain .foo.com ... # sender domain match # acl aclname srcsender grandma ... # exact match on sender # acl aclname dstdomain .foo.com ... # Destination server # acl aclname dstrecip jimmy ... # Exact match on recipient # acl aclname srcdom_regex [-i] xxx ... # regex matching sender domain # acl aclname dstdomain_regex [-i] xxx ... # regex matching recipient domain # acl aclname srcsender_regex [-i] xxx ... # regex matching sender name # acl aclname dstrecip_regex [-i] xxx ... # regex matching recipient So then after defining your acls, action whitelist aclname1 action whitelist aclname2 ... action greylist all results in a "non-testing" mode for a "first match wins" scenario. This lets you get away from the testing / non-testing mode, as you can just alter the action for the "all" acl at the end to switch modes. Of course, this makes your configuration hideously complex :] Graham
Message
Re: [milter-greylist] Patch to milter-greylist - adds norcpt keyword
2004-09-30 by Graham Dunn