Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: [milter-greylist] Re: Suggested improvements to dacl processing: what do you prefer?

2009-11-05 by manu@netbsd.org

reschauzier <reschauzier@...> wrote:

> The milter does not work, on the other hand, for message authentication
> systems such as DomainKeys and DKIM. reason is that the dacl can
> override a racl whitelist, but not a racl greylist or blacklist.

Of course: if a RCPT stage ACL reject the message for all recipients,
there is no DATA stage ACL.

If you want to use DKIM, you will have to whitelist the sender's domain
at RCPT stage ACL:

racl whitelist from /@foo\.com$/
dacl whitelist from /@foo\.com$/ dkim pass
dacl blacklist from /@foo\.com$/ msg "foo.com must use DKIM"

Of course it you do that with multiple domains, a list will be usefull.
Or even better, a DNSRBL of domains using DKIM.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.