Hello misc@,
I'm experimenting a bit with smtpd, in order to eventually replace my
current FreeBSD/sendmail boxes. Those hosted there are mostly
incoming-only domains.
Now I'm trying to understand mail filtering, as documented in
smtpd.conf(5). It seems to me that *some* goals can be achieved either
using filters or match statements: for example, to block messages coming
from IPs without a rdns record, I could write something like
filter XXX phase connect match !rdns reject XXX
and attach the filter to a listener, or
match !from rdns reject
As far as I understand, the former gives full control and works on a per
listener basis, while the latter does the right thing but acts on every
envelope matching the conditions given, regardless the listener it's
coming from. Match statements can also act only upon messages, while
filters are much more flexible and can, for example, tear down a TCP
connection.
The functions may in part overlap.
Is it correct?
Are there best practices, as "prefer match statements if you can and
eventually escalate to filters" or else?
Thanks,
--
f
