Noel Jones schrieb:
Ronald F. Guilmette wrote:
It's easy enough to just pass a copy of $mynetworks to an external
policy
server, e.g. via the command line argv.
This won't work for policy servers which are not called by postfix
spawn. Maybe it'd be better to exec "postconf mynetworks".
Anyway - all of these approaches like parsing main.cf or calling
"postconf mynetworks" suffer from difficulties in multi instance setups.
And in any case there's a lot of overhead to compute things (fopen, cidr
compare, ...), which have already been determined by postfix. So, I'd
agree to say that sth like 'client_within_mynetworks=(yes/no)' could be
a useful extension to the policy delegation protocol. Other common
smtpd_*_restrictions like tls-* oder sasl_* values are already reflected
by attributes, which allows to use them in a very efficient way - why
not follow the same logic for mynetworks?
