EASY steve.h...@digitalcertainty.co.uk a écrit : > On Fri, 2009-06-12 at 12:51 +0200, Magnus Bäck wrote: >> On Fri, June 12, 2009 12:12 pm, Steve said: >> >>> Is this right? >>> >>> "You cannot whitelist a sender or client in an access list to bypass >>> header or body checks. Header and body checks take place whether you >>> explicitly "OK" a client or sender, in access lists, or not." >> Yes, that's correct. >> > Is there any kind of feature request to change this behaviour? Such as > allowing a map list of client ip's or ranges that can 'hop over' the > header/body checks all together? >
well, the hard part is to come up with a design that is generic/flexible/... it is possible that different people/sites want different things. if this is true, then "the thing" is better implemented via proxy_filter or milters. of course, if you have a good design in mind, please share it. the problem here is to chose between a simple design (such as a "table driven checks") and a complete design (if/then/else/for/while ... grammar). if it's too complex, I 'd prefer to run a series of programs. > If I forward a spam mail to an abuse department quoting full headers > (even in the body of the mail) they seem to 'catch' on header rules. by default: mime_header_checks = $header_checks nested_header_checks = $header_checks so header_checks apply to more than 822 headers. > I'm > not sure if this is a bug/'feature' - but to have to keep commenting out > certain rules to get them sent is a minor hassle. I personally only use few header_checks (reject "forged" mail, reject unauthorized attachments).
