On Mon, Mar 29, 2010 at 06:13:15PM +0200, Steve wrote: > > -------- Original-Nachricht -------- > > Datum: Mon, 29 Mar 2010 19:00:36 +0300 > > Von: Henrik K <h...@hege.li> > > An: postfix-users@postfix.org > > Betreff: Re: max length of pcre rule? > > > On Mon, Mar 29, 2010 at 05:17:22PM +0200, Louis-David Mitterrand wrote: > > > On Mon, Mar 29, 2010 at 04:55:19PM +0200, Steve wrote: > > > > > You if/endif suggestion for the prefix is interesting. > > > > > > > > > > For added safety, the individual rules should be anchored with ^ and > > the > > > > > bracketed atom plussed, no? > > > > > > > > > > /^[^:]+:.+ > > > > > > > > > Yes. You are right. But to be honest this should be enough (just an > > example): > > > > 001) if > > /^Received|X\-((Origin(ating)?|Client|MDRemote|Sender)\-?IP|(Client|Remote_)Addr|PHP\-Script):/ > > > > 002) /\b(127\.0.\d+\.\d+)\b/ REJECT aviso.ci junk 2 > > > > 003) endif > > > > > > > > > > > > * Rule 001 will match a specific header. > > > > * Rule 002 will match 127.0.xxx.xxx > > > > * 127.0.xxx.xxx could be anchored with ^ but the rule/if-condition in > > > > 001 is already taking care of that 127.0.xxx.xxx is not part of the > > > > header name. So you can shorten the regexp to just "/\b(<ip you > > > > check/rule>)/b REJECT blah-blah-blah" > > > > > > Indeed, on second thought the anchoring is useless in individual rules, > > > making it much more readable/managable. > > > > > > Thanks for taking to time to de-parse my giga-rule into its component > > > parts! > > > > In theory that's quite inefficient. > > > What is inefficient? The combining of rules or the splitting?
Executing a bunch of expressions instead of one.
