Greg Klanderman: > >>>>> On August 14, 2020 Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > > > This is of those rare cases where the documentation is now in error. In > > order to improve backwards compatibility with postfix prior to 2.10, the > > order of evaluation was changed in postfix-3.3-20180106 to evaluate the > > recipient restrictions first. > > > This should perhaps be configurable, so that if one has correctly set up > > the relay restrictions, they would be evaluated first as expected and > > currently documented... > > Viktor, was there discussion on the mailing lists about this when the > change was made? Any context I can read? Was it a conscious decision > not to update the documentation? > > So what do you / Wietse think would be the best way forward? It does > seem to make more sense for smtpd_relay_restrictions to come first as > documented. I don't entirely understand why it was deemed more > compatible to evaluate the recipient restrictions first, but some > options are: > > * add a variable to control the order > > * base the order on the compatibility_level
The proper fix is to use the compatibility_level safety net, with a new paremeter that specifies the evaluation order, and whose default setting depends on the compatibility_level setting. If the compatibility_level setting is below a threshold, and the evaluation order is not set, then use the current evaluation order and log a warning as in http://www.postfix.org/COMPATIBILITY_README.html > * if smtpd_relay_restrictions has been set (not defaulted) evaluate it > first That is unclean, as it would change the meaning of smtpd_relay_restrictions when the user specifies its default value in main.cf. No Postfix parameter setting behaves like that. Wietse
