Hello all,
I’ve been digging into restriction lists a bit more and grinding away
on the rationale between seperating restrictions across each of the
first four lists (CLIENT, HELO, SENDER, & RECIPIENT) vs. just placing
them all in RECIPIENT.
Let me also state that yes, I have read the SMTPD_ACCESS_README file -
several times in fact - and also spent a fair amount of time researching
this in the mail-list archives. My research & testing has led me to
understand that regardless of which list issues a REJECT\DEFER, the
result is the exact same — the message is denied. There is no other
implication related to the actual list that issued the REJECT\DEFER.
Therefore, the only rationale I can find to place restrictions in the
separate lists is the following:
* The lists, taken as a group, operate as an AND for PERMIT purposes but
an OR for REJECT\DEFER purposes.
* Therefore, with restrictions in each of the 4 lists, allowed messages
must gather several PERMITs whereas denied messages need only gather 1
REJECT\DEFER.
* Placing all of the rules in only the RECIPIENT list changes this model
to become an OR for both PERMIT as well as REJECT\DEFER purposes.
Did I get this correctly? Or am I horribly off-base and missing
something more relevant here?
Thanks in advance for your feedback…
