Re: header/body_checks as end-of-data checks (was: how to bypass milters, whitelist hosts)

martin f krafft: > also sprach Wietse Venema [2009.05.23.1442 +0200]: > > Before making architectural recommendations, it would help to step > > back into the reality of how policy servers and milters work. For > > one thing, policy servers don't handle message content, and for > > another, Milte

Re: how to bypass milters, whitelist hosts

also sprach Kouhei Sutou [2009.05.25.1254 +0200]: > What format are you using for whitelist? [...] > It seems that access(5) format support is useful. > I'll add access(5) support to milter manager in the next > stable release. cidr_table(5) would make more sense. -- martin | http://madduck.net

Re: how to bypass milters, whitelist hosts

Hi, In <20090525095136.gb24...@piper.oerlikon.madduck.net> "Re: how to bypass milters, whitelist hosts" on Mon, 25 May 2009 11:51:36 +0200, martin f krafft wrote: > also sprach Kouhei Sutou [2009.05.25.0148 +0200]: >> milter manager is placed at be

Re: how to bypass milters, whitelist hosts

also sprach Kouhei Sutou [2009.05.25.0148 +0200]: > milter manager is placed at between Postfix and milters: > > Postfix <-milter protocol-> milter manager <-milter protocol-> > milters > > milter manager can bypass your milter if connected host is > whitelisted host. While this is definite

Re: how to bypass milters, whitelist hosts

also sprach Robert Schetterer [2009.05.23.2244 +0200]: > Hi Martin, after all most milters have option to whitelist hosts > itself why dont use it Because it means I have to maintain redunant list of exempt hosts. -- martin | http://madduck.net/ | http://two.sentenc.es/ "die zeit für kleine p

Re: how to bypass milters, whitelist hosts

also sprach Wietse Venema [2009.05.23.1442 +0200]: > Before making architectural recommendations, it would help to step > back into the reality of how policy servers and milters work. For > one thing, policy servers don't handle message content, and for > another, Milters must be able to see ever

header/body_checks as end-of-data checks (was: how to bypass milters, whitelist hosts)

also sprach Wietse Venema [2009.05.23.1442 +0200]: > Before making architectural recommendations, it would help to step > back into the reality of how policy servers and milters work. For > one thing, policy servers don't handle message content, and for > another, Milters must be able to see ever

Re: how to bypass milters, whitelist hosts

Hi, In <20090522135110.ga...@piper.oerlikon.madduck.net> "how to bypass milters, whitelist hosts" on Fri, 22 May 2009 15:51:10 +0200, martin f krafft wrote: > how can I bypass smtpd_milters for certain hosts? > > I have asked a related question previously [0]

Re: how to bypass milters, whitelist hosts

Wietse Venema schrieb: > martin f krafft: >> also sprach Sahil Tandon [2009.05.23.0037 +0200]: Why are *_checks and *_milters not end-of-data restrictions, or better yet, policy services? >>> One example: 1.2.3.4 is rejected in an access(5) table referenced >>> in smtpd_client_restrictio

Re: how to bypass milters, whitelist hosts

martin f krafft: > also sprach Sahil Tandon [2009.05.23.0037 +0200]: > > > Why are *_checks and *_milters not end-of-data restrictions, or > > > better yet, policy services? > > > > One example: 1.2.3.4 is rejected in an access(5) table referenced > > in smtpd_client_restrictions. Why wait for E

Re: how to bypass milters, whitelist hosts

martin f krafft a écrit : also sprach Sahil Tandon [2009.05.23.0037 +0200]: Why are *_checks and *_milters not end-of-data restrictions, or better yet, policy services? One example: 1.2.3.4 is rejected in an access(5) table referenced in smtpd_client_restrictions. Why wait for END-OF-DATA whe

Re: how to bypass milters, whitelist hosts

also sprach Sahil Tandon [2009.05.23.0037 +0200]: > > Why are *_checks and *_milters not end-of-data restrictions, or > > better yet, policy services? > > One example: 1.2.3.4 is rejected in an access(5) table referenced > in smtpd_client_restrictions. Why wait for END-OF-DATA when you > know, i

Re: how to bypass milters, whitelist hosts

On Fri, 22 May 2009, martin f krafft wrote: > also sprach Wietse Venema [2009.05.22.1826 +0200]: > > > how can I bypass smtpd_milters for certain hosts? > > > > Not. This question is related to the following question: how > > can I change the Milter depending on the client host. > > Why are *_

Re: how to bypass milters, whitelist hosts

also sprach Wietse Venema [2009.05.22.1826 +0200]: > > how can I bypass smtpd_milters for certain hosts? > > Not. This question is related to the following question: how > can I change the Milter depending on the client host. Right, but I cannot really find anything on that either. Why are *_c

Re: how to bypass milters, whitelist hosts

martin f krafft: > Hi, > > how can I bypass smtpd_milters for certain hosts? Not. This question is related to the following question: how can I change the Milter depending on the client host. Wietse

how to bypass milters, whitelist hosts

Hi, how can I bypass smtpd_milters for certain hosts? I have asked a related question previously [0], and the only solution seemed to be to redirect those hosts to a different smtpd instance, but unfortunately, Linux cannot redirect IPv6 connections yet (TPROXY is in preparation). 0. http://www.