[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: percent-hack - any plans?



On 16-Jun-99 at 18:02, Matti Aarnio (mea@nic.funet.fi) wrote:

>      However, I think there should be *some* limit at where to put
>      the limit of what the inline policy test code does, and when to
>      just use e.g. integrated router based policy analysis functions.
>      ("The old way".)   They should still work, although *I* don't
>      use them myself.

A thought:

I agree, and you may remember that advocated this approach when the
policy checking was first introduced :)  Although, I think that
invoking the router from smtpserver to perform smarter checks is
bad idea.  I think that policy checking for more exotic cases (such
as long source-routes, combined with % and ! paths), can and should
be done offline, in the course of regular processing in the router.
In the router scripts, checks may be as sophisticated as at all possible,
and will litter the process table.  The downside is that the remote may
not know that transmission was rejected immediately (or at all), but who
cares?

Eugene