[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: smtp-policy q-s and wishes
about relaying policy:
> The more I think of it, I think it really begins to need a script
> facility for this use, not only simple attributes + hardcoded logic
> about the order of things.
I always felt that attribute model is not very convenient.
I would prefer something like this:
* unset relay
[10.0.0.0]/8 deny "Connections from private networks not accepted"
[22.214.171.124]/24 set customernet
(checkdb custnetworks) set customernet
[126.96.36.199]/16 set hostile
(! resolvable) deny "From domain must resolve"
(checkdb localnames) set islocal
(/^postmaster@/ & ?islocal) accept
?hostile deny "Your netblock is barred"
(checkdb mxrelay) accept
* deny "Relaying denied"
(just to get an idea) - you would see which checks are performed at which
time. Every check can either terminate session with error response or
set/unset named flag. At later stages, these flags can be checked.
Each check could match variable available at this phase against regexp,
look it up in a database, or just see if a particular flag is set or unset.