On Tue, 2004-07-13 at 18:19 +0300, Matti Aarnio wrote: > > > > with your today's change, senderokwithdns check in pt_mailfrom is the > > > > very last, and it is not done if the sender is "authorized". Is it what > > > > was your intention? I think that if one wants to disallow unroutable > > > > "mail from", he wants to do that for all, authorized and non-authorized > > > > senders. And therefore the check should be done very early, maybe even > > > > before "if (state->full_trust) return 0;" around the line 1704. > > > > > > It is a wee bit complicated thing indeed.. > > > > > > When the matter is about remote SPF publisher, who want to be > > > protected, then things are as you say, but when it is about > > > _local_ SPF set, then e.g. users must be able to send out > > > from where-ever they are, as long as they have authenticated.. > > > > Wait, wait! I am not talking about SPF. SPF is at the right place now. > > My note was about senderokwithdns, i.e. validity of "mail from" provided > > by the client. I think that this check should be done regardless of all > > others, should it? > > After a lunch, and a nap on top of it... > > No, the idea with "full-trust" is that nothing will ever get checked. > You are not supposed to use 'full-trust +' attribute for anything, except > very rarest of source systems. (Like wanting admin emails in always, > no matter what..) OK. > Normal level of "customer in our networks" is 'relaycustnet +' which sets > the always_accept flag, and that is tested for just before SPF. > However the 'sender_dns_verify()' is being called in multiple places, > including in the always_accept tests just before the SPF. > > This is what you wanted, wasn't it ? I wanted to check sender_dns_verify() even for authenticated users, and for users coming from trusted networks. Because the earlier a customer is hinted about mistyped "From" address the better. But actually I don't care too much, just thought that it would be the right thing... Eugene
This is a digitally signed message part