[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: smtp-policy q-s and wishes

To: Matti Aarnio <mea@nic.funet.fi>
Subject: Re: smtp-policy q-s and wishes
From: Eugene Crosser <crosser@online.ru>
Date: Tue, 13 Feb 2001 19:21:34 +0300 (MSK)
cc: zmailer@nic.funet.fi
In-Reply-To: <20010213153008.F23011@nic.funet.fi>
Reply-To: Eugene Crosser <crosser@online.ru>
Sender: crosser@ariel.sovam.com

about relaying policy:

>   The more I think of it, I think it really begins to need a script
>   facility for this use, not only simple attributes + hardcoded logic
>   about the order of things.

I always felt that attribute model is not very convenient.
I would prefer something like this:

PHASE initial
	* unset relay
PHASE connection
	[10.0.0.0]/8 deny "Connections from private networks not accepted"
	[123.45.67.0]/24 set customernet
	(checkdb custnetworks) set customernet
	[87.76.0.0]/16 set hostile
PHASE helo
	# nothing
PHASE mailfrom
	(! resolvable) deny "From domain must resolve"
PHASE rcptto
	(checkdb localnames) set islocal
	(/^postmaster@/ & ?islocal) accept
	?hostile deny "Your netblock is barred"
	?islocal accept
	(checkdb mxrelay) accept
	?customernet accept
	* deny "Relaying denied"

(just to get an idea) - you would see which checks are performed at which
time.  Every check can either terminate session with error response or
set/unset named flag.  At later stages, these flags can be checked.

Each check could match variable available at this phase against regexp,
look it up in a database, or just see if a particular flag is set or unset.

Eugene

Follow-Ups:
- Re: smtp-policy q-s and wishes
  - From: Matti Aarnio <mea@nic.funet.fi> (Wed, 14 Feb 2001 22:27:03 +0200)

References:
- Re: smtp-policy q-s and wishes
  - From: Matti Aarnio <mea@nic.funet.fi>

Prev by Date: Re: Peter Pereira
Next by Date: Mail to program disallowed
Prev by thread: Re: smtp-policy q-s and wishes
Next by thread: Re: smtp-policy q-s and wishes
Index(es):
- Date
- Thread