[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: smtp-policy q-s and wishes

To: Eugene Crosser <crosser@online.ru>
Subject: Re: smtp-policy q-s and wishes
From: Matti Aarnio <mea@nic.funet.fi>
Date: Wed, 14 Feb 2001 22:26:44 +0200
Cc: zmailer@nic.funet.fi
In-Reply-To: <ML-3.4.982081294.886.crosser@ariel.sovam.com>; from crosser@online.ru on Tue, Feb 13, 2001 at 07:21:34PM +0300
References: <20010213153008.F23011@nic.funet.fi> <ML-3.4.982081294.886.crosser@ariel.sovam.com>

On Tue, Feb 13, 2001 at 07:21:34PM +0300, Eugene Crosser wrote:
> about relaying policy:
> 
> >   The more I think of it, I think it really begins to need a script
> >   facility for this use, not only simple attributes + hardcoded logic
> >   about the order of things.
> 
> I always felt that attribute model is not very convenient.
> I would prefer something like this:

   Hmm..  Why not, do you have spare cycles to implement it ?
   I am pushing my cycles on wrestling the ZMailer Manual SGML,
   now that I can produce nice printout *and* HTML properly
   from same source.

   This "something" needs some statements to bind dbases (e.g. what
   is "localnames"?)

   Syntactic details like should there be  $(thing to evaluate)  or
   just  (thing to evaluate)   are matters of taste -- I prefer $(...).
   How can multiple variables be set ?  Are they just boolean flags,
   or perhaps e.g. RBL database lookup yields text ?

   Set value (as opposed to unset/0) could evaluate as:
         $hostile
   in test, and lead to text expansion in deny message.

   Could the same machinery be extended to be message-content filter ?
   (I mean these function evaluators)

> PHASE initial
> 	* unset relay
> PHASE connection
> 	[10.0.0.0]/8 deny "Connections from private networks not accepted"
> 	[123.45.67.0]/24 set customernet
> 	(checkdb custnetworks) set customernet
> 	[87.76.0.0]/16 set hostile
> PHASE helo
> 	# nothing
> PHASE mailfrom
> 	(! resolvable) deny "From domain must resolve"
> PHASE rcptto
> 	(checkdb localnames) set islocal
> 	(/^postmaster@/ & ?islocal) accept
> 	?hostile deny "Your netblock is barred"
> 	?islocal accept
> 	(checkdb mxrelay) accept
> 	?customernet accept
> 	* deny "Relaying denied"
> 
> (just to get an idea) - you would see which checks are performed at which
> time.  Every check can either terminate session with error response or
> set/unset named flag.  At later stages, these flags can be checked.
> 
> Each check could match variable available at this phase against regexp,
> look it up in a database, or just see if a particular flag is set or unset.
> 
> Eugene

-- 
/Matti Aarnio	<mea@nic.funet.fi>

Follow-Ups:
- Re: smtp-policy q-s and wishes
  - From: Eugene Crosser <crosser@online.ru> (Thu, 15 Feb 2001 10:38:36 +0200)

References:
- Re: smtp-policy q-s and wishes
  - From: Matti Aarnio <mea@nic.funet.fi>
- Re: smtp-policy q-s and wishes
  - From: Eugene Crosser <crosser@online.ru>

Prev by Date: zmailer fqdnaliases
Next by Date: Re: zmailer fqdnaliases
Prev by thread: Re: smtp-policy q-s and wishes
Next by thread: Re: smtp-policy q-s and wishes
Index(es):
- Date
- Thread