On Sun, 2015-06-07 at 16:53 -0700, Gordon Messmer wrote: > On 06/07/2015 11:51 AM, Gordon Messmer wrote: > > On 06/07/2015 10:44 AM, Lindsay Haisley wrote: > >> Does such a whitelist spec take precedence over a hit from one of the > >> specified BLACKLISTS in the esmtpd config file? > > > > My understanding was that it did, but the man page for couriertcpd says: > > Double checked. BLACKLISTS specified in the config file are only > checked if BLOCK (or another "BLOCK" variable that you specify) is not > already set. So, yes, the whitelist spec should take precedence.
So, e.g., if I'm using BLOCK2, BLOCK3 and BLOCK4, (but not BLOCK) in the BLACKLISTS list in /etc/courier/esmtpd (I deal with these in a maildrop script) and I have "w.x.y.z<tab>access,BLOCK" in /etc/courier/smtpaccess/webadmin to whitelist w.x.y.z would I not need instead to set _every_ BLOCKn listed in BLACKLISTS? This would mean that my entry in /etc/courier/smtpaccess/whatever would need to be something like: w.x.y.z<tab>access,BLOCK,BLOCK2,BLOCK3,BLOCK4 Is this correct? If I understand the man pages, only this will whitelist an IP address against hits from _all_ the DNS access lists associated with the various BLOCKn variables. > The > documentation could probably be more clear about that... (unless I'm > overlooking something) The documentation is really the product of many years of modifications in the way courier works, and has become pretty convoluted. IMHO it's in need of some serious reorganization. It's really hard to find specific information. The logic of how this _should_ work is pretty simple. Without filtering or blocking, courier accepts everything. Adding filtering or blocking modulates this behavior. Specific exemptions should then easily be able to trump this filtering or blocking just as a more specific whitelist will carve out an exception to, say, a /24 group IP address block. -- Lindsay Haisley | "Never expect the people who caused a problem FMP Computer Services | to solve it." - Albert Einstein 512-259-1190 | http://www.fmp.com | ------------------------------------------------------------------------------ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
