On 04/11/2010 8:22 PM, Karsten Bräckelmann wrote:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6508
In my experience this has been an important feature.
I know of a number of people that have setups like this:
trusted_networks 10.20.30.0/24
internal_networks 10.20.30.0/24 !10.20.30.2/31
Where the /24 covers their MXes and the /31 covers their MSAs.
The above produces a lint warning:
$ spamassassin --lint
warn: netset: cannot exclude 10.20.30.2/31 as it has already been included
Right after me commenting on the bug, I started to wonder and was just
about to ask... What's the purpose of negation, if it generates a lint
warning and claims it cannot be done?
The docs told me. :)
Ironically, I wrote that doc.
Daryl's example probably just was manually typed in a hurry. The docs
say the order is important, and must be reversed. Should work as meant
otherwise.
Yep.
"If a network or host address is prefaced by a ! the network or host
will be excluded (or included) in a first listed match fashion."
The respective example also shows more specific negation first, then the
broader inclusion. Right?
Correct.
I think it'll continue to work with Mark's patch... so the tests are
probably broken. I may have wrote some of them before I decided that
the smaller networks needed to be listed first. Although I still
haven't looked at any of this so am going completely from memory.
Daryl
