On Thu, 13 Dec 2007, Mark Martinec wrote: > The issue is that a reject should not be possible at all, having action > set to 'accept' for all situations, including internal or protocol > failures (-C dns=a,int=a).
Well the real problem is that the header size limit doesn't fall into any of the categories covered by "-C". I'll have to add another. > A verifying milter has no right to reject a message if it isn't > explicitly configured for rejection of non-valid messages. Does a receiving MTA have the right to reject a message with properties it considers to be a possible attack attempt? >> The logging though is a little confusing; if mlfi_header() returns >> SMFIS_REJECT, the recovery of the sending MTA should be graceful. > > It gracefully rejects the message. It must not do that. The earlier remarks in this thread (i.e. from Jukka) suggest the rejection may be causing some other mysterious symptoms. ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
