Murray, > Well the real problem is that the header size limit doesn't fall into any > of the categories covered by "-C". I'll have to add another.
How about a general catch-all setting, so that instead of having to list each one in -C (including the new ones potentially introduced with later versions), one could specify only one. E.g. instead of "-C dns=a,int=a" one could have something like "-C default=a" (or equivalent in a configuration file). > > A verifying milter has no right to reject a message if it isn't > > explicitly configured for rejection of non-valid messages. > > Does a receiving MTA have the right to reject a message with properties > it considers to be a possible attack attempt? Yes, MTA (or its filters) has this right. But a dedicated filter which is intended to check exactly one aspect of a message has no right to extend its vocation and say: "although I can't say anything about signatures/ssp, I believe this message is harmful to your eyes so I'll just step in and reject it" > > It gracefully rejects the message. It must not do that. > > The earlier remarks in this thread (i.e. from Jukka) suggest the > rejection may be causing some other mysterious symptoms. This could be something else. The rejection didn't cause any problems with MTA in my case, it cleanly logged a reject request and rejected the message. Mark ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
