W B Hacker, 2011-10-27 07:51: > Ah - forgot to mention one of the BASIC conventions: > > Any 'deny class' verb is permanent. Session having been terminated, > no later 'accept' could possibly act. > > An 'accept' OTOH is *temporary* .. > ...unless it is the LAST one to act in acl_smtp_data. > 'endpass' after an 'accept' can skip all remaining clauses in a > given phase.
This is not true. http://www.exim.org/exim-html-current/doc/html/spec_html/ch40.html#SECID200 says: > accept: If all the conditions are met, the ACL returns “accept”. i.e., a successful (i.e., all conditions were met) "accept" skips the remaining ACL entries. And just after that about "endpass": > If any of the conditions are not met, what happens depends on whether > endpass appears among the conditions (for syntax see below). If the > failing condition is before endpass, control is passed to the next > ACL statement; if it is after endpass, the ACL returns “deny”. So, "accept" really means "accept", for the current ACL. endpass may be handy for some situations, but it's just too mind-boggling (an accept turned into a deny, wtf?), so, as the spec says: > current “best practice” is to avoid the use of endpass. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
