Barry Warsaw writes: > On Jul 11, 2013, at 03:23 AM, Stephen J. Turnbull wrote:
> >This is somewhat problematic. DMARC results are potentially > >trivalent. If action is "reject" and pct is less than 100, some hits > >are "rejects" and some are "quarantine". Misses are misses. So I > >guess you do this with a chain of two rules, the first one verifying > >the message and if that hits (ie, verification fails) the second one > >rolls the dice for pct. > > While ugly, that might be the best we can do for now. Verbose, yes. Is it really ugly, though? I don't know how much you were directly influenced by iptables and SIEVE, but the idea of rule chains as a way to very flexibly configure filters has been implemented many times. The model is very simple and completely flexible. > Instead it would jump to a custom (terminal) chain that made the > more specific determination of whether to reject or hold the > message. This is pretty much what I was suggesting. > >Silent discards without content analysis make me queasy. > > Of course, we'd likely log and fire an event, so at least it wouldn't happen > completely silently. No, but it might be many days before the originator gets around to asking why their message hasn't appeared. > Yep. There is some limited ability to do additional checking at LMTP time, > but this isn't pluggable currently. Does LMTP provide the necessary ability to reject? Steve _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9