Hi >>[snip] >> as knobs for global default overrides, which can be overriden at the >> rule level, like we do for "expire" > >All good points, and I'm inclined to agree with you that we receive >some nice granularity by doing it on accept rather than on listen >(since you've already solved the context issue I mentioned). One >further suggestion along the same lines as your preference: > >What about unifying the global override with the rule-based config, to >have one line that's something like: > >bounce from [email protected] with-body expire 4d >bounce to [email protected] only-headers expire 5w >bounce to @blah.org only-headers expire 20m >bounce from @where.org with-body expire 8d >bounce only-headers expire 1d
Is this in addition to the "accept" rules previously discussed or instead of it? >And this would use the same rule based "first match" logic as all >others. The precise meanings of "to" and "from" will need to be >refined a bit further, but this is the general idea. What do you think >of that? First match feels OK to me in cases where processing stops on that line, but if processing continues then pf-like last match seems a better fit to me. Given the similarities in the feel of the conf file to pf.conf I would try to tend towards that (well tested) model where possible to try and keep the confusion for new users as low as possible. Regards JC -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
