On Mon, Mar 10, 2014 at 08:52:26AM +0000, John Cox wrote: > Hi > > >>[snip] > >> as knobs for global default overrides, which can be overriden at the > >> rule level, like we do for "expire" > > > >All good points, and I'm inclined to agree with you that we receive > >some nice granularity by doing it on accept rather than on listen > >(since you've already solved the context issue I mentioned). One > >further suggestion along the same lines as your preference: > > > >What about unifying the global override with the rule-based config, to > >have one line that's something like: > > > >bounce from [email protected] with-body expire 4d > >bounce to [email protected] only-headers expire 5w > >bounce to @blah.org only-headers expire 20m > >bounce from @where.org with-body expire 8d > >bounce only-headers expire 1d > > Is this in addition to the "accept" rules previously discussed or > instead of it? >
this is a different mechanism which would/could facilitate a few things in the future. it needs to be discussed and the semantics layed out before we make any decision in this area. > >And this would use the same rule based "first match" logic as all > >others. The precise meanings of "to" and "from" will need to be > >refined a bit further, but this is the general idea. What do you think > >of that? > > First match feels OK to me in cases where processing stops on that > line, but if processing continues then pf-like last match seems a > better fit to me. > > Given the similarities in the feel of the conf file to pf.conf I would > try to tend towards that (well tested) model where possible to try and > keep the confusion for new users as low as possible. > I don't really agree here, the first match approach is much simpler when dealing with mail because you can view each rule as a template, either an envelope matches the template and goes in or it doesn't match the template and gets rejected. We don't deal with the many strange cases that PF has to deal with and using a first-match approach makes our rules evaluation much much simpler. -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
