John Peacock wrote:
> Hans Salvisberg wrote:
>
>> I guess it makes sense to put the checks that are absolutely required
>> (such as checking config("me")) into a plugin that needs to be run in a
>> minimal system to receive /any/ messages at all.
>>
>> OTOH it is pretty wasteful to save the easiest checks for last, and it
>> bothers me to make it so easy for an idiot to fill up my log file...
>>
>
> You are misunderstanding the basic design of the hook structure. All plugins
> should pass DECLINED unless they want to do something either positive or
> negative with any given message.
>
> The rcpt hook is designed specifically to have any number of *negative*
> plugins,
> which either block a message that fails their particular test, or pass
> DECLINED
> so the next plugin gets it's chance to block the message. In this structure,
> you must have at least one *positive* plugin at the end of the chain which
> returns OK for any message that got this far. That's why rcpt_ok exists and
> has
> the instruction to leave it for last.
>
mmh - ok. Why is (the real) relay checking done at last?
E.g. if a local sender wants to relay I don't want to have all the other
checks.Every plugin has to decide whether it's a relay-client - like in sender_permitted_from: return (DECLINED) if $self->qp->connection->relay_client(); That way I have to change every plugin if I add something like check_relay :( And the need for rcpt_ok at last is not flexibel enough to create something like check_sql. Because of that I have disabled rcpt_ok for my system. -- Jens
signature.asc
Description: OpenPGP digital signature
