Le 05/11/2010 10:03, Vincent Lefevre a écrit :
[hash/cdb/...]
- if parent_domain_matches_subdomains contains smtpd_access: here, the
search list is
S = ( lab1.lab2.lab3.example.com, lab2.lab3.example.com,
lab3.example.com ..., com, 1.2.3.4, 1.2.3, 1.2, 1 )
so postfix will search for each
Le 05/11/2010 09:48, Vincent Lefevre a écrit :
On 2010-11-04 23:36:04 -0300, Reinaldo de Carvalho wrote:
On Thu, Nov 4, 2010 at 11:13 PM, Vincent Lefevrevinc...@vinc17.net wrote:
Yes, it will generate *some* lookups, but it doesn't say exactly
*which* lookups. That was precisely my question.
On 2010-11-04 23:36:04 -0300, Reinaldo de Carvalho wrote:
On Thu, Nov 4, 2010 at 11:13 PM, Vincent Lefevre vinc...@vinc17.net wrote:
Yes, it will generate *some* lookups, but it doesn't say exactly
*which* lookups. That was precisely my question.
- client hostname (reverse dns hostname)
-
On 2010-11-05 06:21:20 +0100, mouss wrote:
in short, for each map, you have multiple parameters:
- the map type
- the search context (check_client_access, check_sender_acces, ...
transport, virtual_alias_maps, ... etc)
- the list of search keys
[...]
Thanks a lot for this very detailed
Vincent Lefevre put forth on 11/5/2010 4:03 AM:
Testing the tld alone seems to be excluded by the access(5) man page,
which only documents domain.tld, i.e. the pattern must contain
at least one dot. Is it an error in the man page (which could say
domain instead, like in Section Email address
В Срд, 03/11/2010 в 22:16 -0500, Noel Jones пишет:
On 11/3/2010 10:00 PM, Vincent Lefevre wrote:
On 2010-11-03 21:40:54 -0500, Noel Jones wrote:
.domain.tld only works if parent_domain_matches_subdomains does NOT
include smtpd_access maps.
The man page says nothing like that. So, the
Le 04/11/2010 05:24, Noel Jones a écrit :
On 11/3/2010 11:07 PM, Vincent Lefevre wrote:
BTW, so, there is no way to match only subdomains (by that, I mean
all possible subdomains, but not the domain itself) without changing
parent_domain_matches_subdomains?
That's correct with indexed tables.
Zitat von Покотиленко Костик cas...@meteor.dp.ua:
В Срд, 03/11/2010 в 22:16 -0500, Noel Jones пишет:
On 11/3/2010 10:00 PM, Vincent Lefevre wrote:
On 2010-11-03 21:40:54 -0500, Noel Jones wrote:
.domain.tld only works if parent_domain_matches_subdomains does NOT
include smtpd_access maps.
В Чтв, 04/11/2010 в 10:44 +0100, lst_ho...@kwsoft.de пишет:
Zitat von Покотиленко Костик cas...@meteor.dp.ua:
В Срд, 03/11/2010 в 22:16 -0500, Noel Jones пишет:
On 11/3/2010 10:00 PM, Vincent Lefevre wrote:
On 2010-11-03 21:40:54 -0500, Noel Jones wrote:
.domain.tld only works if
On 2010-11-04 10:44:34 +0100, lst_ho...@kwsoft.de wrote:
The access(5) man page says:
domain.tld
Matches domain.tld.
The pattern domain.tld also matches subdomains, but only
when the string smtpd_access_maps is listed in the Postfix
Vincent Lefevre:
On 2010-11-04 10:44:34 +0100, lst_ho...@kwsoft.de wrote:
The access(5) man page says:
domain.tld
Matches domain.tld.
The pattern domain.tld also matches subdomains, but only
when the string smtpd_access_maps is listed in
On Thu, Nov 04, 2010 at 10:56:57AM -0400, Wietse Venema wrote:
Vincent Lefevre:
On 2010-11-04 10:44:34 +0100, lst_ho...@kwsoft.de wrote:
The access(5) man page says:
domain.tld
Matches domain.tld.
The pattern domain.tld also matches subdomains,
On 2010-11-04 10:28:00 -0500, /dev/rob0 wrote:
On Thu, Nov 04, 2010 at 10:56:57AM -0400, Wietse Venema wrote:
I can replace that Otherwise... sentence by a separate list item.
domain.tld
Matches domain.tld.
The pattern domain.tld also matches
Le 04/11/2010 05:07, Vincent Lefevre a écrit :
On 2010-11-03 22:55:59 -0500, Noel Jones wrote:
I'm so sorry you lost your twitter post.
Actually I might have lost other mail (though this is a bit unlikely)
since I was generally using an initial dot.
a good idea is to include both dotted and
On Thu, Nov 04, 2010 at 05:02:25PM +0100, Vincent Lefevre wrote:
I still think that it's a bit ambiguous, because I was seeing
.domain.tld as a subcase of domain.tld
This objection is spurious, and constitutes trolling. Please do not feed
the trolls.
For the record, elementary logic:
If
On 2010-11-04 17:18:17 +0100, mouss wrote:
otherwise, you can do whatever you want with pcre:
/\.example\.com$/OK
or with sql or ldap.
For pcre, the man page is not clear. It says:
Each pattern is a regular expression that is applied to the entire
string being looked up.
Vincent Lefevre put forth on 11/4/2010 6:04 PM:
On 2010-11-04 17:18:17 +0100, mouss wrote:
otherwise, you can do whatever you want with pcre:
/\.example\.com$/OK
or with sql or ldap.
For pcre, the man page is not clear. It says:
Each pattern is a regular expression that is
On 2010-11-04 19:06:57 -0500, Stan Hoeppner wrote:
check_client_access pcre:/etc/postfix/filter.pcre
check_sender_access pcre:/etc/postfix/filter.pcre
check_recipient_accesspcre:/etc/postfix/filter.pcre
As you can see, this is defined by the smtpd_foo_restriction you target
the
Vincent Lefevre:
On 2010-11-04 19:06:57 -0500, Stan Hoeppner wrote:
check_client_access pcre:/etc/postfix/filter.pcre
check_sender_access pcre:/etc/postfix/filter.pcre
check_recipient_access pcre:/etc/postfix/filter.pcre
As you can see, this is defined by the smtpd_foo_restriction
On 11/05/2010 01:26 AM, Vincent Lefevre wrote:
On 2010-11-04 19:06:57 -0500, Stan Hoeppner wrote:
check_client_access pcre:/etc/postfix/filter.pcre
check_sender_access pcre:/etc/postfix/filter.pcre
check_recipient_access pcre:/etc/postfix/filter.pcre
As you can see, this is
On 2010-11-04 20:33:11 -0400, Wietse Venema wrote:
check_client_access searches the address and domain with ALL lookup
table types. It just doesn't do the substring lookups with PCRE,
REGEXP and CIDR.
If I understand correctly, there's another difference: in the default
table format, the
On 2010-11-05 01:38:37 +0100, Jeroen Geilman wrote:
*REGULAR EXPRESSION TABLES*
This section describes how the table lookups change when
the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax,
On 11/05/2010 01:57 AM, Vincent Lefevre wrote:
On 2010-11-05 01:38:37 +0100, Jeroen Geilman wrote:
*REGULAR EXPRESSION TABLES*
This section describes how the table lookups change when
the table is given in the form of regular expressions. For
a description of
On 2010-11-05 02:29:53 +0100, Jeroen Geilman wrote:
If you combine
Each pattern is a regular expression that is applied to the entire string
being looked up.
with
*
check_client_access /type:table
http://www.postfix.org/DATABASE_README.html/*
Search the specified access
On Thu, Nov 4, 2010 at 10:42 PM, Reinaldo de Carvalho
reinal...@gmail.com wrote:
check_client_access type:table
Search the specified access database for the client hostname,
parent domains, client IP address, or networks obtained by stripping
least significant octets. See the access(5)
Vincent Lefevre put forth on 11/4/2010 7:49 PM:
On 2010-11-04 20:33:11 -0400, Wietse Venema wrote:
check_client_access searches the address and domain with ALL lookup
table types. It just doesn't do the substring lookups with PCRE,
REGEXP and CIDR.
If I understand correctly, there's another
On 2010-11-04 23:06:17 -0300, Reinaldo de Carvalho wrote:
On Thu, Nov 4, 2010 at 10:42 PM, Reinaldo de Carvalho
reinal...@gmail.com wrote:
check_client_access type:table
Search the specified access database for the client hostname,
parent domains, client IP address, or networks
On Thu, Nov 4, 2010 at 11:13 PM, Vincent Lefevre vinc...@vinc17.net wrote:
On 2010-11-04 23:06:17 -0300, Reinaldo de Carvalho wrote:
On Thu, Nov 4, 2010 at 10:42 PM, Reinaldo de Carvalho
reinal...@gmail.com wrote:
check_client_access type:table
Search the specified access database for
Le 05/11/2010 00:04, Vincent Lefevre a écrit :
On 2010-11-04 17:18:17 +0100, mouss wrote:
otherwise, you can do whatever you want with pcre:
/\.example\.com$/OK
or with sql or ldap.
For pcre, the man page is not clear. It says:
Each pattern is a regular expression that is
Hi,
It seems that I've found a serious bug in check_client_access
(or something is missing in the documentation).
A message was blocked with the following in the log:
Nov 3 21:16:55 ioooi postfix/smtpd[15423]: NOQUEUE: reject: RCPT from
mx003.twitter.com[128.121.146.152]: 554 5.7.1 Service
Vincent Lefevre:
As .twitter.com matches subdomains, it should have matched
What documentation supports this?
On 2010-11-03 22:00:21 -0400, Wietse Venema wrote:
Vincent Lefevre:
As .twitter.com matches subdomains, it should have matched
What documentation supports this?
The access(5) man page says:
domain.tld
Matches domain.tld.
The pattern domain.tld also matches
On Thu, Nov 04, 2010 at 03:08:03AM +0100, Vincent Lefevre wrote:
On 2010-11-03 22:00:21 -0400, Wietse Venema wrote:
Vincent Lefevre:
As .twitter.com matches subdomains, it should have matched
What documentation supports this?
The access(5) man page says:
domain.tld
On 2010-11-03 21:21:24 -0500, /dev/rob0 wrote:
On Thu, Nov 04, 2010 at 03:08:03AM +0100, Vincent Lefevre wrote:
On 2010-11-03 22:00:21 -0400, Wietse Venema wrote:
Vincent Lefevre:
As .twitter.com matches subdomains, it should have matched
What documentation supports this?
The
On 11/3/2010 9:36 PM, Vincent Lefevre wrote:
On 2010-11-03 21:21:24 -0500, /dev/rob0 wrote:
On Thu, Nov 04, 2010 at 03:08:03AM +0100, Vincent Lefevre wrote:
On 2010-11-03 22:00:21 -0400, Wietse Venema wrote:
Vincent Lefevre:
As .twitter.com matches subdomains, it should have matched
What
On Thu, Nov 04, 2010 at 03:36:30AM +0100, Vincent Lefevre wrote:
On 2010-11-03 21:21:24 -0500, /dev/rob0 wrote:
On Thu, Nov 04, 2010 at 03:08:03AM +0100, Vincent Lefevre wrote:
On 2010-11-03 22:00:21 -0400, Wietse Venema wrote:
Vincent Lefevre:
As .twitter.com matches subdomains, it
On Thu, 2010-11-04 at 03:36:30 +0100, Vincent Lefevre wrote:
On 2010-11-03 21:21:24 -0500, /dev/rob0 wrote:
On Thu, Nov 04, 2010 at 03:08:03AM +0100, Vincent Lefevre wrote:
On 2010-11-03 22:00:21 -0400, Wietse Venema wrote:
Vincent Lefevre:
As .twitter.com matches subdomains, it
On 2010-11-03 21:44:00 -0500, /dev/rob0 wrote:
On Thu, Nov 04, 2010 at 03:36:30AM +0100, Vincent Lefevre wrote:
On 2010-11-03 21:21:24 -0500, /dev/rob0 wrote:
On Thu, Nov 04, 2010 at 03:08:03AM +0100, Vincent Lefevre wrote:
On 2010-11-03 22:00:21 -0400, Wietse Venema wrote:
Vincent
On 2010-11-03 21:40:54 -0500, Noel Jones wrote:
.domain.tld only works if parent_domain_matches_subdomains does NOT
include smtpd_access maps.
The man page says nothing like that. So, the documentation should be
fixed.
--
Vincent Lefèvre vinc...@vinc17.net - Web: http://www.vinc17.net/
100%
On 11/3/2010 10:00 PM, Vincent Lefevre wrote:
On 2010-11-03 21:40:54 -0500, Noel Jones wrote:
.domain.tld only works if parent_domain_matches_subdomains does NOT
include smtpd_access maps.
The man page says nothing like that. So, the documentation should be
fixed.
The vast majority of
On 2010-11-03 22:16:48 -0500, Noel Jones wrote:
On 11/3/2010 10:00 PM, Vincent Lefevre wrote:
On 2010-11-03 21:40:54 -0500, Noel Jones wrote:
.domain.tld only works if parent_domain_matches_subdomains does NOT
include smtpd_access maps.
The man page says nothing like that. So, the
On 11/3/2010 10:50 PM, Vincent Lefevre wrote:
Actually if a documentation is incorrect/incomplete, it is a bug in
the documentation. And FYI, the consequence was a lost mail. So, this
is quite serious.
I'm so sorry you lost your twitter post. The access map
format you're looking for is
On 2010-11-03 22:55:59 -0500, Noel Jones wrote:
I'm so sorry you lost your twitter post.
Actually I might have lost other mail (though this is a bit unlikely)
since I was generally using an initial dot.
The access map format you're looking for is
twitter.com OK
Thanks for the information.
On 11/3/2010 11:07 PM, Vincent Lefevre wrote:
BTW, so, there is no way to match only subdomains (by that, I mean
all possible subdomains, but not the domain itself) without changing
parent_domain_matches_subdomains?
That's correct with indexed tables. With regexp or pcre
tables there is no
44 matches
Mail list logo
