The "access-file" option exists for several reasons. While it's true tcpserver uses that file and sets the environment variables, not everyone uses tcpserver (most notably, Plesk uses xinetd instead). Some administrators may have complex configurations that need to use multiple/different files in ways I can't predict. Prior to version 4.0, the "access-file" option was required in combination with the "local-domains-file" option so spamdyke could enforce relaying restrictions (version 4.0 added the "relay-level" flag to make this setting more explicit). The biggest reason, however, is that spamdyke is going to read the file and I didn't want to just hardcode the filename into the program. When in doubt, I prefer to make things configurable and that's what I did.
With all of that having been said, most people don't need to use the "access-file" option. When they do, most people use the value "/etc/tcp.smtp" so they only have one file to keep updated. -- Sam Clippinger Davide D'Amico wrote: > So why there is an access-file option? > If I would set env vars (like RELAYCLIENT or others) I have to use > /etc/tcp.smtp (or other var specified as param in tcpserver). > > I don't understand the need of this option. > > d. > > > 2008/10/7 Sam Clippinger <[EMAIL PROTECTED]>: > >> This behavior is correct. Incoming SMTP connections are accepted by >> tcpserver, which reads the /etc/tcp.smtp(.cdb) file and sets the >> environment variable "RELAYCLIENT" for all connections. Because that >> variable is set, spamdyke allows the remote server to relay messages. >> >> -- Sam Clippinger >> >> Davide D'Amico wrote: >> >>> I am using spamdyke and I have a problem with access file. >>> >>> I use: >>> dflybsd# more /etc/tcp.smtp >>> :allow,RELAYCLIENT="" >>> dflybsd# >>> >>> And: >>> >>> dflybsd# more /usr/local/vpopmail/tcp.smtp >>> 127.0.0.1:allow,RELAYCLIENT="" >>> :allow >>> >>> This is my spamdyke.conf: >>> >>> dflybsd# more /usr/local/etc/spamdyke.conf >>> log-level=excessive >>> access-file=/usr/local/vpopmail/tcp.smtp >>> local-domains-file=/var/qmail/control/rcpthosts >>> smtp-auth-command=/usr/local/vpopmail/bin/vchkpw /usr/bin/true >>> smtp-auth-level=always-encrypted >>> rejection-text-auth-failure=Utente sconosciuto >>> tls-level=smtp >>> tls-certificate-file=/usr/local/vpopmail/servercert.pem >>> >>> filter-level=normal >>> relay-level=normal >>> max-recipients=40 >>> hostname=dflybsd.sede.televas.it >>> policy-url=http://www.televas.it/sendreport/ >>> >>> And this is my qmail-smtpd/run: >>> #!/bin/sh >>> >>> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` >>> LOCAL=`head -1 /var/qmail/control/me` >>> >>> exec /usr/local/bin/softlimit -m 40000000 \ >>> /usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c >>> "$MAXSMTPD" -u 89 -g 89 0 smtp \ >>> /usr/local/vbin/spamdyke --run-as-user vpopmail:vchkpw -f >>> /usr/local/etc/spamdyke.conf \ >>> /var/qmail/bin/qmail-smtpd 2>&1 >>> >>> This server has IP address 10.0.0.242. >>> If I try to relay from 10.0.0.17, it accepts email. >>> Is it the right behaviour? I think no because of >>> /usr/local/vpopmail/tcp.smtp. >>> Ideas? >>> >>> Thanks, >>> d. >>> _______________________________________________ >>> spamdyke-users mailing list >>> [email protected] >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>> >>> >> _______________________________________________ >> spamdyke-users mailing list >> [email protected] >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> >> > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
