Hi Sam, At 19:53 07/05/2009 -0500, you wrote: >Actually, this behavior is by design. When a connection is whitelisted, >it bypasses _all_ filters, full stop. There's no such thing as a >"partially whitelisted" connection, which seems to be what you're expecting. > >If I understand your configuration correctly, you want to block >connections from e.g. 11-22-33-44.cable.example.com AND you want >connections from e.g. 11-22-33-44.static.cable.example.com to pass the >keyword filter yet still be subject to all other filters.
Correct. >Unfortunately, that kind of configuration isn't possible in the current >version. If you're feeling adventurous, it shouldn't be too hard to >hack that kind of thing into the code -- I would add a new option that >allows you to specify a file full of "skip" keywords. Then change >filter_ip_in_rdns_blacklist() in filter.c to check the "skip" file >before checking the blacklist file. A whitelisted IP is ok to bypass connection checks. What I need is just an option to force relay check, for smtp authorized connections, because otherwise whitelisting can be a *HIGHLY POTENTIAL* threat and should always be discouraged. I sent you a patch which implements relay-level=always-check, but curiousily it ignores smtp authorized connections for some reason I cannot find. If that worked, it would be sufficient for my purpose. Mirko _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
