On Sunday, August 18, 2013 at 9:59 PM, Simon Hobson wrote:
> Zhang Huangbin wrote:
> > Let's say we have an incoming email which match 2 policies: priority=3
> > (Default Inbound) will apply greylisting on it and priority=100 (my custom
> > rule, disable greylisting for certain local domains/users) will not apply
> > greylisting for this incoming email. As wiki mentioned, Cluebringer will
> > process rule priority=0 first, then rule priority=100. But will it stop at
> > first matched rule (proirity=0, apply greylisting)? Or last one
> > (priority=100, no greylisting)?
>
>
> Personally the way I've tackled this is to ensure that policy members are
> mutually exclusive. Lets say that policy 100 latches members of group "vip",
> then make policy 3 match (as well as whatever it already does) "not member of
> vip". So the membership criteria for policy 3 would be "<whatever you have
> now>,!%vip".
Hi Simon,
Thanks for your reply especially in weekend, but your answer doesn't answer my
question: which policy takes the final action.
My original purpose is:
1) Have a default policy to enable greylisting for all inbound emails.
2) Have a policy to disable greylisting for some local domains/users. For
example, user@my_domain.com.
Obviously, i expect Cluebringer to disable greylisting for user@my_domain.com,
you cannot exclusive local user in policy group %internal_domains.
Below are my policy to disable greylisting per-domain/per-user if you're
interested. As you can see, i set priority=20 for my policy, it's lower
priority than 'Default Inbound' (priority=10), and it works as (I) expected. I
just hope someone can clearly explain how Cluebringer work with priority.
-- Enable greylisting for all inbound email by default.
INSERT INTO greylisting (PolicyID, Name, UseGreylisting, GreylistPeriod, Track,
GreylistAuthValidity, GreylistUnAuthValidity, UseAutoWhitelist,
AutoWhitelistPeriod, AutoWhitelistCount, AutoWhitelistPercentage,
UseAutoBlacklist, AutoBlacklistPeriod, AutoBlacklistCount,
AutoBlacklistPercentage, Comment, Disabled) VALUES (3, 'Greylisting Inbound
Emails', 1, 240, 'SenderIP:/24', 604800, 86400, 1, 604800, 100, 90, 1, 604800,
100, 20, '', 0);
-- Create policy 'no_greylisting' to bypass greylisting for certain
domain/users.
INSERT INTO policies (Name, Priority, Disabled, Description)
VALUES ('no_greylisting', 20, 0, 'Disable grelisting for certain domain and
users');
INSERT INTO policy_groups (Name, Disabled) VALUES ('no_greylisting', 0);
INSERT INTO policy_members (PolicyID, Source, Destination, Disabled)
SELECT id, '!%internal_ips,!%internal_domains', '%no_greylisting', 0
FROM policies WHERE name='no_greylisting' LIMIT 1;
-- Disable greylisting for policy group %no_greylisting
INSERT INTO greylisting (PolicyID, Name, UseGreylisting, Track,
UseAutoWhitelist, AutoWhitelistCount, AutoWhitelistPercentage,
UseAutoBlacklist, AutoBlacklistCount, AutoBlacklistPercentage, Disabled)
SELECT id, 'no_greylisting', 0, 'SenderIP:/32', 0, 0, 0, 0, 0, 0, 0
FROM policies WHERE name='no_greylisting' LIMIT 1;
-- Sample: Disable greylisting for user 'user@my_domain.com'
INSERT INTO policy_group_members (PolicyGroupID, Member, Disabled)
SELECT id, 'user@my_domain.com', 0 FROM policy_groups
WHERE name='no_greylisting' LIMIT 1;
_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
