Hello Wil,

On Monday, March 31, 2003 at 8:46:37 PM you wrote (at least in part):

>> No, the above wouldn't. Please read this sentence again, and this time
>> completely:
>> "If you want to be a little more aggressive about it, use the 5th line
>> instead of the fourth." (in your example third instead of second).
>> Quite easy: comment the second line out and remove the comment mark on
>> the third line. Rather easy, even for a "copy/paste guy"

> Couldn't tell from your document whether it was a comment or not. The # sign
> isn't globally used by all applications. For instance try using it with
> Bind. Not a pretty sight.

First it wasn't 'may document', it is Matt's :-) Honor to where it
belongs :-)
Second: read the tcprules (_RULES_, not _server_) manual. It's pretty
good written down there what the syntax of a rule file is ... Somehow
important, and it explains as well how tcpserver looks up these rules.

> Maybe replacing "use the 5th line instead of the fourth" with "use
> the 5th line instead of the fourth by uncommenting it" would help
> give the viewer the impression that that # is actually a comment.

'instead of' somehow implements they're exclusive ORed :-) So at worst
one would have simply striped the line out if he didn't know for sure
about comment markers :-)

>> (which shouldn't administer a mail system at all if he don't want
>> to read documentation, but assumes all configuration is "ready to
>> be copied").

> An attempt at humor? :-)

desperate humor? :-)

> =:allow opens the gate wide, then :allow,RBLSMTPD="-Blocked -
> comment" locks out anybody that doesn't have a reverse dns entry
> with a permanent error.

Nope. Reading tcprules.1 would tell you:

=:allow opens the gate for those whose $TCPREMOTEHOST is set.
That has the implication:
- You have to enable reverse DNS lookup for tcpserver (-h or -p and
  avoiding '-H')

while ':allow' as last fall back rule sets RBLSMTPD to a value the
program 'rblsmtpd' interprets specially, as it's man page states. The
leading hyphen is an indicator to block the connection.
Best regards
Peter Palmreuther

"The other day I.... No, that wasn't me." -- Steven Wright

Reply via email to