On Sat, Sep 16, 2006 at 12:05:15PM -0700, Ross Boylan wrote: > What's going on is that I have customized things sufficiently that the > rule is not being invoked.
Most probably, yes. You need to call the whitelist as a sub-ACL in each ACL stanza where you would want the whitelist to apply. > Now, on the understanding front, I'm still a bit puzzled. If the > behavior were 1), I would expect the (Debian default) ACL's to have an > accept if whitelisted early on. We didn't do that since we still want to do, for example, relay control or recipient verification for whitelisted hosts. Whitelisting a host does not mean that we'll accept arbitrary trash from them, it only means that we exempt whitelisted hosts from some local ACL stanzas, most probably the manually maintained black lists. > Instead, there are a whole bunch of tests with !acl = > acl_whitelist_local_deny to skip them. Yes. > I also am puzzled about the _deny at the end, though I guess they > are being used (as above) to deny certain rules. The _deny at the end is meant to say that this is a whitelist working against the local_deny blacklists. The name might be bad since the package does not have a native speaker of English in the active maintainer team. Additionally, it is now being used in a lot of places where this name does no longer fit. > There are also tests (e.g., 30_exim4_config_check_mail) that do not > use acl_whitelist_local_deny. Yes. The whitelist was never meant to exempt a host from _all_ checks. Strictly speaking, it shouldn't be used on the sender verification stanzas as well. Would it be less confusing if that whitelist would be renamed to acl_local_whitelist and used in 30_exim4_config_check_mail and for the SPF checks as well (which seem to be the only deny stanzas left that do not use the whitelist)? Sorry for taking so long, but I'll have to ask you to answer fast since I plan doing an upload this weekend. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
