Hello tech@,
I keep getting a syntax error with the following seemingly correct
line:
filter "dkimsign-override" phase commit \
match mail-from <ext_relay_from> bypass
The problem (`/etc/mail/smtpd.conf:20: syntax error`) arises from
smtpd.conf's grammar only allowing `filter_action_builtin_nojunk` for
`commit` phase. It turns out that the current definition of
`filter_action_builtin_nojunk` means no junk and no bypass. Address
that moving bypass action to nojunk.
My usecase for it is to avoid DKIM-signing emails that are externally
relayed with `opensmtpd-filters-dkimsign`: if I also own
lucas@domain.invalid, I don't want smtpd to sign lucas@domain.invalid's
emails, just lu...@sexy.is'. This seems possible with `filter-chain`,
and technically could be decided in `mail-from` phase, but sadly
`bypass` doesn't short-circuit. Second best option is to `bypass`
during `commit` phase, which is when `filter-dkimsign` does its magic.
Comments?
-Lucas
Index: parse.y
===================================================================
RCS file: /home/cvs/src/usr.sbin/smtpd/parse.y,v
retrieving revision 1.278
diff -u -p -r1.278 parse.y
--- parse.y 1 Jun 2020 05:21:30 -0000 1.278
+++ parse.y 25 Aug 2020 04:05:27 -0000
@@ -1527,9 +1527,6 @@ filter_action_builtin_nojunk
| JUNK {
filter_config->junk = 1;
}
-| BYPASS {
- filter_config->bypass = 1;
-}
;
filter_action_builtin_nojunk:
@@ -1544,6 +1541,9 @@ REJECT STRING {
}
| REPORT STRING {
filter_config->report = $2;
+}
+| BYPASS {
+ filter_config->bypass = 1;
}
;
