On Tue, 2004-05-04 at 21:33 +0100, Tony Finch wrote:
> Incorrect. After a sub-condition fails, subsequent parts of and{} are
> parsed but not evaluated.
Hmm. I could have sworn I did this...
# Drop the connection if the reverse DNS isn't in the HELO domain
drop log_message = HELO MISMATCH Forged HELO for ($sender_helo_name)
message = You are not really $sender_helo_name. Go Away.
- condition = ${if and { \
- {!eq{$acl_m9}{}} \
- {!match{$sender_host_name}{${rxquote:$acl_m9}\N$\N}} \
- } \
- {yes}{no}}
+ message = You are not really $sender_helo_name. Go Away.
+ condition = ${if !eq{$acl_m9}{} {1}}
+ condition = ${if !match{$sender_host_name}{${rxquote:$acl_m9}\N$\N} {1}}
delay = 5s
... to avoid the evaluation of $sender_host_name, upon empirical
evidence (it was bitching about 2002::/16 IPv6 addresses not having
reverse DNS, even though I could have told it not to bother trying).
--
dwmw2
