Ian FREISLICH wrote:
> Ted Cooper wrote:
> What about the folowing then?
>
> acl_smtp_connect
> warn !hosts = +relay_from_hosts : +hetzner_nets
> condition = ${if eq{$interface_port}{587} {no}{yes}}
> delay = 30s
>
I find this works just as well. I don't use multiple interfaces so this is
pretty simple:
rfc1413_hosts = ! 192.168.32.0/24 : *
> I said I think it is more important than ident. I find little value
> in ident information. Maybe if it reported local time on the remote
> machine, that would help for tracking reports but the data it reports
> is IMHO pretty much useless otherwise.
It's the inherent delay I find useful, and it's really cheap. In the event I
get an ident response, it shows up in the log parsing and can be used to
trigger things (adding an IP to a block list).
Trusting the remote computer to supply more, unverifiable, information is
never going to be a good idea :P That's the main reason why email is such a
PITA now days.
Ted.