On Wednesday 01 November 2006 12:24, Martijn Grendelman took the opportunity
to say:
> Hi,
>
> I am fiddling with some ACLs and I'm trying to decide whether to use
> require or deny in certain situations.
>
> For example, is:
>
> require verify = sender
>
> the same thing as:
>
> deny !verify = sender
>
> ?
Yes, when there is just one condition.
> I now have:
>
> require verify = sender
> log_message = DENY - Sender verification failed
>
> but this line is written for all messages that pass through
Are you sure? log_message text is supposed to be written to the log only when
an ACL verb denies access, or if all conditions of a warn statement are true
(but since you put log_message after the condition, it won't be reached in
that case; processing of a statement stops as soon as the outcome is known.)
> [...] I am considering to change this to:
>
> deny !verify = sender
> log_message = DENY - Sender verification failed
>
> Will this accomplish what I want?
See above.
--
Magnus Holmgren holmgren@???
(No Cc of list mail needed, thanks)
