Lindsay Haisley writes:
On Wed, 2014-09-24 at 18:33 -0400, Sam Varshavchik wrote:> With a caveat. "Most specific" here means "octet boundary". I should clarify> that in the man page. > > makesmtpaccess uses Net::CIDR to expand out CIDR to even octet boundaries. > So, an entry for 192.168.0.0/22 is going to get replicated as four entries: > 192.168.0.*, 192.168.1.*, 192.168.2.* and 192.168.3.*.So under what circumstances would this differ from the range definition as definded by the CIDR notation?
None, that's the point. Using the CIDR notation is equivalent to expanding out the netblocks at the nearest octet boundary. This is the list of entries that goes into the smtpaccess file. So, you can't specify 192.168.0.0/22, and then another entry for 192.168.1.0/24, because the first one is equivalent to specifying 192.168.1.*, and so is the second one. The "more specific" part only applies once you "cross" the octet boundary.
This language was from before the CIDR notation could be used in the smtpaccess file. Before the CIDR notation, you could specify:
192.168.0<tab>allow,… 192.168.0.1<tab>allow,…And so on. The "more specific" part a bit more obvious when looking at this syntax.
When CIDR was introduced, nothing actually changed as far as the smtpaccess file goes, except that the CIDR notation results in the entries in the smtpaccess file getting automatically expanded to their component octets.
This means that, for example: 192.168.128.0/17This actually results in 128 actual entries in the smtpaccess file, 192.168.128 through 192.168.255
pgp4bPV8k7zXV.pgp
Description: PGP signature
------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users