It seems that the plugin architecture only allows a single pass/fail result, so if you want to have multiple tests with different shades of results, you have to call the plugin multiple times. Is that right?
Over the weekend I banged together a preliminary ldapBlacklist.pm plugin which lets the master process query an ldap server for whitelist or blacklist flags associated with the connecting SMTP client's reverse DNS, the HELO identifer, the mail-from address, the From address, and so forth... The problem is that each of these tests have to do a fair amount of processing with some significant serialization (ie, DNS lookup for SRV RRs, DNS lookup for ldap server, connect->bind->query the server, as well as the rest of the background code. Using the pass/fail model as a front-end to this system, each test basically has to be its own rule, and each rule has to call its own eval() in order for each rule to use its defined weighting (eg, -50 for whitelisted, +50 for blacklisted, on a per-test basisc. But in that model, the core LDAP stuff has to be run ~six times to process ~six tests, and that's a significant serialization penalty in sum, just to find out if one of the sending domains is listed as blacklisted or whitelisted in a local LDAP server. It's so bad that I'm not sure it's feasible to do this. What are the thoughts? -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
