On 6/26/2008 6:51 AM, Henrik K wrote:
Extending trusted_networks beyond internal offers another way to whitelist
(ALL_TRUSTED) and reduces lookups (and possible RBL FPs with that). I'm
currently converting DNSWL data to trusted_network entries, which works
great (needs patches from bugs #5931 #5856).
IMO internal_networks should be the mandatory one to configure. Now it's
confusing since the "wider" rule is used and referenced everywhere by
default.
I'd love to see a plugin to check internal_networks against a rbldnsd zone.
In bigger setups or such with lots of entries, this could make
management way simpler.
Comments?
