On Tue, 2013-10-22 at 16:48 -0700, Quanah Gibson-Mount wrote:
> --On Wednesday, October 23, 2013 1:35 AM +0200 Karsten Bräckelmann wrote:
> > $ spamassassin --lint --cf="trusted_networks 127.0.0.0/8"
> > warn: netset: cannot include 127.0.0.0/8 as it has already been included
> >
> > M::SA::Conf docs, section Network Test Options, option trusted_networks
> > states: "Note: 127/8 and ::1 are always included in trusted_networks,
> > regardless of your config."
> >
> > $ spamassassin --lint --cf="trusted_networks [::1]/128"
> > warn: netset: illegal network address given: '[::1]/128'
> >
> > Included by default as well. And even bad syntax.
>
> However, it also does not cause harm to include the local addresses.
> Whether or not the syntax is bad sounds like an argument you can take to
> the postfix authors. Clearly their tool to generate it feels it is valid.
I'm not arguing about the syntax being valid. Frankly, I couldn't care
less. ;)
Spotting bad configuration causing lint errors, however, immediately
triggers an alarm. Bad configuration usually means the OP failed to lint
check. Which means there may be more and much worse issues in the full
configuration than in the few lines posted...
> The values themselves are generated by postfix, via postconf -d mynetworks
Fair enough. Though I don't particularly care what other tools generate.
I do care what users feed SA and its configuration. I do care if people
tend here with issues. And in this case, there's some proper glue
missing to convert postconf output to SA trusted_networks arguments.
Breaking stuff or not -- I'd file a bug with the tool that automatically
generates config that fails lint. If I (wearing an admin hat) would spot
the lint issues.
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
