Another question about rulesets...

Philip Butler butler at globeserver.com
Fri Apr 4 17:40:57 IST 2008 

Hi all,

I have another question about rulesets.  I am trying to sign outgoing  
messages with a signature.

Here is my ruleset.  'domain123.com' and 'domain456.com' are "my" test  
domains (not really mine, but using this as a test).

-------------
From:	*@domain123.com and to: *@domain123.com	no
From:	*@domain123.com and to: *@domain456.com	no
From:	*@domain123.com	yes
From:	*@domain456.com and to: *@domain123.com	no
From:	*@domain456.com and to: *@domain456.com	no
From:	*@domain456.com	yes

FromOrTo:	default		no
-------------


It works properly if there is one recipient (internal/external) but  
the problem is that when I send from test1 at domain123.com to test2 at domain123.com 
  AND test at anotherdomain.com, the message does not get signed.  In  
other words, if ANY recipient is from a local domain, then the message  
does not get signed.  I would prefer it to be the other way around.

Any suggestions as to how I can change the ruleset ??  In a way, I want:

-------------
# incoming messages not signed
From:	NOT *@domain123.com and to: *@domain123.com	no
From:	NOT *@domain123.com and to: *@domain456.com	no
From:	NOT *@domain456.com and to: *@domain123.com	no
From:	NOT *@domain456.com and to: *@domain456.com	no

# internal messages not signed
From:	*@domain123.com and ONLY to: *@domain123.com	no
From:	*@domain123.com and ONLY to: *@domain456.com	no
From:	*@domain456.com and ONLY to: *@domain123.com	no
From:	*@domain456.com and ONLY to: *@domain456.com	no

# All others signed - including mixed local/non-local recipients
FromOrTo:	default		yes
-------------


Also, I tried adding:

----
From:  10.1.1.0/255.255.255.0 and to: *@domain123.com  no
From:  10.1.1.0/255.255.255.0 and to: *@domain456.com  no
From:  10.1.1.0/255.255.255.0  yes
From:  10.34.56.0/255.255.255.0 and to: *@domain123.com  no
From:  10.34.56.0/255.255.255.0 and to: *@domain456.com  no
From:  10.34.56.0/255.255.255.0  yes
----

to the ruleset (10.1.1.0 and 10.34.56.0 are "internal" networks) and I  
kept getting defunct mailscanner processes.  This is based on a  
previous email response from Julian.  I am running MS 4.66.5 - I  
haven't upgraded to the latest and greatest yet.  Do I have a syntax  
problem here ??

Phil

More information about the MailScanner mailing list