[Dovecot] v2.0 configuration parsing
Daniel L. Miller
dmiller at amfes.com
Mon Aug 10 22:09:14 EEST 2009
Timo Sirainen wrote:
> On Mon, 2009-08-10 at 20:47 +0200, Felix Schueren wrote:
>
>> make it
>> protocols {
>> imap {
>> remote_ip x/16 {
>> foo = foo
>> }
>> }
>> all {
>> remote_ip x/24 {
>> foo = bar
>> }
>> }
>> }
>>
>
> That's just a syntax change. The question is still about if it should
> match the first one or the most specific one.
>
>
>> I'd strongly suggest to use the same approach as firewalls (or exim):
>> first match wins. I love exim because I can configure it much like my
>> firewalls & routers, and the "fall through until something matches"
>> syntax that most firewalls/ACLs use is well-understood & flexible.
>>
>
> Yeah, I'm beginning to think something like this would be good, with
> perhaps some restrictions in how the configuration blocks could be used.
> But is it better to use the first or the last match?..
>
If at all possible, I would much rather see an error thrown than
choosing which one to accept. To me, having Dovecot tolerate broken
configurations is less desirable than giving clear feedback for the user
to fix it. Anything from:
"foo" is defined more than once
overlapping ip declarations
"remote_ip" declaration in protocol "imap" conflicts with "remote_ip"
declaration in protocol "all"
I suppose if you really want to tolerate the brokenness - at least
include the error as a logged warning.
--
Daniel
More information about the dovecot
mailing list