diff mod_firewall/README.markdown @ 4966:4ffd6551f4bb

mod_firewall: README: Clarify when storage access can occur with roster checks
author Matthew Wild <mwild1@gmail.com>
date Tue, 28 Jun 2022 16:39:44 +0100
parents d7684aa81d8f
children 1e8381f0d0a8
line wrap: on
line diff
--- a/mod_firewall/README.markdown	Tue Jun 28 16:28:44 2022 +0100
+++ b/mod_firewall/README.markdown	Tue Jun 28 16:39:44 2022 +0100
@@ -360,12 +360,14 @@
 
 ### Roster
 
-These functions access the roster of the recipient (only). Therefore they cannot (currently)
+These conditions access the roster of the recipient (only). Therefore they cannot (currently)
 be used in some [chains](#chains), such as for outgoing messages (the recipient may be on another server).
 
-Performance note: this check can potentially cause storage access (especially if the recipient
-is currently offline), so you may want to limit its use in high-traffic situations, and place
-it below other checks (such as a rate limiter).
+Performance note: these checks can potentially cause storage access (especially if the recipient
+is currently offline), so you may want to limit its use in high-traffic situations, and place rules
+containing a roster check below other rules (such as a rate limiter). The storage access is
+performed unconditionally before the first rule that contains a roster-based condition, even if earlier
+conditions in that rule do not match.
 
 #### IN ROSTER