Thoughts on MSMilter

Mark Sapiro mark at
Thu Nov 22 02:19:12 UTC 2018

First a big thank you to Shawn for all the work on MSMilter. I think at
this point with the merge of
<> it is working very well. It
also provides a framework for adding even more checks at incoming SMTP time.

There is one thing that I think could be improved in the current
implementation. The milter is invoked by Postfix via the smtpd_milters
configuration on all mail that arrives via SMTP. In most cases, it tells
Postfix to DISCARD the message meaning the SMTP client is told the
message is accepted but Postfix doesn't queue the message for further
processing. The milter in turn has queued the message for MailScanner,
and MailScanner processes the message and may queue messages back to be
picked up by the milter and redelivered to Postfix.

The issue is the milter reinjects the message via SMTP to postfix. This
means the milter will be invoked again to process the message it just
reinjected. For this reason, the milter just accepts all messages
arriving from the local host so they can be processed by Postfix and
avoid and endless loop through MailScanner.

This all works, except it means that other messages arriving via SMTP
from the local host are just accepted by the milter and not seen by
MailScanner. This is not a major issue as such messages are usually only
generated by trusted users or processes, but this could be avoided if
the milter reinjected scanned messages using QMQP or the Postfix
sendmail command.

Mark Sapiro <mark at>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the MailScanner mailing list