Thoughts on MSMilter

Shawn Iverson iversons at rushville.k12.in.us
Thu Nov 22 13:29:49 UTC 2018 

Mark,

How much do you know about QMQP?

It looks like I need to do this to send a message to it...I'm going to do
some hacking and see how I can make this work...

Encode a series of safe strings as a netstring representing the message.
Encode the envelope sender the same way (not sure the format)
Encode the original recipients the same way (also not sure the format,
assuming  <email at example.com>)
Send the data to QMQP
Watch for the response, which is either K, Z, or D (decoded from a
netstring)
Act based on the response K = sent, Z = tempfail, D =permfail


On Wed, Nov 21, 2018 at 10:22 PM Shawn Iverson <iversons at rushville.k12.in.us>
wrote:

> sendmail compatibility interface is not an option, see
> https://github.com/MailScanner/v5/blob/3fce3ff80180b71520bcd03dfb2cb1a53369603c/common/usr/share/MailScanner/perl/MailScanner/MSMail.pm#L935
>
> QMQP may be a good option.  I will check into this method....
>
> On Wed, Nov 21, 2018 at 9:19 PM Mark Sapiro <mark at msapiro.net> wrote:
>
>> First a big thank you to Shawn for all the work on MSMilter. I think at
>> this point with the merge of
>> <https://github.com/MailScanner/v5/pull/305> it is working very well. It
>> also provides a framework for adding even more checks at incoming SMTP
>> time.
>>
>> There is one thing that I think could be improved in the current
>> implementation. The milter is invoked by Postfix via the smtpd_milters
>> configuration on all mail that arrives via SMTP. In most cases, it tells
>> Postfix to DISCARD the message meaning the SMTP client is told the
>> message is accepted but Postfix doesn't queue the message for further
>> processing. The milter in turn has queued the message for MailScanner,
>> and MailScanner processes the message and may queue messages back to be
>> picked up by the milter and redelivered to Postfix.
>>
>> The issue is the milter reinjects the message via SMTP to postfix. This
>> means the milter will be invoked again to process the message it just
>> reinjected. For this reason, the milter just accepts all messages
>> arriving from the local host so they can be processed by Postfix and
>> avoid and endless loop through MailScanner.
>>
>> This all works, except it means that other messages arriving via SMTP
>> from the local host are just accepted by the milter and not seen by
>> MailScanner. This is not a major issue as such messages are usually only
>> generated by trusted users or processes, but this could be avoided if
>> the milter reinjected scanned messages using QMQP or the Postfix
>> sendmail command.
>>
>> --
>> Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
>> San Francisco Bay Area, California    better use your sense - B. Dylan
>>
>>
>>
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>>
>
> --
> Shawn Iverson, CETL
> Director of Technology
> Rush County Schools
> 765-932-3901 option 7
> iversons at rushville.k12.in.us
>
>
>

-- 
Shawn Iverson, CETL
Director of Technology
Rush County Schools
765-932-3901 option 7
iversons at rushville.k12.in.us
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20181122/a9723ed2/attachment.html>

More information about the MailScanner mailing list