Thoughts on MSMilter
Shawn Iverson
iversons at rushville.k12.in.us
Fri Nov 23 18:21:08 UTC 2018
Mark,
https://github.com/MailScanner/v5/pull/311
On Thu, Nov 22, 2018 at 12:33 PM Shawn Iverson <iversons at rushville.k12.in.us>
wrote:
> Mark,
>
> Success! My oh my, QMQP is incredibly fast! This is wonderful :) Stay
> tuned for a PR to include this and to enable/disable the milter loopback
> checks...
>
> On Thu, Nov 22, 2018 at 8:29 AM Shawn Iverson <
> iversons at rushville.k12.in.us> wrote:
>
>> Mark,
>>
>> How much do you know about QMQP?
>>
>> It looks like I need to do this to send a message to it...I'm going to do
>> some hacking and see how I can make this work...
>>
>> Encode a series of safe strings as a netstring representing the message.
>> Encode the envelope sender the same way (not sure the format)
>> Encode the original recipients the same way (also not sure the format,
>> assuming <email at example.com>)
>> Send the data to QMQP
>> Watch for the response, which is either K, Z, or D (decoded from a
>> netstring)
>> Act based on the response K = sent, Z = tempfail, D =permfail
>>
>>
>> On Wed, Nov 21, 2018 at 10:22 PM Shawn Iverson <
>> iversons at rushville.k12.in.us> wrote:
>>
>>> sendmail compatibility interface is not an option, see
>>> https://github.com/MailScanner/v5/blob/3fce3ff80180b71520bcd03dfb2cb1a53369603c/common/usr/share/MailScanner/perl/MailScanner/MSMail.pm#L935
>>>
>>> QMQP may be a good option. I will check into this method....
>>>
>>> On Wed, Nov 21, 2018 at 9:19 PM Mark Sapiro <mark at msapiro.net> wrote:
>>>
>>>> First a big thank you to Shawn for all the work on MSMilter. I think at
>>>> this point with the merge of
>>>> <https://github.com/MailScanner/v5/pull/305> it is working very well.
>>>> It
>>>> also provides a framework for adding even more checks at incoming SMTP
>>>> time.
>>>>
>>>> There is one thing that I think could be improved in the current
>>>> implementation. The milter is invoked by Postfix via the smtpd_milters
>>>> configuration on all mail that arrives via SMTP. In most cases, it tells
>>>> Postfix to DISCARD the message meaning the SMTP client is told the
>>>> message is accepted but Postfix doesn't queue the message for further
>>>> processing. The milter in turn has queued the message for MailScanner,
>>>> and MailScanner processes the message and may queue messages back to be
>>>> picked up by the milter and redelivered to Postfix.
>>>>
>>>> The issue is the milter reinjects the message via SMTP to postfix. This
>>>> means the milter will be invoked again to process the message it just
>>>> reinjected. For this reason, the milter just accepts all messages
>>>> arriving from the local host so they can be processed by Postfix and
>>>> avoid and endless loop through MailScanner.
>>>>
>>>> This all works, except it means that other messages arriving via SMTP
>>>> from the local host are just accepted by the milter and not seen by
>>>> MailScanner. This is not a major issue as such messages are usually only
>>>> generated by trusted users or processes, but this could be avoided if
>>>> the milter reinjected scanned messages using QMQP or the Postfix
>>>> sendmail command.
>>>>
>>>> --
>>>> Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
>>>> San Francisco Bay Area, California better use your sense - B. Dylan
>>>>
>>>>
>>>>
>>>> --
>>>> MailScanner mailing list
>>>> mailscanner at lists.mailscanner.info
>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>>>
>>>>
>>>
>>> --
>>> Shawn Iverson, CETL
>>> Director of Technology
>>> Rush County Schools
>>> 765-932-3901 option 7
>>> iversons at rushville.k12.in.us
>>>
>>>
>>>
>>
>> --
>> Shawn Iverson, CETL
>> Director of Technology
>> Rush County Schools
>> 765-932-3901 option 7
>> iversons at rushville.k12.in.us
>>
>>
>>
>
> --
> Shawn Iverson, CETL
> Director of Technology
> Rush County Schools
> 765-932-3901 option 7
> iversons at rushville.k12.in.us
>
>
>
--
Shawn Iverson, CETL
Director of Technology
Rush County Schools
765-932-3901 option 7
iversons at rushville.k12.in.us
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20181123/ae711885/attachment.html>
More information about the MailScanner
mailing list