Discussion:
per-Milter error handling?
Patrick Ben Koetter
2011-11-29 20:56:10 UTC
Permalink
Wietse,

it seems you are currently working on Postfix. Do you have time to work on
per-Milter error handling?

An approach to solve this in the configuration file might be to use a map:

smtpd_milter_maps = hash:/etc/postfix/milters

# /etc/postfix/milters
unix:/path/to/milter tempfail
inet:localhost:12345 quarantine

Regards,

***@rick
--
All technical questions asked privately will be automatically answered on the
list and archived for public access unless privacy is explicitely required and
justified.

saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
Wietse Venema
2011-11-29 21:34:26 UTC
Permalink
Post by Patrick Ben Koetter
Wietse,
it seems you are currently working on Postfix. Do you have time to work on
per-Milter error handling?
smtpd_milter_maps = hash:/etc/postfix/milters
# /etc/postfix/milters
unix:/path/to/milter tempfail
inet:localhost:12345 quarantine
There are more milter-dependent tweaks that need to be made
configurable: timeouts and protocol version come to mind.

This means that one implementation of per-milter tweaks should not
complicate the implementation of other per-milter tweaks.

Taking DNSXL lookup as an example, the lookup table was a reasonable
way to configure non-default DNSBL replies; for DNSXL pattern
matching, on the other hand, in-line specification was more natural.

With milters, in-line specification may be more natural than table-based.
Perhaps:

smtpd_milters =
unix:/path/to/milter;default_action=permit;command_timeout=100s
inet:localhost:12345;default_action=quarantine;protocol=6

This example overrides the global milter_default_action,
milter_command_timeout, and milter_protocol settings.

It sacrifices some usability (no spaces around the ";" or "=") so
it runs off the screen quickly. On the other hand it is implementable
with few lines of code, about the length of this posting.

(In some future Postfix version, there should be support for grouping
with {} so one can say
smtpd_milters =
inet:localhost:9999,
{ unix:/path/to/milter, default_action = permit, command_timeout = 100s },
{ inet:localhost:12345, default_action = quarantine, protocol = 6 }
).

Wietse
SATOH Fumiyasu
2011-11-29 23:25:42 UTC
Permalink
At Tue, 29 Nov 2011 21:56:10 +0100,
Post by Patrick Ben Koetter
it seems you are currently working on Postfix. Do you have time to work on
per-Milter error handling?
IIRC, you should use "milter manager" for per-Milter error handling.
See the milter manager web site for details:

http://milter-manager.sourceforge.net/index.html.en
Post by Patrick Ben Koetter
smtpd_milter_maps = hash:/etc/postfix/milters
# /etc/postfix/milters
unix:/path/to/milter tempfail
inet:localhost:12345 quarantine
--
-- Name: SATOH Fumiyasu (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- Personal Home: http://www.SFO.jp/blog/
Loading...