[milters] Archive

Lists Index Date Thread Search

Article: 712
From: Anthony Howe
Date: 2005-09-02 03:22:53 -0400
Subject: Re: Odd milter-sender issue

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Mike Kercher wrote:
> Removal...........: milters-request@milter.info?subject=remove
> More information..: http://www.milter.info/#Support
> --------------------------------------------------------
> 
> Lately, I've started to see more and more of these:
> 
> Sep  1 15:12:52 avenger sendmail[27747]: j81KCfvG027747: from=<>, size=3421,
> class=0, nrcpts=1, msgid=<200509012012.j81KCfvG027747@avenger.vesol.net>,
> proto=ESMTP, daemon=MTA, relay=va1-sg00029.securesites.net [161.58.134.251]
> Sep  1 15:12:52 avenger sendmail[27747]: j81KCfvG027747:
> to=<melitmnesb@domain.com>, delay=00:00:01, mailer=esmtp, pri=33421,
> stat=queued
> 
> Background:  this server is the only MX for domain.com  My box receives
> mail, virus scans and then forwards to another server for final delivery.  I
> have the call ahead enabled in my milter-sender.cf, but I suspect that since
> <> is whitelisted somehow, it is getting past the milter.  Any ideas how to
> stop this?
Do you have IsBackupMx=1 set, which would be normal. Is the mail store 
"up" and responding to milter-sender's call-ahead's when these messages 
arrive?

milter-sender is primarily a call-back milter and so to avoid 
(call-back) mail-loops, must white list <> as per RFC 2821. But there is 
no reason I can think of not to perform the call-ahead on MAIL FROM:<>.

So try this patch to move the white-list by-pass AFTER the call-ahead test.

-- 
Anthony C Howe                                 +33 6 11 89 73 78
http://www.snert.com/       ICQ:
7116561         AIM: Sir Wumpus

Sendmail Anti-Spam Solutions           http://www.snertsoft.com/
                                             We Serve Your Server


-- Attached file included as plaintext by Ecartis --
-- File: patch.txt

--- milter-sender.c.orig	2005-08-15 12:29:56.593750000 +0200
+++ milter-sender.c	2005-09-02 09:16:01.593750000 +0200
@@ -2157,13 +2157,6 @@
 		return SMFIS_REJECT;
 	}
 
-	/* BY-PASS Wait until after we have parsed the RCPT to skip on
-	 * connection so that we can then white list those recipients
-	 * further below.
-	 */
-	if (data->work.skipMessage)
-		goto auto_white_list;
-
 	/* There are some legitimate situations where it is seen as acceptable
 	 * to blacklist/reject the sender even when the recipient is the
 	 * postmaster, so the milter might not actually want to blindly accept
@@ -2194,6 +2187,13 @@
 	if (0 < mxCallAheadOn.value && (rc = mxCallAhead(data)) != SMFIS_CONTINUE)
 		return rc;
 
+	/* BY-PASS Wait until after we have parsed the RCPT to skip on
+	 * connection so that we can then white list those recipients
+	 * further below.
+	 */
+	if (data->work.skipMessage)
+		goto auto_white_list;
+
 	if (0 < cacheGreyListTTL.value && data->rcptAlwaysAccepted) {
 		GreyListEntry greyEntry;
 


Lists Index Date Thread Search