[milters] Archive

Lists Index Date Thread Search

Article: 1257
From: Taylor, Grant
Date: 2006-11-14 13:36:41 -0500
Subject: Re: Question about user passed by milter-spamc to spamd...

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Anthony Howe wrote:
>> As I understand you, you will only pass gtaylor to spamd for both messages. 
>>   Correct?
> 
> Correct. The spamd protocol is a little vague (there should be a copy 
> provided with milter-spamc to view). Below is a fragment that outlines 
> the protocol from spamd 3.1.x:

Hum.  Have you ever tried passing the full recipient email address?  Are you
doing any virtusertable translation from user@domain.tld <-> bobsunixaccount
or just passing the local part of the email address?

> The protocol for communication between spamc/spamd is somewhat HTTP 
> like.  The conversation looks like:
> 
>                 spamc --> PROCESS SPAMC/1.2
>                 spamc --> Content-length: <size>
>    (optional)   spamc --> User: <username>
>                 spamc --> \r\n [blank line]
>                 spamc --> --message sent here--
> 
>                 spamd --> SPAMD/1.1 0 EX_OK
>                 spamd --> Content-length: <size>
>                 spamd --> \r\n [blank line]
>                 spamd --> --processed message sent here--

Hum.  Simple indeed.

> spamd makes the User: header optional and more or less implies that it 
> expects a username. There is no other reference to the User header or 
> username argument in the the protocol document. Its been this way since 
> spamd 2.5.

I believe this corresponds to the SpamC "-u <username>" option.  I know
from
my testing that I can pass any of the following in to SpamC each with
different results.

# unix shell user name user config
cat msg.eml | spamc -u gtaylor

# recipient email address user config
cat msg.eml | spamc -u gtaylor@riverviewtech.net

# default user config
cat msg.eml | spamc -u @GLOBAL

SpamC will accept any of the above parameters with out a problem.  For what
I'm doing I need to use the 2nd of the above methods to allow SpamD to read
the correct recipient user preferences from an SQL database.  Seeing as how
I'm having SpamC / SpamD filter email for domains that I'm relaying for a
colleague's domain(s) I do not have unix shell accounts to pull user
preferences from files in users home directories.  Further more, I don't
think that Sendmail will even attempt to identify a local unix account for
domains that are in the Relay class (R).  I could however be mistaken by
this fact.

So, I guess this is turning in to a feature request for milter-spamc to have
a new option that will pass the recipient email address as the user name to
SpamC verses just the local part of the email address.  Thoughts / opinions
are welcomed and appreciated.

> Yes. When you have multiple recipients each with very different personal 
> SA configs, it becomes impossible to choose who's config to use, so you 
> have to fall back on a generic default user / system profile.

Indeed.  This seems like a draw back, however with my understanding of the
SMTP protocol, I do not see a way around this short of having a server
accept responsibility for the message and then later reject the message if
each individual recipient had different filters.  However, I think this
would be more of a filtering procedure during LMTP verses SMTP.  Either way,
this is out side of the scope of Sendmail / Milter-SpamC / SpamAssassin
scope.  This becomes problematic if the message is accepted and then later
bounced.  Fortunately the potential for erroneous DSN / Bounces can be
mitigated by using something like Milter-Sender to verify the sending email
address before the message is accepted in the first place.



Grant. . . .


Lists Index Date Thread Search