[milters] Archive

Lists Index Date Thread Search

Article: 1549
From: Anthony Howe
Date: 2007-04-17 08:15:35 -0400
Subject: Re: Sendmail's processing of milters

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support

Ben Spencer wrote:
> From looking at logs, it seems as if the milters are initiated at the
> same time by sendmail and the milter checks are a parallel. Sendmail

A milter is a single process, multithreaded with one thread per SMTP 
connection. Sendmail will init. all the milters in order defined in 
.mc/.cf, once for each new connection. It will then pass mail to them in 
sequential order allowing each a chance to reject/discard the 
connection. See a copy of the milter documentation here, in particular 
the Control Flow section:


> then checks the results of the milters in the order in which the milters
> are listed in the mc/cf. If a failure or delay response happens, then
> sendmail aborts any outstanding milters and responds with the results of
> the milter which caused the exception.
> As a result of this process, it is common for milters to actually abort
> before they have completed their processing (due to milters above them
> responding with a delay or reject) and I shouldn't be concerned about
> abort type of messages in the logs?

Correct. A SMTP rejection or broken connection, will result in the abort 
handler being called, which does not necessarily imply an error. Most of 
my milters do not use the abort handler, with exception of milter-error, 
milter-report, and milter-cli. The first two will be sensitive to milter 
execution order when doing their work.

milter-error wants to be last in the milter sequence so that it can 
properly count aborts, which are treated as errors as there is no way to 
to know what was the cause of the abort.

milter-report is far trickier, it needs to be first in order to get the 
connect and MAIL info before any milter can abort (though sendmail can 
abort before consulting any milter). BUT wants to be last if you want to 
trigger on content filtering aborts. Assuming content filters won't 
reject the connection and MAIL FROM: (only gather intel), then you place 
post-DATA fitlers before milter-report and pre-DATA filters that may 
reject on connection or MAIL FROM: after in milter execution order.

Anthony C Howe          Skype: SirWumpus                    SnertSoft
+33 6 11 89 73 78         AIM: SirWumpus    Sendmail Milter Solutions
http://www.snert.com/     ICQ: 7116561

Lists Index Date Thread Search