[milters] Archive

Lists Index Date Thread Search

Article: 314
From: Anthony Howe
Date: 2010-02-25 14:16:38 -0500
Subject: milter-ahead "not a defined route, skipping"

(I'm sending this to the list to archive this response for future
reference by other users of milter-ahead.)

On 25/02/2010 15:25, Richard Gillman whispered from the shadows...:
> We are also getting milter-ahead messages in the logs along the lines:
> rcpt_host='macaulay.ac.uk' is not a defined route, skipping

I assume you're still using sendmail and haven't switched to postfix
using milters (which is possible, just a little different).

The "not a defined route" has always been a hard concept to explain and
I still haven't figured out a clear way to do it, so I'll try again.

There are a handful of articles in the mailing list archive:

	http://www.snertsoft.info/lists/list.php?l=milters

that reference this issue. Enter "not a defined route" into the search
box (I'll eventually update my Private Wimp MLM archive interface to
allow this in the URL).

*** Please note that these articles refer to an older versions (< 1.4)
of milter-ahead that used single letter options, instead of the longer
descriptive names.

http://www.snertsoft.info/lists/article.php?l=milters&d=2004-10&f=140

http://www.snertsoft.info/lists/article.php?l=milters&d=2004-12&f=275


Essentially when you have -mx-lookup (original historical behaviour),
then when you see on occasion:

	"rcpt_host='%s' is not a defined route, skipping"

that means that the {rcpt_host} macro (based on a mailertable entry
processed by sendmail) or an entry in call-ahead-db if being used,
defines a "variable" destination; variable in that it requires an MX
lookup before a next-hop host can be determined and often there is more
than one MX possible with different preferences.

In sendmail's mailertable or the call-ahead-db option the
right-hand-side (RHS) value specifies the next-hop and can be defined in
square brackets, [ and ], which disables the MX lookup that sendmail
would normally do (assuming mailertable).

With square brackets eg. [mx.snert.net] or [82.10.97.34] is a _defined_
route in that an A record lookup or an explicit IP address clearly point
to a _specific_ machine as the next-hop.

Without the square brackets eg. milter.info, specifies a domain as the
next-hop, which relies on an MX and A lookups to find a destination machine.

When milter-ahead was original conceived, those entries in mailertable
that had specific hosts specified in square brackets were assumed
internal or those of well known clients. Those without the square
brackets were assumed to be hosts that you relayed off-site to.

The original intent was that call-ahead should not be done to relays,
machines that might be less reliable destinations that probably couldn't
answer the call-ahead correctly (and would be considered _dumb_ or
_blind_, ie. they accepted any mail address for a domain they hosted).

> which may be related to the mx-lookup option. Again, if someone could
> advise on these that would be great.

Enter mx-lookup option. When set, +mx-lookup, {rcpt_host} macro passed
by sendmail to the milter or the RHS from call-ahead-db lookup without
the square brackets would invoke MX and A lookups to find a host to make
the call-ahead to.

When using +mx-looklup, if the mailertable or call-ahead-db specify
next-hop that go off-site to untrusted destinations, particularly those
that are _dumb_ (eg. might use catch-all addresses), then you weaken the
benefit of call-ahead with +mx-lookup.

So as you can see trying to find a suitable term / phrase to explained
all this was not easy. I opted for "defined route". Happy to hear
alternative suggestions.

-- 
Anthony C Howe            Skype: SirWumpus                  SnertSoft
+33 6 11 89 73 78       Twitter: SirWumpus      BarricadeMX & Milters
http://snert.com/      http://nanozen.info/     http://snertsoft.com/

Lists Index Date Thread Search