NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-07

Re: How Postfix talks to the AFTER-queue content filter

From: Alain Spineux (aspineuxgmail.com)
Date: Sun Jul 08 2007 - 07:56:10 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 7/7/07, Wietse Venema <wietseporcupine.org> wrote:
> Alain Spineux:
> > The last part of
> > http://www.postfix.org/SMTPD_PROXY_README.html
> > is about "How Postfix talks to the before-queue content filter"
> >
> > Do these rules apply to the AFTER queue filter too ?
>
> No. The AFTER-queue filter is described in FILTER_README.

Yes !
The filter is "called" by smtp (the postfix smtp clien) and then this
connection can be tuned
using all the options supported by the client ( man smtp )

I dont see any way to limit the number of deliveries per connection to
one like for the Before Queue Filter.
This could make filtering more robust by shadowing some filter weakness.

Regards

Alain

>
> Wietse
>
> > Thanks
> >
> > Alain
> >
> > Here are the rules :
> >
> > The before-filter Postfix SMTP server connects to the content filter,
> > delivers one message, and disconnects. While sending mail into the
> > content filter, Postfix speaks ESMTP but uses no command pipelining.
> > Postfix generates its own EHLO, XFORWARD (for logging the remote
> > client IP address instead of localhost[127.0.0.1]), DATA and QUIT
> > commands, and forwards unmodified copies of all the MAIL FROM and RCPT
> > TO commands that the before-filter Postfix SMTP server didn't reject
> > itself. Postfix sends no other SMTP commands.
> >
> > The content filter should accept the same MAIL FROM and RCPT TO
> > command syntax as the before-filter Postfix SMTP server, and should
> > forward the commands without modification to the after-filter SMTP
> > server. If the content filter or after-filter SMTP server does not
> > support all the ESMTP features that the before-filter Postfix SMTP
> > server supports, then the missing features must be turned off in the
> > before-filter Postfix SMTP server with the smtpd_discard_ehlo_keywords
> > parameter.
> >
> > When the filter rejects content, it should send a negative SMTP
> > response back to the before-filter Postfix SMTP server, and it should
> > abort the connection with the after-filter Postfix SMTP server without
> > completing the SMTP conversation with the after-filter Postfix SMTP
> > server.
> >
> > --
> > --
> > Alain Spineux
> > aspineux gmail com
> > May the sources be with you
> >
> >
>
>

--
--
Alain Spineux
aspineux gmail com
May the sources be with you

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]