From: Wietse Venema (wietseporcupine.org)
Date: Thu Jul 19 2007 - 16:20:40 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have some test results.

- I created a pre-formatted message with a 7 kbyte PDF document.
  This expands into an 11 kbyte message. This is small enough to
  trigger your "tiny PDF" access control rule.

- I have updated my smtp-source test program so it can send that
  file multiple times over the same SMTP session.

- I have configured milter-greylist as per your instructions,
  including the part that says:

    dacl blacklist body /^Content-Type: application.pdf/ \
        msgsize <= 25000 \
        msg "Sorry, we do not accept tiny PDF files"

- I ran the test with main.cf:milter_protocol=2 and with
  main.cf:milter_protocol=3.

- I ran the test with Postfix 2.5 (same milter code as 2.4)
  and with Sendmail 8.13.something.

Result: the first two copies of the message are always rejected;
the third and later copies are always accepted. Both with Postfix
and with Sendmail as the MTA.

When I add one line of code to log what milter-greylist does while
executing the "msgsize" ACL, this is the result when I send three
copies of the same test message over the same SMTP session:

Jul 19 14:45:48 bristle milter-greylist: acl_msgsize_cmp 11075 <= 25000

Jul 19 14:45:48 bristle milter-greylist: acl_msgsize_cmp 22148 <= 25000

Jul 19 14:45:48 bristle milter-greylist: acl_msgsize_cmp 33221 <= 25000

The 11075, 22148, and 33221 are how milter-greylist computed the
message size for three identical deliveries. This explains why the
first two deliveries fall below the ACL's threshold of 25000,
while the third and later deliveries exceed the ACL's threshold.

The computed message size increases monotonously with each delivery,
which is obviously wrong. Apparently, milter-greylist does not
RESET its message size count between mail deliveries. This explains
why the count keeps going up.

Source code review reveals that milter-greylist initializes the
priv->priv_msgcount variable only once, when the MTA reports a
CONNECT event to milter-greylist. It does not reset the count when
the second etc. mail delivery starts over the same SMTP session.

Thus, milter-greylist works only as long as the MTA sends CONNECT
events between the first and second, etc. deliveries over the same
SMTP session.

But even Sendmail does not work that way. When I send multiple
messages into Sendmail 8.13.something over the same SMTP session,
Sendmail does not report CONNECT events between successive deliveries.

See transcript below.

        Wietse

Events reported by Postfix test-milter program when I send multiple
messages to Sendmail 8.13.something through a single SMTP session.

Note the absence of CONNECT events between EOM and MAIL events.
There is only one at the beginning.

test_connect localhost.localdomain AF_INET (127.0.0.1)
test_helo "whatever"
test_mail "<wietselocalhost>"
test_rcpt "<wietselocalhost>"
test_eoh
[message content here]
test_eom
test_mail "<wietselocalhost>"
test_rcpt "<wietselocalhost>"
test_eoh
[message content here]
test_eom
test_mail "<wietselocalhost>"
test_rcpt "<wietselocalhost>"
test_eoh
[message content here]
test_eom
test_close

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]