and avoid redundant logging and work when milter_header_checks
and Milters make redundant or conflicting decisions. File:
cleanup_milter.c.
+
+20090710
+
+ Bugfix (introduced Postfix 2.3): Postfix got out of sync
+ with a Milter application after the application sent a
+ "quarantine" request at end-of-message time. The milter
+ application would still be in the end-of-message state,
+ while Postfix would already be working on the next SMTP
+ event (typically, QUIT or MAIL FROM). Problem diagnosed
+ with help from Alban Deniz. File: milter/milter8.c.
Remove this file from the stable release.
+ Implement PREPEND action for milter_header_checks. Save the
+ to-be-prepended text to buffer, then emit it along with the
+ new header.
+
Fix the header_body_checks API, so that the name of the map
class (e.g. milter_header_checks) is available for logging.
a spam handling machine. Note that matches are case-insensitive
by default. </p>
-<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#milter_header_checks">milter_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a>
</pre>
+
<pre>
/etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a>:
- /^X-SPAM-FLAG:\s+YES]/ FILTER mysmtp:sanitizer.example.com:25
+ /^X-SPAM-FLAG:\s+YES/ FILTER mysmtp:sanitizer.example.com:25
</pre>
-</blockquote>
<p> The <a href="postconf.5.html#milter_header_checks">milter_header_checks</a> mechanism could also be used for
whitelisting. For example it could be used to skip heavy content
-scanning for DKIM-signed mail from known friendly domains. </p>
+inspection for DKIM-signed mail from known friendly domains. </p>
<p> This feature is available in Postfix 2.7, and as an optional
patch for Postfix 2.6. </p>
The following example sends all mail that is marked as SPAM to
a spam handling machine. Note that matches are case-insensitive
by default.
-.sp
-.in +4
+.PP
.nf
.na
.ft C
.fi
.ad
.ft R
+.PP
.nf
.na
.ft C
/etc/postfix/milter_header_checks:
- /^X-SPAM-FLAG:\es+YES]/ FILTER mysmtp:sanitizer.example.com:25
+ /^X-SPAM-FLAG:\es+YES/ FILTER mysmtp:sanitizer.example.com:25
.fi
.ad
.ft R
-.in -4
.PP
The milter_header_checks mechanism could also be used for
whitelisting. For example it could be used to skip heavy content
-scanning for DKIM-signed mail from known friendly domains.
+inspection for DKIM-signed mail from known friendly domains.
.PP
This feature is available in Postfix 2.7, and as an optional
patch for Postfix 2.6.
a spam handling machine. Note that matches are case-insensitive
by default. </p>
-<blockquote>
<pre>
/etc/postfix/main.cf:
milter_header_checks = pcre:/etc/postfix/milter_header_checks
</pre>
+
<pre>
/etc/postfix/milter_header_checks:
- /^X-SPAM-FLAG:\s+YES]/ FILTER mysmtp:sanitizer.example.com:25
+ /^X-SPAM-FLAG:\s+YES/ FILTER mysmtp:sanitizer.example.com:25
</pre>
-</blockquote>
<p> The milter_header_checks mechanism could also be used for
whitelisting. For example it could be used to skip heavy content
-scanning for DKIM-signed mail from known friendly domains. </p>
+inspection for DKIM-signed mail from known friendly domains. </p>
<p> This feature is available in Postfix 2.7, and as an optional
patch for Postfix 2.6. </p>
static void cleanup_milter_header_prepend(void *context, int rec_type,
const char *buf, ssize_t len, off_t offset)
{
+ /* XXX save prepended header to buffer. */
msg_warn("the milter_header/body_checks prepend action is not implemented");
}
vstring_free(buf);
return (cleanup_milter_error(state, errno));
}
+ /* XXX emit prepended header, then clear it. */
cleanup_out_header(state, buf); /* Includes padding */
vstring_free(buf);
if ((reverse_ptr_offset = vstream_ftell(state->dst)) < 0) {
msg_warn("%s: seek file %s: %m", myname, cleanup_path);
CLEANUP_PATCH_HEADER_RETURN(cleanup_milter_error(state, errno));
}
+ /* XXX emit prepended header, then clear it. */
cleanup_out_header(state, buf); /* Includes padding */
if (msg_verbose > 1)
msg_info("%s: %ld: write %.*s", myname, (long) new_hdr_offset,
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20090607"
+#define MAIL_RELEASE_DATE "20090711"
#define MAIL_VERSION_NUMBER "2.7"
#ifdef SNAPSHOT
/*
* Decision: quarantine. In Sendmail 8.13 this does not imply a
* transition in the receiver state (reply, reject, tempfail,
- * accept, discard).
+ * accept, discard). We should not transition, either, otherwise
+ * we get out of sync.
*/
case SMFIR_QUARANTINE:
/* XXX What to do with the "reason" text? */
MILTER8_DATA_BUFFER, milter->buf,
MILTER8_DATA_END) != 0)
MILTER8_EVENT_BREAK(milter->def_reply);
- MILTER8_EVENT_BREAK("H");
+ milter8_def_reply(milter, "H");
+ continue;
/*
* Decision: skip further events of this type.
*
* The solution is to query a map type and obtain its properties before
* opening it. A clean solution is to add a dict_info() API that is
- * simlar to dict_open() except it returns properties (dict flags) only.
+ * similar to dict_open() except it returns properties (dict flags) only.
* A pragmatic solution is to overload the existing API and have
* dict_open() return a dummy map when given a null map name.
*
projects / thirdparty / postfix.git / commitdiff
