Invalid local recipients and Milter
David F. Skoll
I notice that milter calls the "rcptto" callback even for invalid
local users. For example, if the user "<use...@domain.net>" is an
invalid local user, Sendmail rejects it with a 550 5.1.1 User unknown
response, but it calls the Milter callback anyway.
Is there a good reason for this? Is there a way to indicate to the
milter that the recipient address is undeliverable?
The rcpt_mailer macro just contains "local", so I see no way to differentiate
between valid and invalid local recipients inside the milter.
Regards,
Anne Bennett
>
> I notice that milter calls the "rcptto" callback even for invalid
> local users. For example, if the user "<use...@domain.net>" is an
> invalid local user, Sendmail rejects it with a 550 5.1.1 User unknown
> response, but it calls the Milter callback anyway.
>
> Is there a good reason for this? Is there a way to indicate to the
> milter that the recipient address is undeliverable?
Based on my investigations some months ago, summarized at:
http://www.encs.concordia.ca/~fig/public/email/relay/milter+ruleset-checks.html
... the order of operations is:
1. check_rcpt (plus any check_* rules delayed by delay_checks)
2. all milters that registered xxfi_envrcpt
3. check existence of recipient if local
I don't know why the sendmail implementors would have decided to call
the milters before the local existence check, but what you want may
not be a simple fix, since the information you need is actually not
yet available when the milter is called, if I have understood the code
correctly.
Anne.
--
Ms. Anne Bennett, Senior Sysadmin, ENCS, Concordia University, Montreal H3G 1M8
an...@encs.concordia.ca +1 514 848-2424 x2285
Claus Aßmann
> Based on my investigations some months ago, summarized at:
> http://www.encs.concordia.ca/~fig/public/email/relay/milter+ruleset-checks.html
> ... the order of operations is:
> 1. check_rcpt (plus any check_* rules delayed by delay_checks)
> 2. all milters that registered xxfi_envrcpt
> 3. check existence of recipient if local
> I don't know why the sendmail implementors would have decided to call
> the milters before the local existence check, but what you want may
> not be a simple fix, since the information you need is actually not
> yet available when the milter is called, if I have understood the code
> correctly.
We even got requests to pass invalid addresses to the milter,
so the milter "knows" what's going on...
It seems to be a bit hard to satisfy all requests, but we
are open to suggestions (esp. those which include patches :-)
--
A: Maybe because some people are too annoyed by top-posting.
Q: Why do I not get an answer to my question(s)?
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
David F. Skoll
> It seems to be a bit hard to satisfy all requests, but we
> are open to suggestions (esp. those which include patches :-)
:-)
No patch, but a suggestion:
How about this:
1 - check_rcpt (plus any check_* rules delayed by delay_checks)
2 - check existence of local recipients if the appropriate mailer flag is set
3 - all milters that registered xxfi_envrcpt
In step 2, if the recipient does not exist, the macro rcpt_mailer should
be set to "error" instead of "local" or local-equivalent. That way,
both people are satisfied: The milter "knows" what is going on, and if
necessary, the milter author can determine that the address is invalid.
Eventually, I may try my hand at a patch, if you think this suggestion
is worthy.
Regards,
David.
Jose Marcio Martins da Cruz
Anne Bennett wrote:
> David F. Skoll <d...@roaringpenguin.com> writes:
>
>>I notice that milter calls the "rcptto" callback even for invalid
>>local users. For example, if the user "<use...@domain.net>" is an
>>invalid local user, Sendmail rejects it with a 550 5.1.1 User unknown
>>response, but it calls the Milter callback anyway.
>>
>>Is there a good reason for this? Is there a way to indicate to the
>>milter that the recipient address is undeliverable?
>
>
> Based on my investigations some months ago, summarized at:
>
> http://www.encs.concordia.ca/~fig/public/email/relay/milter+ruleset-checks.html
>
> ... the order of operations is:
>
> 1. check_rcpt (plus any check_* rules delayed by delay_checks)
> 2. all milters that registered xxfi_envrcpt
> 3. check existence of recipient if local
>
> I don't know why the sendmail implementors would have decided to call
> the milters before the local existence check, but what you want may
> not be a simple fix, since the information you need is actually not
> yet available when the milter is called, if I have understood the code
> correctly.
>
>
> Anne.
Milters may want to use it for two things :
- detect dictionnary attacks
- validate, on a gateway, the existence of users, based on
a users database, other than that one used by sendmail : /etc/passwd,
LDAP, ...
Jose-Marcio
--
---------------------------------------------------------------
Jose Marcio MARTINS DA CRUZ Tel. :(33) 01.40.51.93.41
Ecole des Mines de Paris http://j-chkmail.ensmp.fr
60, bd Saint Michel http://www.ensmp.fr/~martins
75272 - PARIS CEDEX 06 mailto:Jose-Marc...@ensmp.fr
Keith Mitchell
Per this thread, as a Sendmail Admin, I would LOVE this patch for the
reasons layed out there...