I use two commercial filters: drweb and antispam.
I notice that _sometimes_ drweb is called even if the message comes to
unknown user or
some ruleset rejects the mail:
Mar 3 04:02:10 mail sendmail[32271]: m22N25LS032271:
<bash...@anrb.ru>... User unknown
Mar 3 04:02:11 mail sendmail[32271]: m22N25LS032271:
from=<linakimo...@akimo.de>, size=0, class=0, nrcpts=0,
proto=ESMTP, daemon=MTA, relay=89-179-14-137.broadband.corbina.ru
[89.179.14.137]
Mar 3 04:02:11 mail drweb-smf[32275]: [m22N25LS032271]: message from
linakimo...@akimo.de is aborted
Today I counted 2048 rejects whith drweb-smf calling and 7055 rejects
without it.
Mar 5 04:20:48 mail sendmail[3312]: m24NKhFw003312:
ruleset=CheckReceived, arg1= from c-76-20-189-128.hsd1.mi.comcast.net
(c-76-20-189-128.hsd1.mi.comcast.net [76.20.189.128])\n\tby
pbr322.ceingebi.unam.mx (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id
m24N3h0r029727\n\tfor <can...@ibt.unam.mx>; Tue, 4 Mar 2008 17:03:43
-0600, relay=pbr322.ceingebi.unam.mx [132.248.32.1], reject=554 5.0.0
Bad domain in the header.
Mar 5 04:20:48 mail sendmail[3312]: m24NKhFw003312:
from=<e_ca...@activelearners.com>, size=2506, class=0, nrcpts=1,
msgid=<000a01bf64ab$044d41d9$c37f2da2@ypqypj>, proto=ESMTP,
daemon=MTA, relay=pbr322.ceingebi.unam.mx [132.248.32.1]
Mar 5 04:20:48 mail drweb-smf[3320]: [m24NKhFw003312]: message from
e_ca...@activelearners.com is aborted
Mar 5 04:20:48 mail sendmail[3312]: m24NKhFw003312: to=<y...@anrb.ru>,
delay=00:00:01, pri=32506, stat=Bad domain in the header.
Mar 5 04:58:15 mail sendmail[32305]: m24NwBwK032305:
ruleset=CheckReceived, arg1= from ygdlz ([90.205.198.104]) by
bl7-130-89.dsl.telepac.pt with Microsoft SMTPSVC(6.0.3790.0); Tue, 4
Mar 2008 23:43:40 +0000, relay=bl7-130-89.dsl.telepac.pt
[85.240.130.89], reject=554 5.0.0 Bad domain in the header.
Mar 5 04:58:16 mail sendmail[32305]: m24NwBwK032305:
from=<munnashu...@alliantenergy.com>, size=723, class=0, nrcpts=1,
msgid=<000b01c87e51$932eaea0$68c6cd5a@ygdlz>, proto=SMTP, daemon=MTA,
relay=bl7-130-89.dsl.telepac.pt [85.240.130.89]
Mar 5 04:58:16 mail sendmail[32305]: m24NwBwK032305:
to=<e...@anrb.ru>, delay=00:00:01, pri=30723, stat=Bad domain in the
header.
I notice that drweb-smf is called if these rulesets block the mail:
ruleset=check_eoh
ruleset=CheckFrom
ruleset=CheckHeader
ruleset=check_rcpt
ruleset=CheckReceived
ruleset=Check_Subject
But it never happens with blocking mail in the check_mail.
I read that " xxfi_abort is only called if the message is aborted
outside the filter's control
and the filter has not completed its message-oriented processing."
So firstly I thought that filter begins his work anyway and blocking
mail using
rulesets does not prevent from filter calling.
But I can see that drweb-smf is not always called.
And it is interesting that antispam-filter is never called if some
ruleset blocks
the mail.
Or is this drweb-smf problem? Because drweb-smf is called even if
antispam-filter discard the
message (O InputMailFilters=sp-milter, drweb-filter):
Feb 4 18:10:22 mail sendmail[25422]: m14DAGbd025422:
from=<far...@faraglia.com >, size=7570, class=0, nrcpts=1,
msgid=<01c86739$71cb3a00$74739f59@farcom>, proto=ESMTP, daemon=MTA,
relay=089159115116.chello.fr [89.159.115.116] (may be forged)
[skip]
Feb 4 18:10:22 mail spamstop[25441]: MESS_F [7187] <parad...@anrb.ru
>:<01c86739$71cb3a00$74739f59@farcom>
[skip]
Feb 4 18:10:22 mail spamstop[25441]: MESS_F X-Spam-Status: Yes,
hits=53.9 dlvr_hits=0.0 (7.0 9.0) _25441_ <parad
...@anrb.ru
>:<01c86739$71cb3a00$74739f59@farcom> [skip]
Feb 4 18:10:22 mail sp-milter[25423]: For message from 89.159.115.116
will return DISCARD, [SPAM:: 53.90] mailfrom: <far
...@faraglia.com>,
rcpto: <parad
...@anrb.ru>
Feb 4 18:10:22 mail sendmail[25422]: m14DAGbd025422: Milter: data,
discard
Feb 4 18:10:22 mail sendmail[25422]: m14DAGbd025422: discarded
Feb 4 18:10:22 mail drweb-smf[25424]: [m14DAGbd025422]: message from
far
...@faraglia.com is aborted
Feb 4 18:10:22 mail spamstop[25441]: launch took 0.000228 sec, thread
took 0.203857 sec. nThreads=1
When does sendmail the milter call?
In searching answer to this question I found the following:
"... It might make sense to avoid sending data to a milter if you can
make this decision at connection time, i.e., before a milter is
invoked..."
http://groups.google.com/group/comp.mail.sendmail/browse_thread/threa...
"... sendmail calls the milter ***before*** it checks if the
recipient is a valid address or not. So it pass it to the milter..."
http://groups.google.com/group/comp.mail.sendmail/tree/browse_frm/thr...
But does it mean that sendmail calls milter even if some ruleset
(except check_relay & check_mail) blocks the mail?
If yes then I cannot understand why after blocking mail in the
rulesets
1) drweb is not always called
2) antispam-filter is never called ?
I tried to use only one filter (drweb or sp-milter). I also changed
the sequence of filters. But nothing is changed.
I am completely confused.
Thanks in advance for any help with this question.
Diana.
