Currently, Postfix does not send the Postfix-generated Received:
header to Milters, because that is how Sendmail works, that is what
Milters expect, and changing the behavior unilaterally would break
compatibility with a large installed base.
This information would improve the Milter's analysis. Untrusted
headers from an SMTP client will appear after the Postfix-generated
Received: header, and trusted headers that were added locally can
be prepended before. Without that header, the Milter would have to
guess. And guessing is not good.
The path forward is for MTAs and Milters to negotiate. Manual-only
configuration (with configuration flags for MTAs and Milters that
need to be in sync) would be too bothersome.
How the Milter protocol is negotiated:
(1) An MTA connects to a Milter over a TCP socket or UNIX-domain
socket.
(2) The Milter accpts the connection.
(3) The MTA sends a list of actions that a Milter may request. For
example, SMFIF_ADDHDRS = Milter can request to add headers, and
SMFIF_CHGBODY = Milter can request to replace a messaage body.
The MTA also sends a list of protocol features that the Milter
can turn on or off. For example, SMFIP_NOHDRS = MTA should not
send SMFIC_HEADER events, SMFIP_NR_HDR = Milter will not reply
to SMFIC_HEADER events, and SMFIP_HDR_LEADSPC = MTA can prepend
the space (between header name and header value) to the header
value when it sends an SMFIC_HEADER event to a Milter. Without
this information, the Milter has to guess how much and what
kind of whitespace was in the message header.
(4) The Milter replies with the subsets of the actions and protocol
features that it supports.
To make "expose MTA-generated Received: header" negotiable, the MTA
has to announce in (3) that it can make the header available, for
example with a protocol feature SMFIP_HDR_RECEIVED. If the Milter
supports this, then it can reply in (4) that it does. Only if both
MTA and the Milter both agree to use SMFIP_HDR_RECEIVED, then the
MTA can send the MTA-generated Received: header.
What would be a good contact to add a new flag to <libmilter/mfdef.h>?
I was thinking of something like this:
#define SMFIP_HDR_LEADSPC 0x00100000L /* header value leading space */
+#define SMFIP_HDR_RECEIVED 0x00200000L /* Send MTA's Received: header */
#define SMFIP_MDS_256K 0x10000000L /* MILTER_MAX_DATA_SIZE=256K */
Flag 0x00200000L appears to be unused.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
