On 26 Apr 2013, at 5:24, Patrick Proniewski wrote:
Hello,
Few months ago, I've switched my postfix setup from "regular"
greylisting to "milter" greylisting, and it appears to have changed
few things about header_checks I didn't notice until yesterday.
[...]
Yesterday, I've used header_checks to REJECT a massive phishing email
flood, and I've noticed that the REJECT action was not triggered on
the before-filter smtpd server, but on the after-filter one:
[...]
It appears that the message enters the front smtpd, passes greylist
(after due retry), passes the antispam filters, but fails to enter the
back smtpd thanks to header_checks.
I might have missed something here, but shouldn't header_checks REJECT
the message before
smtpd_milter inspection? Or at least before smtpd_proxy_filter?
No. As documented in the header_checks man page, header_checks are
handled by the cleanup process. As documented most clearly in the
MILTER_README file, smtpd_milter plugins are called by the smtpd process
before messages are passed to the cleanup process.
