Bill Cole:
> On 26 Apr 2013, at 5:24, Patrick Proniewski wrote:
>
> > Hello,
> >
> > Few months ago, I've switched my postfix setup from "regular"
> > greylisting to "milter" greylisting, and it appears to have changed
> > few things about header_checks I didn't notice until yesterday.
> [...]
> >
> > Yesterday, I've used header_checks to REJECT a massive phishing email
> > flood, and I've noticed that the REJECT action was not triggered on
> > the before-filter smtpd server, but on the after-filter one:
> [...]
> > It appears that the message enters the front smtpd, passes greylist
> > (after due retry), passes the antispam filters, but fails to enter the
> > back smtpd thanks to header_checks.
> >
> > I might have missed something here, but shouldn't header_checks REJECT
> > the message before
> > smtpd_milter inspection? Or at least before smtpd_proxy_filter?
>
> No. As documented in the header_checks man page, header_checks are
> handled by the cleanup process. As documented most clearly in the
> MILTER_README file, smtpd_milter plugins are called by the smtpd process
> before messages are passed to the cleanup process.
Also, there is no cleanup server before an smtpd_proxy_filter.
This follows from the diagram at the top of SMTPD_PROXY_README.
Wietse
