[Mimedefang] Issues w/ authenticated submission

[Jan Pieter Cornet]

On Wed, Apr 19, 2006 at 12:11:20AM -0600, Philip Prindeville wrote:
> I'd rather continue to do the helo checks in filter_helo()...  it keeps the
> code more manageable.

Of course, nothing is stopping you from adding a
my_filter_helo($ip, $hostname, $helo)
as the first line of your filter_sender. That's how it was done
before you implemented the filter_helo hook.

Also, all SMTP client implementations that I know will first call
HELO (or rather EHLO), and do authentication after that. Because
the SMTP protocol doesn't tell you what's available (like is AUTH
available, is TLS available, and what AUTH methods are available).
Also, the authentication macro values aren't passed to the milter until
the envfrom() call.
 
> But I would like to consider moving some of the variables into
> the command file sooner so that they're available.
> 
> At the moment that the HELO is sent...  Has a queue-id even been
> assigned?  If not, then how do you figure out which command file
> to read?

There is no queue-id yet, it's assigned on envfrom. HELO is connection-
oriented, not mail-oriented. Remember there may be more than one
mail (and more than one queue-id) for one connection. The only unique
identifier you could use is a combination of the remote IP address
and remote port... but in theory you should also add the local IP
address and port to make it guaranteed unique. And the local port
number isn't even available (ok, but the daemon_name is... that's
also usable).

So, anyway, it's really unpractical to create a "queue" directory
on filter_helo, which then needs to be renamed before the first
filter_sender call.

-- 
Jan-Pieter Cornet <johnpc at xs4all.nl>
!! Disc lamer: The addressee of this email is not the intended recipient. !!
!! This is only a test of the echelon and data retention systems. Please  !!
!! archive this message indefinately to allow verification of the logs.   !!