[Mimedefang] OT: RBL checking in Sendmail

[Richard Laager]

Currently, we check a couple of RBLs right away in filter_sender(). I've
been thinking that it'd be nice to move those checks from MIMEDefang
into Sendmail, for the following two reasons:

1) If the message ends up being blocked, we avoid a milter call and all
of MIMEDefang's setup overhead.

2) If the message is not blocked, we save some time by having a Sendmail
child waiting on the DNS query instead of a MIMEDefang child. The amount
of time here may be so small as to be irrelevant, though.

I know I could just use the dnsbl rule in my sendmail.mc, but this has
some problems. First, we need to exclude local and authenticated senders
from the RBL tests. Excluding local senders saves useless lookups and
excluding authenticated senders is necessary because users roaming on
other networks may get an IP that was previously being abused.

The only easy way I've found to do this so far is to turn on Sendmail's
delay_checks. However, I think this will cause the following issues:

1. Milter calls are not delayed, so Sendmail will call MIMEDefang (i.e.
for filter_sender) *BEFORE* the RBL checks, completely defeating the
point.

2. Even if I were to re-arrange my filter and make MIMEDefang not call
filter_sender, I think I'd run into a situation where the RBL tests
would be called multiple times, once for each RCPT. I may be wrong,
though.

Ideally, I just want to call the RBL from Sendmail at the MAIL command
stage, before milters are called. Does anyone know how to do that? It
seems I need to add something to do the call from Local_check_mail if
and only if the sender is not local or authenticated.

Thanks,
Richard

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.mimedefang.org/pipermail/mimedefang_lists.mimedefang.org/attachments/20061215/a4ef10c0/attachment-0002.sig>