[Pymilter] Re: Discovering MTA interface port

David Champion dgc at uchicago.edu
Fri Jul 13 11:03:25 EDT 2012


This feels like a member of a category of sendmail problems I've only
ever been able to solve by running multiple sendmails instances.  That
is, put one sendmail on port 25 and another on port 587 (and 465, if you
use that) and pass an extra flag to the milter command on the port 587
instance, indicating that you want to skip IP checks.

* On 13 Jul 2012, Stuart D Gathman wrote: 
> It turns out that at least one problem could be neatly solved if only an
> {if_port} macro were available in the connect callback.  It is only 2 or
> 3 lines of code to add it, but then there is the logistics of
> maintaining a custom version of sendmail. 
> 
> The problem is that we track reputation by IP as well as domain.  Often,
> IPs of public networks at airports, hotels, and such are banned (from
> sending email) because of frequent abuse.  When a salesman travels, he
> needs to send email from said airports and hotels - which should not be
> a problem since he uses SMTP AUTH with his smartphone or tablet.  Except
> that when I REJECT the banned IP in connect, he never gets a chance to
> authenticate. 
> 
> Rather than delay the rejection until MAIL FROM, I would rather skip
> banned IP checking altogether for connections on port 587 - which only
> allows authenticated connections.  But milters don't seem to have any
> way to get that information.
> 
> Does anyone have any ideas besides patching sendmail?  I went to
> sendmail.org, but couldn't figure out where to send feature requests
> (probably by design for such a popular product).
> _______________________________________________
> Pymilter mailing list
> Pymilter at bmsi.com
> http://www.bmsi.com/mailman/listinfo/pymilter

-- 
David Champion • dgc at uchicago.edu • IT Services • University of Chicago



More information about the Pymilter mailing list