Loading ...
Sorry, an error occurred while loading the content.

Re: HELO/EHLO isn't passed to milter when XCLIENT is enabled

Expand Messages
  • Wietse Venema
    ... This is not a bug. After XCLIENT, Postfix must reset the Milter session and start from scratch with the new client IP address and hostname. It makes no
    Message 1 of 5 , Feb 1, 2009
    • 0 Attachment
      Bokhan Artem:
      > In the next example postfix does not pass HELO from XCLIENT line to the milter if "EHLO spike.porcupine.org" is ommited.
      > It looks like bug.

      This is not a bug.

      After XCLIENT, Postfix must reset the Milter session and start from
      scratch with the new client IP address and hostname.

      It makes no sense to send the Milter the EHLO that was sent
      before XCLIENT.

      Wietse
      >
      > 220 server.example.com ESMTP Postfix
      > EHLO client.example.com
      > 250-server.example.com
      > 250-PIPELINING
      > 250-SIZE 10240000
      > 250-VRFY
      > 250-ETRN
      > 250-XCLIENT NAME ADDR PROTO HELO
      > 250 8BITMIME
      > XCLIENT NAME=spike.porcupine.org ADDR=168.100.189.2 HELO=spike.porcupine.org
      > 220 server.example.com ESMTP Postfix
      >
      > EHLO spike.porcupine.org
      > ^^^^^^^^^^^^^^^^^^^^^^^^
      > 250-server.example.com
      > 250-PIPELINING
      > 250-SIZE 10240000
      > 250-VRFY
      > 250-ETRN
      > 250-XCLIENT NAME ADDR PROTO HELO
      > 250 8BITMIME
      > MAIL FROM:<wietse@...>
      > 250 Ok
      > RCPT TO:<user@...>
      > 250 Ok
      > DATA
      > 354 End data with <CR><LF>.<CR><LF>
      > . . .message content. . .
      > .
      > 250 Ok: queued as 763402AAE6
      > QUIT
      > 221 Bye
      >
      >
    • Victor Duchovni
      ... Nor the HELO= parameter, because milters process SMTP commands, not artbitrary attributes. Since you see 220 after XCLIENT , send the desired EHLO
      Message 2 of 5 , Feb 1, 2009
      • 0 Attachment
        On Sun, Feb 01, 2009 at 05:16:18PM -0500, Wietse Venema wrote:

        > Bokhan Artem:
        > > In the next example postfix does not pass HELO from XCLIENT line to the milter if "EHLO spike.porcupine.org" is ommited.
        > > It looks like bug.
        >
        > This is not a bug.
        >
        > After XCLIENT, Postfix must reset the Milter session and start from
        > scratch with the new client IP address and hostname.
        >
        > It makes no sense to send the Milter the EHLO that was sent
        > before XCLIENT.

        Nor the "HELO=" parameter, because milters process SMTP commands, not
        artbitrary attributes. Since you see "220" after "XCLIENT", send
        the desired EHLO command at that point.

        This means that the "HELO" parameter for "XCLIENT" could arguably be
        deprecated, you are free to not send "HELO=" with XCLIENT. If you do
        sent it, and don't EHLO/HELO after 220, it will only apply to Postfix
        restrictions, not milters.

        --
        Viktor.

        Disclaimer: off-list followups get on-list replies or get ignored.
        Please do not ignore the "Reply-To" header.

        To unsubscribe from the postfix-users list, visit
        http://www.postfix.org/lists.html or click the link below:
        <mailto:majordomo@...?body=unsubscribe%20postfix-users>

        If my response solves your problem, the best way to thank me is to not
        send an "it worked, thanks" follow-up. If you must respond, please put
        "It worked, thanks" in the "Subject" so I can delete these quickly.
      • Bokhan Artem
        ... The behavior of mail proxy (nginx) is not to send EHLO after XCLIENT. Thank you.
        Message 3 of 5 , Feb 1, 2009
        • 0 Attachment
          Wietse Venema пишет:
          > Bokhan Artem:
          >> In the next example postfix does not pass HELO from XCLIENT line to the milter if "EHLO spike.porcupine.org" is ommited.
          >> It looks like bug.
          >
          > This is not a bug.

          The behavior of mail proxy (nginx) is not to send EHLO after XCLIENT. Thank you.

          >
          > After XCLIENT, Postfix must reset the Milter session and start from
          > scratch with the new client IP address and hostname.
          >
          > It makes no sense to send the Milter the EHLO that was sent
          > before XCLIENT.
          >
          > Wietse
          >> 220 server.example.com ESMTP Postfix
          >> EHLO client.example.com
          >> 250-server.example.com
          >> 250-PIPELINING
          >> 250-SIZE 10240000
          >> 250-VRFY
          >> 250-ETRN
          >> 250-XCLIENT NAME ADDR PROTO HELO
          >> 250 8BITMIME
          >> XCLIENT NAME=spike.porcupine.org ADDR=168.100.189.2 HELO=spike.porcupine.org
          >> 220 server.example.com ESMTP Postfix
          >>
          >> EHLO spike.porcupine.org
          >> ^^^^^^^^^^^^^^^^^^^^^^^^
          >> 250-server.example.com
          >> 250-PIPELINING
          >> 250-SIZE 10240000
          >> 250-VRFY
          >> 250-ETRN
          >> 250-XCLIENT NAME ADDR PROTO HELO
          >> 250 8BITMIME
          >> MAIL FROM:<wietse@...>
          >> 250 Ok
          >> RCPT TO:<user@...>
          >> 250 Ok
          >> DATA
          >> 354 End data with <CR><LF>.<CR><LF>
          >> . . .message content. . .
          >> .
          >> 250 Ok: queued as 763402AAE6
          >> QUIT
          >> 221 Bye
          >>
          >>
          >
        • Wietse Venema
          ... No need to deprecate HELO=, it just can t work with Milters. Wietse
          Message 4 of 5 , Feb 1, 2009
          • 0 Attachment
            Victor Duchovni:
            > On Sun, Feb 01, 2009 at 05:16:18PM -0500, Wietse Venema wrote:
            >
            > > Bokhan Artem:
            > > > In the next example postfix does not pass HELO from XCLIENT line to the milter if "EHLO spike.porcupine.org" is ommited.
            > > > It looks like bug.
            > >
            > > This is not a bug.
            > >
            > > After XCLIENT, Postfix must reset the Milter session and start from
            > > scratch with the new client IP address and hostname.
            > >
            > > It makes no sense to send the Milter the EHLO that was sent
            > > before XCLIENT.
            >
            > Nor the "HELO=" parameter, because milters process SMTP commands, not
            > artbitrary attributes. Since you see "220" after "XCLIENT", send
            > the desired EHLO command at that point.
            >
            > This means that the "HELO" parameter for "XCLIENT" could arguably be
            > deprecated, you are free to not send "HELO=" with XCLIENT. If you do
            > sent it, and don't EHLO/HELO after 220, it will only apply to Postfix
            > restrictions, not milters.

            No need to deprecate HELO=, it just can't work with Milters.

            Wietse
          Your message has been successfully submitted and would be delivered to recipients shortly.