[Mailman-Developers] before next release: disable backscatter in default installation
Ian Eiloart
iane at sussex.ac.uk
Wed Mar 26 12:27:18 CET 2008
>
> I think you will be happier with what is possible in Mailman 3. In
> mm3 we have a working LMTP server, those it's based on asyncore and
> its scalability is questionable. Although I have not yet done this, I
> plan to tie the rule chain checker into LMTP so that if your MTA
> supports LMTP delivery the following can happen:
>
> worldwildwonderland -> SMTP -> MM's LMTP -> rule checks
>
> The rule checks then could tell LTMP to reject the message right
> there, which would return 5xx to SMTP and /it/ would return 5xx to
> whatever upstream SMTP its talking to.
>
> Now, I wouldn't want to do a lot of work at that point, but some
> simple checks would definitely be possible. You can reject messages
> as early in the process as possible and do it at the SMTP layer.
It needs to be done after RCPT TO. LMTP allows you to sensibly do this
later, and get return codes for individual recipients. However, it we're
doing this with call forwards from an MTA which is receiving email over
SMTP, then the MTA will have to check the sender/recipient pair at RCPT TO
time.
on connect:
accept the connection
HELO/EHLO:
reject if the sending MTA isn't known
MAIL FROM:
accept (perhaps unless the sender address is forbidden to post to all
lists).
RCPT TO:
accept if the sender has permissions to post to the list, otherwise reject.
This is the last chance to give a list specific response to an MTA that is
engaged in a callout.
DATA:
reject null senders here if appropriate. Rejecting a null sender at RCPT TO
or earlier might break callouts.
.............
.
Check the data, reject if inappropriate for a specific list (but this is
likely to cause a bounce from our MTA). Because we've decided to trust the
sender, we should be OK to bounce a message here, unless the list is an
open list.
> While I think the LMTP code could be backported to 2.2, the rule
> chains stuff cannot.
>
--
Ian Eiloart
IT Services, University of Sussex
x3148
More information about the Mailman-Developers
mailing list