Patrick Ben Koetter:
> Wietse,
>
> it seems you are currently working on Postfix. Do you have time to work on
> per-Milter error handling?
>
> An approach to solve this in the configuration file might be to use a map:
>
> smtpd_milter_maps = hash:/etc/postfix/milters
>
> # /etc/postfix/milters
> unix:/path/to/milter tempfail
> inet:localhost:12345 quarantine
There are more milter-dependent tweaks that need to be made
configurable: timeouts and protocol version come to mind.
This means that one implementation of per-milter tweaks should not
complicate the implementation of other per-milter tweaks.
Taking DNSXL lookup as an example, the lookup table was a reasonable
way to configure non-default DNSBL replies; for DNSXL pattern
matching, on the other hand, in-line specification was more natural.
With milters, in-line specification may be more natural than table-based.
Perhaps:
smtpd_milters =
unix:/path/to/milter;default_action=permit;command_timeout=100s
inet:localhost:12345;default_action=quarantine;protocol=6
This example overrides the global milter_default_action,
milter_command_timeout, and milter_protocol settings.
It sacrifices some usability (no spaces around the ";" or "=") so
it runs off the screen quickly. On the other hand it is implementable
with few lines of code, about the length of this posting.
(In some future Postfix version, there should be support for grouping
with {} so one can say
smtpd_milters =
inet:localhost:9999,
{ unix:/path/to/milter, default_action = permit, command_timeout = 100s },
{ inet:localhost:12345, default_action = quarantine, protocol = 6 }
).
Wietse
