Wietse Venema via Postfix-users:
> (This message was rejected because it was all HTNML and too lage)
>
> Hello,
>
> I have observed the following behavior in Postfix 3.5.3 and 3.6.4:
>
> 1. A client opens a long-lived SMTP connection and sends multiple messages
> over the same session.
> 2. Postfix creates a smtpd process and a single corresponding milter
> connection for that session.
> 3. If the milter process is restarted during this active SMTP session, the
> Postfix?milter socket disappears.
> 4. Postfix does *not* recreate a new milter connection for the ongoing smtpd
> session.
> 5. Any subsequent MAIL FROM results in errors such as:
>
> * `can't read SMFIC_MAIL reply packet header: Application error` (3.6.4)
> * `can't read SMFIC_MAIL reply packet header: Success` (3.5.3)
>
> This leaves the smtpd session in a state where CONNECT was processed
> earlier(first time) but no further mails come to milter as postfix
> probably still tries to send messages to the old socket only(which
> doesn't exist now)
After a Milter connection breaks, the Postfi SNTP server replies
with:
451 4.7.1 Service unavailable - try again later
For Postfix, reconnecting to the Milter would not be sufficient.
Postfix would have to replay past events. That would include not
only sending a CONNECT event, but may also need to include MAIL,
RCPT, DATA, and message content, depending on the SMTP protocol
stage where the Milter was terminated.
Unfortunately Postfix does not have an smtpd_reply_filter feature
to replace the 451 with 421. The 421 would force the Postfix SMTP
client to disconnect. Downside: this mapping would affect all Milter
responses that report a "tempfail" error.
Workaround: have the client disconnect and reconnect when the Postfix
SMTP server responds with 451 (tempfail) or 550 (reject). Or don't
use persistent connections.
Long-term solution: Postfix could be changed to reply with 421 or
521 after a Milter protocol breakdown to force a disconnect. But
that change would not be backported to Postfix 3.5.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
