No milters with command line message submission? (v8.14.1)

If I'm reading "sendmail/main.c" correctly, milters only seem to be
invoked if in "daemon mode" or "smtp stdin/stdout mode" ("-bd" and "-
bs" respectively), but not when sendmail is used for command-lne
message submission. Milters wll be invoked if one submits a message
via port 587 because that is really "daemon mode."

The problem I noted is that PHP submits to sendmail via the command-
line interface, not port 587. This means that milters such as those
which perform domainkeys SIGNING of messages don't get invoked - even
if listed in "submit.cf". That further means that web mail
submissions don't get DK-signed. I would suggest that this behavior
be changable as follows:

A command-line message submission will be in "OpMode MD_DELIVER" but
will not invoke any milters. This usage implies that "submit.cf" be
used to process the message. Therefore, specifying "-Ac" should be
redundant - but could be used to force milter processing for these
messages. An alternative would be to assign an optional argument to
force milter processing, but I believe that such might not be
necessary if "-Ac" could do it.

The change: sendmail/main.c - about line 1905 - reads:

#if MILTER
/* sanity checks on milter filters */
if (OpMode == MD_DAEMON || OpMode == MD_SMTP)
{
milter_config(InputFilterList, InputFilters,
MAXFILTERS);
setup_daemon_milters();
}
#endif /* MILTER */

if we add a third conditional, I believe that will accomplish the
goal:

if (OpMode == MD_DAEMON || OpMode == MD_SMTP || cftype ==
SM_GET_SUBMIT_CF)

I have not tested this modification (I shall be doing so shortly). It
would only affect sendmail command-line submission invocations with "-
Ac" specified and binaries compiled with milters enabled.

Comments? Any other way to do this?

.

Relevant Pages

  • Re: Whitelist flaw
    ... If those milters were supplied by CentOS, perhaps you should ask on a CentOS mailing list, or teh mailing list for the milter, my bet is milter-link... ... No its not normal, but you of course in your OP failed to mention you are running a bunch of milters, they were not written by Sendmail Inc, chances are if its allowing the world, one or more of those milters is to blame. ... I think I misunderstood some inner mechanics cause I was thinking that sendmail was responsible of delivering the mail and that the milters were (at least on this server) mostly involved to improve the tests themselves. ... Which begs the question, if you are using MailScanner why are you using spamc, and twice? ...
    (comp.mail.sendmail)
  • reject invalid recipients messages before milters?
    ... messages from spam zombie machines. ... ClamAV and SpamAssassin milters before finally being rejected. ... the work of processing loads of messages at one time is ... Is this possible in sendmail without using ...
    (comp.mail.sendmail)
  • Re: Sendmail v8.14.2 on Fedora 8/9: problems with Group Writable issues
    ... trusted-users files, one has to: ... I believe that the addition of the "-o" tells sendmail that these files ... otherwise the milters will fail to startup. ... What are the permissions on the /etc/mail directory? ...
    (comp.mail.sendmail)
  • Re: Sendmail v8.14.2 on Fedora 8/9: problems with Group Writable issues
    ... trusted-users files, one has to: ... I believe that the addition of the "-o" tells sendmail that these files ... otherwise the milters will fail to startup. ... What are the permissions on the /etc/mail directory? ...
    (comp.mail.sendmail)
  • Re: access.db rule are not honored anymore
    ... Here are some entries of the log: ... technically sendmail never stops the communication (the SMTP ... In principle a good way to check that the map file is "physically" OK is ... you changed a lot - upgraded sendmail and started using milters. ...
    (comp.mail.sendmail)