On Fri, Dec 15, 2006 at 02:50:32PM -0600, Richard Laager wrote: > Currently, we check a couple of RBLs right away in filter_sender(). I've > been thinking that it'd be nice to move those checks from MIMEDefang > into Sendmail, for the following two reasons: > > 1) If the message ends up being blocked, we avoid a milter call and all > of MIMEDefang's setup overhead.
Setup overhead? There hardly is any, if you already have mimedefang running. > 2) If the message is not blocked, we save some time by having a Sendmail > child waiting on the DNS query instead of a MIMEDefang child. The amount > of time here may be so small as to be irrelevant, though. It's going to be WAAAAAY longer than the "setup" time you worry about above, by the way, but still on the order of <50ms average probably. I don't really understand why you "save time", though. Sendmail isn't getting a faster response from the DNS server than mimedefang is. You might save some memory that way, true... but that's normally only an issue when you start to spend several seconds in the mimedefang code. [...] > Ideally, I just want to call the RBL from Sendmail at the MAIL command > stage, before milters are called. Does anyone know how to do that? It > seems I need to add something to do the call from Local_check_mail if > and only if the sender is not local or authenticated. It can be done. Note, by the way, that you really want to test this at RCPT To time, so you can exempt addresses like abuse@ and postmaster@ from the DNS blacklists, so users who are incorrectly placed on those blacklists can still contact you. And you can even cache those lookups, from within sendmail.cf rules, if you like, to prevent duplicate lookups due to multiple recipients. I know - because I tried, at one point in the past, and succeeded. After getting a splitting headache for wrapping my head around the terribly arcane sendmail.cf ruleset language, and having to implement some basic building blocks in that language -- like hash lookups. I quickly junked that attempt and implemented it all in nice, clean perl in MIMEDefang, where it's a breeze to code in any exception you like, and where you can just build yourself a comfortable environment. So -- to summarize -- save yourself a heap of trouble, and do not try to squeeze out a few microseconds of optimization for a complex monstrosity that is very hard to produce, impossible to maintain, and will likely remain buggy in unforseen ways (like - there are all sorts of sendmail compiled-in limits that you run into if you really push the borders of the cf language). -- Jan-Pieter Cornet <[EMAIL PROTECTED]> !! Disclamer: The addressee of this email is not the intended recipient. !! !! This is only a test of the echelon and data retention systems. Please !! !! archive this message indefinitely to allow verification of the logs. !! _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang