[pfx] Re: postfix milter connection information missing

Sat, 21 Oct 2023 14:59:30 -0700 

Wietse Venema:
> - After the remote SMTP client connects to Postfix, The Postfix
>   SMTP daemon sends 'CONNECT' macros (j, _, {daemon_name}) and
>   SMFIC_CONNECT.
> 
> - After the remote SMTP client sends STARTTLS, the Postfix SMTP
>   daemon sends SMFIC_ABORT to reset Milter state to the state before
>   HELO/EHLO.
> 
>    Quote from milter-protol.txt:
> 
>     'A' SMFIC_ABORT     Abort current filter checks
>                       Expected response:  NONE
> 
>     (Resets internal state of milter program to before SMFIC_HELO,
>     but keeps the connection open.)
> 
> - Most notably, the Postfix SMTP daemon will NOT send SMFIC_CONNECT,
>   and will not send the associated 'CONNECT' macros.

mailmary--- via Postfix-users:
> The specification does NOT state that after STARTTLS the MTA must
> send an SMFIC_ABORT.

RTFM https://datatracker.ietf.org/doc/html/rfc3207#section-4.2 

The STARTTLS specification says that the server MUST DISCARD any
information that is has received from the client that was not
obtained from the TLS negotiation itself. I quote from RFC 3207
section 4.2:

    the SMTP protocol is reset to the initial state (the state in
    SMTP after a server issues a 220 service ready greeting)

The order of events is:

- Postfix server accepts connection from remote SMTP client

- Postfix server sends SMFIC_CONNECT + macros to the Milter(s)

    [ The following assumes that the Milter did not reject the
    connection ]

- Postfix server sends the 220 server ready greeting

    [ Here is the state that the MTA and Milter(s) must reset to,
    after a successful STARTTLS handshake. i.e. the state before
    the first SMTP client command ]

- Remote SMTP client sends a command, or disconnects

After completing STARTTLS:

- the Postfix SMTP server MUST reset to the state after sending the
  220 service ready greeting.

- This implies that Postfix MUST send SMFIC_ABORT to the Milters,
  so that they will reset to the state before SMFIC_HELO, not the
  state before SMFIC_CONNECT, as described in milter-protocol.txt.
  See also "The  order of events" above.

If your Milter forgets the SMFIC_CONNECT info, i.e., it resets to
the state before SMFIC_CONNECT, then your Milter needs to be fixed.

        Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to