Manuel Mely:
> Hi,
>
> I've programmed one script for checking the allowed message size for
> every user on my network. I started programming this script based on
> the greylist perl example script that it's in the postfix
> documentation[1] (very nice start point).
> The script is working well but i'm having one problem, there are some
> messages that are bypassing my filter because the incoming server is
> using a SMTP session and not ESMTP, the script is expecting the latter
> for checking.
There are a few things to consider.
1) The client does not have to send the SIZE command. There is
nothing in the RFCs that says it must use this feature.
2) The client can send the wrong size information. If you base
your access policy on the SIZE information from the client,
malicious clients can use this to work around your policy.
You can get the true message size from Postfix after the client
has sent the complete email message.
smtpd_end_of_data_restrictions = ....your policy server here...
Wietse
