Thank you! I was too stupid to RTFM. Clamd can provide custom reject messages.
Am Mo., 17. Sep. 2018 um 16:18 Uhr schrieb Wietse Venema < wie...@porcupine.org>: > Stefan Bauer: > > Hi, > > > > I like the clean and easy milter way and having clamd this way integrated > > in postfix. But i can not use custom reject message in case clamd detects > > virus. > > > > postfix/cleanup[4292]: BD6BA80ACA: milter-reject: END-OF-MESSAGE from > > (...): 5.7.1 Command rejected; from=<me> to=<recipient> proto=ESMTP > > helo=<my internal mailserver> > > > > This message lacks basic information - virus detected. > > That is because the Milter did not provide that a reason in the > response to Postfix. The milter could be changed to provide a reason: > see discussion below. > > > smtp_delivery_status_filters seems to not work in this case. Right? > > As documented that is applicable for SENDING, not RECEIVING email. > > > Pulling in amavis as well might give option to have custom reject > > messages, but i do not like to have an additonal service in the > > chain. > > Postfix has no 'milter reply filter' feature and it is unlikely to > happen. > > To solve this problem you'd pass the Milter response through another > program, or you would use a virus detector that produces more > informative responses. > > The Milter replies with code SMFIR_REJECT, which supports no > indication why mail is rejected: > > * SMFIR_REJECT > In response to a RCPT command, indicates that the recipient > should be rejected with a permanent error. In any other context > this indicates that the entire message should be rejected with > a permanent error and that no further milter commands or responses > will be exchanged. > > The Milter could be improved by sending SMFIR_REPLYCODE instead, > which allows the Milter to provide the complete SMTP server response > to Postfix, including SMTP code and text. > > * SMFIR_REPLYCODE > In response to a RCPT command, indicates that the recipient > should be rejected with the specified error. In any other context > this indicates that the entire message should be rejected with > the specified error and that no further milter commands or > responses will be exchanged. > > Below is the code that handles the Milter response. > > Wietse > > case SMFIR_REJECT: > if (data_size != 0) > break; > if (IN_CONNECT_EVENT(event)) { > #ifdef LIBMILTER_AUTO_DISCONNECT > milter8_close_stream(milter); > #endif > milter->state = MILTER8_STAT_REJECT_CON; > MILTER8_EVENT_BREAK(milter8_def_reply(milter, "550 5.7.1 > Command rejected")); > } else { > MILTER8_EVENT_BREAK("550 5.7.1 Command rejected"); > } > >