- Previous message: Patrick de Ruiter: "DNS non-recoverable failure"
- Maybe in reply to: Michael Tokarev: "Beware: smtp_proxy_filter"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Michael Tokarev (no email)
Date: Sat Jul 02 2005 - 05:47:03 EDT
Victor Duchovni wrote:
> On Sat, Jul 02, 2005 at 02:20:23AM +0400, Michael Tokarev wrote:
>
>
>>When there's a pre-queue content filter configured in
>>Postfix smtpd (smtpd_proxy_filter), and that filter is
>>catching DATA command to perform content checks, saving
>>the incoming message in a temp file, this filter, at
>>least in current architecture, is responsible to enforce
>>(initial) message_size_limit by its own.
>
> This is fixed in the the latest 2.3 snapshot for clients that use ESMTP.
> If the client honours the 250-SIZE=... EHLO reponse, it will not send
> oversize messages. Some clients ignore the size limit, but send the real
> size with "MAIL FROM:<addr> SIZE=..." here with 2.3 the pre-filter smtpd
> will now reject mail from if the size is too large.
[]
> So yes, the filter owns enforcing the limit for either clients that
> lie or clients that don't talk ESMTP, fortunately it is given the
> necessary information in the EHLO response from the post-filter
> server.
Well, the problematic cases I've seen so far all were with the
cases when original client did NOT advertise actual message size.
For example, M$ outlook [express], while does use ESMTP, does not
tell the server about message size, and the point where such a
client submits message to postfix initially is the very first
"defense" against over-sized messages, where most such problems
are filtered without the filter (what a statement it is ;) (users
tend to (try) send large .doc or .mp3 or even .avi attachments).
But yes, the problem exist only with "bad" (in various ways)
clients (but ok, there are no problems with "good" clients
anyway, right? ;)
/mjt
|
|
|