From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <s.ivanov@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 3B266C0E75
 for <pmg-devel@lists.proxmox.com>; Fri, 12 Jan 2024 20:22:51 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 1B37F3608B
 for <pmg-devel@lists.proxmox.com>; Fri, 12 Jan 2024 20:22:21 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS
 for <pmg-devel@lists.proxmox.com>; Fri, 12 Jan 2024 20:22:19 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 2607E49135
 for <pmg-devel@lists.proxmox.com>; Fri, 12 Jan 2024 20:22:19 +0100 (CET)
From: Stoiko Ivanov <s.ivanov@proxmox.com>
To: pmg-devel@lists.proxmox.com
Date: Fri, 12 Jan 2024 20:21:46 +0100
Message-Id: <20240112192151.40998-1-s.ivanov@proxmox.com>
X-Mailer: git-send-email 2.39.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.088 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [cf.in, 5-opts.pl, config.pm]
Subject: [pmg-devel] [PATCH pmg-api/pmg-docs v2] make filter timeout
 configurable
X-BeenThere: pmg-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Mail Gateway development discussion
 <pmg-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pmg-devel>, 
 <mailto:pmg-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pmg-devel/>
List-Post: <mailto:pmg-devel@lists.proxmox.com>
List-Help: <mailto:pmg-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel>, 
 <mailto:pmg-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2024 19:22:51 -0000

v1->v2:
* addressed Thomas' feedback - Thanks very much
* changed the setting from filter_timeout to filter-timeout (thus
  template toolkit needs to access it as 'pmg.mail.item('filter-timeout')
* fixed a few glitches in the commit messages

original cover-letter for v1:
This series improves mail-handling in case pmg-smtp-filter takes too long in
processing a mail.
Currently the timeout is based on postfix defaults which differ between
after-queue filtering (600s) and before-queue filtering (120s) (patch 1/4
unifies the timeout, and is meant as a stop-gap measure).

In both cases - once the timeout is reached the behavior is inconvenient
(to put it mildly):
* postfix detects the timeout and reports a temporary 4xx code to the
  sender, while pmg-smtp-filter sends the mail further after processing
  anyways
This results in such mails getting delivered multiple times to the
recipient (and you need the administrator of the server sending to PMG to
remove it from their queue, for the deliveries to stop).

Tested by adding a `sleep 200;` in PMG::Utils::analyze_virus_clam.

The docs patch is necessary for patch 3/5 (new config-options need to be
known in the doc-generator)

pmg-api:
Stoiko Ivanov (4):
  templates: postfix: set same timeouts for before and after-queue
  pmg-smtp-filter: cleanup use of gettimeofday
  config: postfix: make smtp-filter-timeout configurable
  pmg-smtp-filter: die if processing took longer than the timeout

 src/PMG/Config.pm        |  9 +++++++++
 src/bin/pmg-smtp-filter  | 21 ++++++++++++---------
 src/templates/main.cf.in |  5 ++++-
 3 files changed, 25 insertions(+), 10 deletions(-)

pmg-docs:
Stoiko Ivanov (1):
  doc-generator: add new option filter-timeout

 gen-pmg.conf.5-opts.pl | 1 +
 1 file changed, 1 insertion(+)

-- 
2.39.2