mb-milter Service¶
Milter protocol interface for Postfix integration providing real-time SMTP filtering.
Overview¶
mb-milter implements the Postfix milter (mail filter) protocol for real-time email filtering during SMTP conversation. Provides:
- SMTP-time filtering - Block before DATA phase
- Header modification - Add/remove headers
- Recipient validation - Real-time recipient checks
- Connection filtering - IP-based blocking
- Greylisting - Temporary rejection for spam prevention
Operates on port 10032 and interfaces with Postfix milter protocol.
Architecture¶
Milter protocol allows filtering at multiple SMTP stages:
SMTP Connection
↓ CONNECT stage (IP check)
mb-milter: GeoIP, IP blacklist
↓ HELO stage
mb-milter: HELO validation
↓ MAIL FROM stage
mb-milter: Sender validation, SPF check
↓ RCPT TO stage
mb-milter: Recipient validation, greylisting
↓ DATA stage
mb-milter: Header checks
↓ END-OF-MESSAGE
[mb-filter takes over for content filtering]
Configuration¶
Service File¶
Location: /etc/systemd/system/mb-milter.service
[Unit]
Description=Mailborder Milter Interface
After=network.target mb-rpcd.service
Requires=mb-rpcd.service
[Service]
Type=forking
User=mailborder
Group=mailborder
ExecStart=/usr/libexec/mailborder/php_enc/mb-milter start
ExecStop=/usr/libexec/mailborder/php_enc/mb-milter stop
PIDFile=/var/run/mailborder/mb-milter.pid
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
Postfix Integration¶
/etc/postfix/main.cf:
smtpd_milters = inet:127.0.0.1:10032
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
milter_protocol = 6
Reload Postfix:
Milter Settings¶
# Enable/disable features
sudo mb-config set milter.geoip_check true
sudo mb-config set milter.greylist_enabled true
sudo mb-config set milter.recipient_validation true
# Greylisting delay
sudo mb-config set milter.greylist_delay 300 # 5 minutes
# Apply changes
sudo systemctl reload mb-milter
Operations¶
Start:
Status:
Logs:
See Also¶
- mb-filter - Content filtering service
- Service Management - Service operations