APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Why Kerio should implement Milters


I think it should be obvious that a good filtering or rule capability is necessary in a mail server. Administrators and programmers often need complex message processing that goes far beyond the simple matching that is currently provided.

A suggestion was made almost four years ago at Server side rules for mail forwarding. In case you cannot access that link, I'll reproduce it here:

Rules enable you to define actions to take based on the contents of an email. For example, you can use rules to delete mail based on a specific subject-line, or to forward email larger than a specific size. Rules can be defined at two different levels: Global and Account. Global rules are applied to all messages delivered to the server, regardless of which recipient they are to be delivered to. Account rules apply only to email to a specific account.

Every rule has a set of criteria and actions. When you create a rule, you add criteria that specify which email the rule should be applied to. For example, you may add a criterion that limits the rule to email containing a specific Message-ID-header. After you have added criteria, you add actions. Actions define what mail Server should do if a message matches the criteria. For example, the action may be to forward the email, delete it or move it to a specific folder.

This is not a new idea. It was solved many years ago by Milters, which can be used in Sendmail and Postfix.

The concept of Milters is simple. I'll quote Wikipedia:

An MTA that is milter-capable instead notifies filters to which it is connected about each phase of the delivery of a message, from initial client connection through completion of transmission. At each phase of the SMTP session, the filter is given data about the arriving message and then has an opportunity to terminate acceptance of the message early when appropriate. For very large messages, this can have an enormous impact when a decision to reject can be made as early as possible. Moreover, unlike the former model, a milter-capable MTA can connect to multiple filters in parallel that serve specific purposes such as anti-virus, anti-spam, message authentication, flow regulation, etc. Finally, such filters can take special action on the message: add or remove recipients in the envelope; alter the body prior to delivery; add, change or remove header fields in the message, etc.

Note that "each phase of the SMTP session". In fact, nothing requires adding hooks for every phase, so the implementation could be provided in stages. I have no idea how difficult that is, but I do know that other MTA's have done it (Postfix, Scalix, Postoffice SMTP server, Sun Java System Messaging Server). The advantage of adding this capability would be that existing Milters could be plugged in to Kerio and at least have some chance of working.

Conceptually, this is no different than the hooks Kerio Connect used to have for third party virus scanning, except that the milters would be called at different points in the code.


I've done filter work in the past when customers needed special capability. The possibilities are endless; browsing milter.org should give you some idea. Many are open source, so could be modified for your specific needs.

Advantages for Kerio

Kerio could use this themselves to test requested features before building them into the product. In other cases, an existing or community developed milter might eliminate the need for Kerio to add a demanded feature or at least provide more time to work on it: customers who need it now could use the milter.


Of course things like this can cause support problems. I suggest a simple solution: put a switch in the Admin panels for "Milters off". If a customer seems to have an odd bug, switch that off. Does the bug still exist? If not, then it's not Kerio's problem - fix your milter!

Or simply use the concept

If it turns out that milters are too Sendmail oriented, Kerio should implement to concept of filter hooks at appropriate stages. While not offering the advantages of existing code, a modular approach like this would still offer all the other benefits.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> Why Kerio should implement Milters


Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Anthony Lawrence

Tue Jun 25 22:02:51 2013: 12158   anonymous


Tony i have an interesting issue with the current basic rules provided, in i get sent an group email and want to forward a certain part of the body and strip all the other persons addressed in the mail, it seems almost impossible with the current ruleset. Send as sms does what i need but only up to 142 characters!

Tue Jun 25 22:09:39 2013: 12159   TonyLawrence


That's odd.. I'll have to experiment to see what you mean..

Sun Jun 30 22:15:00 2013: 12188   Briandenks


Tony do you know how to increase the send as sms/txt max character length parameter ?

Sun Jun 30 22:34:52 2013: 12190   TonyLawrence


SMS is limited by design. See (link)

Fri Apr 4 13:17:35 2014: 12425   anonymous


Tony, i thought id follow up with the answer to what i was bugging you for !
In kerio webmail rules one has the option to "send notification" this is neither a fwd or redirect it simply changes the recievers email to an address you would like you can also select keep original subject.
Now the part i wanted to find was the body length $text$ kerio must default this to fit into an sms 128 characters, if one wants to send more of the body than the defalt then simply add bracket with the character length as thus $text[300]$ which gives you 300 characters, not sure if there's a maximum, but hey no need to dig around in the system files !

Fri Apr 4 13:39:55 2014: 12426   TonyLawrence


Great! Thanks!

Fri Apr 4 14:00:48 2014: 12427   anonymous


I would also like to point out although 10 months have passed since i posted the initial question i have been working on other things !

Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

If you don't know anything about computers, just remember that they are machines that do exactly what you tell them but often surprise you in the result. (Richard Dawkins)

People who are more than casually interested in computers should have at least some idea of what the underlying hardware is like. Otherwise the programs they write will be pretty weird. (Donald Knuth)

This post tagged: