pmg-smtp-filter: die if processing took longer than the timeout

In case a mail took longer to get processed than the configured
timeout - 1 second - `die` before running any action.

The `die` results in a temporary failure to be reported to the sending
server by PMG::SMTP.pm ("451 4.4.0 detected undelivered mail").

The reason for the 1s extra slack is to have some time to actually
run the action - and also justified that in both cases (postfix
detecting the timeout, and pmg-smtp-filter `die`ing the sender gets
a temporary failure reported back).

Tested with a small filter_timeout setting (30), and a larger sleep in
added in analyze_virus.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Reviewed-by: Dominik Csapak <d.csapak@proxmox.com>
Tested-by:  Dominik Csapak <d.csapak@proxmox.com>

diff --git a/src/bin/pmg-smtp-filter b/src/bin/pmg-smtp-filter
index f6556feb5265ad85bfa4dbb333fd524e3a075b3f..dc7128c5b42534dde424b8370a7b2dcf3a5ce1fd 100755 (executable)
--- a/src/bin/pmg-smtp-filter
+++ b/src/bin/pmg-smtp-filter
@@ -330,6 +330,11 @@ sub apply_rules {
 
     my $mod_group = PMG::ModGroup->new($entity, $msginfo->{targets});
 
+    my $processing_time = int(tv_interval($msginfo->{starttime}));
+    my $filter_timeout = $self->{pmg_cfg}->get('mail', 'filter-timeout');
+    die "processing took ${processing_time}s, longer than the timeout (${filter_timeout}s)\n"
+       if $processing_time > $filter_timeout;
+
     foreach my $rule (@$rules) {
        my $targets = $rule_targets{$rule->{id}};
        next if !$targets;
@@ -642,6 +647,7 @@ sub handle_smtp {
        $msginfo->{fqdn} = $msginfo->{hostname};
        $msginfo->{fqdn} .= ".$msginfo->{domain}" if $msginfo->{domain};
        $msginfo->{lcid} = $lcid;
+       $msginfo->{starttime} = $starttime;
 
        # $msginfo->{targets} is case sensitive,
        # but pmail is always lower case!