Loading ...
Sorry, an error occurred while loading the content.

292924Re: sender-based-routing challenge

Expand Messages
  • Noel Jones
    May 2, 2013
    • 0 Attachment
      On 5/2/2013 4:14 PM, Michael Ionescu wrote:
      > On 02.05.2013 17:57, Noel Jones wrote:
      >>> [...]
      >>> prequeue proxy virusfilter [...] precludes
      >>> rewriting the Received: header [...]
      >>> QUESTION 1: Is this correct?
      >>> [...]
      >>> QUESTION 2: Is there a definitive overview of all the ways postfix
      >>> detects loops and at what stages these are employed? (I mean aside from
      >>> the source code.) :-)
      >>> [...]
      >>> QUESTION 3: Can one make sender-based-routing conditional [...]?
      >>> QUESTION 4: Does this also work with an smtpd configured with a
      >>> pre-queue proxy filter?
      >>> [...]
      >>> Thanks for your insight!
      >>> Michael
      >> "C" Multiple postfix instances is the preferred solution. Postfix
      >> supports multiple instances on the same machine quite well. The
      >> added overhead to the machine is negligible. There is some extra
      >> administration, but the upside is you can easily do things that are
      >> not possible (or really ugly) in a single instance.
      >> http://www.postfix.org/MULTI_INSTANCE_README.html
      >> -- Noel Jones
      > Thanks Noel. While this may be generally correct, I come from using
      > qmail and having to compensate its shortcomings by both extensive
      > patching and ultimately placing multiple installations on each machine.
      > I do not want to go back to having multiple MTA installations on a
      > machine because of the drawbacks in administration, even in view of
      > postmulti. Therefore I am explicitly asking about the other solutions I
      > have in mind and am open for ones that I have not thought of.
      > Michael

      Write 100 times on the blackboard: "postfix is not qmail"

      Postfix transport features are global to each instance, and are
      non-conditional. If you're using sender dependent transports, you're
      going to have a hard time without multiple instances.

      If you can use something else to correctly route the original mail,
      you have a chance of it working without multiple instances. One
      thought that comes to mind is submitting the original mail on a
      specific port that has a -o
      content_filter=smtp:[remote.smtp.server]. Another possibility is a
      policy service that examines the detects the "special" mail through
      some combination of source IP and sender, and returns FILTER
      smtp:destination when appropriate.

      -- Noel Jones
    • Show all 6 messages in this topic