Loading ...
Sorry, an error occurred while loading the content.
 

Re: on send call command

Expand Messages
  • Tim Prepscius
    Umm, I m looking for something more canonical. I want to get exactly what will be sent over the network, right before it is sent, or when it is queued. -tim
    Message 1 of 15 , Sep 23, 2013
      Umm, I'm looking for something more canonical.

      I want to get exactly what will be sent over the network, right before
      it is sent, or when it is queued.

      -tim


      On 9/23/13, Wietse Venema <wietse@...> wrote:
      > Tim Prepscius:
      >> Hey,
      >>
      >> Again, thank you very much for the previous configuration questions.
      >>
      >>
      >> So, at the moment, when a mail is received it correctly spawns the
      >> java process and does whatever it needs to do.
      >>
      >>
      >> I would also like to hook this same process in when a send event occurs.
      >>
      >> So:
      >>
      >> Bob talks to SMTP, sends an email from his account to some other
      >> account, either on my domain, or another domain.
      >>
      >> Either when the mail is queued, or when it is actually sent, both
      >> would be fine (although queued would be better in this case I think):
      >> I would like postfix to call the same
      >>
      >> master.cf:
      >> javapipe unix - n n - - pipe
      >> user=postfix-user flags=DRhuX argv=java -jar
      >> /home/postfix-user/PostfixMailReceiver.jar -args $recipient
      >>
      >> (although I would change $recipient to $sender (or whatever it might be))
      >>
      >>
      >> I'm looking at:
      >> http://www.postfix.org/FILTER_README.html
      >
      > Why not monitor the mail logfile? It has the entire history
      > of all deliveries, successful or not.
      >
      > Alternatively, you an use always_bcc to add a recipent that
      > is notified of all email that passes through Postfix.
      > http://www.postfix.org/postconf.5.html#always_bcc
      >
      > Wietse
      >
      > Wietse
      >
    • Wietse Venema
      ... Postfix is not a network monitoring tool. Use tcpdump or Bro instead. Wietse
      Message 2 of 15 , Sep 23, 2013
        Tim Prepscius:
        > Umm, I'm looking for something more canonical.
        >
        > I want to get exactly what will be sent over the network, right before
        > it is sent, or when it is queued.

        Postfix is not a network monitoring tool. Use tcpdump or Bro instead.

        Wietse
      • Tim Prepscius
        No, I don t mean network dump. I mean the full mime-message. With all the headers that have been attached during the postfix process and by (in my case)
        Message 3 of 15 , Sep 23, 2013
          No, I don't mean network dump.

          I mean the full mime-message.
          With all the headers that have been attached during the postfix
          process and by (in my case) java-mail, etc.

          For instance stuff like this:
          Subject: Re: on send call command
          In-Reply-To: <CAAJ3AvUZ+B46OgO7UmbRkx+bfBR8dcQDz0vpVp+9s9M3E98yPg@...>
          To: Postfix users <postfix-users@...>
          Date: Mon, 23 Sep 2013 20:08:26 -0400 (EDT)
          Reply-To: Postfix users <postfix-users@...>
          X-Mailer: ELM [version 2.4ME+ PL124d (25)]
          MIME-Version: 1.0
          Content-Transfer-Encoding: 7bit
          Content-Type: text/plain; charset="US-ASCII"
          Message-Id: <3ckN624d0Mzjymp@...>
          From: wietse@... (Wietse Venema)
          Sender: owner-postfix-users@...



          Is there a way?

          -tim


          On 9/23/13, Wietse Venema <wietse@...> wrote:
          > Tim Prepscius:
          >> Umm, I'm looking for something more canonical.
          >>
          >> I want to get exactly what will be sent over the network, right before
          >> it is sent, or when it is queued.
          >
          > Postfix is not a network monitoring tool. Use tcpdump or Bro instead.
          >
          > Wietse
          >
        • /dev/rob0
          ... Why was always_bcc, as suggested upthread, not adequate? Oh, that won t have your java-mail-added headers. I guess you want to either add another step into
          Message 4 of 15 , Sep 23, 2013
            On Mon, Sep 23, 2013 at 10:18:42PM -0400, Tim Prepscius wrote:
            > On 9/23/13, Wietse Venema <wietse@...> wrote:
            > > Tim Prepscius:
            > >> Umm, I'm looking for something more canonical.
            > >>
            > >> I want to get exactly what will be sent over the network,
            > >> right before it is sent, or when it is queued.
            > >
            > > Postfix is not a network monitoring tool. Use tcpdump or Bro
            > > instead.
            >
            > No, I don't mean network dump.
            >
            > I mean the full mime-message.
            > With all the headers that have been attached during the postfix
            > process and by (in my case) java-mail, etc.
            >
            > For instance stuff like this:
            > Subject: Re: on send call command
            > In-Reply-To: <CAAJ3AvUZ+B46OgO7UmbRkx+bfBR8dcQDz0vpVp+9s9M3E98yPg@...>
            > To: Postfix users <postfix-users@...>
            > Date: Mon, 23 Sep 2013 20:08:26 -0400 (EDT)
            > Reply-To: Postfix users <postfix-users@...>
            > X-Mailer: ELM [version 2.4ME+ PL124d (25)]
            > MIME-Version: 1.0
            > Content-Transfer-Encoding: 7bit
            > Content-Type: text/plain; charset="US-ASCII"
            > Message-Id: <3ckN624d0Mzjymp@...>
            > From: wietse@... (Wietse Venema)
            > Sender: owner-postfix-users@...
            >
            >
            >
            > Is there a way?

            Why was always_bcc, as suggested upthread, not adequate? Oh, that
            won't have your java-mail-added headers.

            I guess you want to either add another step into the mix, use a
            second instance as relayhost, and always_bcc from there; or just
            include this archiving functionality into your Java code.
            --
            http://rob0.nodns4.us/ -- system administration and consulting
            Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
          • Tim Prepscius
            Does always_bcc modify the original message? Reading http://www.postfix.org/postconf.5.html#always_bcc it suggests to me that it does. But perhaps I m
            Message 5 of 15 , Sep 23, 2013
              Does always_bcc modify the original message?

              Reading
              http://www.postfix.org/postconf.5.html#always_bcc

              it suggests to me that it does. But perhaps I'm mistaken.
              If it doesn't I could use it.


              Are there any hooks along the message send path which I can get the
              full mime message?

              -tim


              On 9/23/13, /dev/rob0 <rob0@...> wrote:
              > On Mon, Sep 23, 2013 at 10:18:42PM -0400, Tim Prepscius wrote:
              >> On 9/23/13, Wietse Venema <wietse@...> wrote:
              >> > Tim Prepscius:
              >> >> Umm, I'm looking for something more canonical.
              >> >>
              >> >> I want to get exactly what will be sent over the network,
              >> >> right before it is sent, or when it is queued.
              >> >
              >> > Postfix is not a network monitoring tool. Use tcpdump or Bro
              >> > instead.
              >>
              >> No, I don't mean network dump.
              >>
              >> I mean the full mime-message.
              >> With all the headers that have been attached during the postfix
              >> process and by (in my case) java-mail, etc.
              >>
              >> For instance stuff like this:
              >> Subject: Re: on send call command
              >> In-Reply-To:
              >> <CAAJ3AvUZ+B46OgO7UmbRkx+bfBR8dcQDz0vpVp+9s9M3E98yPg@...>
              >> To: Postfix users <postfix-users@...>
              >> Date: Mon, 23 Sep 2013 20:08:26 -0400 (EDT)
              >> Reply-To: Postfix users <postfix-users@...>
              >> X-Mailer: ELM [version 2.4ME+ PL124d (25)]
              >> MIME-Version: 1.0
              >> Content-Transfer-Encoding: 7bit
              >> Content-Type: text/plain; charset="US-ASCII"
              >> Message-Id: <3ckN624d0Mzjymp@...>
              >> From: wietse@... (Wietse Venema)
              >> Sender: owner-postfix-users@...
              >>
              >>
              >>
              >> Is there a way?
              >
              > Why was always_bcc, as suggested upthread, not adequate? Oh, that
              > won't have your java-mail-added headers.
              >
              > I guess you want to either add another step into the mix, use a
              > second instance as relayhost, and always_bcc from there; or just
              > include this archiving functionality into your Java code.
              > --
              > http://rob0.nodns4.us/ -- system administration and consulting
              > Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
              >
            • Noel Jones
              ... The queue file is identical to what is transmitted over the network.[1] Do you need to examine the message for testing, or for operational audit? For
              Message 6 of 15 , Sep 23, 2013
                On 9/23/2013 9:18 PM, Tim Prepscius wrote:
                > No, I don't mean network dump.
                >
                > I mean the full mime-message.
                > With all the headers that have been attached during the postfix
                > process and by (in my case) java-mail, etc.
                >
                > For instance stuff like this:
                > Subject: Re: on send call command
                > In-Reply-To: <CAAJ3AvUZ+B46OgO7UmbRkx+bfBR8dcQDz0vpVp+9s9M3E98yPg@...>
                > To: Postfix users <postfix-users@...>
                > Date: Mon, 23 Sep 2013 20:08:26 -0400 (EDT)
                > Reply-To: Postfix users <postfix-users@...>
                > X-Mailer: ELM [version 2.4ME+ PL124d (25)]
                > MIME-Version: 1.0
                > Content-Transfer-Encoding: 7bit
                > Content-Type: text/plain; charset="US-ASCII"
                > Message-Id: <3ckN624d0Mzjymp@...>
                > From: wietse@... (Wietse Venema)
                > Sender: owner-postfix-users@...
                >
                >

                The queue file is identical to what is transmitted over the network.[1]

                Do you need to examine the message for testing, or for operational
                audit?

                For testing, pause delivery with "defer_transports = smtp" and
                examine the queue file with postcat -hbq QUEUEID, which will show
                exactly what postfix will send out.[1]

                If this is for operational audit, explain why always_bcc and system
                logging is insufficient.

                If this is for some other purpose, please explain your problem more
                clearly.


                [1] unless you've configured the optional smtp_header_checks,
                smtp_body_checks, or smtp_generic_maps, in which case your only
                choices are always_bcc or a network packet capture.

                -- Noel Jones
              • Tim Prepscius
                I need to save the original, of all messages leaving the system. Original meaning whatever postfix is going to send. This is not for testing or for auditing. I
                Message 7 of 15 , Sep 23, 2013
                  I need to save the original, of all messages leaving the system.
                  Original meaning whatever postfix is going to send.


                  This is not for testing or for auditing.
                  I will need this running in a production environment.


                  always_bcc, if it does not modify the original message would be sufficient.
                  System logging would most likely be a kludge.

                  On a side note, are you encrypting the queue files?

                  -tim


                  On 9/23/13, Noel Jones <njones@...> wrote:
                  > On 9/23/2013 9:18 PM, Tim Prepscius wrote:
                  >> No, I don't mean network dump.
                  >>
                  >> I mean the full mime-message.
                  >> With all the headers that have been attached during the postfix
                  >> process and by (in my case) java-mail, etc.
                  >>
                  >> For instance stuff like this:
                  >> Subject: Re: on send call command
                  >> In-Reply-To:
                  >> <CAAJ3AvUZ+B46OgO7UmbRkx+bfBR8dcQDz0vpVp+9s9M3E98yPg@...>
                  >> To: Postfix users <postfix-users@...>
                  >> Date: Mon, 23 Sep 2013 20:08:26 -0400 (EDT)
                  >> Reply-To: Postfix users <postfix-users@...>
                  >> X-Mailer: ELM [version 2.4ME+ PL124d (25)]
                  >> MIME-Version: 1.0
                  >> Content-Transfer-Encoding: 7bit
                  >> Content-Type: text/plain; charset="US-ASCII"
                  >> Message-Id: <3ckN624d0Mzjymp@...>
                  >> From: wietse@... (Wietse Venema)
                  >> Sender: owner-postfix-users@...
                  >>
                  >>
                  >
                  > The queue file is identical to what is transmitted over the network.[1]
                  >
                  > Do you need to examine the message for testing, or for operational
                  > audit?
                  >
                  > For testing, pause delivery with "defer_transports = smtp" and
                  > examine the queue file with postcat -hbq QUEUEID, which will show
                  > exactly what postfix will send out.[1]
                  >
                  > If this is for operational audit, explain why always_bcc and system
                  > logging is insufficient.
                  >
                  > If this is for some other purpose, please explain your problem more
                  > clearly.
                  >
                  >
                  > [1] unless you've configured the optional smtp_header_checks,
                  > smtp_body_checks, or smtp_generic_maps, in which case your only
                  > choices are always_bcc or a network packet capture.
                  >
                  > -- Noel Jones
                  >
                • Noel Jones
                  ... You ll need both -- postfix logs to show where and when it was delivered, and the alway_bcc mailbox showing the contents. ... Postfix has no option to
                  Message 8 of 15 , Sep 23, 2013
                    On 9/23/2013 11:08 PM, Tim Prepscius wrote:
                    > I need to save the original, of all messages leaving the system.
                    > Original meaning whatever postfix is going to send.
                    >
                    >
                    > This is not for testing or for auditing.
                    > I will need this running in a production environment.
                    >
                    >
                    > always_bcc, if it does not modify the original message would be sufficient.
                    > System logging would most likely be a kludge.

                    You'll need both -- postfix logs to show where and when it was
                    delivered, and the alway_bcc mailbox showing the contents.

                    >
                    > On a side note, are you encrypting the queue files?

                    Postfix has no option to encrypt the queue files, but the queue
                    directory can reside on an encrypted drive or partition.


                    -- Noel Jones
                  • Tim Prepscius
                    Ok I have two questions. 1. Does always_bcc modify the original message? 2. Could I somehow plug in to whatever is queueing the message to disk? -tim
                    Message 9 of 15 , Sep 24, 2013
                      Ok I have two questions.


                      1. Does always_bcc modify the original message?


                      2. Could I somehow plug in to whatever is queueing the message to disk?


                      -tim



                      On 9/24/13, Noel Jones <njones@...> wrote:
                      > On 9/23/2013 11:08 PM, Tim Prepscius wrote:
                      >> I need to save the original, of all messages leaving the system.
                      >> Original meaning whatever postfix is going to send.
                      >>
                      >>
                      >> This is not for testing or for auditing.
                      >> I will need this running in a production environment.
                      >>
                      >>
                      >> always_bcc, if it does not modify the original message would be
                      >> sufficient.
                      >> System logging would most likely be a kludge.
                      >
                      > You'll need both -- postfix logs to show where and when it was
                      > delivered, and the alway_bcc mailbox showing the contents.
                      >
                      >>
                      >> On a side note, are you encrypting the queue files?
                      >
                      > Postfix has no option to encrypt the queue files, but the queue
                      > directory can reside on an encrypted drive or partition.
                      >
                      >
                      > -- Noel Jones
                      >
                    • Wietse Venema
                      ... always_bcc does not change the headers or body. always_bcc adds one envelope recipient. ... http://www.postfix.org/CONTENT_INSPECTION_README.html There are
                      Message 10 of 15 , Sep 24, 2013
                        Tim Prepscius:
                        > Ok I have two questions.
                        >
                        >
                        > 1. Does always_bcc modify the original message?

                        always_bcc does not change the headers or body.

                        always_bcc adds one envelope recipient.

                        > 2. Could I somehow plug in to whatever is queueing the message to disk?

                        http://www.postfix.org/CONTENT_INSPECTION_README.html

                        There are several features that inspect mail before it is queued.

                        Wietse
                      • Tim Prepscius
                        Ah.. I think the http://www.postfix.org/FILTER_README.html is what I need -- perhaps -- I ll find out. Thank you for all the pointers so far, -tim
                        Message 11 of 15 , Sep 24, 2013
                          Ah..

                          I think the
                          http://www.postfix.org/FILTER_README.html

                          is what I need -- perhaps -- I'll find out.

                          Thank you for all the pointers so far,

                          -tim

                          On 9/24/13, Wietse Venema <wietse@...> wrote:
                          > Tim Prepscius:
                          >> Ok I have two questions.
                          >>
                          >>
                          >> 1. Does always_bcc modify the original message?
                          >
                          > always_bcc does not change the headers or body.
                          >
                          > always_bcc adds one envelope recipient.
                          >
                          >> 2. Could I somehow plug in to whatever is queueing the message to disk?
                          >
                          > http://www.postfix.org/CONTENT_INSPECTION_README.html
                          >
                          > There are several features that inspect mail before it is queued.
                          >
                          > Wietse
                          >
                        • Viktor Dukhovni
                          ... Also read http://www.postfix.org/OVERVIEW.html Mail comes in, and then it goes out. On the input side all envelope and content transformations happen as
                          Message 12 of 15 , Sep 24, 2013
                            On Tue, Sep 24, 2013 at 12:29:46PM -0400, Tim Prepscius wrote:

                            > I think the
                            >
                            > http://www.postfix.org/FILTER_README.html
                            >
                            > is what I need -- perhaps -- I'll find out.

                            Also read http://www.postfix.org/OVERVIEW.html

                            Mail comes in, and then it goes out.

                            On the input side all envelope and content transformations happen
                            as the message is written to a queue file in the "incoming" queue
                            by cleanup(8). This may involve milters and pre-queue SMTP proxy
                            filters.

                            On the output side, with smtp(8), mail is subject to smtp_generic_maps,
                            and sometimes 8-bit to 7-bit MIME conversion.

                            Between the input and output side, you can impose content filters
                            (via deliveries to internal SMTP hops or to pipe(8) commands). The
                            content filters may use the Postfix content_filter feature to operate
                            within a single Postfix instance (or queue), or may sit between the
                            input and output sides of a multi-instance Postfix configuration.

                            After it leaves your system, mail may of course be modified by
                            other systems before it is finally delivered to a recipient's
                            mailbox.

                            And of course keep in mind that email message envelopes with multiple
                            recipients often split into multiple pieces as mail gets closer to
                            the destination when not all recipient mailboxes reside in the same
                            store.

                            In particular, with always_bcc, the Bcc mailbox sees the message content,
                            but not the other envelope recipients.

                            Since you are trying to do advanced filtering with Postfix, you
                            need a deeper understanding of the architecture more than any
                            specific advice.

                            Take time to understand how Postfix works,

                            http://www.postfix.org/ADDRESS_REWRITING_README.html
                            http://www.postfix.org/ADDRESS_CLASS_README.html

                            http://www.postfix.org/MILTER_README.html
                            http://www.postfix.org/SMTPD_PROXY_README.html

                            http://www.postfix.org/QSHAPE_README.html
                            http://www.postfix.org/MULTI_INSTANCE_README.html

                            --
                            Viktor.
                          Your message has been successfully submitted and would be delivered to recipients shortly.