> On 4 Jan 2020, at 21:19, Wietse Venema <wie...@porcupine.org> wrote: > > Wietse Venema: >>> Are you interested by the patch which integrate this functionality >>> in main postfix branch ? >> >> Maybe. It depends on whether there are special cases that people >> need to know about, such as things that are not supported (dane, >> DNSSEC, TLSA) or things that behave in an unexpected way. That is >> aside from implementation issues such as hard limits, incomplete >> error propagation, portability issues, and so on. >> >> Why inside Postfix, why not in an external DNS proxy?
These little DNS adaptation doesn’t require the usage of a dedicated
DNS server.On other it was more quick to perform a lookup in a table
than send DNS request.
Finally, it have a cost to add DNS server: oversight, maintenance, …
and it add a new failure cause.
>> Why only in the SMTP/LMTP client, why not in a library that could
>> also be used by other Postfix programs?
I wrote the patch in the same way than “smtp_dns_reply_filter” and
“lmtp_dns_reply_filter”. It is written in "dns/*” files and the
action is performed in the function “dns_lookup_x”. So it is
usable by all the subprograms which need the functionality, but the
dict configuration is loaded in "smtp/smtp.c”.
> Maybe you can share documentation, then we can review that
> and figure out what the possibilities are.
Sure, below the line I add to the man file postconf.5:
(maybe the examples are not relevant)
8<-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-
smtp_dns_request_filter (default: empty)
Optional filter for Postfix SMTP client DNS lookup requests.
Specify zero or more lookup tables. The lookup tables are searched
in the given order for a match with the DNS MX request domain name.
Only MX requests are concerned y this filter.
When a match is found, the table lookup result specifies an action.
By default, the table query and the action name are case-insensitive.
Currently, the actions are:
"notfound" return a DNS not found response.
record=<ttl>,mx=<mx>,prio=<prio>[,mx=<mx>,prio=<prio>[...]]. This force
a DNS MX response, where <ttl> is the ttl in seconds, <mx> is the MX
record name and <prio> is the priority. <ttl> and <mx> expects a numeric
value. One or more MX record can be specified.
If no domains match the tables, the DNS lookup is performed.
Three example: force smtp servers for domains containing competitor
name, force usage of some MX because the public third is too slow
and finally force DNS not found for some domains.
/etc/postfix/main.cf:
smtp_dns_request_filter = pcre:/etc/postfix/smtp_dns_request_filter
/etc/postfix/smtp_dns_request_filter:
# intercept email for a competitor
/competitor/ record=300,mx=mta1.local,prio=10,mx=mta2.local,prio=10
# remove mx1 which is a slow server for specific partner domain,
# keep only mx2 and mx3.
/^partner.com$/
record=300,mx=mx2.partner.com,prio=10,mx=mx3.partner.com,prio=10
# force not found response for the following domains. mail where
# were dropped with a bounce.
/^yahoo.com$/ notfound
/^gmail.com$/ notfound
This feature is available in Postfix 3.0 and later.
8<-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-
Also I attach the patch in this first version. It is based on postfix-3.4.8
and it have git format.
Note that I not found coding-style doc or something like that. I try to keep
the current code style.
Thierry
0001-MINOR-Add-database-lookup-for-MX-entries.patch
Description: Binary data
