Hello, I wanted to ask you about an idea that came up in my mind. I am developing a central authentication server (https://nauthilus.org <https://nauthilus.org/>). It can be used everywhere (currently tested with Dovecot, FreeRADIUS, OpenVPN, GitLab and many other applications), where authentication is required (and it has a bunch of anti-attack features builtin like complex brute-force detection, block lists, RBLs, Lua-Hooks). The server talks HTTP REST (mainly HTTP header based or JSON).
When I looked at a way to bind Postfix to this server (Submission), I only found some undocumented Cyrus-SASL plugin, which lacks IP-address support. In fact you only get the local part, the domain and the password. No other meta information is available (like IP, SSL infos, anything else that you can get from a client connect). A current workaround is to proxy Postfix behind Dovecot. Works, but this is a dependency to another service. My question is, if you see some possibility to add some HTTP REST to Postfix to talk to such an authentication server. Furthermore I thought about HTTP-support in tables as well to communicate with modern micro services and get information for i.e. relay-domains, -recipients, check_* etc... something like a http_table? My feeling is that HTTP as a general purpose interface would enhance Postfix. Maybe you have real good reasons to not do so, but I thought I could ask here for your feedback. What do you think about HTTP REST and as an enhancement for Postfix? Do think it is a good idea or not? Maybe Patrick-Ben Koetter likes also to answer here, as I had a phone call earlier these days with him concerning this idea. Many thanks in advance Christian Rößner -- Rößner-Network-Solutions Zertifizierter ITSiBe / CISO Marburger Str. 70a, 36304 Alsfeld Fax: +49 6631 78823409, Mobil: +49 171 9905345 USt-IdNr.: DE225643613, https://roessner.website PGP fingerprint: 658D 1342 B762 F484 2DDF 1E88 38A5 4346 D727 94E5 _______________________________________________ Postfix-devel mailing list -- postfix-devel@postfix.org To unsubscribe send an email to postfix-devel-le...@postfix.org
