So reading a bit more I think I can just use a policy daemon and do: Rule 1 = True, return OK Rule 2 = True, return OK And if it hits rule 3 or 4, return REDIRECT <email address>
> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:owner-postfix- > [EMAIL PROTECTED] On Behalf Of Ulf Zimmermann > Sent: 08/26/2008 00:22 > To: mouss > Cc: postfix-users@postfix.org > Subject: RE: Suggestions wanted > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:owner-postfix- > > [EMAIL PROTECTED] On Behalf Of mouss > > Sent: 08/25/2008 23:42 > > Cc: postfix-users@postfix.org > > Subject: Re: Suggestions wanted > > > > Ulf Zimmermann wrote: > > > Hello, everyone. > > > > > > I thought before I potential reinvent the wheel, I would ask here > if > > > someone hasn't done this before: > > > > > > I am looking at doing 3 things in postfix on a relay which is set > as > > the > > > smart relay on a number of machines. > > > > > > 1.) Check the client host name, if in table 1, allow relay > > > unconditional, stop further checks > > > > mynetworks = cidr:/etc/postfix/mynetworks > > > > == mynetworks > > 127.0.0.1/32 OK > > 192.168.1.0/24 OK > > ... > > > > > > > 2.) Check if recipient address is [EMAIL PROTECTED], > [EMAIL PROTECTED] > > but > > > not [EMAIL PROTECTED], if true, then allow relay and stop further > > > checks. > > > > put domain1.com and domain2.com in ONE of mydestination, > relay_domains, > > virtual_mailbox_domains, virtual_alias_domains. > > > > do not put ml.domain2.com there. and set > > parent_domain_matches_subdomains= > > well. read the docs for what you can/should do. > > > > > > > 3.) Check the client host name, if in table 2, use field in table > to > > > rewrite the recipient address and insert header with original > > recipient > > > address, stop further checks. > > > > What if the message is addressed to many recipients. would you add > 100 > > headers if you have 100 recipients? > > > > and worst, what if some of these recipients were BCC'ed. you don't > want > > to expose the Bcc to the recipients. > > As this rewrite is to catch development emails (Stage, Test, Demo, > Performance environment), > a single recipient rewrite would be the case. > > > > > > > > 4.) And last if all fails, rewrite the recipient address to > > > [EMAIL PROTECTED], which will allow us to classify > the > > > client host into 1 or 3. > > > > > > > what is the goal here? > > Any machine is to be classified. Many of the machines should not be > allowed to send email to the outside > world. Normally when we copy our production database to the > stage/test/etc environment, emails addresses > in those environments get changed to something like > [EMAIL PROTECTED] or [EMAIL PROTECTED] which > end up in a public folder on the corporate Exchange server for > developers to look at. > > Unfortunately if now a developer loads feeds from our customers which > could include emails, live emails get introduced > into these development environments. Also there is sometimes hardcoded > email addresses in the code these developers write > and again this has lead to problems. > > > > > > > Anyone done something similar and cares to share? Any other > > suggestions? > > > > Ulf Zimmermann | Senior System Architect > > OPENLANE > 4600 Bohannon Drive, Suite 100 > Menlo Park, CA 94025 > > O: 650-532-6382 M: (510) 396-1764 F: (510) 580-0929 > > Email: [EMAIL PROTECTED] | Web: www.openlane.com
