On Thu, Apr 9, 2009 at 7:32 AM, Wietse Venema <[email protected]> wrote: > Curtis: > [ Charset ISO-8859-1 unsupported, converting... ]
oops... darn gmail. <snip> >> So... my thought is that a policy server is the answer. However, I >> can't seem to find a policy server that supports sender blacklisting >> which is written in C (I'm concerned that anything else wouldn't be >> fast enough). > > A policy daemon does very little work: split the query from Postfix, > and query some DBMS. Most of the work is done outside of the policy > daemon. > > Also. note that Postfix reuses the policy daemon process many times. > On a busy server, the overhead of script compilation is amortized > over up to 100 SMTP client connections. Good point... and looking at this example... http://www.postfix.org/SMTPD_POLICY_README.html#frequent ...I see how easy it would be to only run the policy server on the blacklisted senders only. However, I just ran into another potential "show stopper"... in the notes of the protocol description ( http://www.postfix.org/SMTPD_POLICY_README.html#protocol ) it says 'The "recipient" attribute is available only ... when Postfix accepted only one recipient for the current message.' Does that mean that the policy server will have no way of determining what domain the message was sent to when postfix accepts the message on behalf of more than one sender? Curtis
