Jordi Espasa Clofent a écrit :
>> That is easy.
>>
>> Have your users connect to the submission port, and let everyone
>> else connnect to the smtp port. Then, specify "=o
>> content_filter=whatever"
>> for the smtp port and not for the submission port.
>
> Yes Wietse, I've considered this simple and clean option, but we're a
> hosting company and the costumers are to lazy to understand and accept
> an approach like this.
>
>> If you are taking in all mail on port 25 then you are making mail
>> handling more complicated than it needs to be.
>
> I agree... but ¿is there no more alternatives?
>
there are, but using the submission port is the way to go.
anyway, you can use the FILTER action in smtpd access checks. for example:
smtpd_sender_restrictions =
check_client_access pcre:/etc/postfix/filter_trusted.pcre
permit_mynetworks
permit_sals_authenticated
check_client_access pcre:/etc/postfix/filter_default.pcre
filter_trusted.pcre:
#virus scan, but no spam filtering
/./ FILTER filter:[127.0.0.1]:10586
filter_default.pcre:
#virus and spam filtering...
/./ FILTER filter:[127.0.0.1]:10024
> Maybe if I want all mail on port 25, I have to hack the Perl filter code
> and working on this level, not in Postfix level.
>
