Victor Duchovni put forth on 3/11/2011 10:09 AM: > On Fri, Mar 11, 2011 at 04:58:15PM +0100, Giovanni Mancuso wrote: > >> I have my postfix configured as MX record of my domain with particular >> smtpd_recipents_restriction, ecc... >> If my postfix receives a mail that has X-MyCustomHeader, Postfix accept >> the mail and delivers it to backend. >> If my Postfix receives a mail that hasn't X-MyCustomHeader, Postfix >> checks if client ip is in a blacklist and reject the email if the ip is >> in blacklist or accept the mail if it isn't in blacklist. > > Rejection of email can only happen before the mail is queued. Therefore, > this can only be done with a proxy-filter or milter. > > http://www.postfix.org/SMTPD_PROXY_README.html > http://www.postfix.org/MILTER_README.html > > While client addresses can checked via built-in mechanisms in > smtpd_end_of_data_restrictions, there is no built-in mechanism to make > these checks dependent on the message headers. Adding such a feature > would not be easy, the header checks are performed in the cleanup(8) > server, while client address checks are performed in the smtpd(8) > server, the data flow from smtpd(8) to cleanup(8) is essentially > one-way... > > http://www.postfix.org/OVERVIEW.html
It appears I did understand Giovanni's need correctly. He should be able to use Sahil's checkdbl.pl daemon with some modifications. He'd simply check that X-custom-header exists. If it doesn't, he'd then query the configured dnsbl for the client IP address, although I'm not sure exactly how one would access the client IP from within header checks. I'm not a perl programmer, but this shouldn't be too difficult for a perl guy, assuming the client IP address is available to the daemon one way or another. Most of the code the OP needs is already here: http://people.freebsd.org/~sahil/scripts/checkdbl.pl.txt -- Stan
