Back from travelling... > On 12 Jan 2015, at 12:00 pm, Wietse Venema <wie...@porcupine.org> wrote: > > Mark Nottingham: >> Hi, >> >> I?d like to insert SMTP headers and/or body content (e.g., using alterMIME) >> in outgoing e-mails *if* the SMTP connection to the recipient is not >> protected by TLS. >> >> Is this possible in postfix today, or would it require a change to source? > > No, you add the headers with a policy daemon, a Milter, or with > an SMTP-based content filter. > > With a policy daemon in smtpd_data_restrictions, use the PREPEND > action to add a header when the encryption_protocol, encryption_cipher > or encryption_keysize attributes are empty. postfwd might have > all that you need. > > Milters are available in Python, Perl, C, Java, and probably more > languages. Just look at your Postfix's Received: header, assuming > that you have "smtpd_tls_received_header = yes". You may also > be interested in "smtpd_sasl_authenticated_header = yes".
Just to check here -- I'm interested in doing this for e-mail that I send to others -- i.e., when Postfix is operating as an SMTP client, not server. The purpose is to inform recipients when their mail server doesn't support TLS for incoming e-mail (by modifying message content). smtpd_tls_received_header appears to record the state of incoming connections -- i.e., those in which it is acting as a server. I effectively need a milter to run on outgoing e-mail when the connection is open, not beforehand. Cheers, -- Mark Nottingham https://www.mnot.net/
