Postfix has a variety of options and I think there might be a way to
leverage them, but after hours of trying I couldn't get it to work.
The goal:
To use headers/metadata from the incoming mail message to determine if
delivery should be allowed based on the recipients of the message.
Example: development/test environments, only allow whitelisted
recipients to get messages. I couldn't find any packages, SaaS
services or other options out there (except Mandrill with their
"rules" capability, but there is no API to manage the whitelist...)
So based on the client connecting and the recipients, it might allow
the message to go through, or not.
In very hacky pseudocode:
if (SMTP client is not in production list) {
if (recipient is in whitelist table) {
allow message
}
}
This would allow control for preproduction or other environments to
have a limited amount of addresses in which it can send mail to.
Normally this can be done at the application level, but I don't have
the ability to control all the applications landing in the
environments I manage, and there's always room for bugs in that. I am
trying to implement a single SMTP proxy with some basic rules on it. I
don't believe postfix can do this out of the box because it requires
more than just basic client checks (postfix has the ability to decide
if the client has access) but I need to inspect it one level deeper -
because ANY client should be able to connect, but the destination
addresses are what needs to be examined. It also needs to support
multiple addresses in any of the To:, CC: or BCC: fields (can't
control how each application writes it out)
Simply setting up two separate SMTP ports - one for production and one
for preproduction also will not work. Because the whitelist might be
different depending on each client.
I tried to setup a filter and use spawn to pass the message to one of
my scripts, but it wouldn't work. I couldn't even get my application
to trigger. I was using the examples at
http://www.postfix.org/FILTER_README.html
(ideally I can use PHP as it is my language of choice. the
/var/www/filter.php script was working, accepting stdin properly and
was executable)
I'm open to any ideas, or if anyone has
services/daemons/scripts/whatever to suggest. Any help is appreciated.
Ideally I wouldn't have to run the entire message through a filter,
but rather be able to simply execute a script which gets mail headers
/ client information and can somehow tell postfix if it should be
allowed or not(?)
Thanks in advance.
master.cf:
127.0.0.1:10025 inet n n n - 3 spawn
user=www-data argv=/var/www/filter.php 127.0.0.1 10026
127.0.0.1:10026 inet n - n - 10 smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
# Postfix 2.10 and later: specify empty smtpd_relay_restrictions.
-o smtpd_relay_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
scan unix - - n - 10 smtp
-o smtp_send_xforward_command=yes
-o disable_mime_output_conversion=yes
-o smtp_generic_maps=
main.cf:
content_filter = scan:127.0.0.1:10025
receive_override_options = no_address_mappings
