The Postfix MTA has a feature that allows delegation of the access
policy:
http://www.postfix.org/SMTPD_POLICY_README.html
I'm thinking about implementing a postfix policy that would check
TMDA. Basically, as soon as postfix has the sender and recipient
addresses, it sends them off to the policy and waits for a response.
It makes the sender wait until it's got the response before allowing
the sender to continue.
I want to do this because:
1) I'd be able to evaluate emails while the actual originator
is connected to me. In order to communicate results, TMDA relies
on the SENDER address as reported by the originator. This can
(of course) be fake or a joe-job. I'd like to avoid wrongly
trying to communicate results to a fake address or to a joe-job.
2) I wouldn't have to consume the bandwidth of receiving the
body of a message that I was going to reject.
My first goal would be to implement bounces only. Eventually,
I'd like to figure out if I could issue challenges through this
mechanism. But first things first.
I think I can do this by simply adding an optional call to
Util.filter_match() to tmda-check-address. The option that I'd
add to do this would be:
-a, --all
In this case, tmda-check-address would first run through if the
recipient address was a valid tagged address. And then it would
go through and figure out whether or not that address was in any
incoming filter. And it would report back the action that should
be taken.
Obviously, to do this whole thing, I'm also going to need to get
permissions to all config files. I'm going to look at tmda-ofmipd
and see whether or not I can mimic what's done there.
Thoughts? Objections? Advice?
Thanks,
- Mark
_________________________________________________
tmda-workers mailing list ([email protected])
http://tmda.net/lists/listinfo/tmda-workers
