Apologies if my random ignorance has been a bit much. Thanks for taking the time to look at the posibilities and also discuss them with added words for me to look in to. The mention of Policy Servers and Milters along with the information that is supplied to them by Postfix causes me to come up with another brain fart.
Having put my foot in it by suggesting that Postfix might make calls to external functions requiring root access, in particular IPTables, what if Postfix had its own version of IPtables. I could have a logs_check containing keywords. Postfix would check those trigger words and log the triggering IPs to its own file. Then, when the IP tried to connect again, it could immediately drop the connection. No doubt there will be security problems with that idea but the local file would be much simpler for the user to deal with particulary in terms of editing and maintainence. I kow it makes me sound lazy, I am, but IPTables is a whole new thing to learn in and of itself My problem with Policy Servers and Milters is that I am painfully thick and would not be able to begin to write anything meaningful. As others have mentioned I have bodged together my own script that parses the log files looking for matches and blocking miscreants via IPTables. At the moment, I have time on my hands, I run it by hand but I could cron it. Again thanks for having the conversation but for now I shall leave you alone and watch from the sidelines. Best Bob On Wed, 2024-07-24 at 19:57 -0400, Wietse Venema via Postfix-users wrote: > postfix--- via Postfix-users: > > > what's the main difference between a policy server and a milter? > > > > > > Policy Server: > > - Coded quickly in scripting language > > - Lightweight, simple, and fast to setup > > - Is only provided limited header information by postfix for > > evaluating > > No headers or body. > > Supports complex conditions on helo, client, recipient, and other > envelope information. > > Example: postfwd, https://www.postfwd.org/ > > > > > Milter: > > - More complicated to setup and code > > - Has access to the entire email (Headers, body, attachments) > > - More robust for large volumes of email > > Supports complex conditions on envelope (helo, client, recipient, > etc.) and message content. > > Example: milter-regex, https://www.benzedrine.ch/milter-regex.html > > Wietse > _______________________________________________ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
