On Tue, Apr 01, 2025 at 12:03:38PM +1100, Viktor Dukhovni wrote:
> For example, I tested:
>
> smtpd_restriction_classes =
> prepend, prepend1, prepend2, prepend3
>
> # These could be "check_recipient_access", possibly use LDAP and
> # could interpolate the recipient address into the header.
> #
> prepend1 = check_client_access static:{PREPEND X-Prepend1: foo}
> prepend2 = check_client_access static:{PREPEND X-Prepend2: bar}
> prepend3 = check_client_access static:{PREPEND X-Prepend2: baz}
>
> prepend = prepend1, prepend2, prepend3
>
> smtpd_recipient_restrictions =
> # Test from a client not listed in mynetworks!
> permit_mynetworks,
> reject_unauth_destination,
> check_recipient_access inline:{ { test-user@$mydomain = prepend } }
> ...
Another approach is to use a policy service, invoked multiple times in
"smtpd_recipient_restrictions" (as many as the maximum number of headers
that need to be added). Because this can keep state about any headers
already added, it can in each call return only the next header not yet
added, and with multiple recipients, deduplicate the "PREPEND" actions,
if they the content is the same for multiple recipients.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
