Wietse Venema:
> The Postfix queue is designed to be a short-term message store
> where files can be located quickly based on their name alone.
>
> I don't think it is a good idea to re-purpose this design for
> routine long-term storage of messages waiting for approval, or to
> break the design by making file locations dependent on properties
> other than the file name.
>
> I also don't think that re-injection queue files directly into the
> queue is a good idea. Moving files back into the queue after
> several days breaks more things than we discussed sofar.
>
> For example, re-injected files will be past their expiration time.
> This breaks another fundamental assumption of the queue file life
> cycle, namely that there will be multiple delivery attempts before
> a message expires. And you'd have the same problem with other MTAs.
>
> If your infrastructure requires a review cycle, then it makes no
> sense to keep that mail in the Postfix queue. The messages should
> be given to a (web-based?) review system, and that system should
> submit approved email via SMTP or /usr/sbin/sendmail to Postfix,
> preserving the old contents and the old envelope sender/recipient.
Combining this with part of Victor's mail, the setup would look
as follows:
Invoke the Postfix FILTER action to pass to-be-approved mail via
SMTP or LMTP to quarantine system. This way the Postfix queue is
used for the designed purpose: short-term storage, and any problems
with the quarantine system will be handled via the usual SMTP retry
mechanisms. To avoid unnecessary chattiness, you may want to disable
DSN announcements in the perimeter server's EHLO responses.
The quarantine system uses a file organization that is more optimized
for longer-term storage, and for access patterns that are typical
for quarantine systems.
Once mail is approved, inject via SMTP or /usr/sbin/sendmail into
Postfix, so that the messages start with a fresh expiration cycle.
No screwing around with inodes, file names, and other Postfix-internal
details that will get you locked in on an obsolecent release.
Wietse
