Christian Roessner:
> >> I am interested in including the DWL feature from SpamHaus into
> >> postfix.
> > Wietse:
> >> DWL requires content external content inspection. For example, a
> >> Milter, or a before-or-after-queue SMTP-based filter. Either approach
> >> can be used to verify the DKIM signature and the VBR header.
> >
> > I'm working on a SpamAssassin plugin to implement Spamhaus DWL
> > (and other 'SA tag'- based DNS lookups). It is a bit more tricky
> > than it seems at first glance. Coupled with amavisd-new 2.7.0
> > in a pre-queue proxy mode this could accomplish the job (i.e.
> > meeting Spamhaus DWL requirements, not a general VBR implementation).
>
> That's great to hear :) My only problem is that I think that there
> needs to be "something" inside postfix that prevents postfix from
> rejecting a mail, beofre it was checked against DWL/DKIM.
Postfix must not reject CONNECT, HELO, MAIL FROM, RCPT TO or DATA.
Instead, any REJECT must happen AFTER the before-queue filter has
examined the complete envelope and message content.
Therefore, the before-queue filter knows that the mail should be
rejected.
Therefore, the before-queue filter can reject the mail at END-OF-DATA
time, and no change to Postfix is needed.
Wietse
