On Thu, Dec 16, 2010 at 10:16:08AM -0800, Jack Bates wrote:
> How can a Postfix "content filter" tell whether the upstream client
> authenticated or not?
If the top-most Received header matches "with (SMTP|ESMTPS?A?)", the
"ESMTPSA" and "ESMTPA" cases correspond to an authenticated client,
with or without TLS.
Adjust appropriately if the content filter is more than one hop away
from the MSA. And don't discard that header. You can also arrange
to record the SASL user name in the same header.
http://www.postfix.org/postconf.5.html#smtpd_sasl_authenticated_header
and if you like remove this in transit through the filter.
--
Viktor.
