Tim Prepscius:
> oh wow, this worked, first time too. jeeze.. that's awesome.
>
> Thank you again, to answer your questions:
>
> 1. I do in fact want to only accept mail from static ips and those
> not on the block list. But I figure there are configuration examples
> for this. I can spend the time to figure this out I think. This has
> to be standard config.
This is not a standard configuration. A standard configuration
accepts mail from anywhere to a restricted set of domains, and
accepts mail from a restricted set of clients to anywhere.
> 2. I do in fact want to only accept mail for people in my database,
> but I was hoping to as well provide an "external program" to return
> 0/1 for accept/deny for a recipient.
Again, that is not a standard configuration.
> If you have suggestions on #2, I'll take them!!! ;-)
If you only accept mail from a restricted set of clients, then
this could be as simple as
mynetworks = list of networks and/or IP addresses
smtpd_recipient_restrictions = permit_mynetworks, reject
http://www.postfix.org/postconf.5.html#permit_mynetworks
http://www.postfix.org/postconf.5.html#mynetworks
As for validating recipients, I recommend that you use database
that Postfix can query.
virtual_mailbox_domains = example.com, example.net, ...
virtual_mailbox_maps = maptype:mapname
virtual_transport = javapipe
http://www.postfix.org/postconf.5.html#virtual_mailbox_domains
http://www.postfix.org/postconf.5.html#virtual_mailbox_maps
http://www.postfix.org/postconf.5.html#virtual_transport
http://www.postfix.org/ADDRESS_CLASS_README.html
where maptype:mapname returns a non-empty result when the recipient
is valid. This can be hash:/file/name, mysql:/file/name,
ldap:/file/name, or any other database that Postfix supports.
http://www.postfix.org/msql_table.5.html
http://www.postfix.org/ldap_table.5.html
http://www.postfix.org/DATABASE_README.html
Wietse
> -tim
>
> On 9/15/13, Wietse Venema <wie...@porcupine.org> wrote:
> > Tim Prepscius:
> >> Hello,
> >>
> >> This has probably been answered in some thread, however I'm having a
> >> hard time finding it.
> >> I'm reading through the documentation, and it is not clear how I would
> >> fashion a configuration.
> >>
> >>
> >>
> >> I would like to run postfix in the following fashion:
> >>
> >> 1. post fix receives mail from anyuser@anydomain TO
> >> someotheruser@anyotherdomain using SSL (PFS kind)
> >>
> >> 2. after mail is received, my java or native handler program is
> >> executed with the *entire* mail sent text via a
> >> pipe/file/env/whatever.
> >>
> >> It would be great if the mail never touched disk. I could guarantee
> >> the mail handler returns almost instantaneously.
> >>
> >>
> >> 3. it would be nice, but not necessary, that if the above handler
> >> program exits with an error, PostFix bounces with some generic
> >> message.
> >>
> >>
> >>
> >> But with the following additional needs:
> >>
> >> 1. I don't want to make user accounts in the file system or actually
> >> anywhere. I don't want to write them down.
> >> 2. I don't want to register the *real* domain name anywhere. (in any
> >> file or account, etc)
> >>
> >> Is this possible?
> >>
> >> To reiterate:
> >> Postfix would only do the protocol of receiving mail, mail would then
> >> be sent to a handler program I have written.
> >
> > It's easy enough to send all mail into a pipe(8) command.
> >
> > /etc/postfix/main.cf:
> > transport_maps = static:javapipe
> >
> > /etc/postfix/master.cf:
> > javapipe .... pipe
> > user=xx flags=yy argv=/some/where/java-program $sender $recipient
> >
> > However:
> >
> > - How would Postfix know what domains to receive? It's a bad idea
> > to accept mail from any client to any destination. That would be
> > an open relay.
> >
> > - How would Postfix know what recipients are valid? It's a bad idea
> > to accept-then-bounce mail for non-existent recipients.
> >
> > Wietse
> >
>
