Wietse Venema:
> Ronald F. Guilmette:
> > >In the case of a Postfix-only solution, whitelist updates could be
> > >generated by mis-using smtp_generic_maps, relocated_maps, etc. (add
> > >an address if it isn't already "known")
> >
> > Could you be induced to elaborate on the above comment, hopefully at
> > length?
>
> With a socketmap daemon:
>
> /etc/postfix/main.cf:
> relocated_maps = socketmap:inet:host:port:name
> relocated_maps = socketmap:unix:pathname:name
>
> This queries relocated_maps for every envelope recipient before
> email delivery.
>
> You provide a server that runs on the specified TCP host and port
> (or UNIX-domain socket) that speaks the socketmap protocol, and
> that answers all queries with "not found". The socketmap protocol
> is described in the socketmap_table(5) manpage. There is a Python
> socketmap implementation.
>
> This server maintains a persistent database, adding an (address,
> suitable Postfix access map reply, see below) entry if the database
> entry does not already exist. The database could be MySQL, LMDB,
> but not any version of Berkeley DB > 1.85 because that does not
> work with Postfix locks.
This suitable reply can be a time stamp of the last database update
for that address. Postfix treats an all-numerical field as "OK".
Then, you can do the proactive refresh as described below with any
database type.
Wietse
> The database is queried with check_sender_access, and returns the
> suitable reply value that was stored by the socketmap server.
>
> If you use an MySQL database then your server can also maintain a
> "last update" time-stamp field with each address and reply so that
> an inactive address can be recognized as "too old". When an active
> address entry is mid-way towards expiration, the socketmap server
> updates the time stamp to prevent the address from becoming "too
> old".
>
> If you use an LMDB database then your server has to implement the
> Postfix external locking protocol as described in lmdb_table(5).
> LMDB built-in locks are not suitable (they require a world-writable
> lockfile, and that would violate the Postfix security model).
>
> Wietse
>
