Thanks for your instant reply Wietse. Postfwd looks like a great tool, but i think it wont fit well in my requirements. For example, it is all file based configurations. Even when i could replicate the files to all nodes, I would prefer to store the rules and actions in a DB as those are created on demand and easily replicated to all postfix instances (which does not have a fixed amount). Also i am afraid of, in case i want to extend functionalities in the future, if postfwd will support it. Also rust runs fast and smooth, so i guess it will be very performant. :)
About the milter, i'm going to read a little bit more. I used to know how it works, but since long time i'm not system administrator anymore :) But, apart of spam & virus filtering systems, is the previous idea more less well? In a nutshell: use the policy access server for basic rules and actions at first, and only if the ruleset gets complicated with content filtering, return a "FILTER" action in the server, and continue filtering with a milter? Probably i will have then to double check the matching rules, which is not nice. Or is it possible to pass, for example an identifier (matched rule uuid) to the milter? Greetings and again thanks for your reply! On Tue, Aug 25, 2020 at 5:31 PM Wietse Venema <wie...@porcupine.org> wrote: > Manuel Mely: > > Hi there, > > > > I?m at the moment in the concept stage for the implementation of custom > > policies which will be attached to several postfix instances. > > > > A brief description of what i have now: > > > > I have three postgres tables: mail_filter, mail_filter_rule and > > mail_filter_action > > > > a filter (mail_filter entry) can have one or many rules (mail_filter_rule > > entries) as well as actions (mail_filter_action entries) > > > > For example, > > > > Filter 1, could be something like, mail from: f...@bar.org and rcpt to: > > b...@foo.org and in this time frame 14:00-19:00 could be (and now come > the > > actions in to play), "blocked" > > There is prior art in postfwd (www.postfwd.org) for inspecting SMTP > and blocking commands. > > > Filter 2, could be something like, mail from: domainX.com and rcpt to: > > b...@foo.org and in this time frame 10:00-13:00 could be "remove > attachments > > of mime type Y and notify someone" > > If you want to inspect/modify content in addition to inspecting > SMTP commands, then that may be better done with a Milter, as Postfix > intentionally no significant content modification primitives built-in. > Milter protocol implementations exist for many languages. > > Wietse >
