On 2020-09-30 10:08, Wietse Venema wrote: > Demi M. Obenour: > > Checking application/pgp-signature: FAILURE >> When a message is submitted using postdrop, Postfix is obviously aware >> of which user submitted it, as it includes the UID in the Received: >> header. Is it possible to use this information in a canonical(5) >> table, or is a milter required? >> >> Thank you, > > You mean the numerical UID that that is shown in a comment: > > Received: by mail.example.com (Postfix, from userid 1001) > id 4C1dKq2WvyzJrNw; Wed, 30 Sep 2020 10:04:31 -0400 (EDT) > > Postfix address rewriting is limited to headers that contain only > addresses: From:, To:, Cc:, Reply-To:, and the like. And address > rewriting never looks at the content of comments. > > For everything else Postfix can only replace entire headers (through > header checks or milter header delete/insert actions). > > Wietse
Darn. I was hoping that I could get by without a milter, but now it is clear that a milter will be needed, at least with current Postfix. How difficult would it be to implement this natively in Postfix? More specifically: - If a message arrives via the SMTPS or submission ports, I want to replace the address part of the user-supplied From: header with the envelope From: header. This allows me to use reject-sender-login-mismatch to prevent users from sending messages with forged From: addresses. - I want to create a table that maps the local user to the addresses that they can send mail through Postfix as. As an example, I might want Alice to be able to send mail as anyone, while www-data can only send mail as majordomo, and everyone else can only send mail as themselves. Ideally, this should work both for mail submitted with postdrop(1), and for mail submitted via SMTP over AF_UNIX sockets. If this belongs in Postfix, then I would like to request it as a feature. However, a milter might be the best option, and that is also fine. I am no expert on mail servers. Sincerely, Demi
signature.asc
Description: OpenPGP digital signature
