On Fri, Oct 16, 2020 at 10:51:52AM -0700, PGNet Dev wrote:
> my usual postfix front-end workflow is
>
> postscreen
> if 'fail', reject
> if 'pass', then
> internal smtp
> etc
>
> i'd like to implement a 'maintenance/offline mode' -- WITH smtp response --
> effectively adding
>
> postscreen
> if 'fail', reject
> if 'pass', then
> + if 'maintenance mode' = ON, then
> + reply SMTP 4XX, msg = (user specified message,
> e.g. down 4 maintenance, try again in X hours)
> + else if 'maintenance mode' = OFF, then
> internal smtp
> etc
That can just be handled via smtpd(8) (your 'internal smtp'):
> is there an already built-in maintenance-mode, or somesuch, in postfix?
> it'd be most convenient; if it's in docs, i've missed it.
If the custom 4XX response is not a hard requirement, the simplest
solution is:
main.cf:
# To defer all email, change to: lunchtime = y
lunchtime =
smtpd_recipient_restrictions =
${lunchtime?defer_if_permit}
...
Which will still reject invalid recipients, ... and only defer what
you'd otherwise accept.
See:
http://www.postfix.org/postconf.5.html#defer_if_permit
http://www.postfix.org/postconf.5.html
If you really must have a custom 4XX response, then you can use:
main.cf:
# To defer all email, change to: lunchtime = y
lunchtime =
smtpd_client_restrictions =
${lunchtime?check_client_access static:{450 4.3.2 Scheduled
downtime, come back later}}
...
Note that sites that do sender-address-verification (does anyone still
do that?) may then tempfail your outbound mail, during the downtime and
likely for some time after after you restore service.
--
Viktor.
