On Tue, Mar 16, 2021 at 11:07:54AM +0100, Jens Hoffrichter wrote:
> We have a central, internal mail dispatching system, after all the
> content filtering etc. which processes inbound and outbound emails.
It seems that this is the system you're trying to configure. Do you
have any influence on the configuration of the upstream systems?
> The challenge I have now is that all messages from applications (which
> are concentrated on a different class of servers before as well) to
> the backend mail servers need to be delivered to a different port on
> the backend mail servers.
It is likely simplest to have the application traffic come in to a
different IP address or port and land in a different Postfix instance as
a result (as in MULTI_INSTANCE_README, not just a separate smtpd(8)
service).
> Mail from applications to external recipients need to be delivered to
> the regular smart host. All other mail to the backend mail servers
> needs to be delivered on the regular port.
This can be difficult to impossible to do correctly within a single
instance, because your routing decision is both origin (application vs.
regular sender) *and* destination (internal vs. external recipient)
dependent...
> Application to internal recipient -> app mail concentrator -> mail
> central -> backend with special port
If the applications are identifiable by an envelope sender address
(after it was perhaps mutated in cleanup) these can be preempted via
# default relayhost
relayhost = [backend]
# maps appsender -> [backend]:someport
sender_dependent_relayhost_maps = type:table ...
> Application to external recipient -> app mail concentrator -> mail
> central -> regular outbound smarthost
These can be exempted from the relayhost munging via:
default_transport = smtp:[backend]:25
an explicit nexthop on the default transport is not preempted
by "relayhost" settings (normal or sender-dependent).
> Any other mail to internal recipient -> mail central -> backend
These will use "relayhost" or "default_transport", which
amount to the same thing.
> My thought was now to add a special X-Header on the app mail
> concentrator, which changes the routing decision on the mail central.
Headers are not helpful here, instead if you can decorate the sender
addresses into a special subdomain for application senders, that'd be
more useful.
sen...@app.example.com
you could do that as a rewrite in cleanup(8) if the application traffic
comes into Postfix on a different port.
--
Viktor.
