On Tue, Jun 21, 2022 at 01:25:28PM +0200, Crni Gorac wrote:
> Working on a machine, let's call it my.domain.com, where users are
> taught to forward mail using procmailrc, and nowadays some of the
> servers where messages get forwarded don't like it and blacklist us
> for this reason. So we're looking is there a way through Postfix to
> reject outgoing messages of this type, forwarded to specific domains.
> Basically, our first idea (probably wrong) was to use
> smtp_header_checks to match messages with X-Original-To header having
> "*@my.domain.com", but then we'd have to combine this somehow with the
> check of the domain that the message gets forwarded to, and this one
> is not in headers. Any suggestion here, is it possible to do
> something alike within Postfix?
You'll need a milter that examines the message envelope and headers, and
applies the appropriate policy. If you're also using "simple" content
filters, you may need to take care to not apply the same policy to
inbound mail resubmitted after processing by the filter.
A multi-instance configuration with a dedicated local submission null-client
may help, but the MTA instance may need to be sure to not export the
"MAIL_CONFIG" environment variable to procmail, so that procmail
submission happens via the null-client instance. Perhaps:
local unix - n n - - local
-o { export_environment = TZ LANG=C }
Otherwise sendmail(1) invoked by procmail via local(8) would end up
submitting mail back into the MTA instance.
--
Viktor.
