Alexander 'Leo' Bergolth
2018-11-21 10:56:04 UTC
Hi!
Is it possible to assign a different policy bank to SASL authenticated
users for mail that arrives via port 25.
I am using a pre-queue filter setup with postfix:
smtp inet n - n - 20 smtpd
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=8
-o smtpd_proxy_options=speed_adjust
-o receive_override_options=no_address_mappings
I know the technique of using different amavisd ports for mail that
arrives on port 25 and 465 but in that case there is only one incoming
port and only one postfix master.cf service entry with one
smtpd_proxy_filter statement.
I also know Example 3 of the policy bank docs
(https://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks-ex)
that demonstrates how to switch policy banks using selective
content_filters in postfix. But that doesn't work for pre-queue filtering.
I have also looked for something similar to XFORWARD that tells amavisd
about a possible SASL authentication but that information doesn't seem
to be available yet and it doesn't look like there is any recent progress:
http://postfix.1071664.n5.nabble.com/SASL-username-forwarding-to-before-queue-filter-td55968.html
Any hints?
Cheers,
--leo
Is it possible to assign a different policy bank to SASL authenticated
users for mail that arrives via port 25.
I am using a pre-queue filter setup with postfix:
smtp inet n - n - 20 smtpd
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=8
-o smtpd_proxy_options=speed_adjust
-o receive_override_options=no_address_mappings
I know the technique of using different amavisd ports for mail that
arrives on port 25 and 465 but in that case there is only one incoming
port and only one postfix master.cf service entry with one
smtpd_proxy_filter statement.
I also know Example 3 of the policy bank docs
(https://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks-ex)
that demonstrates how to switch policy banks using selective
content_filters in postfix. But that doesn't work for pre-queue filtering.
I have also looked for something similar to XFORWARD that tells amavisd
about a possible SASL authentication but that information doesn't seem
to be available yet and it doesn't look like there is any recent progress:
http://postfix.1071664.n5.nabble.com/SASL-username-forwarding-to-before-queue-filter-td55968.html
Any hints?
Cheers,
--leo
--
e-mail ::: Leo.Bergolth (at) wu.ac.at
fax ::: +43-1-31336-906050
location ::: IT-Services | Vienna University of Economics | Austria
e-mail ::: Leo.Bergolth (at) wu.ac.at
fax ::: +43-1-31336-906050
location ::: IT-Services | Vienna University of Economics | Austria