From: Victor Duchovni (Victor.DuchovniMorganStanley.com)
Date: Wed Nov 21 2007 - 12:43:16 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 21, 2007 at 06:31:41PM +0000, Keean Schupke wrote:

> > You then have ~300s for the log-parser to catch up and add the the
> > transport to "defer_transports".
> >
> > Probably the best that can be done, and no patches to smtp(8) required.
>
> Log parser seems a flakey soluton, when we can have a rock solid,
> in-step solution in the sasl auth protocol, and reduce unnecessary
> network traffic too.

You don't need network traffic to parse local logs. And being outside the
MTA the log parser does not prevent the user from upgrading Postfix in the
future. A private feature would lock the user into the modified release.

The SMTP delivery agents reacts to delivery failures by logging the
failure. It is running with reduced privileges ("postfix" not "root")
at that point, and perhaps in a chroot jail. If it can update the
configuration at that point, we have a security mis-feature.

Your specific needs may be best *today* by changing smtp(8), but I am
guessing such a change will not be adopted into the official release. The
code is open-source, so of course you can run a modified copy.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]