From: Ronald F. Guilmette (rfgtristatelogic.com)
Date: Fri May 16 2008 - 04:26:59 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've been writing a modest little policy server. It's nothing to write
home about yet, but I hope to turn it into something really useful and
then distribute it freely.

But in order to realize my dreams, I need a couple of small clarifications
about the policy server protocol, and also, I'm afraid to say, I may have
one or two modest enhancement requests for the protocol.

First, the clarifications...

The SMTPD_POLICY_README document describes the "recipient" attribute of
the protocol thusly:

  * The "recipient" attribute is available only in the "RCPT TO" stage, and in
    the "DATA" and "END-OF-MESSAGE" stages when Postfix accepted only one
    recipient for the current message.

I'm not at all sure that I'm interpreting that correctly. Does the quali-
fication "...when Postfix accepted only one recipient for the current message"
apply to _all_ instances in which the "recipient" parameter is supplied to
the policy server by Postfix? Or does it only apply to those cases where
Postfix is exchanging information with the policy server ``in the "DATA" and
"END-OF-MESSAGE" stages''?

That's my first question.

Second question: Regardless of the set of "stages" in which the "recipient"
parameter is only supplied to the policy server when it is the singular
allowed recipient, why is it that Postfix can't/doesn't supply the entire
list of all of the (multiple) allowed recipients? Is there some special
problem that I'm not aware of that prevents Postfix from handing the policy
server the whole and entire list of permitted recipients? (I'm just trying
to understand things a bit better here.)

Now on to the enhancement request(s)...

Obviously, the policy server protocol is all about blocking undesirable
e-mails. It occurs to me that it would be Very Nice to be able to make
use of the protocol in a way that allows for per-actual-local-recipient
individualized tailoring/adjustment/configuring. Perhaps I have failed
to understand the actual semantics of the current protocol... and I feel
sure that someone will tell me if I have... but it seems to be that there
may be at least two potential difficulties that might thwart individualized
per-actual-local-recipient customization of the behavior of a common system-
wide policy server, i.e.:

1) It appears that the "recipient" parameter, when available, may perhaps
be the actual original envelope recipient address, i.e. before alias expansion
and other Postfix address rewriting. I understand that there might be some
problems created if Postfix were to try to also pass a post-rewriting
recipient "address", via the protocol, to the policy server (e.g. the
results of rewriting may be whole list of things, and also may not even
be an "address" anymore) but regardless of such problems, I think that in
many situations and environment, it would be most helpful for the policy
server to have access to a post-rewrite recipient address. (In my own case,
I have virtually no addresses here locally that get rewritten into either
lists or file or pipes, but I _do_ have about eighteen zillion aliases...
all beginning with "rfg-"... which are all aliased to the local recipient
address "rfg". I'd love to be able to able to have a policy server that
knows about the rewritten forms of all those aliases, and that could just
go and look in, say, ~rfg/.postfix_policy_settings to find out how incoming
e-mail addressed to any/all of those aliases should be filtered.)

2) Consistant with the general goal (hope? dream?) of being able to tailor
policy server behavior on a per-actual-local-recipient basis, it would also
be Nice if Postfix conducted a separate transaction with the policy server
for each individual RCPT TO. That way, if the current message is addressed
to, say, ten different local users, and if five of those have elected to reject
mail from the relevant sender address, then the policy server could, in
effect, instruct Postfix to issue 5xx responses for the just those five
RCPT TOs, while still issuing 2xx responses for the other five recipients.

Thanks in advance to Wietse for a fine product, for answers to my questions
(unless Ralf or Victor beats you to it), and of course, for any consideration
you may give to my enhancement requests.

Finally, I'd just like to state the obvious... When it comes to e-mail,
filtering is _the_ big issue. And when it comes to filtering, per-user
customization is an extraordinarily important feature... maybe even a
deal maker/breaker... in a lot of environments. Yes, it's probably
possible to do just about anything if one goes the Milter route, or if
one elects instead to make filtering decisions after reception (i.e.
during local delivery) but it seems to me that neither of those options
is nearly as attractive as using Postfix's policy server protocol. Now,
if the protocol would just support per-user filtering customizations, then
I feel sure that I (and any number of other people) could develope some
really exciting and interesting individually-customizable policy servers.

Regards,
rfg

P.S. My apologies if the above ideas have already been advanced. If so,
I plead ignorance of that.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]