From: Noel Jones (no email)
Date: Thu May 24 2007 - 08:32:03 EDT
At 01:40 AM 5/24/2007, Daniel L. Miller wrote:
>Noel Jones wrote:
>>At 03:12 PM 5/23/2007, Daniel L. Miller wrote:
>>>Noel Jones wrote:
>>>
>>>>http://www.postfix.org/SMTPD_PROXY_README.html
>>>>http://www.postfix.org/FILTER_README.html
>>>So ignoramuses like me would translate those params as
>>>"before_queue_filter" and "after_queue_filter"?
>>>
>>>By using the before queue filter - does that mean that ASSP
>>>services such as greylisting or SMTP banner delay would be
>>>unavailable and require implementing with Postfix policies?
>>
>>Unless ASSP supports the XFORWARD extensions, the only way it will
>>work fully is as a proxy in front of postfix.
>To be clear - if XFORWARD is supported - would those features
>(greylist, banner delay, etc.) still be effective? Or since Postfix
>is already communicating with the remote client are these services -
>particularly banner delay - unusable?
If XCLIENT is supported, all those features /should/ work when using
ASSP as a smtpd_proxy_filter. I misspoke earlier - XCLIENT is the
proper tool for delegating decisions based on client connection
information in a pre-queue filter, XFORWARD is for consistent logging
information and intended for an after-queue filter.
http://www.postfix.org/XCLIENT_README.html
http://www.postfix.org/XFORWARD_README.html
The issue is that without XCLIENT support, the next-hop in any proxy
chain sees all connections as coming from localhost, making it
impossible for the next-hop to distinguish connections from each other.
-- Noel Jones
|
|
|