The Postfix MTA consists of several components/services that work together to perform the different stages of delivery and receipt of mail; these include the smtp daemon, the pickup and cleanup processes, the queue manager, the smtp service, pipe/spawn/virtual/rewrite ... and others (including the possibility of custom components).
Postfix also provides several types of hooks that allow it to integrate with external software, such as policy servers, filters, bounce handlers, loggers, and authentication mechanisms; these hooks can be connected to different components/stages of the delivery process, and can communicate via (at least) IPC, network, database, several types of flat files, or a predefined protocol (e.g. milter).
An old and very limited example of this is shown at this page.
My question:
Does anyone have access to a resource that describes these hooks, the components/delivery stages that the hook can interact with, and the supported communication methods? Or, more likely, documentation of the various Postfix components and the hooks/methods that they support?
For example:
Given the requirement "if the recipient primary MX server matches 'shadysmtpd', check the recipient address against a list; if there is a match, terminate the SMTP connection without notice".
My software would need to 1) integrate into the proper part of the SMTP process, 2) use some method to perform the address check (TCP map server? regular expressions? mysql?), and 3) implement the required action (connection termination).
Additionally, there will probably be several methods to accomplish this, and another requirement would be to find that which best fits (ex: a network server might be faster than a flat-file lookup; or, if a large volume of mail might be affected by this check, it should be performed as early in the mail process as possible).
Real-world example:
The apolicy policy server (performs checks on addresses according to user-defined rules) is designed as a standalone TCP server that hooks into Postfix inside the smtpd
component via the directive 'check_policy_service inet:127.0.0.1:10001
' in the 'smtpd_client_restrictions
' configuration option.
This means that, when Postfix first receives an item of mail to be delivered, it will create a TCP connection to the policy server address:port for the purpose of determining if the client is allowed to send mail from this server (in addition to whatever other restrictions / restriction lookup methods are defined in that option); the proper action will be taken based on the server's response.
Notes:
1)The Postfix architecture page describes some of this information in ascii art; what I am hoping for is distilled, condensed, reference material.
2) Please correct me if I am wrong on any level; there is a mountain of material, and I am just one man ;)
Thanks!
A very old picture of the flow is here: http://www.postfix.org/big-picture.gif
http://www.postfix.org/documentation.html You are looking for the documentation under SMTP Relay/access control and Content inspection (all of those documents).
I'll be glad to offer specific advice, but the documentation is a fairly good summary.
For the example query you have given above, you would implement a custom policy server. See http://www.postfix.org/SMTPD_POLICY_README.html for examples.