What is the best way to check that all email sent out of a network (e.g. via a single, common SMTP server) meets arbitrary criteria, otherwise redirecting, bouncing or sending warning messages as required?
Example criteria:
- Certain headers are set if others are set.
- If a specific address is used, inject another as a CC
Do most/all MTAs work like this, or is there a better way to go about it, using a tool or service in between?
Thanks!
Creating an MTA which can check messages going through it, processing it, etc is one thing, but making sure all mail sent out of a network uses it is another.
You will need to use NAC - Network Access Control - to manage the network. For example, what if a client connects to the network and tries to use their own mail client, with an external mail server? What if the external mail server runs on a non-standard port?
Some sort of packet inspection must take place that would ensure that any emails trying to go out of the network would need to be routed through the centralized mail server and not through some external server. This will involve some pretty far-reaching changes to a network that is not designed for this.
Once this part is taken care of, you can set up an MTA to pretty much do anything you want using policy controls and other methods. A favorite of mine is Postfix.