Postfix header_checks happen while mail is received. Milters can add headers only after the end of the email message is received. That is a feature of the Milter protocol.The Milter protocol has a DISCARD feature. If you can configure your application to send SMFIR_DISCARD into Postfix then you are done. On the other hand, if header_checks are the only way, it will take new code (not happening soon) or extra configuration (see example below). No code has been written to apply header_checks and body_checks when Milters add or modify the message content. The question has never come up, so that could be called an oversight. I don't have much time to write new code soon, so the next option is better. You can work around this with a null content filter (Postfix SMTP client talking directly to Postfix SMTP server on port 10025). Below is a basic example; the text in FILTER_README provides configurations with more bells and whistles. /etc/postfix/master.cf: 1 # ==================================================================== 2 # service type private unpriv chroot wakeup maxproc command + args 3 # (yes) (yes) (yes) (never) (100) 4 # ==================================================================== 5 smtp inet n - n - - smtpd 6 -o content_filter=smtp:127.0.0.1:10025 7 127.0.0.1:10025 inet n - n - - smtpd 8 -o content_filter= Line 5-6: this is the Internet-facing SMTP server. We add a content filter setting that sends mail into localhost port 10025. Line 7-8: this is an internal SMTP server that receives mail with the Milter-added headers. This is then subject to header_checks in the way that you expect it to work. For safety it kills off any content_filter settings from main.cf. Wietse
Many thanks, I try it... J.
