Postfix header_checks happen while mail is received.
Milters can add headers only after the end of the email message is
received. That is a feature of the Milter protocol.
The Milter protocol has a DISCARD feature. If you can configure
your application to send SMFIR_DISCARD into Postfix then you are
done.
On the other hand, if header_checks are the only way, it will take
new code (not happening soon) or extra configuration (see example
below).
No code has been written to apply header_checks and body_checks
when Milters add or modify the message content. The question has
never come up, so that could be called an oversight. I don't have
much time to write new code soon, so the next option is better.
You can work around this with a null content filter (Postfix
SMTP client talking directly to Postfix SMTP server on port
10025). Below is a basic example; the text in FILTER_README
provides configurations with more bells and whistles.
/etc/postfix/master.cf:
1 # ====================================================================
2 # service type private unpriv chroot wakeup maxproc command + args
3 # (yes) (yes) (yes) (never) (100)
4 # ====================================================================
5 smtp inet n - n - - smtpd
6 -o content_filter=smtp:127.0.0.1:10025
7 127.0.0.1:10025 inet n - n - - smtpd
8 -o content_filter=
Line 5-6: this is the Internet-facing SMTP server. We add a content
filter setting that sends mail into localhost port 10025.
Line 7-8: this is an internal SMTP server that receives mail with
the Milter-added headers. This is then subject to header_checks
in the way that you expect it to work. For safety it kills off
any content_filter settings from main.cf.
Wietse
Many thanks, I try it...
J.