On Fri, Jan 22, 2010 at 10:33:58AM -0500, Wietse Venema wrote:
> > One could argue that the SMTP server should use the external form of the
> > recipient for these lookup, to match downstream behaviour in cleanup(8)...
>
> Indeed. There was no address validation in the initial design and
> implementation, so address validation support does not fit as nicely
> as one would like. It suffers from code duplication which leads to
> inconsistency. But I would rather fight the duplication than the
> inconsistency that results from it.
Yes.
The tricky part is that smtpd(8) is not always talking to a real
cleanup service. When smtpd(8) is a proxy, and especially with delayed
proxy filter connections, smtpd(8) has to perform recipient validation
independently of any help from cleanup(8).
It is tempting to create a rewriting library or service and move envelope
recipient rewriting into smtpd(8), because that way we would also gain the
ability to validate the output of canonical(5) rewriting and masquerading
(masquerading is a form of wild-card rewriting that like wild-card mappings
in canonical(5) is difficult to combine with recipient validation).
Such a change would make it more difficult to present the original
envelope to content filters (delay rewriting to the post-filter stage,
as with recieve_override_options).
So it would seem that we need a service or library that can answer
two questions:
- Is this recipient valid?
- What addresses does this recipient rewrite to?
A library is perhaps more natural, because with a service, it becomes
more difficult to customize rewriting via "-o name=value" for mail that
enters via distinct service end-points. (One could perhaps take the
view that rewriting should be homogeneous within a given instance, but
while multiple instances are a useful tool, I don't want to force people
into that design pattern in all non-trivial use-cases).
So, I would propose a library, used by at least cleanup(8) and smtpd(8),
that, given a resolved recipient from trivial-rewrite, can answer each
of the two questions.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[email protected]?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
