[Dovecot] deliver rejection bounces

Steffen Kaiser skdovecot at smail.inf.fh-brs.de
Tue Jan 20 13:38:38 EET 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 19 Jan 2009, Seth Mattinen wrote:

> Postfix. Will it do it out of the box? No. You can add hooks to Postfix using 
> the pre-queue content filter, milter, access policy delegation or patches so

So your answer is wrong, Postfix _doesn't_ do it.
You can hack it to do so.

So you can hack sendmail. Exim, too, if I remember correctly.

qmail cannot, unless they changed the innerworkings.

Many mail setups cannot because they have a specific mail filter machine 
(e.g. blackbox / hardware appliance) in front of their delivery MTA.

> I'm sure there are tools out there developed to take advantage of these 
> interfaces that do what I'm alluding to, but I don't know any off the top of 
> my head and I can't share mine.

MIMEDefang is a very flexible milter (for sendmail). There had been one or 
two requests like this on the list, but I did not see any success story, 
yet.

For simple "to one physical mailbox" messages it would be fairly easy with 
MIMEDefang actually (the theoretical framework, if it would work is 
another story). The most important part then would be to determine 
the actual recipient for sure, e.g. milter gets the RCPT TO value, one has 
to apply any processing in milter. Then you have to call the LDA and 
process its results properly. Here you have the security itch that milter 
and LDA usualy do not run with the same user id, hence, the LDA must be 
set-uid root or something like that.
If the SMTP transaction does not time out - this point is quite 
problematic if you count mail scanning (virus/SPAM) and delivery (with 
possible user scripts) together, you can return a 4xy or 5xy reply on 
failure, or 2xy and discard on success.

Actually, I tried to catch out-going DSNs in MIMEDefang, but failed, 
because they are not passed through milter (in sendmail anyway).

Bye,

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSXW3wHWSIuGy1ktrAQIREgf/bl0kb+FffJopFuxOumcKfVNcmjK0x02b
GueXYxjnHqN9lyjvcDy8blqd1gDpvCWWqk7LlVLxiMnAiRApsC3FlgbvT1iMX0ad
MoeFTEXZyDENOWJgqBJJwn6SJrwqJMcvgW8O8yWL6XoXLw3tX5c43196Re3wevBg
ahfKkda65t2Zp02DBCxlNC0GHTXbooAPoeoChemdPV7HiYlxjHLPF6H+24RE+IOU
O8DsZcYwbQZE2LZtedBafgGe6v7gGUAXl86jz/GOAwdQyu4HtLkJ9gKOcK9F+5cL
SpIQJOueDJ9mvOKN24uMm5yuV8nz1z8S6Jh2DJndeR7pzaC/8l2wsg==
=SOfv
-----END PGP SIGNATURE-----


More information about the dovecot mailing list