[Avcheck] inclusion / exclusion of envelope recipients

Michael Tokarev mjt@tls.msk.ru
Wed, 09 Jan 2002 14:21:04 +0300 

Well, here is an idea.

To check mails only for some *local* recipients, this scheme will
work.  Assuming avcheck has an option:

 -t remove/add

aka "transform", -- remove `remove' part from the end of rcpt addresses
and add `add' part instead (any can be empty).

mydestination = example.com
transport:
  example.com.avcheck  avcheck:
  example.com.local    local:
virtual:
  user1@example.com  user1@example.com.avcheck
master.cf:
  avcheck ... -t .avcheck/.local

When mail destined to user1@example.com, postfix will
rewrite address to be user1@example.com.avcheck, and
send it to avcheck according to transport map.  Avcheck
will check mail for viruses, rewrite this address to
be user1@example.com.local and reinject back to postfix,
and this mail will be delivered by local delivery agent,
again, according to transport map.  For other users
@example.com domain who want no viruschecking, mail
will be delivered as usual.

This is "Sendmail'ism" -- it's Sendmail's way playing
games with top-level pseudo-domains.  Here is a more
"natural" way:

transport:
 avcheck.example.com avcheck:
 checked.example.com local:
virtual:
 user1@example.com  user1@avcheck.example.com
master.cf:
 avcheck ... -t avcheck.example.com/checked.example.com

This looks good but works only for one domain.  In case more
domains should be handled, "sendmail's way" should be used.

Next, for non-local users -- like virtual(8) mailboxes or
relayed mails.  This is yet more tricky.

Let's assume that v.example.com is a virtual(8)-style domain,
r.example.com is a domain that should be relayed to another
machine, and l.example.com is a local domain.  Mails for users
nN should NOT be checked while mails for users cN should be
checked.

mydestination = l.example.com
virtual:
  # local users as above
  c1@l.example.com  c1@l.example.com.avcheck
  # v.example.com
  v.example.com  virtual domain (yes, NOT in virtual_mailbox_maps!)
  c2@v.example.com  c2@v.example.com.avcheck
  n3@v.example.com  n3@v.example.com.checked
  n4@v.example.com  n4@v.example.com.checked
  # list all users in v.example.com so that smtpd will reject mails to unknown users
  # r.example.com
  c5@r.example.com  c5@r.example.com.avcheck
  @r.example.com   @r.example.com.checked
  @r.example.com.checked  @relay.r.example.com
virtual_mailbox_maps:
  c2@v.example.com.checked  /path/to/c2/mailbox
  n3@v.example.com.checked  /path/to/n3/mailbox
  ...
transport:
  l.example.com.checked  local:
  v.example.com.checked  virtual:

master.cf:
 avcheck ... -t .avcheck/.checked

The above is a BIG KLUDGE.  But it should work.
Can someone *understand* this ? ;))  Comments?

Regards,
 Michael.