PlanetJoel.com

HOWTO: Running a second postfix instance for inserting disclaimers

For the love of god why?

Postfix by default allows you to override certain configuration elements using the “-o” flag to smtpd. This means you can set up separate smtpd daemons in your master.cf file and do funky things like have a separate postfix instance that uses a different content_filter. The default setup of amavis uses this for instance so that you have a daemon that passes to amavis, and one that actually delivers the mail.

The problem is that most configuration elements cannot be overriden in this way, including crucial ones such as the transport_map. In my case I wanted to add a disclaimer to all outbound email, and I wanted to do something funky like have a transport_map that the main smtpd used that delivered to a second smtpd as a relayhost (for non-local addresses) that added the disclaimer. Unfortunately that didn’t work because you can’t overwrite the transport_map smtpd nor can you overwrite the relayhost. The answer was to use a second postfix instance.

Having a second MTA gives you much greater power over outbound and inbound mail but increases the initial work in setting the box up, the confusion in using it and the maintenance.

Example

In this example I’m setting up a postfix instance which will be the one acting on port 25. The disclaimer method that I use is incredibly primitive and relies the wrapper sendmail script (provided by postfix) which will only ever talk to /etc/postfix/. For this reason my second (new) postfix instance is my primary and the default install becomes a filter/router stage.

mail -> postfix-in (new instance) -> delivered locally

or

mail -> postfix-in -> postfix (old instance) -> disclaimer added -> postfix (old instance) -> delivered

Steps

Create a second postfix directory, duplicate your config and build the spool dir.

mkdir -p /var/spool/postfix-in/
cp -r /var/spool/postfix/etc /var/spool/postfix-in/
cp -r /var/spool/postfix/usr /var/spool/postfix-in/
cp -r /var/spool/postfix/lib /var/spool/postfix-in/
ln -s /var/spool/postfix/etc/postfix /etc/postfix-in
postfix -c /etc/postfix-in/ check

The last step gets postfix to check the spool directory to make sure everything is there. It will create a bunch of stuff it needs.

Edit your new main.cf:

vim /etc/postfix-in/main.cf
relayhost=localhost:10050
syslog_name=postfix-in
queue_directory=/var/spool/postfix-in/

Edit your master.cf

vim /etc/postfix-in/master.cf

change smtp line to

172.16.10.84:smtp

Change that IP to be something relevant to you.

Edit your old postfix main.cf

vim /etc/postfix/main.cf
alternate_config_directories=/etc/postfix-in

This says I may pass the “-c /etc/postfix-in” flag to refer to the second postfix instance.

Edit your old postfix installation and set it to only listen on localhost:

vim /etc/postfix/master.cf
change smtp line to
localhost:10050

Create a new init.d script for the new postfix-in:

cd /etc/init.d
cp postfix postfix-in
vim postfix-in
export MAIL_CONFIG=’/etc/postfix-in/’
update-rc.d postfix-in defaults

Search google for postfix-altermime-howto and follow that howto on how to set up a disclaimer email. Postfix altermime howto.


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *