I am using a Postfix after queue content filter to filter incoming and outgoing email. Postfix injects each mail to the content filter using SMTP. Then the content filter scans the mail and re-injects the message back into postfix just like here:
http://www.postfix.org/FILTER_README.html#advanced_filter
My master.cf file looks like this:
## After Queue Content Filter
filter unix - - n - 10 smtp
-o smtp_send_xforward_command=yes
-o disable_mime_output_conversion=yes
-o smtp_generic_maps=
-o myhostname=sample.hostname.com
## Re-injection listener
reinject unix n - n - 10 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
Now, this works as expected and everything seems great…. Except..
I need to know if an email was sent using SMTP Authentication or not.
Now, using the smtp_send_xforward_command=yes gives me a lot of information about the remote sender, but, nothing about whether or not the email has been authenticated. Is there any way to get Postfix to tell my content filter if an email has been sent by an authenticated user and if so, which user?
You can use:
smtpd_sasl_authenticated_header=yes
to add a username to the Received header and the content filter can parse that to determine authentication.