DevHeads.net

Mail routing depending on subject or body

Hello,

we will install an mail encryption appliance (totemo) in our organization.

I have to configure Postfix (2.6.6) to route the emails to this appliance if certain conditions apply:

For outbound mail:
RULE 1. If the subject contains the string "#secure"
This indicates that the mail has to be encrypted and that it has to be passed to the ip-address of the encryption appliance.
The appliance will encrypt the mail, remove the string from the subject and pass it back to the mx-er.

For inbound mail:
RULE 2. If the mail body contains any of the following strings that indicate the email is encrypted and has to be decrypted:
Content-Type: includes "application/pkcs7-mime" oder "application/x-pkcs7-mime"
Content-Type: includes "multipart/signed" sowie "application/pkcs7-signature" oder "application/x-pkcs7-signature"
Content-Type: includes "application/octet-stream" und "p7m", "p7s" oder "p7c" im Dateinamen
This indicates that the mail has to be decrypted and that it has to be passed to the ip-address of the encryption appliance.
The appliance will decrypt the email and pass it back to the mx-er.

If I cannot distinguish between outbound and inbound mail after RULE 1, the mail body will indicate that the mail is encrypted and RULE 2 will apply. This has to be avoided.

I have tried header_checks:

/^subject:.*#secure.*/i FILTER smtp:ip-addr

But this solves my problem only partially, because encryption RULE 2 would apply.

I'd be glad about any hint or idea how to solve this redirection problem.

Thank you and kind regards,
Uri