Postfix SRS forwarding agent.
Postforward is a mail forwarding utility which aims to compliment the Postfix Sender Rewriting Scheme daemon (PostSRSd).
The downside of using PostSRSd is that all mail is naively rewritten, even when no forwarding is actually performed. Such rewritten Return-Path addresses may confuse sieve scripts and other mail filtering software.
This is where Postforward comes in. Instead of rewriting all incoming mail regardless of final destination, mail systems may be configured to pipe mail into Postforward only when forwarding needs to happen, leaving non-forwarded mail unaltered by PostSRSd. Postforward will rewrite envelope addresses for piped mail using PostSRSd itself and re-inject these messages back into the queue, destined for the forwarding recipient(s).
This software is actively maintained but considered feature-complete. No changes or new features are planned except as required to fix any potential issues that may come up in the future.
I no longer provide pre-compiled binaries for small-time projects of mine so you will have to build from sources yourself. If you have an up-to-date Go toolchain installed on your system this is as simple as:
go get -d github.com/zoni/postforward cd ~/go/src/github.com/zoni/postforward make
This will create a binary called
postforward which may be installed on
the target server(s). Go applications are statically linked by default so
no additional dependencies are needed.
The makefile also contains targets to build native packages for FreeBSD
and Debian-based operating systems (
make freebsd and
respectively). These require fpm to
Postforward relies on mail being delivered via stdin so this implies
delivery using Postfix's
pipe(8) delivery agents. One such
method may be achieved by configuring a pipe forward in
forwarder: "|/usr/local/bin/postforward email@example.com"
(Note: when running PostSRSd on a different host or port, use the
--srs-addr flag to set the correct address here.)
recommended by PostSRSd
but do not set
Beware that Postforward expects to be called for a single recipient at a
time (although it can forward to multiple recipients at once) so be sure
to set transport_destination_recipient_limit
to 1 when using it with the
pipe(8) daemon. See also
local(8) delivery agent uses a highly sanitized environment
for executed processes for security reasons. Depending on your operating
system, the default
$PATH setting may be too strict for postforward to
sendmail binary (Debian/Ubuntu are known to have this issue).
If this is the case for you, a custom
$PATH may be set by supplying the
--path argument. For example:
Note that in case of process errors, postfix bounces emails with the full process argument string in the DSN message which could leak internal information such as the forwarding address. This is default postfix behavior for the local and pipe delivery agents.
If this is undesirable,
may be configured with a PCRE map such as the following to hide this
information (omit the
$2 in the final entry to also strip command
/^(2\S+ deliver(s|ed) to file).+/ $1 /^(2\S+ deliver(s|ed) to command).+/ $1 /^(\S+ Command died with status \d+):.*(\. Command output:.*)/ $1$2
Using Postforward introduces additional overhead caused by forking of processes which wouldn't happen with direct use of PostSRSd. Unless you are forwarding very large volumes of mail this extra overhead is likely negligible in relation to the total processing cost of a complete email transaction.
Postforward takes care not to buffer entire messages in memory and is therefore safe to use on very large emails. Only message headers are buffered in memory for processing, body content is streamed directly into sendmail.
Postforward is offered under the 2-Clause BSD license. See LICENSE.txt for the full license text.