To utilize a special cleanup daemon for outgoing emails only, I defined a special smtpd process in master.cf that is used as default_transport. (Only postfix should be able to submit emails through this daemon!)
127.0.0.1:10027 inet n - - - - smtpd
-o syslog_name=postfix-smtpout
-o cleanup_service_name=srscleanup
-o smtpd_tls_security_level=none
-o content_filter=smtp:
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_sender_restrictions=permit
This works fine. However, it is open to any local user/process on the machine connecting to this port and submitting mail without authentication (due to the relaxed sender/recipient restrictions), which is not very secure.
Therefore, I would like to run this special smtpd as a unix domain socket (which only processes running under the postfix user can access).
I set default_transport = smtpout and created a service in master.cf like this:
smtpout unix - - - - - smtpd
-o syslog_name=postfix-smtpout
-o cleanup_service_name=srscleanup
-o smtpd_tls_security_level=none
-o content_filter=smtp:
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_sender_restrictions=permit
However, this results in emails getting stuck in the queue and log messages like this: warning: unexpected end-of-input from private/smtpout socket while reading input attribute name.
How can I fix this and use a smtpd process bound to a unix domain socket (instead of binding to inet)?
