I'm going to exhaust all options with the provider before digging in. Related question though - If I were to modify ASSP.pl with code to have unauthenticated email from specific IP,helo, and sender address (configurable) be set as the equivalent of local / authenticated mail, do you think that would be something that would be useful to others and would be rolled into the code for all to consume?
On Tue, Sep 2, 2014 at 1:56 AM, Thomas Eckardt <thomas.ecka...@thockar.com> wrote: > >I'm still thinking that a plugin could do a check of IP, helo, and sender > >address to set it as local - I'm just not sure how to do this - or if > it's > >possible. > > Yes , it would be possible to do something similar to block or pass a mail > (set local / auth / white / np ....). But for the decision (IP > destination) to 'relay - outbound' or 'process - inbound' it is too late. > If I were in your spot, I would try to fix the problem using the still > available options (firewall/snort, port forwarders, stunnel, listeners > ...). > Yes, assp is like a Swiss army knife - but be carefull, you'll cut your > finger or damage it, if you try impossible things! What I mean is - even > if you get a Level 0 plugin to set the internal flags like you need it, > there will be possible some other assp options, which will no longer do > what you want. > If you still need such a Plugin, email me on my privat address, I'll make > you an offer. > > Thomas > > > > > Von: K Post <nntp.p...@gmail.com> > An: ASSP development mailing list <assp-test@lists.sourceforge.net> > Datum: 01.09.2014 15:21 > Betreff: Re: [Assp-test] Antwort: Allow relaying based on helo, IP, > and sender address? > > > > Thanks you all for chiming in. The application runs at a location where > the outbound IP is reused by other applications, and volunteers there who > send mail through our server. It's really frustrating for me as an admin > on this side, but we've got no control of how that location handles > things. > > > There are users there who send through ASSP. I'd hate to have our > firewall > forward all port 25 traffic to the relay port, just because it would open > up the port to everyone at that location. Would the abuse that? Almost > certainly not, but I'd prefer to keep that option closed. > > I'm still thinking that a plugin could do a check of IP, helo, and sender > address to set it as local - I'm just not sure how to do this - or if it's > possible. > > > > On Sun, Aug 31, 2014 at 5:26 PM, Colin <colin.war...@gmail.com> wrote: > > > This is almost exactly the same situation that I was in recently with > > the Office 365 setup. > > > > As other people have suggested you can use port forwarding and firewall > > rules to map requests from the IP to your relayport. The other solution > > is to assign a completely separate IP just for that application to use. > > Regular traffic will still come through on the normal IP and be > > unaffected by the additional settings.. > > > > On 31/08/2014 20:08, K Post wrote: > > > Thanks for the quick reply Thomas (on a weekend too!). > > > > > > This ridiculous application won't let us change the outbound port! We > > can > > > set the helo, but not the outbound port, always uses port 25, and it > > won't > > > allow authentication! > > > > > > > > > > > > > > > > > > On Sun, Aug 31, 2014 at 2:49 PM, Thomas Eckardt < > > thomas.ecka...@thockar.com> > > > wrote: > > > > > >> - let the application connect to the 'relayPort' > > >> - use only local registered accounts to send from this app > > >> - set 'RelayOnlyLocalSender' > > >> > > >> Thomas > > >> > > >> > > >> > > >> > > >> > > >> Von: K Post <nntp.p...@gmail.com> > > >> An: ASSP development mailing list > <assp-test@lists.sourceforge.net> > > >> Datum: 31.08.2014 20:37 > > >> Betreff: [Assp-test] Allow relaying based on helo, IP, and > sender > > >> address? > > >> > > >> > > >> > > >> We've got an externally hosted application at a sevice provider's > > office. > > >> (long story). My goal is to allow this application to be able to > send > > >> mail > > >> through ASSP, whitelisting the to address. > > >> > > >> The problem is that this silly application can't send authenticated > > email > > >> and the outbound IP address that it uses is used by other > applications > > and > > >> staff at the office. > > >> > > >> We can have them send a specific helo. > > >> > > >> I'm thinking of modifying ASSP to have it treat mail as local using a > > >> pairing of the IP, the HELO, and the sender address. > > >> > > >> Questions: > > >> 1) I assume there's no built in way to do this now? > > >> 2) If I need to implement myself, I'd want to do it using a plugin so > > not > > >> to have to recode every time time there's an ASSP update. Does the > > >> skeleton plugin example still work with 2.4.x? > > >> 3) If the plugin option is viable, any suggestions? I just need to > > check > > >> from name, helo, and IP, but I haven't dug deep enough to see how to > do > > >> that via plugin. > > >> > > >> THANKS! > > >> > > >> > > > > ------------------------------------------------------------------------------ > > >> Slashdot TV. > > >> Video for Nerds. Stuff that matters. > > >> http://tv.slashdot.org/ > > >> _______________________________________________ > > >> Assp-test mailing list > > >> Assp-test@lists.sourceforge.net > > >> https://lists.sourceforge.net/lists/listinfo/assp-test > > >> > > >> > > >> > > >> > > >> > > >> DISCLAIMER: > > >> ******************************************************* > > >> This email and any files transmitted with it may be confidential, > > legally > > >> privileged and protected in law and are intended solely for the use > of > > the > > >> > > >> individual to whom it is addressed. > > >> This email was multiple times scanned for viruses. There should be no > > >> known virus in this email! > > >> ******************************************************* > > >> > > >> > > >> > > > > ------------------------------------------------------------------------------ > > >> Slashdot TV. > > >> Video for Nerds. Stuff that matters. > > >> http://tv.slashdot.org/ > > >> _______________________________________________ > > >> Assp-test mailing list > > >> Assp-test@lists.sourceforge.net > > >> https://lists.sourceforge.net/lists/listinfo/assp-test > > >> > > > > > > > ------------------------------------------------------------------------------ > > > Slashdot TV. > > > Video for Nerds. Stuff that matters. > > > http://tv.slashdot.org/ > > > _______________________________________________ > > > Assp-test mailing list > > > Assp-test@lists.sourceforge.net > > > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > > > > > > ------------------------------------------------------------------------------ > > Slashdot TV. > > Video for Nerds. Stuff that matters. > > http://tv.slashdot.org/ > > _______________________________________________ > > Assp-test mailing list > > Assp-test@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > ------------------------------------------------------------------------------ > Slashdot TV. > Video for Nerds. Stuff that matters. > http://tv.slashdot.org/ > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > > DISCLAIMER: > ******************************************************* > This email and any files transmitted with it may be confidential, legally > privileged and protected in law and are intended solely for the use of the > > individual to whom it is addressed. > This email was multiple times scanned for viruses. There should be no > known virus in this email! > ******************************************************* > > > ------------------------------------------------------------------------------ > Slashdot TV. > Video for Nerds. Stuff that matters. > http://tv.slashdot.org/ > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test > ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
