Hi, I'm not convinced about this.
I understand the task you're trying to accomplish but it seems like it's something we want done through filters, not with new config keywords. If we go that path, next week someone will ask for another config knob to enable disable another header, and we end up with tons of keywords to deal with every single use-case. The filter API (in progress) let's you rewrite / skip lines before they hit the queue so what you're trying to achieve can be written with a few lines of C without the base even requiring a change. Gilles On Mon, May 27, 2013 at 04:45:06PM +0200, Jason A. Donenfeld wrote: > From: "Jason A. Donenfeld" <[email protected]> > > This adds two options to the listen on directive. > > hide-received prevents a received line from being added for ingress from > that listener. > > mask-received prevents the IP address of the sender from leaking into > the received lines. > > The former is useful for avoiding dkimproxy cluttering up the message. > The latter is useful for privacy reasons, and would be used to hide the > IP address of authenticated senders on submission the listener. > > Please note that I've sort of blindly changed some flag structs from > uint8_t to uint16_t, and I'm sure I changed too many, so you might want > to look at this, and also make sure it actually compiles and whanot. > --- > smtpd/control.c | 2 +- > smtpd/parse.y | 36 ++++++++++++++++++++++-------------- > smtpd/smtp_session.c | 37 +++++++++++++++++++++++++------------ > smtpd/smtpd.h | 6 ++++-- > smtpd/ssl.c | 2 +- > smtpd/ssl.h | 2 +- > smtpd/to.c | 2 +- > 7 files changed, 55 insertions(+), 32 deletions(-) > > diff --git a/smtpd/control.c b/smtpd/control.c > index 17e7757..55320b4 100644 > --- a/smtpd/control.c > +++ b/smtpd/control.c > @@ -48,7 +48,7 @@ > > struct ctl_conn { > uint32_t id; > - uint8_t flags; > + uint16_t flags; > #define CTL_CONN_NOTIFY 0x01 > struct mproc mproc; > uid_t euid; > diff --git a/smtpd/parse.y b/smtpd/parse.y > index 775d85a..71c15cc 100644 > --- a/smtpd/parse.y > +++ b/smtpd/parse.y > @@ -128,11 +128,11 @@ typedef struct { > %token RELAY BACKUP VIA DELIVER TO LMTP MAILDIR MBOX HOSTNAME HELO > %token ACCEPT REJECT INCLUDE ERROR MDA FROM FOR SOURCE > %token ARROW AUTH TLS LOCAL VIRTUAL TAG TAGGED ALIAS FILTER KEY > -%token AUTH_OPTIONAL TLS_REQUIRE USERBASE SENDER > +%token AUTH_OPTIONAL TLS_REQUIRE USERBASE SENDER HIDERECEIVED > MASKRECEIVED > %token <v.string> STRING > %token <v.number> NUMBER > %type <v.table> table > -%type <v.number> port auth ssl size expire > +%type <v.number> port auth ssl size expire received > %type <v.table> tables tablenew tableref destination alias > virtual usermapping userbase credentials from sender > %type <v.maddr> relay_as > %type <v.string> certificate tag tagged relay_source listen_helo > relay_helo relay_backup > @@ -245,6 +245,11 @@ ssl : SMTPS { $$ = > F_SMTPS; } > | /* Empty */ { $$ = 0; } > ; > > +received : HIDERECEIVED { $$ = F_HIDE_RECEIVED; } > + | MASKRECEIVED { $$ = F_MASK_RECEIVED; } > + | /* Empty */ { $$ = 0; } > + ; > + > auth : AUTH { > $$ = F_AUTH|F_AUTH_REQUIRE; > } > @@ -358,14 +363,15 @@ main : BOUNCEWARN { > } > | LISTEN { > bzero(&l, sizeof l); > - } ON STRING port ssl certificate auth tag listen_helo { > + } ON STRING port ssl certificate auth tag listen_helo received { > char *ifx = $4; > in_port_t port = $5; > - uint8_t ssl = $6; > + uint16_t ssl = $6; > char *cert = $7; > - uint8_t auth = $8; > + uint16_t auth = $8; > char *tag = $9; > char *helo = $10; > + uint16_t *received = $11; > > if (port != 0 && ssl == F_SSL) { > yyerror("invalid listen option: tls/smtps on > same port"); > @@ -380,9 +386,9 @@ main : BOUNCEWARN { > if (port == 0) { > if (ssl & F_SMTPS) { > if (! interface(ifx, tag, cert, > conf->sc_listeners, > - MAX_LISTEN, 465, l.authtable, > F_SMTPS|auth, helo)) { > + MAX_LISTEN, 465, l.authtable, > F_SMTPS|auth|received, helo)) { > if (host(ifx, tag, cert, > conf->sc_listeners, > - MAX_LISTEN, 465, > l.authtable, ssl|auth, helo) <= 0) { > + MAX_LISTEN, 465, > l.authtable, ssl|auth|received, helo) <= 0) { > yyerror("invalid > virtual ip or interface: %s", ifx); > YYERROR; > } > @@ -390,9 +396,9 @@ main : BOUNCEWARN { > } > if (! ssl || (ssl & ~F_SMTPS)) { > if (! interface(ifx, tag, cert, > conf->sc_listeners, > - MAX_LISTEN, 25, l.authtable, > (ssl&~F_SMTPS)|auth, helo)) { > + MAX_LISTEN, 25, l.authtable, > (ssl&~F_SMTPS)|auth|received, helo)) { > if (host(ifx, tag, cert, > conf->sc_listeners, > - MAX_LISTEN, 25, > l.authtable, ssl|auth, helo) <= 0) { > + MAX_LISTEN, 25, > l.authtable, ssl|auth|received, helo) <= 0) { > yyerror("invalid > virtual ip or interface: %s", ifx); > YYERROR; > } > @@ -401,9 +407,9 @@ main : BOUNCEWARN { > } > else { > if (! interface(ifx, tag, cert, > conf->sc_listeners, > - MAX_LISTEN, port, l.authtable, > ssl|auth, helo)) { > + MAX_LISTEN, port, l.authtable, > ssl|auth|received, helo)) { > if (host(ifx, tag, cert, > conf->sc_listeners, > - MAX_LISTEN, port, l.authtable, > ssl|auth, helo) <= 0) { > + MAX_LISTEN, port, l.authtable, > ssl|auth|received, helo) <= 0) { > yyerror("invalid virtual ip or > interface: %s", ifx); > YYERROR; > } > @@ -978,6 +984,7 @@ lookup(char *s) > { "for", FOR }, > { "from", FROM }, > { "helo", HELO }, > + { "hide-received", HIDERECEIVED }, > { "hostname", HOSTNAME }, > { "include", INCLUDE }, > { "key", KEY }, > @@ -985,6 +992,7 @@ lookup(char *s) > { "lmtp", LMTP }, > { "local", LOCAL }, > { "maildir", MAILDIR }, > + { "mask-received", MASKRECEIVED }, > { "max-message-size", MAXMESSAGESIZE }, > { "mbox", MBOX }, > { "mda", MDA }, > @@ -1567,7 +1575,7 @@ host_v6(const char *s, in_port_t port) > > int > host_dns(const char *s, const char *tag, const char *cert, > - struct listenerlist *al, int max, in_port_t port, uint8_t flags) > + struct listenerlist *al, int max, in_port_t port, uint16_t flags) > { > struct addrinfo hints, *res0, *res; > int error, cnt = 0; > @@ -1634,7 +1642,7 @@ host_dns(const char *s, const char *tag, const char > *cert, > > int > host(const char *s, const char *tag, const char *cert, struct listenerlist > *al, > - int max, in_port_t port, const char *authtable, uint8_t flags, > + int max, in_port_t port, const char *authtable, uint16_t flags, > const char *helo) > { > struct listener *h; > @@ -1673,7 +1681,7 @@ host(const char *s, const char *tag, const char *cert, > struct listenerlist *al, > > int > interface(const char *s, const char *tag, const char *cert, > - struct listenerlist *al, int max, in_port_t port, const char *authtable, > uint8_t flags, > + struct listenerlist *al, int max, in_port_t port, const char *authtable, > uint16_t flags, > const char *helo) > { > struct ifaddrs *ifap, *p; > diff --git a/smtpd/smtp_session.c b/smtpd/smtp_session.c > index f53c83f..3a4ff29 100644 > --- a/smtpd/smtp_session.c > +++ b/smtpd/smtp_session.c > @@ -367,19 +367,31 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg) > io_reload(&s->io); > return; > } > + if (s->listener->flags & F_HIDE_RECEIVED) > + goto skip_received; > > - fprintf(s->ofile, > - "Received: from %s (%s [%s]);\n" > - "\tby %s (%s) with %sSMTP%s%s id %08x;\n", > - s->evp.helo, > - s->hostname, > - ss_to_text(&s->ss), > - s->listener->helo[0] ? s->listener->helo : env->sc_hostname, > - SMTPD_NAME, > - s->flags & SF_EHLO ? "E" : "", > - s->flags & SF_SECURE ? "S" : "", > - s->flags & SF_AUTHENTICATED ? "A" : "", > - evpid_to_msgid(s->evp.id)); > + if (s->listener->flags & F_MASK_RECEIVED) > + fprintf(s->ofile, > + "Received: by %s (%s) with %sSMTP%s%s id %08x;\n", > + s->listener->helo[0] ? s->listener->helo : > env->sc_hostname, > + SMTPD_NAME, > + s->flags & SF_EHLO ? "E" : "", > + s->flags & SF_SECURE ? "S" : "", > + s->flags & SF_AUTHENTICATED ? "A" : "", > + evpid_to_msgid(s->evp.id)); > + else > + fprintf(s->ofile, > + "Received: from %s (%s [%s]);\n" > + "\tby %s (%s) with %sSMTP%s%s id %08x;\n", > + s->evp.helo, > + s->hostname, > + ss_to_text(&s->ss), > + s->listener->helo[0] ? s->listener->helo : > env->sc_hostname, > + SMTPD_NAME, > + s->flags & SF_EHLO ? "E" : "", > + s->flags & SF_SECURE ? "S" : "", > + s->flags & SF_AUTHENTICATED ? "A" : "", > + evpid_to_msgid(s->evp.id)); > > if (s->flags & SF_SECURE) { > fprintf(s->ofile, > @@ -403,6 +415,7 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg) > > fprintf(s->ofile, "\t%s\n", time_to_text(time(NULL))); > > + skip_received: > smtp_enter_state(s, STATE_BODY); > smtp_reply(s, "354 Enter mail, end with \".\"" > " on a line by itself"); > diff --git a/smtpd/smtpd.h b/smtpd/smtpd.h > index 5f794f8..7fd78cc 100644 > --- a/smtpd/smtpd.h > +++ b/smtpd/smtpd.h > @@ -109,6 +109,8 @@ > #define F_STARTTLS_REQUIRE 0x20 > #define F_AUTH_REQUIRE 0x40 > #define F_LMTP 0x80 > +#define F_HIDE_RECEIVED 0x100 > +#define F_MASK_RECEIVED 0x200 > > #define F_SCERT 0x01 > #define F_CCERT 0x02 > @@ -136,7 +138,7 @@ struct netaddr { > }; > > struct relayhost { > - uint8_t flags; > + uint16_t flags; > char hostname[SMTPD_MAXHOSTNAMELEN]; > uint16_t port; > char cert[SMTPD_MAXPATHLEN]; > @@ -532,7 +534,7 @@ enum envelope_field { > }; > > struct listener { > - uint8_t flags; > + uint16_t flags; > int fd; > struct sockaddr_storage ss; > in_port_t port; > diff --git a/smtpd/ssl.c b/smtpd/ssl.c > index 2f14157..4ae60d7 100644 > --- a/smtpd/ssl.c > +++ b/smtpd/ssl.c > @@ -240,7 +240,7 @@ ssl_ctx_create(void) > } > > int > -ssl_load_certfile(struct ssl **sp, const char *path, const char *name, > uint8_t flags) > +ssl_load_certfile(struct ssl **sp, const char *path, const char *name, > uint16_t flags) > { > struct ssl *s; > char pathname[PATH_MAX]; > diff --git a/smtpd/ssl.h b/smtpd/ssl.h > index 640dc63..59e6951 100644 > --- a/smtpd/ssl.h > +++ b/smtpd/ssl.h > @@ -28,7 +28,7 @@ struct ssl { > off_t ssl_key_len; > char *ssl_dhparams; > off_t ssl_dhparams_len; > - uint8_t flags; > + uint16_t flags; > }; > > /* ssl.c */ > diff --git a/smtpd/to.c b/smtpd/to.c > index 1c6219c..b703dee 100644 > --- a/smtpd/to.c > +++ b/smtpd/to.c > @@ -347,7 +347,7 @@ text_to_relayhost(struct relayhost *relay, const char *s) > { > static const struct schema { > const char *name; > - uint8_t flags; > + uint16_t flags; > } schemas [] = { > { "smtp://", 0 }, > { "lmtp://", F_LMTP }, > -- > 1.8.2.1 > > > -- > You received this email because you are subscribed to mailing list: > [email protected] > To unsubscribe, send mail with subject: > [[email protected]] unregister -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this email because you are subscribed to mailing list: [email protected] To unsubscribe, send mail with subject: [[email protected]] unregister
