John R. Levine ([EMAIL PROTECTED]) wrote:
: >Why not break the smtpd into two parts, the way qmail's pop3d
: Doesn't break up very nicely, since it's quite common to do multiple
Yah, that's true.
: This seems to be a reasonable place to use an exit routine. That is,
: each time you get a RCPT TO address, optionally fork and run a program
: specified in a control file or environment variable. The program
Assuming the cost of execs is not prohibitive, this loses state
info, such as how many RCPTs in this MAIL. RN's got a good idea
but I was thinking something a bit different in terms of admin-level
flexibility and simplicity.
I was thinking to optionally fork an admin-specified program.
smtpd becomes an intentional man-in-the-middle, monitoring, altering,
and relaying both parties so it can preempt either if they're not
being sensible. Each message causes a new invocation of the progam.
The prog could be a script as simple as this:
#!/bin/sh
# smtpd passes the esmtp options selected by remote as args.
# fd 2 is open to same descriptor as belongs to tcpserver,
# fd 0 and 1 are pipes to/from smtpd.
size=$1
eightbm=$2 # conceivably useful
[ "$size" ] || size=0
if [ "$size" -gt 100000 ]; then
if [ "$TCPREMOTEIP" = "1.2.3.4" ]; then
echo "554 too big" # smtpd sees 554, kills us if we're not dead
fi
fi
read mailfrom # no need for i/o check
# fictitious spam predictor program
spam_factor=`spamometer-predict $mailfrom $TCPREMOTEIP`
if [ "$spam_factor" -gt 10 ]; then
echo "421 you are most likely a spam house"
exit 0
fi
nr=0
rcptlist=
while read rcpt; do
case "$rcpt" in
*@my.domain.com)
# we can check for valid local recipient
if [ ! /var/qmail/bin/qmail-inject -n ... >/dev/null 2>&1 ]; then
echo "550 no such user" # smtpd does not add this rcpt
continue
fi
;;
esac
echo "250" # smtpd adds this rcpt
rcptlist="$rcptlist $rcpt"
nr=`expr $nr + 1`
done
# input closed => client has issued DATA. smtpd awaits final verdict.
[ "$nr" -gt 10 ] && echo "421 too many rcpts"
# You want logging?
echo "$mailfrom sent a message to $rcptlist" >&2
echo "354"
# if we are still alive, smtpd copies message to us.
#cat >>/naughty/admins/dirt/on/every/body/file
# or:
#wc >&2
# or:
#spamometer-train-neural-net - $mailfrom $TCPREMOTEIP $spam_factor
