David Favor wrote:
I'm currently running qpsmtpd-async.I host many domains and I'd like to protect them all against backscatter using something like this: http://psg.com/~brian/software/authbounce/configure-authbounce.txt to add a bounce key to each outgoing message of the form: X-bounce-key: $mx-$number;$sender;$timestamp;$key This requires all mail sent by every user to go through qpsmtpd + exim on my local machine. This appears to require I setup another instance of qpsmtpd which will allow people to connect to the port via SSL, then somehow authenticate their connection once, then each time they send email their outgoing email will enter qpsmtpd. If the message is to be delivered locally, then it is. If the message is external, it will be queued to exim for delivery immediately or next queue run.
I don't see why they have to authenticate to anyone, nor that their outbound email necessarily has to go anywhere near qpsmtpd. There is no requirement that an outbound user or message has to "register" with the inbound checker.
You have your outbounds (perhaps "bare" exim) sign the email, you have your inbound qpsmtpd instances crypto-validate the signature hash and compare the email-address field with the RCPT TO.
At most, you'd check that the e-mail address field in X-Bounce-key is the same as RCPT-TO. No need to "register". The only reason you bother is to prevent replay attacks against other users. Backscatter ain't that smart ;-)
The qpsmtpd validation checker should be a pretty simple data hook function. No persistent data required, except for the secret key configuration.
If we were to do that here, we'd have our outbound sendmails insert the headers, and qpsmtpds (injecting into different sendmail servers) check them. No interaction between in and out required (except keeping keys in sync).
