Hi Marcus
> is there a way to implement SRS using mimedefang? GMX set SPF to
> "-all" and forwarded mails to gmx accounts get blocked.
Sure...
Just some Code Fragments:
use Mail::SRS;
sub filter_recipient {
[...]
my $srs = new Mail::SRS(
Secret => $srskey,
MaxAge => 30,
HashLength => 4,
HashMin => 4,
);
[...]
Get and Process SRS Signed bounces with something like:
if ($user =~ m/(.*)\+bounce-(SRS.*)/) {
$user = $1;
my @recipientstoadd;
$vars->{imp_bounce_user} = $1;
$vars->{imp_bounce_domain} = $domain;
$vars->{imp_bounce} = $2;
my $srsreturn = eval { $srs->reverse($2 . '@' . $domain); };
if ($@) {
if ($SendmailMacros{'mail_mailer'} eq 'smtp') {
md_syslog('warning',"SRS FAILED $1 $2 $domain");
return ('REJECT',"SRS Signatur ungueltig / SRS
Signature invalid",571,'5.7.1');
} else {
# DEBUGGING, wie kann dies passieren?
md_syslog('warning',"DEBUG: SRS FAILED NOT SMTP $1 $2
$domain");
$vars->{imp_special} = "SRS-FAIL: ";
md_syslog('warning',"DEBUG: BOUNCE SRS FAIL id ".
$2 .", Not forwarding recipient " . $user . "\@" . $domain);
push(@recipientstoadd,"$user\@$domain");
$vars->{delete_recipient} = $originalrecipient;
}
} else {
md_syslog('warning',"SRS REWRITE SUCCESS <$1\@$2> $domain =>
<$srsreturn>");
md_syslog('warning',"BOUNCE id ". $2 .", Not forwarding
recipient <" . $user . "\@" . $domain . ">. But returning to " . <$srsreturn>);
push(@recipientstoadd,"$user\@$domain");
push(@recipientstoadd,$srsreturn);
$vars->{add_recipient} = \@recipientstoadd;
$vars->{delete_recipient} = $originalrecipient;
}
$vars->{add_recipient} = \@recipientstoadd;
_vars($vars);
}
Here is the part about actualy forwarding the email, altering the sender.
if (($sender ne '') and ($sender ne 'UNKNOWN') and
($SendmailMacros{'mail_mailer'} eq 'smtp')) {
$vars->{imp_originalsender}=$sender;
my ($ruser,$rdomain) = split('@',$recipient);
my $srssender = $srs->forward($sender,$recipient);
$ruser = "$user+bounce-$srssender";
$vars->{change_sender} = $ruser;
md_syslog('warning',"FORWARDING > Push Sender
change FROM " . $sender . " TO " . $ruser . " this is done later. <");
$vars->{imp_forwarded}=1;
if ($ref->{'keepFwdCopy'} eq 0) {
md_syslog('warning',"Push Recipient to be
deleted later " . $originalrecipient);
$vars->{delete_recipient} = $originalrecipient;
}
my @recipientstoadd;
while (my $aliasref = $forwards->fetchrow_hashref()) {
md_syslog('warning',"Push Recipient to be added
later: <" . $aliasref->{'destEMailAddr'} . ">");
push(@recipientstoadd,$aliasref->{'destEMailAddr'});
@recipientstoadd =
_forwards($aliasref->{'destEMailAddr'},0,@recipientstoadd);
}
$vars->{add_recipient}=\@recipientstoadd;
_vars($vars);
} else {
md_syslog('warning',"DOH! Sender: <$sender>
Recipient: <$recipient> Mailer:
$SendmailMacros{'mail_mailer'} -
Unencapsulated, unsigned BOUNCE. Not from
us! No SRS, just forward this crap and forget
it!");
[...] do some more stuff...
This is our special version of doing SRS. It encodes the address of the mailbox
which forwards the email as sender, so we can process and count the bounces and
disable email forwarding to specific recipients if we count too many bounces.
But it gives you an idea.
And yes, you can only change sender and recipient in filter_begin and later:
if (defined($vars->{change_sender})) {
md_syslog('warning',"Change Sender: <$vars->{change_sender}>");
change_sender($vars->{change_sender});
}
if (defined($vars->