subject:"\[Mimedefang\] SRS with mimedefang"

Re: [Mimedefang] SRS with mimedefang

2016-06-02 Thread Dianne Skoll

On Thu, 02 Jun 2016 15:24:50 +0200
Marcus Schopen <li...@localguru.de> wrote:

> is there a way to implement SRS using mimedefang?

Yes, but it involves a lot of programming and requires Sendmail 8.14 or
later.  We implemented SRS in a Perl module, but unfortunately it's
proprietary and we can't release the code.  The basic idea is to
generate the SRS address using the algorithm in the RFC and then add
checks when something comes in to an SRS address to make sure it's valid.

All in all, a non-trivial exercise.

Regards,

Dianne.
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] SRS with mimedefang

2016-06-02 Thread Benoit Panizzon

Hi Marcus

> is there a way to implement SRS using mimedefang? GMX set SPF to
> "-all" and forwarded mails to gmx accounts get blocked.

Sure...

Just some Code Fragments:

use Mail::SRS;

sub filter_recipient {
[...]
  my $srs = new Mail::SRS(
Secret => $srskey,
MaxAge => 30,
HashLength => 4,
HashMin => 4,
);
[...]

Get and Process SRS Signed bounces with something like:

  if ($user =~ m/(.*)\+bounce-(SRS.*)/) {
$user = $1;
my @recipientstoadd;
$vars->{imp_bounce_user} = $1;
$vars->{imp_bounce_domain} = $domain;
$vars->{imp_bounce} = $2;
my $srsreturn = eval { $srs->reverse($2 . '@' . $domain); };
if ($@) {
if ($SendmailMacros{'mail_mailer'} eq 'smtp') {
md_syslog('warning',"SRS FAILED $1 $2 $domain");
return ('REJECT',"SRS Signatur ungueltig / SRS 
Signature invalid",571,'5.7.1');
} else {
# DEBUGGING, wie kann dies passieren?
md_syslog('warning',"DEBUG: SRS FAILED NOT SMTP $1 $2 
$domain");
$vars->{imp_special} =  "SRS-FAIL: ";
md_syslog('warning',"DEBUG: BOUNCE SRS FAIL id ". 
$2 .", Not forwarding recipient " . $user . "\@" . $domain);
push(@recipientstoadd,"$user\@$domain");
$vars->{delete_recipient} = $originalrecipient;
}
} else {
md_syslog('warning',"SRS REWRITE SUCCESS <$1\@$2> $domain => 
<$srsreturn>");
md_syslog('warning',"BOUNCE id ". $2 .", Not forwarding 
recipient <" . $user . "\@" . $domain . ">. But returning to " . <$srsreturn>);
push(@recipientstoadd,"$user\@$domain");
push(@recipientstoadd,$srsreturn);
$vars->{add_recipient} = \@recipientstoadd;
$vars->{delete_recipient} = $originalrecipient;
}
$vars->{add_recipient} = \@recipientstoadd;
_vars($vars);
  }

Here is the part about actualy forwarding the email, altering the sender.

if (($sender ne '') and ($sender ne 'UNKNOWN') and 
($SendmailMacros{'mail_mailer'} eq 'smtp')) {
$vars->{imp_originalsender}=$sender;
my ($ruser,$rdomain) = split('@',$recipient);
my $srssender = $srs->forward($sender,$recipient);
$ruser = "$user+bounce-$srssender";
$vars->{change_sender} = $ruser;
md_syslog('warning',"FORWARDING > Push Sender 
change FROM " . $sender . " TO " . $ruser . " this is done later. <");
$vars->{imp_forwarded}=1;
if ($ref->{'keepFwdCopy'} eq 0) {
md_syslog('warning',"Push Recipient to be 
deleted later " . $originalrecipient);
$vars->{delete_recipient} = $originalrecipient;
}
my @recipientstoadd;
while (my $aliasref = $forwards->fetchrow_hashref()) {
md_syslog('warning',"Push Recipient to be added 
later: <" . $aliasref->{'destEMailAddr'} . ">");

push(@recipientstoadd,$aliasref->{'destEMailAddr'});
@recipientstoadd = 
_forwards($aliasref->{'destEMailAddr'},0,@recipientstoadd);
}
$vars->{add_recipient}=\@recipientstoadd;
_vars($vars);
} else {
md_syslog('warning',"DOH! Sender: <$sender>
Recipient: <$recipient> Mailer:
$SendmailMacros{'mail_mailer'} -
Unencapsulated, unsigned BOUNCE. Not from
us! No SRS, just forward this crap and forget
it!");

[...] do some more stuff...

This is our special version of doing SRS. It encodes the address of the mailbox 
which forwards the email as sender, so we can process and count the bounces and 
disable email forwarding to specific recipients if we count too many bounces.

But it gives you an idea.

And yes, you can only change sender and recipient in filter_begin and later:

if (defined($vars->{change_sender})) {
md_syslog('warning',"Change Sender: <$vars->{change_sender}>");
change_sender($vars->{change_sender});
}
if (defined($vars->

[Mimedefang] SRS with mimedefang

2016-06-02 Thread Marcus Schopen

Hi,

is there a way to implement SRS using mimedefang? GMX set SPF to "-all"
and forwarded mails to gmx accounts get blocked.

Ciao
Marcus


___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] SRS with mimedefang

Re: [Mimedefang] SRS with mimedefang

[Mimedefang] SRS with mimedefang

3 matches

Site Navigation

Mail list logo

Footer information