Hello,
I've been researching whether an idea I have is technically feasible.
I think it might be, if the 551 User not local; please try <forward-path> is
implemented generally.
But I thought I would ask the experts :-)
-----------
Here is my technical question:
I want to set up a mail server that:
1. waits for an incoming mail.
2. on RCPT TO:
A. starts a single servlet listening on a specific-ip, which will
accept a single message, write it to disk.
B. specifies to the sender to forward to a specific
[email protected]_domain.net.
Would this raise problems? Forwarding all messages?
Another solution I can see, might be if I can tell an ssl connection to
"re-verify, re-initiate, re-set" it self somehow.
I haven't figured out how to do this, or if there is a way.
------
Here is the larger problem I'm trying to solve:
I would like to set up a gmail type service.
Except each user would own the "data-store," and as well, own the "receiver" of
the their messages.
So I would run an email service.
Each user would give me a receiver java class. (or just pick the default)
Each user would give me a data store to write to. (s3.amazon most likely)
I would sit waiting for an email, I get a header for John.
I *do not* read the contents of the email.
Instead I load John's receiver java class and tell the sender to re-initiate
the transfer using (I would like a specific port, but I don't see any
references to ports in the smtp docs) a specific IP.
John's script will load and bind to that ip, receive the email, encrypt it with
a public key.
I write the encrypted email to the data store specified by john.
John owns all of his data, I am merely the "router."
--
The reason I want to re-initiate the connection between the sender and the
receiver, is John considers me "untrusted."
Unfortunately, I can't see any way of convincing John that I don't become a
MITM in the final SSL exchange.
(I could accept the entire message, and then synthesize the connection to
John's "receiver.")
I sort of wonder whether I should keep the same connection, but have John issue
the "DATA" request.
But then I could observe the connection. MITM would simple as pie.
Of course, even with a separate connection, if I am using the JVM I can observe
anything he does anyway.
Even if I were to separate the process, I could observe the state of the JVM
machine.
Even if there were no JVM, I could still inspect his process.
Hmm...
I wish there were some way that I could create a "secure JVM process" with an
"execution time limit."
Oh well.
-------
Any thoughts?
Even if I am not able to assure no MITM I would like to implement the "pass a
ssl connection" to a "user provided receiver class" and have that "receiver
class" write to a "pipe" which I then write to s3.
Do able with James?
Thanks for your time,
-tim
