28 août 2019 09:04 "Martijn van Duren" <[email protected]> a
écrit:
> Currently looking into writing an spf filter based on libopensmtpd.
> While working through the spec I found in RFC7208 section 7.3 that:
> The "r" macro expands to the name of the receiving MTA.
> In other words the hostname presented in the banner. Unfortunately we
> also support the hostnames directive, which supports ip-hostname
> mappings via dynamic tables, which makes it impossible to transfer via
> "config|".
>
> This is a major change that can break (and in the case of libopensmtpd
> will break) parsers. We're currently at 0.1, so I don't know if we want
> push it to 1 just yet, or if we want to call 1 release-stable and just
> bump it to 0.2 for now since we don't have a release yet with filters.
>
> thoughts?
>
I'm sorry but I'm unsure I understand what you're trying to do with the banner,
can you explain ?
If there's need for the hostname presented in the banner to be passed to
filters,
which makes sense, it needs its own reporting event which is basically the
server
side of the link-identify event.
One thing for sure, you can't put that info in the link-connect event because
the
banner is displayed _after_ link-connect and while in smtp-in we already know
the
hostname we'll use in the banner, this isn't the case for smtp-out which will
not
be able to infer that information before actually seeing the banner.
> Index: lka.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/smtpd/lka.c,v
> retrieving revision 1.239
> diff -u -p -r1.239 lka.c
> --- lka.c 26 Jul 2019 06:30:13 -0000 1.239
> +++ lka.c 28 Aug 2019 06:28:33 -0000
> @@ -88,6 +88,7 @@ lka_imsg(struct mproc *p, struct imsg *i
> const char *heloname;
> const char *filter_name;
> const char *result;
> + const char *banner;
> struct sockaddr_storage ss_src, ss_dest;
> int filter_response;
> int filter_phase;
> @@ -388,9 +389,11 @@ lka_imsg(struct mproc *p, struct imsg *i
> m_get_int(&m, &fcrdns);
> m_get_sockaddr(&m, (struct sockaddr *)&ss_src);
> m_get_sockaddr(&m, (struct sockaddr *)&ss_dest);
> + m_get_string(&m, &banner);
> m_end(&m);
>
> - lka_report_smtp_link_connect(direction, &tv, reqid, rdns, fcrdns, &ss_src,
> &ss_dest);
> + lka_report_smtp_link_connect(direction, &tv, reqid, rdns,
> + fcrdns, &ss_src, &ss_dest, banner);
> return;
>
> case IMSG_REPORT_SMTP_LINK_DISCONNECT:
> Index: lka_report.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/smtpd/lka_report.c,v
> retrieving revision 1.24
> diff -u -p -r1.24 lka_report.c
> --- lka_report.c 18 Aug 2019 16:52:02 -0000 1.24
> +++ lka_report.c 28 Aug 2019 06:28:33 -0000
> @@ -165,10 +165,10 @@ report_smtp_broadcast(uint64_t reqid, co
> }
>
> void
> -lka_report_smtp_link_connect(const char *direction, struct timeval *tv,
> uint64_t reqid, const char
> *rdns,
> - int fcrdns,
> +lka_report_smtp_link_connect(const char *direction, struct timeval *tv,
> + uint64_t reqid, const char *rdns, int fcrdns,
> const struct sockaddr_storage *ss_src,
> - const struct sockaddr_storage *ss_dest)
> + const struct sockaddr_storage *ss_dest, const char *banner)
> {
> char src[NI_MAXHOST + 5];
> char dest[NI_MAXHOST + 5];
> @@ -207,8 +207,8 @@ lka_report_smtp_link_connect(const char
> }
>
> report_smtp_broadcast(reqid, direction, tv, "link-connect",
> - "%016"PRIx64"|%s|%s|%s|%s\n",
> - reqid, rdns, fcrdns_str, src, dest);
> + "%016"PRIx64"|%s|%s|%s|%s|%s\n",
> + reqid, rdns, fcrdns_str, src, dest, banner);
> }
>
> void
> Index: report_smtp.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/smtpd/report_smtp.c,v
> retrieving revision 1.8
> diff -u -p -r1.8 report_smtp.c
> --- report_smtp.c 26 Jul 2019 06:30:13 -0000 1.8
> +++ report_smtp.c 28 Aug 2019 06:28:33 -0000
> @@ -46,7 +46,7 @@
> void
> report_smtp_link_connect(const char *direction, uint64_t qid, const char
> *rdns, int fcrdns,
> const struct sockaddr_storage *ss_src,
> - const struct sockaddr_storage *ss_dest)
> + const struct sockaddr_storage *ss_dest, const char *banner)
> {
> struct timeval tv;
>
> @@ -60,6 +60,7 @@ report_smtp_link_connect(const char *dir
> m_add_int(p_lka, fcrdns);
> m_add_sockaddr(p_lka, (const struct sockaddr *)ss_src);
> m_add_sockaddr(p_lka, (const struct sockaddr *)ss_dest);
> + m_add_string(p_lka, banner);
> m_close(p_lka);
> }
>
> Index: smtp_session.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/smtpd/smtp_session.c,v
> retrieving revision 1.407
> diff -u -p -r1.407 smtp_session.c
> --- smtp_session.c 14 Aug 2019 21:11:25 -0000 1.407
> +++ smtp_session.c 28 Aug 2019 06:28:33 -0000
> @@ -2029,7 +2029,7 @@ smtp_connected(struct smtp_session *s)
> smtp_filter_begin(s);
>
> report_smtp_link_connect("smtp-in", s->id, s->rdns, s->fcrdns, &s->ss,
> - &s->listener->ss);
> + &s->listener->ss, s->smtpname);
>
> smtp_filter_phase(FILTER_CONNECT, s, ss_to_text(&s->ss));
> }
> Index: smtpd.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/smtpd/smtpd.h,v
> retrieving revision 1.632
> diff -u -p -r1.632 smtpd.h
> --- smtpd.h 23 Aug 2019 07:09:52 -0000 1.632
> +++ smtpd.h 28 Aug 2019 06:28:33 -0000
> @@ -1330,7 +1330,7 @@ struct io *lka_proc_get_io(const char *)
> void lka_report_init(void);
> void lka_report_register_hook(const char *, const char *);
> void lka_report_smtp_link_connect(const char *, struct timeval *, uint64_t,
> const char *, int,
> - const struct sockaddr_storage *, const struct sockaddr_storage *);
> + const struct sockaddr_storage *, const struct sockaddr_storage *, const
> char *);
> void lka_report_smtp_link_disconnect(const char *, struct timeval *,
> uint64_t);
> void lka_report_smtp_link_identify(const char *, struct timeval *, uint64_t,
> const char *, const
> char *);
> void lka_report_smtp_link_tls(const char *, struct timeval *, uint64_t, const
> char *);
> @@ -1499,7 +1499,8 @@ int queue_message_walk(struct envelope *
>
> /* report_smtp.c */
> void report_smtp_link_connect(const char *, uint64_t, const char *, int,
> - const struct sockaddr_storage *, const struct sockaddr_storage *);
> + const struct sockaddr_storage *, const struct sockaddr_storage *,
> + const char *);
> void report_smtp_link_disconnect(const char *, uint64_t);
> void report_smtp_link_identify(const char *, uint64_t, const char *, const
> char *);
> void report_smtp_link_tls(const char *, uint64_t, const char *);
