On 8/28/19 9:23 AM, [email protected] wrote:
> 28 août 2019 09:04 "Martijn van Duren" <[email protected]> a
> écrit:
>
>> Currently looking into writing an spf filter based on libopensmtpd.
>> While working through the spec I found in RFC7208 section 7.3 that:
>> The "r" macro expands to the name of the receiving MTA.
>> In other words the hostname presented in the banner. Unfortunately we
>> also support the hostnames directive, which supports ip-hostname
>> mappings via dynamic tables, which makes it impossible to transfer via
>> "config|".
>>
>> This is a major change that can break (and in the case of libopensmtpd
>> will break) parsers. We're currently at 0.1, so I don't know if we want
>> push it to 1 just yet, or if we want to call 1 release-stable and just
>> bump it to 0.2 for now since we don't have a release yet with filters.
>>
>> thoughts?
>>
>
> I'm sorry but I'm unsure I understand what you're trying to do with the
> banner,
> can you explain ?
spf has an "exp" modifier, which allows the reject message to be
specified by the spf administrator. To do so it can utilize several
macros. One option being "%{r}", which expands to:
domain name of host performing the check.
I can use gethostname(3), but that could contradict the banner, hence I
want to use the hostname used in the banner.
>
> If there's need for the hostname presented in the banner to be passed to
> filters,
> which makes sense, it needs its own reporting event which is basically the
> server
> side of the link-identify event.
>
> One thing for sure, you can't put that info in the link-connect event because
> the
> banner is displayed _after_ link-connect and while in smtp-in we already know
> the
> hostname we'll use in the banner, this isn't the case for smtp-out which will
> not
> be able to infer that information before actually seeing the banner.
You're right. I'll cook up something else.
>
>
>> Index: lka.c
>> ===================================================================
>> RCS file: /cvs/src/usr.sbin/smtpd/lka.c,v
>> retrieving revision 1.239
>> diff -u -p -r1.239 lka.c
>> --- lka.c 26 Jul 2019 06:30:13 -0000 1.239
>> +++ lka.c 28 Aug 2019 06:28:33 -0000
>> @@ -88,6 +88,7 @@ lka_imsg(struct mproc *p, struct imsg *i
>> const char *heloname;
>> const char *filter_name;
>> const char *result;
>> + const char *banner;
>> struct sockaddr_storage ss_src, ss_dest;
>> int filter_response;
>> int filter_phase;
>> @@ -388,9 +389,11 @@ lka_imsg(struct mproc *p, struct imsg *i
>> m_get_int(&m, &fcrdns);
>> m_get_sockaddr(&m, (struct sockaddr *)&ss_src);
>> m_get_sockaddr(&m, (struct sockaddr *)&ss_dest);
>> + m_get_string(&m, &banner);
>> m_end(&m);
>>
>> - lka_report_smtp_link_connect(direction, &tv, reqid, rdns, fcrdns, &ss_src,
>> &ss_dest);
>> + lka_report_smtp_link_connect(direction, &tv, reqid, rdns,
>> + fcrdns, &ss_src, &ss_dest, banner);
>> return;
>>
>> case IMSG_REPORT_SMTP_LINK_DISCONNECT:
>> Index: lka_report.c
>> ===================================================================
>> RCS file: /cvs/src/usr.sbin/smtpd/lka_report.c,v
>> retrieving revision 1.24
>> diff -u -p -r1.24 lka_report.c
>> --- lka_report.c 18 Aug 2019 16:52:02 -0000 1.24
>> +++ lka_report.c 28 Aug 2019 06:28:33 -0000
>> @@ -165,10 +165,10 @@ report_smtp_broadcast(uint64_t reqid, co
>> }
>>
>> void
>> -lka_report_smtp_link_connect(const char *direction, struct timeval *tv,
>> uint64_t reqid, const char
>> *rdns,
>> - int fcrdns,
>> +lka_report_smtp_link_connect(const char *direction, struct timeval *tv,
>> + uint64_t reqid, const char *rdns, int fcrdns,
>> const struct sockaddr_storage *ss_src,
>> - const struct sockaddr_storage *ss_dest)
>> + const struct sockaddr_storage *ss_dest, const char *banner)
>> {
>> char src[NI_MAXHOST + 5];
>> char dest[NI_MAXHOST + 5];
>> @@ -207,8 +207,8 @@ lka_report_smtp_link_connect(const char
>> }
>>
>> report_smtp_broadcast(reqid, direction, tv, "link-connect",
>> - "%016"PRIx64"|%s|%s|%s|%s\n",
>> - reqid, rdns, fcrdns_str, src, dest);
>> + "%016"PRIx64"|%s|%s|%s|%s|%s\n",
>> + reqid, rdns, fcrdns_str, src, dest, banner);
>> }
>>
>> void
>> Index: report_smtp.c
>> ===================================================================
>> RCS file: /cvs/src/usr.sbin/smtpd/report_smtp.c,v
>> retrieving revision 1.8
>> diff -u -p -r1.8 report_smtp.c
>> --- report_smtp.c 26 Jul 2019 06:30:13 -0000 1.8
>> +++ report_smtp.c 28 Aug 2019 06:28:33 -0000
>> @@ -46,7 +46,7 @@
>> void
>> report_smtp_link_connect(const char *direction, uint64_t qid, const char
>> *rdns, int fcrdns,
>> const struct sockaddr_storage *ss_src,
>> - const struct sockaddr_storage *ss_dest)
>> + const struct sockaddr_storage *ss_dest, const char *banner)
>> {
>> struct timeval tv;
>>
>> @@ -60,6 +60,7 @@ report_smtp_link_connect(const char *dir
>> m_add_int(p_lka, fcrdns);
>> m_add_sockaddr(p_lka, (const struct sockaddr *)ss_src);
>> m_add_sockaddr(p_lka, (const struct sockaddr *)ss_dest);
>> + m_add_string(p_lka, banner);
>> m_close(p_lka);
>> }
>>
>> Index: smtp_session.c
>> ===================================================================
>> RCS file: /cvs/src/usr.sbin/smtpd/smtp_session.c,v
>> retrieving revision 1.407
>> diff -u -p -r1.407 smtp_session.c
>> --- smtp_session.c 14 Aug 2019 21:11:25 -0000 1.407
>> +++ smtp_session.c 28 Aug 2019 06:28:33 -0000
>> @@ -2029,7 +2029,7 @@ smtp_connected(struct smtp_session *s)
>> smtp_filter_begin(s);
>>
>> report_smtp_link_connect("smtp-in", s->id, s->rdns, s->fcrdns, &s->ss,
>> - &s->listener->ss);
>> + &s->listener->ss, s->smtpname);
>>
>> smtp_filter_phase(FILTER_CONNECT, s, ss_to_text(&s->ss));
>> }
>> Index: smtpd.h
>> ===================================================================
>> RCS file: /cvs/src/usr.sbin/smtpd/smtpd.h,v
>> retrieving revision 1.632
>> diff -u -p -r1.632 smtpd.h
>> --- smtpd.h 23 Aug 2019 07:09:52 -0000 1.632
>> +++ smtpd.h 28 Aug 2019 06:28:33 -0000
>> @@ -1330,7 +1330,7 @@ struct io *lka_proc_get_io(const char *)
>> void lka_report_init(void);
>> void lka_report_register_hook(const char *, const char *);
>> void lka_report_smtp_link_connect(const char *, struct timeval *, uint64_t,
>> const char *, int,
>> - const struct sockaddr_storage *, const struct sockaddr_storage *);
>> + const struct sockaddr_storage *, const struct sockaddr_storage *, const
>> char *);
>> void lka_report_smtp_link_disconnect(const char *, struct timeval *,
>> uint64_t);
>> void lka_report_smtp_link_identify(const char *, struct timeval *, uint64_t,
>> const char *, const
>> char *);
>> void lka_report_smtp_link_tls(const char *, struct timeval *, uint64_t,
>> const char *);
>> @@ -1499,7 +1499,8 @@ int queue_message_walk(struct envelope *
>>
>> /* report_smtp.c */
>> void report_smtp_link_connect(const char *, uint64_t, const char *, int,
>> - const struct sockaddr_storage *, const struct sockaddr_storage *);
>> + const struct sockaddr_storage *, const struct sockaddr_storage *,
>> + const char *);
>> void report_smtp_link_disconnect(const char *, uint64_t);
>> void report_smtp_link_identify(const char *, uint64_t, const char *, const
>> char *);
>> void report_smtp_link_tls(const char *, uint64_t, const char *);
