Mailing List Archive

Hi,

Please can someone give me a regex or *simple* instructions on how to
reconstruct the real senders email address from an SRS one (pref
without installing anything)?

And yes - I've looked at the docs, but there's loads and loads of
detail - *so* much that I can't figure out easily how to do this with
any confidence that it's going to work properly or indefinitely!

Many thanks to anyone who can help!

Kind Regards,
Chris Drake


-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Hi,

There is no regex to do so, since you need to verify the crypthographic
cookie. Without the secret key, you won't be able too. Of course you can
just rewrite it ignoring the cookie, but that isn't something I advice
(depending on the application of course).

You can use libsrs or libsrs2 or some perl implementation to do reverse
rewrite of an srs address if you know the secret's.

If you want to ignore the cryptographic cookie, look at
http://www.libsrs2.org/srs/srs.pdf, it clearly states the SRS0 and SRS1
address format:

SRS0=HHH=TT=hostname=local-part@local-host

So the original address is local-part@hostname

SRS1=HHH=first-forwarder==HHH=TT=hostname=local-part@local-host

And again, the original address is local-part@hostname

There ya go,

Koen


On Sat, Nov 20, 2004 at 10:00:17PM +1100, Chris Drake wrote:
> Hi,
>
> Please can someone give me a regex or *simple* instructions on how to
> reconstruct the real senders email address from an SRS one (pref
> without installing anything)?
>
> And yes - I've looked at the docs, but there's loads and loads of
> detail - *so* much that I can't figure out easily how to do this with
> any confidence that it's going to work properly or indefinitely!
>
> Many thanks to anyone who can help!
>
> Kind Regards,
> Chris Drake
>
>
> -------
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Hi Koen,

I just want to extract the original senders email address, not verify
anything at this stage. I know enough to work out that your
simplistic overview is not helpful to me, since I read that "==" might
be "=+" or "=-" depending one something I couldn't fathom, and I've no
idea if SRS2 has more or less "="'s, or if SRS0 has more or less, or
if "HHH" (which is not 3 characters I know, from inspection of SRS
problems I've got already) or TT can contain other funny chars (I'd
guess not "="'s, but I don't want to guess), and I don't know if SRS
can handle existing email addresses starting with "srs0..." or others
containing "=" or if it escapes things or obliterates the original
senders details after a certain number of hops etc etc... hence my
last-resort asking of this question here :-)

The spec also says that the number after "SRS" is a "Version", but
then seems to change it's mind and use it as a "hop" counter instead,
so how are future versions of SRS going to differentiate themselves,
and if hops exceed 9 does the next digit become "a" or do I expect two
decimals, etc etc etc...

Kind Regards,
Chris Drake

Saturday, November 20, 2004, 10:12:11 PM, you wrote:

KM> Hi,

KM> There is no regex to do so, since you need to verify the crypthographic
KM> cookie. Without the secret key, you won't be able too. Of course you can
KM> just rewrite it ignoring the cookie, but that isn't something I advice
KM> (depending on the application of course).

KM> You can use libsrs or libsrs2 or some perl implementation to do reverse
KM> rewrite of an srs address if you know the secret's.

KM> If you want to ignore the cryptographic cookie, look at
KM> http://www.libsrs2.org/srs/srs.pdf, it clearly states the SRS0 and SRS1
KM> address format:

KM> SRS0=HHH=TT=hostname=local-part@local-host

KM> So the original address is local-part@hostname

KM> SRS1=HHH=first-forwarder==HHH=TT=hostname=local-part@local-host

KM> And again, the original address is local-part@hostname

KM> There ya go,

KM> Koen


KM> On Sat, Nov 20, 2004 at 10:00:17PM +1100, Chris Drake wrote:
>> Hi,
>>
>> Please can someone give me a regex or *simple* instructions on how to
>> reconstruct the real senders email address from an SRS one (pref
>> without installing anything)?
>>
>> And yes - I've looked at the docs, but there's loads and loads of
>> detail - *so* much that I can't figure out easily how to do this with
>> any confidence that it's going to work properly or indefinitely!
>>
>> Many thanks to anyone who can help!
>>
>> Kind Regards,
>> Chris Drake
>>
>>
>> -------
>> To unsubscribe, change your address, or temporarily deactivate your subscription,
>> please go to
>> http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com




-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

On Sat, 2004-11-20 at 12:12 +0100, Koen Martens wrote:
> Hi,
>
> There is no regex to do so, since you need to verify the crypthographic
> cookie. Without the secret key, you won't be able too. Of course you can
> just rewrite it ignoring the cookie, but that isn't something I advice
> (depending on the application of course).

Since he says he doesn't want to install anything, I assume he isn't
trying to undo SRS that he's done himself, for forwarding bounces. I
assume he's just trying to obtain the original reverse-path which some
forward performing SRS has mangled.

My first response would be to contact the site which is performing SRS
and ask them not to mangle the addresses when forwarding mail to you.
It's only necessary to perform SRS when forwarding mail which has a
reverse-path for which SPF is published, _AND_ which is being forwarded
to a site which actually rejects mail for an SPF failure.

I actually implemented this kind of conditional rewriting logic in my
own SRS implementation (http://www.infradead.org/rpr.html) but I've not
actually had to add many domains to the 'spf-afflicted-domains' list so
I'm about to remove the SRS on forwarding.

In the long term, it looks like there are better answers to the
brokenness of SPF than SRS, so the futile attempt to get SRS deployed
ubiquitously might as well be abandoned.

--
dwmw2

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Do also remember that there is no standard or specification of how srs
rewritten addresses should look.. The only guarantee someone who
implements srs should give is that he himself can reproduce the original
sender address.. What you read in the pdf by Shevek is just one way of
rewriting addresses, actually it is the one pretty close to what libsrs2
does. In general however, there is no prescribed address format.

I think that with the info in the pdf and by studying the
implementations (libsrs, libsrs2, Mail::SRS, etc..) you can get a pretty
accurate picture of how addresses look like and how to parse them.

Instead of =, some other characters are allowed as seperators, and it
seems logical to me that these are not allowed in the HHH or TTT
fields.. About the field not being 3 characters, this is irrelevant as
long as you assume seperator chars are not in there (a safe assumption
imho). And even then, with greedy regexps that doesn't matter too much
either.

Actually, looking at the shevek pdf again, only =, + and - are allowd. =
and - are not in base64, so your only problem is with +.

AFAIK, SRS0 and SRS1 is all that is used. The number x in SRSx is _not_
a hop counter. It is an enhanced version of the SRS rewriting schemes,
that allows for shortcuts instead of stacking multiple SRS0 rewrites on
top of each other. So from that perspective it is indeed a version
indicator, where there are currently two versions: 0 and 1.

I am sorry i don't have the requested regexp readily at hand. But with a
bit of work, I think it can be easily figured out from the pdf document
and the existing implementations.

Kind regards,

Koen Martens

On Sat, Nov 20, 2004 at 10:25:57PM +1100, Chris Drake wrote:
> Hi Koen,
>
> I just want to extract the original senders email address, not verify
> anything at this stage. I know enough to work out that your
> simplistic overview is not helpful to me, since I read that "==" might
> be "=+" or "=-" depending one something I couldn't fathom, and I've no
> idea if SRS2 has more or less "="'s, or if SRS0 has more or less, or
> if "HHH" (which is not 3 characters I know, from inspection of SRS
> problems I've got already) or TT can contain other funny chars (I'd
> guess not "="'s, but I don't want to guess), and I don't know if SRS
> can handle existing email addresses starting with "srs0..." or others
> containing "=" or if it escapes things or obliterates the original
> senders details after a certain number of hops etc etc... hence my
> last-resort asking of this question here :-)
>
> The spec also says that the number after "SRS" is a "Version", but
> then seems to change it's mind and use it as a "hop" counter instead,
> so how are future versions of SRS going to differentiate themselves,
> and if hops exceed 9 does the next digit become "a" or do I expect two
> decimals, etc etc etc...
>
> Kind Regards,
> Chris Drake
>
> Saturday, November 20, 2004, 10:12:11 PM, you wrote:
>
> KM> Hi,
>
> KM> There is no regex to do so, since you need to verify the crypthographic
> KM> cookie. Without the secret key, you won't be able too. Of course you can
> KM> just rewrite it ignoring the cookie, but that isn't something I advice
> KM> (depending on the application of course).
>
> KM> You can use libsrs or libsrs2 or some perl implementation to do reverse
> KM> rewrite of an srs address if you know the secret's.
>
> KM> If you want to ignore the cryptographic cookie, look at
> KM> http://www.libsrs2.org/srs/srs.pdf, it clearly states the SRS0 and SRS1
> KM> address format:
>
> KM> SRS0=HHH=TT=hostname=local-part@local-host
>
> KM> So the original address is local-part@hostname
>
> KM> SRS1=HHH=first-forwarder==HHH=TT=hostname=local-part@local-host
>
> KM> And again, the original address is local-part@hostname
>
> KM> There ya go,
>
> KM> Koen
>
>
> KM> On Sat, Nov 20, 2004 at 10:00:17PM +1100, Chris Drake wrote:
> >> Hi,
> >>
> >> Please can someone give me a regex or *simple* instructions on how to
> >> reconstruct the real senders email address from an SRS one (pref
> >> without installing anything)?
> >>
> >> And yes - I've looked at the docs, but there's loads and loads of
> >> detail - *so* much that I can't figure out easily how to do this with
> >> any confidence that it's going to work properly or indefinitely!
> >>
> >> Many thanks to anyone who can help!
> >>
> >> Kind Regards,
> >> Chris Drake
> >>
> >>
> >> -------
> >> To unsubscribe, change your address, or temporarily deactivate your subscription,
> >> please go to
> >> http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com
>
>
>
>
> -------
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Chris Drake wrote:

> Please can someone give me a regex or *simple* instructions on how to
> reconstruct the real senders email address from an SRS one (pref
> without installing anything)?

Section 3.2 of http://www.libsrs2.org/srs/srs.pdf says:

>SRS0 addresses have the form: SRS0=opaque-part@domain-part
>where opaque-part may be defined by the SRS0 forwarder, and may only be
>interpreted by this same host.

So it is not possible to reconstruct the original email address.

Roger

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

would you be able to post an example address that you want
to unwind?

On Sat, Nov 20, 2004 at 10:00:17PM +1100, Chris Drake wrote:
| Hi,
|
| Please can someone give me a regex or *simple* instructions on how to
| reconstruct the real senders email address from an SRS one (pref
| without installing anything)?
|
| And yes - I've looked at the docs, but there's loads and loads of
| detail - *so* much that I can't figure out easily how to do this with
| any confidence that it's going to work properly or indefinitely!
|
| Many thanks to anyone who can help!
|
| Kind Regards,
| Chris Drake
|
|
| -------
| To unsubscribe, change your address, or temporarily deactivate your subscription,
| please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Chris,

Having had extensive dealings with SRS over the last year, allow me to set
the record straight on a few things.

Roger Moser wrote:

> > SRS0 addresses have the form: SRS0=opaque-part@domain-part
> > where opaque-part may be defined by the SRS0 forwarder, and may only
> > be interpreted by this same host.
>
> So it is not possible to reconstruct the original email address.

Quite untrue. The 'opaque' part only refers to the hash. SRS0 addresses
are in the form of:

SRS0=HHH=TT=hostname=local-part@forward.com

In actuality, the srs.pdf as libsrs2.org says:

"SRS0=HHH=TT=hostname=local-part@LOCAL-PART"

(capitalization mine); which I'm sure is a typo. :) Consider the following
rewrite:

Input: tester@isp.nl
Output: SRS0=5QqmApog=OG=isp.nl=tester@asarian-host.net

As you can see, the original address can be trivially extracted.

Chris Drake wrote:

> I just want to extract the original senders email address, not verify
> anything at this stage. I know enough to work out that your simplistic
> overview is not helpful to me, since I read that "==" might be "=+" or
> "=-" depending one something I couldn't fathom,

It all sounds quite daunting; and this is compounded, I'm sure, by the
fact that some older docs of SRS still float about the net. Still, finding
a regex for SRS addresses is quite easy. In fact, I use such a regex
myself, in the 'reverse' call of SRS.pm:

sub reverse {
my ($self, $address) = @_;

$address =~ s/[<>]//g;

if ($address =~ /^SRS0[+-=]\S+=\S{2}=\S+=\S+\@\S+$/i) {
} elsif ($address =~ /^SRS1[+-=]\S+=\S+==\S+=\S{2}=\S+\@\S+$/i) {
} else {
return undef;
}

Mind you, my added address-test is NOT part of the distributed SRS.pm; I
just
added it myself, at some point, to have an early-out for non-SRS addresses,
and
to ensure the return of 'undef' in those cases.

Koen Martens wrote:

> AFAIK, SRS0 and SRS1 is all that is used. The number x in SRSx is _not_
> a hop counter. It is an enhanced version of the SRS rewriting schemes,
> that allows for shortcuts instead of stacking multiple SRS0 rewrites on
> top of each other. So from that perspective it is indeed a version
> indicator, where there are currently two versions: 0 and 1

Stacked SRS0 rewrites are no longer allowed/possible. Each SRS0 address you
rewrite, will automatically become a SRS1 address:

SRS0=5QqmApog=OG=isp.nl=tester@asarian-host.net
SRS1=CaygymUx=asarian-host.net==5QqmApog=OG=isp.nl=tester@asarian-host.net

As you can see, Chris, the original address can still be easily distilled.
Also, to take away another of your confusions, the double "==" only occurs
on SRS1 addresses.

Although only Shevek can make a statement like this with absolute
authority, the SRS protocol is pretty much fixed, and is likely to remain
unchanged.

Cheers,

- Mark

System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Mark wrote:

> As you can see, the original address can be trivially extracted.

According to the second last sentence in section 3.2 of srs.pdf
<SRS0=dHr6JKrw2Hds@example.com> is a valid SRS address. If you can extract
the original address from that address, you are a wizard.

I agree with you that you can extract the original address from a
return-path created by the Guarded mechanism of the Mail::SRS distribution.

Roger

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

> From: owner-srs-discuss@v2.listbox.com
> [mailto:owner-srs-discuss@v2.listbox.com] On Behalf Of Roger Moser
> Sent: zaterdag 20 november 2004 20:49
> To: srs-discuss@v2.listbox.com
> Subject: RE: [srs-discuss] Help - How to unwind an SRS address?
>
> Mark wrote:
>
> > As you can see, the original address can be trivially extracted.
>
> According to the second last sentence in section 3.2 of srs.pdf
> <SRS0=dHr6JKrw2Hds@example.com> is a valid SRS address. If
> you can extract the original address from that address, you are
> a wizard.

Addresses in the form of:

SRS0=key@domain-part

Are only used in the database variant of SRS. Those, of course, cannot
be reversed. :)

If you're a large ISP, sending millions of emails out a day, I reckon
that the database variant soon becomes impractial, though, as you need
to keep all those addresses in the DB, for at least several days!

But yes, database addresses cannot be reversed in the manner I described.
I do not think the OP was referring to those, though.

- Mark

System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

AAddresses in the form of:

> SRS0=key@domain-part
>
>Are only used in the database variant of SRS. Those, of course, cannot
>be reversed. :)
>
>If you're a large ISP, sending millions of emails out a day, I reckon
>that the database variant soon becomes impractial, though, as you need
>to keep all those addresses in the DB, for at least several days!
>
>But yes, database addresses cannot be reversed in the manner I described.
>I do not think the OP was referring to those, though.

If the original poster was asking for a way to 100% all the time determine
the original email address from any SRS1 address that may pass through his
system, the answer is "you can't". Not 100%. If someone somewhere out
there using database addresses sends an email your way, you aren't going to
be able to decode it. You can get maybe close to 100%, but not all the way.


--
-- =========================
Tom Lahti
Tx3 Online Services

(888)4-TX3-SVC (489-3782)
http://www.tx3.net/
-- =========================

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Hi All,

I must admit surprise that nobody seems to know how to do this
already; doing basic checks on the purported sender is a fundamental
element of email!!! Anyhow, from what I can glean from the docs, from
inspection, and from your comments, it looks like... this might do it,
at least for now. Only problem is that from inspection, "+" seems to
be interchangeable with "=", while from looking at marks code "-" also
seems interchangeable with it, and I recall someone mentioning base64
which I'm sure includes at least some of those characters... oh yeah,
and I'm not sure if "srs0" is legal like "SRS0" is?

If anyone wants to stick their hand up and state unambiguously that
specific elements of SRS rewritten addresses are separated by one and
only one specific character (and which), I'd be grateful: I've
accepted any of the 3 ( + - = ) as separators for the time being,
which will no doubt result in more angry customers down the track if
I'm wrong. I also only process internet mail, so I enforce a ".tld"
in encoded host parts. Hopefully nothing's going to line-wrap my email... which should have lines going out at least this far to read ---|
1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789

#!perl

my(@srsers)=qw( SRS0+xO4y+30+=@bscn.com
SRS0+2zxk+34+=@bscn.com
SRS0=7/7LXG=NW=loclcenters.com=jwalace@yourhostaccount.com
SRS0=SN4bED=NY=loclcenters.com=jwalace@yourhostaccount.com
SRS0=Ql9BOS=OG=lostmni.2y.net=alen@yourhostaccount.com
SRS0=HHH=TT=host.com.au=local-part@local-host
SRS1=HHH=first-forwarder==HHH=TT=host.com=local-part@local-host );

foreach my $i (@srsers) {
print "$i\n --> " . &unsrs($i) . "\n";
}

sub unsrs {
my($addy)=@_;

# SRS 0 = HHH = TT = host.tld = user @local-host
if($addy =~ /^SRS (?: 0[\+\-=][^\+\-=]+[\+\-=][^\+\-=]+[\+\-=]([^=]+\.[^=]{2,})=([^\@]+)\@.+ |
# SRS 1 = HHH = 1stfwdr = = HHH = TT = host.tld = user @local-host
1[\+\-=][^\+\-=]+[\+\-=][^=]+[\+\-=][\+\-=][^\+\-=]+[\+\-=][^\+\-=]+[\+\-=]([^=]+\.[^=]{2,})=([^\@]+)\@.+)$/sx) {

return "$2$4\@$1$3";
} else {
return $addy;
}
}

Kind Regards,
Chris Drake

Sunday, November 21, 2004, 2:53:57 AM, you wrote:

MWW> would you be able to post an example address that you want
MWW> to unwind?

MWW> On Sat, Nov 20, 2004 at 10:00:17PM +1100, Chris Drake wrote:
MWW> | Hi,
MWW> |
MWW> | Please can someone give me a regex or *simple* instructions on how to
MWW> | reconstruct the real senders email address from an SRS one (pref
MWW> | without installing anything)?
MWW> |
MWW> | And yes - I've looked at the docs, but there's loads and loads of
MWW> | detail - *so* much that I can't figure out easily how to do this with
MWW> | any confidence that it's going to work properly or indefinitely!
MWW> |
MWW> | Many thanks to anyone who can help!
MWW> |
MWW> | Kind Regards,
MWW> | Chris Drake
MWW> |
MWW> |
MWW> | -------
MWW> | To unsubscribe, change your address, or temporarily
MWW> deactivate your subscription,
MWW> | please go to
MWW> http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

MWW> -------
MWW> To unsubscribe, change your address, or temporarily
MWW> deactivate your subscription,
MWW> please go to
MWW> http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com



-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Hi,

Relatedly - is there any way or regexp to recognize an SRS rewritten
address? At what stage to I discard the envelope senders address and
resort to the "From:" header? I note from inspecting my logs that
"SRS0" appears to precede what looks like rewritten addresses, but
that "=" is not always the next character - surely there must be some
way? I admit that not many of my customers probably have email
addresses starting with "SRSn" but with free webmail accounts forcing
people to pick random email addresses, assuming isn't really a great
plan. Why is this so hard?

Kind Regards,
Chris Drake

Sunday, November 21, 2004, 7:44:07 AM, you wrote:

TL> AAddresses in the form of:

>> SRS0=key@domain-part
>>
>>Are only used in the database variant of SRS. Those, of course, cannot
>>be reversed. :)
>>
>>If you're a large ISP, sending millions of emails out a day, I reckon
>>that the database variant soon becomes impractial, though, as you need
>>to keep all those addresses in the DB, for at least several days!
>>
>>But yes, database addresses cannot be reversed in the manner I described.
>>I do not think the OP was referring to those, though.

TL> If the original poster was asking for a way to 100% all the time determine
TL> the original email address from any SRS1 address that may pass through his
TL> system, the answer is "you can't". Not 100%. If someone somewhere out
TL> there using database addresses sends an email your way, you aren't going to
TL> be able to decode it. You can get maybe close to 100%, but not all the way.


TL> --
TL> -- =========================
TL> Tom Lahti
TL> Tx3 Online Services

TL> (888)4-TX3-SVC (489-3782)
TL> http://www.tx3.net/
TL> -- =========================

TL> -------
TL> To unsubscribe, change your address, or temporarily deactivate your subscription,
TL> please go to
TL> http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com



-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

-----Original Message-----
From: owner-srs-discuss@v2.listbox.com
[mailto:owner-srs-discuss@v2.listbox.com] On Behalf Of Chris Drake
Sent: zondag 21 november 2004 0:45
To: Meng Weng Wong
Subject: Re[2]: [srs-discuss] Help - How to unwind an SRS address?

Hi All,

> I must admit surprise that nobody seems to know how to do this
> already;

I think we pretty much covered all cases of the SRS appearances
for you. :)

> doing basic checks on the purported sender is a fundamental
> element of email!!!

I have never had the need to determine the pre-rewritten sender in
a foreign SRS address, yet. Any foreign SRS entity can be checked
"as is" (for callbacks and such, if you had those in mind). In fact,
'unrolling' them first, and then do remote checks on them, may even
be worse.

> Anyhow, from what I can glean from the docs, from
> inspection, and from your comments, it looks like... this might do it,
> at least for now. Only problem is that from inspection, "+" seems to
> be interchangeable with "=", while from looking at marks code "-" also
> seems interchangeable with it,

Only as 'separator' character after SRS[01]. After that, "=" remains "="
('=' = '=', so to speak), and cannot be replaced with anything else.

> If anyone wants to stick their hand up and state unambiguously that
> specific elements of SRS rewritten addresses are separated by one and
> only one specific character (and which), I'd be grateful:

We already did that. :)

- Mark

System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

> -----Original Message-----
> From: owner-srs-discuss@v2.listbox.com
> [mailto:owner-srs-discuss@v2.listbox.com] On Behalf Of Chris Drake
> Sent: zondag 21 november 2004 0:54
> To: Tom Lahti
> Subject: Re[2]: [srs-discuss] Help - How to unwind an SRS address?

> Relatedly - is there any way or regexp to recognize an SRS rewritten
> address?

I can give you this:

sub unwind_srs {
(my $address = (shift)) =~ s/[<>]//g;
if (($address =~ /^SRS0[+-=]\S+=\S{2}=(\S+)=(\S+)\@\S+$/i) ||
($address =~ /^SRS1[+-=]\S+=\S+==\S+=\S{2}=(\S+)=(\S+)\@\S+$/i)) {
return ("$2\@$1");
} else {
return undef;
}
}

if ($address = unwind_srs ('SRS0=5QqmApog=OG=isp.nl=tester@test.com')) {
...

No point in matching database SRS0 addresses (there is no SRS1 address
variant for the database address, btw), as there is nothing usable to
extract from them anyway.

- Mark

System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Chris Drake wrote:

> > Only problem is that from inspection, "+" seems to
> > be interchangeable with "=", while from looking at marks
> > code "-" also seems interchangeable with it,
>
> Only as 'separator' character after SRS[01]. After that, "="
> remains "=" ('=' = '=', so to speak), and cannot be replaced
> with anything else.

There is actually a story behind this. It used to be that it was decided
that the 'separator' character was always "=" (as in SRS[01]=). Then I,
and other with me, asked for the "+" character to be reintroduced, so as
to accomodate sendmail's "plussed users" facility, to be used like this:

SRS0+*: dummy@yourdomain.com

To create a "fall-back" for sendmail (for in-between Milter callbacks,
for instance, so as to not have SRS Milter-only approach run into an
"Unknown user" error while returning from callbacks).

So, the 'separator' character is only [+-=] directly after SRS[01]. After
that, only ever the "=" is used.

- Mark

System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

> From: Mark
> Sent: Saturday, November 20, 2004 6:12 PM

<...>

> I have never had the need to determine the pre-rewritten sender in
> a foreign SRS address, yet.

I don't recall whether or not the SRS spec mentioned this, but the
destination gateway MTA or its MDA should unwrap an SRS address before
writing the Return-Path: header. It is undesirable to expose SRS addresses.
This is an issue only for hostile recipients, or for (stupid) recipients
that might forward the complete set of received headers to a hostile third
party. Presumably, you don't send mail to hostile or stupid recipients, but
Ben Franklin's admonition that "an ounce of prevention is worth a pound of
cure" applies here. [.Apologies to the rest of the world for the archaic
units, but "28.4 grams of prevention is worth 0.454 kilograms of cure" is
devoid of literary value.]

The reason for not exposing an SRS address to the end user is to reduces the
possibility of an SRS signed address being harvested and used to create
forged bounces to the SRS0 rewriting forwarder, who will accept the forgery
and deliver it to the original sender. The original sender can only be
spammed this way until the SRS0 signature expires, so it is not a major
problem.



> Any foreign SRS entity can be checked
> "as is" (for callbacks and such, if you had those in mind). In fact,
> 'unrolling' them first, and then do remote checks on them, may even
> be worse.

If the original sender rewrites all return-paths as SRS0 addresses to
accomplish SES, a callback to the unsigned address should fail. Callback
requests to the signed address, OTOH, should succeed.

--

Seth Goodman

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Mark wrote:

> > I have never had the need to determine the pre-rewritten sender in
> > a foreign SRS address, yet.

Seth Goodman wrote:

> I don't recall whether or not the SRS spec mentioned this, but the
> destination gateway MTA or its MDA should unwrap an SRS address before
> writing the Return-Path: header.

The destination gateway MTA can only perform a pseudo-unwrap, of
course (and then only for non-database SRS0 addresses). The database
SRS0 addresses, btw, allow for a near zero-tolerance playback defense.
I am not sure exactly how thread-safe MLDBM (DB_File) calls really
are; or how well and easily you can lock access to the database (for
multiple applications, such as Milter and LDA trying to access
BerkeleyDB at the same time). Maybe I will write a MySQL interface for
it. :)

> The reason for not exposing an SRS address to the end user is to
> reduces the possibility of an SRS signed address being harvested and
> used to create forged bounces to the SRS0 rewriting forwarder, who
> will accept the forgery and deliver it to the original sender. The
> original sender can only be spammed this way until the SRS0 signature
> expires, so it is not a major problem.

Yes. The problem is, of course, programs like SA, who like to have a
go at SPF too. With no SRS 'original' Return-Path to be found any
more, they are stuck (I'm sure something can be done with HELO,
in those cases; but that offers no real substitute for per-virtual
domain SPF policies).

> > Any foreign SRS entity can be checked "as is" (for callbacks and
> > such, if you had those in mind). In fact, 'unrolling' them first, and
> > then do remote checks on them, may even be worse.

> If the original sender rewrites all return-paths as SRS0 addresses to
> accomplish SES, a callback to the unsigned address should fail.

Callbacks to such 'unrolled' addresses would fail here.

> Callback requests to the signed address, OTOH, should succeed.

Indeed. That is why the OP, if he had callbacks in mind, best do them
on the SRS addresses "as is". It is the responsibility of the sending MTA
to deal with them on return.

- Mark

System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Hi All,

So correct me if I'm wrong:

1. It's an SRS-re-written address IFF it starts with (case sensitive)
SRS0=
SRS1=
SRS0+
SRS1+
and because of database methods, no amount of '=' or '-' or '+' can
be used after the initial [+=] to further differentiate between an
SRS rewritten address and someone who's email happens to start with
"SRS0=".

2. '-' is not possible as the initial separator.

3. The SRS1 separator after "first-forwarder" is one of:-
==
=+

4. '=-' is also not possible (my guess, as I can't see how or why a
hyphen would have made it before the HHH part, and I'm guessing
it's the '?HHH' bit that's preserved after the "first-forwarder"'s
'=' separator ?

5. All other separators are '='

6. HHH and TT etc components MUST not be missing

7. If it's a database-rewritten SRS address, I should try and find the
sender by considering (in order, reading downwards from the top of
the headers).
A: Return-Path: headers - if found - is the real sender
B: Sender: header (only if no Return-Path: exists)
C: From: header (as a last resort)

8. Mark needs to fix his regexp and send updates to whoever's using
it? [+-=] means the range +,-./0123456789:;<=
[\=\+] is probably the correct one to use?
'==' can't handle SRS1's '=+' possibility?
I have no idea what set \S+ is going to match, nor whether
MTAs allow or prevent UTF8 in addresses, and if so, whether
they allow whatever UTF8 strings are considered spaces [^\S]
so matching "anything besides separators" is safer than
matching "anything that's not a space"
Also be aware that hacking off the "<>" characters may
destroy UTF8, and depending on where the email address came
from, your string buffer might be:-
<user@example.com>
or maybe
<user@example.com> SIZE=500
(the latter being what ESMTP might have sent in the MAIL FROM:
stage) so take care?

Kind Regards,
Chris Drake


Sunday, November 21, 2004, 2:02:01 PM, you wrote:

M> Mark wrote:

>> > I have never had the need to determine the pre-rewritten sender in
>> > a foreign SRS address, yet.

M> Seth Goodman wrote:

>> I don't recall whether or not the SRS spec mentioned this, but the
>> destination gateway MTA or its MDA should unwrap an SRS address before
>> writing the Return-Path: header.

M> The destination gateway MTA can only perform a pseudo-unwrap, of
M> course (and then only for non-database SRS0 addresses). The database
M> SRS0 addresses, btw, allow for a near zero-tolerance playback defense.
M> I am not sure exactly how thread-safe MLDBM (DB_File) calls really
M> are; or how well and easily you can lock access to the database (for
M> multiple applications, such as Milter and LDA trying to access
M> BerkeleyDB at the same time). Maybe I will write a MySQL interface for
M> it. :)

>> The reason for not exposing an SRS address to the end user is to
>> reduces the possibility of an SRS signed address being harvested and
>> used to create forged bounces to the SRS0 rewriting forwarder, who
>> will accept the forgery and deliver it to the original sender. The
>> original sender can only be spammed this way until the SRS0 signature
>> expires, so it is not a major problem.

M> Yes. The problem is, of course, programs like SA, who like to have a
M> go at SPF too. With no SRS 'original' Return-Path to be found any
M> more, they are stuck (I'm sure something can be done with HELO,
M> in those cases; but that offers no real substitute for per-virtual
M> domain SPF policies).

>> > Any foreign SRS entity can be checked "as is" (for callbacks and
>> > such, if you had those in mind). In fact, 'unrolling' them first, and
>> > then do remote checks on them, may even be worse.

>> If the original sender rewrites all return-paths as SRS0 addresses to
>> accomplish SES, a callback to the unsigned address should fail.

M> Callbacks to such 'unrolled' addresses would fail here.

>> Callback requests to the signed address, OTOH, should succeed.

M> Indeed. That is why the OP, if he had callbacks in mind, best do them
M> on the SRS addresses "as is". It is the responsibility of the sending MTA
M> to deal with them on return.

M> - Mark

M> System Administrator Asarian-host.org

M> ---
M> "If you were supposed to understand it,
M> we wouldn't call it code." - FedEx

M> -------
M> To unsubscribe, change your address, or temporarily deactivate your subscription,
M> please go to
M> http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com



-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

Chris Drake:

> 1. It's an SRS-re-written address IFF it starts with (case sensitive)
> SRS0=

Since some MTA's change the return-path to lower case, it could also start
with "srs0=" etc.

> 6. HHH and TT etc components MUST not be missing

Yes, but don't assume that HHH is three characters and TT is two characters.

One character (e.g. the day of the month) for the timestamp is enough
because one can find out the full timestamp from that character and the
current date. For example if the timestamp is "P" (15), then you now that it
is November 15, 2004. It cannot be any other date because then the hash
(which includes the full timestamp) would be different.

Roger

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

> -----Original Message-----
> From: owner-srs-discuss@v2.listbox.com
> [mailto:owner-srs-discuss@v2.listbox.com] On Behalf Of Chris Drake
> Sent: zondag 21 november 2004 6:21
> To: Mark
> Subject: Re[4]: [srs-discuss] Help - How to unwind an SRS address?
>
> Hi All,
>
> So correct me if I'm wrong:
>
> 1. It's an SRS-re-written address IFF it starts with (case sensitive)
> SRS0=
> SRS1=
> SRS0+
> SRS1+

SRS addresses can be case-insensitive now, too. The answer (from
SRS.pm) is:

$SRS0TAG = "SRS0";
$SRS1TAG = "SRS1";
$SRS0RE = qr/^$SRS0TAG([-+=])/io;
$SRS1RE = qr/^$SRS1TAG([-+=])/io;

In short, ^SRS[01][-+=]

> and because of database methods, no amount of '=' or '-' or '+' can
> be used after the initial [+=] to further differentiate between an
> SRS rewritten address and someone who's email happens to start with
> "SRS0=".

You can always make a callback, to be absolutely sure it is a valid SRS
address; I mean, a callback is like a remote "reverse" call (which only
returns a boolean: true or false).

> 2. '-' is not possible as the initial separator.

'-' is most certainly possible as initial separator!

> 8. Mark needs to fix his regexp and send updates to whoever's using
> it? [+-=] means the range +,-./0123456789:;<=

I seem to have copied this old typo again. :( Sigh.

> [\=\+] is probably the correct one to use?

No. [-+=], however, is.

> I have no idea what set \S+ is going to match, nor whether
> MTAs allow or prevent UTF8 in addresses,

UTF8 in an email address?? I do not find that in RFC 2822. :)

> and if so, whether
> they allow whatever UTF8 strings are considered spaces [^\S]
> so matching "anything besides separators" is safer than
> matching "anything that's not a space"

You could have an address like this:

Input: "jan klaasen"@isp.nl
Output: SRS0=9Szq9kxH=OH=isp.nl="jan klaasen"@asarian-host.net

But also one like this:

Input: jan+klaasen@isp.nl
Output: SRS0+tP/zl0Cu=OH=xs4all.nl=jan+klaasen@asarian-host.net

Where you have a separator character ("+") in the local-part. So,
"anything besides separators" does not exactly work either.

The rexeg can be tidied up, of course, to use backtracking (\1) on the
SRS1 separator, and to allow for pretty much everything in the local-part:

sub unwound_srs {
(my $addr = (shift)) =~ s/[<>]//g;
if ($addr =~ /^SRS0[-+=]\S+=\S{2}=(\S+)=(.+)\@\S+$/i) {
return ("$2\@$1");
} elsif ($addr =~ /^SRS1([-+=])\S+=\S+=\1\S+=\S{2}=(\S+)=(.+)\@\S+$/i) {
return ("$3\@$2");
} else {
return undef;
}
}

Mind you, a lot is possible in the local-part; even '@@' is valid,
if quoted or escaped.

> Also be aware that hacking off the "<>" characters may
> destroy UTF8,

If UTF8 were allowed, yes. :)

> and depending on where the email address came
> from, your string buffer might be:-
> <user@example.com>
> or maybe
> <user@example.com> SIZE=500
> (the latter being what ESMTP might have sent in the MAIL FROM:
> stage) so take care?

The Milter interface parses those 'extra' parts as additional parameters
to the envfrom_callback, not as one string. Though in the "reverse" call
of SRS.pm, where I used this, this is not pertinent, of course.

- Mark

System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

On Sun, 2004-11-21 at 10:44 +1100, Chris Drake wrote:
> Hi All,
>
> I must admit surprise that nobody seems to know how to do this
> already; doing basic checks on the purported sender is a fundamental
> element of email!!!

No, that's not what SPF gives you. SPF _only_ allows you to know about
the last hop -- the mailhost which actually gave you the email. You know
nothing about the original sender unless the mail happened to be
delivered directly.

Your best best is to contact the site(s) which perform SRS on mail sent
to you, and ask them not to.

--
dwmw2

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

On Sun, 21 Nov 2004, Mark wrote:

> Yes. The problem is, of course, programs like SA, who like to have a
> go at SPF too. With no SRS 'original' Return-Path to be found any
> more, they are stuck (I'm sure something can be done with HELO,
> in those cases; but that offers no real substitute for per-virtual
> domain SPF policies).

SPF is performed on the SRS address. That is the whole point of SRS.
The only possible reason to unwind SRS or SES is because you want to
compare the original MAIL FROM with some rfc2822 header, or at least
display it to the end user (although if the user is knowlegeable enough
for the information to be useful, they should really see the full SRS/SRS
whatever MAIL FROM).

--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

On Sun, 21 Nov 2004, Mark wrote:

> Yes. The problem is, of course, programs like SA, who like to have a
> go at SPF too. With no SRS 'original' Return-Path to be found any
> more, they are stuck (I'm sure something can be done with HELO,
> in those cases; but that offers no real substitute for per-virtual
> domain SPF policies).

SPF is performed on the SRS address. That is the whole point of SRS.
The only possible reason to unwind SRS or SES is because you want to
compare the original MAIL FROM with some rfc2822 header, or at least
display it to the end user (although if the user is knowlegeable enough
for the information to be useful, they should really see the full SRS/SRS
whatever MAIL FROM).

--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com