Mailing List Archive: Ideas on getting an SRS for postfix?

Ideas on getting an SRS for postfix?

Aug 7, 2008, 11:21 AM

Post #1 of 4 (10468 views)

Hello,

I have finally come to the point where I have a couple of clients that
refuse to move to exim or sendmail for their mail servers. I am looking
for ideas on how to emplent SRS for postfix. Weitse really refuses to
discuss it. I am looking for any ideas to do it. I use the py... for the
other servers. I know that postfix does not allow the rewritting of... I
assume I need to run something that will allow the rewriteing. What does
any one suggest to use?

Thanks,

--
Boyd Gerber <gerberb@zenez.com>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1129/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1129/
Powered by Listbox: http://www.listbox.com

Re: Ideas on getting an SRS for postfix? [ In reply to ]

stuart at bmsi

Aug 7, 2008, 12:04 PM

Post #2 of 4 (10063 views)

Permalink

On Thu, 7 Aug 2008, Boyd Lynn Gerber wrote:

> I have finally come to the point where I have a couple of clients that
> refuse to move to exim or sendmail for their mail servers. I am looking
> for ideas on how to emplent SRS for postfix. Weitse really refuses to
> discuss it. I am looking for any ideas to do it. I use the py... for the
> other servers. I know that postfix does not allow the rewritting of... I
> assume I need to run something that will allow the rewriteing. What does
> any one suggest to use?

Until postfix allows plugins to modify MAIL FROM (are you sure that is
still an issue?), you will have to use an smtp proxy. I looked at this
for sendmail as possibly preferable to CF code, but sendmail now supports
modifying MAIL FROM via milter, so it is a non-issue.

For your purposes, you configure postfix to use your proxy as a mail
relay (say at address 127.0.0.2). It reads lines, and echoes lines
to the real mail relay (and reads lines from the real mail relay and
echoes to postfix). A useful python smtp proxy has hooks to call a
function when postfix sends HELO, MAIL FROM, RCPT TO, and maybe even
data (except an SMTP proxy has to keep processing to a minimum to avoid
triggering incorrect timeouts). For your purposes, just keeping track
of when SMTP is in DATA state and triggering on MAIL FROM is sufficient.

--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1129/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1129/
Powered by Listbox: http://www.listbox.com

Re: Ideas on getting an SRS for postfix? [ In reply to ]

scott at kitterman

Aug 7, 2008, 12:18 PM

Post #3 of 4 (10080 views)

Permalink

On Thursday 07 August 2008 15:04, Stuart D. Gathman wrote:

> Until postfix allows plugins to modify MAIL FROM (are you sure that is
> still an issue?), ...

Yes. It's still an issue.

Scott K

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1129/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1129/
Powered by Listbox: http://www.listbox.com

Re: Ideas on getting an SRS for postfix? [ In reply to ]

stuart at bmsi

Aug 7, 2008, 1:00 PM

Post #4 of 4 (10071 views)

Permalink

On Thu, 7 Aug 2008, Stuart D. Gathman wrote:

> > assume I need to run something that will allow the rewriteing. What does
> > any one suggest to use?
>
> Until postfix allows plugins to modify MAIL FROM (are you sure that is
> still an issue?), you will have to use an smtp proxy. I looked at this
> for sendmail as possibly preferable to CF code, but sendmail now supports
> modifying MAIL FROM via milter, so it is a non-issue.

There is even a proxy class already provided in the smtpd module.
Just derive from smtpd.PureProxy and override process_message().

Since SMTPServer collects the entire HELO+MFROM+RCPTs+DATA before
calling process_message, I'm not sure about timing for large messages.
But it may do the trick for you.

Untested code:

import asyncore
import smtpd
import SRS
from ConfigParser import ConfigParser

cp = ConfigParser({
'secret': 'shhhh!',
'maxage': '8',
'hashlength': '8',
'separator': '=',
'socket': '/var/run/milter/pysrs'
})

class SRSProxy(smtpd.PureProxy):
def __init__(self,listen,relay):
self.srs = SRS.new(
secret=cp.get('srs','secret'),
maxage=cp.getint('srs','maxage'),
hashlength=cp.getint('srs','hashlength'),
separator=cp.get('srs','separator'),
alwaysrewrite=True # skip calling us for local domains
)
self.fwdomain = cp.get('srs','fwdomain',None)
smtpd.PureProxy.__init__(self,listen,relay)

def process_message(self,helo,mfrom,rcpts,data):
# ... lots of special cases for no-srs, signonly, etc excluded
new_address = self.srs.forward(mfrom,self.fwdomain)
smtpd.PureProxy.process_message(self,helo,new_address,rcpts,data)
# prolly want to log stuff

cp.read(["/etc/mail/pysrs.cfg"])
proxy = SRSProxy('127.0.0.2','relay.fwdomain.com')
asyncore.loop()

--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1129/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1129/
Powered by Listbox: http://www.listbox.com