kyle-qmail at memoryhole
Nov 19, 2009, 8:16 AM
Post #5 of 9
(2307 views)
Permalink
|
|
Re: tcpserver, qmail-smtpd, qmail-queue and filter Qs
[In reply to]
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Thursday, November 19 at 11:48 AM, quoth Philip Rhoades:
> In my setup tcpserver execs greylite which eventually execs
> qmail-smtpd. Greylite uses the to and from IP addresses of the tcp
> communication - is any of the message itself (header lines?, body?)
> available at this point or only after qmail-smtpd runs?
As other folks have pointed out, the short answer is "no".
But, I think the longer answer is: just precisely what is it that you
think qmail-smtpd *does*? If the message is available before
qmail-smtpd runs to communicate with the sender, what's the purpose of
qmail-smtpd?
Qmail-smtpd is there to SPEAK SMTP. That is, it can handle
authentication, allows the sender to specify recipients and the
sender, and finally prompts the sender to transmit the message. Before
that happens, the sender HAS NOT SENT THE MESSAGE. Thus, none of it is
available. Your question is akin to asking "is it possible to find out
what the lottery number will be before they draw the numbers from the
lottery machine?". The message is transmitted by talking SMTP;
qmail-smtpd is the program that speaks SMTP; without talking SMTP, no
part of the message has been transmitted (and you have not received
it). Before qmail-smtpd runs, you know only the information about the
connection itself: the IP address (and hostname) of the connecting
client, the port numbers that are being used.
> In the qmail-qfilter setup, the filtering of the message is done
> after qmail-smtpd processes the message and before it hands it to
> qmail-queue. So it looks like any filtering on lines from the
> message itself has to be done at this point.
Indeed - do you understand why that is the case?
> I was thinking if the sender's and recipient's addresses could be
> available immediately after greylite, I could block black listed
> senders and recipients before qmail-smtpd execs?
The sender and recipient list is transmitted VIA SMTP. Without
speaking SMTP (i.e. by using some program (such as qmail-smtpd) to
speak SMTP), you cannot know that information. Similarly, you cannot
know the first number that will come out of the lotto machine without
turning the lotto machine on.
If you want to create a greylisting behavior that includes
sender/recipient information, you probably want to use something like
the RCPTCHECK patch to qmail-smtpd, which allows qmail-smtpd to call
another program to verify recipients AFTER the sender and recipients
have been specified but BEFORE the message has been sent. I even have
an example script on my website, here:
http://www.memoryhole.net/qmail/#rcptcheck
Hope that helps. :)
~Kyle
- --
A tyrant must put on the appearance of uncommon devotion to religion.
Subjects are less apprehensive of illegal treatment from a ruler whom
they consider God-fearing and pious. On the other hand, they do less
easily move against him, believing that he has the gods on his side.
-- Aristotle
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!
iQIcBAEBCAAGBQJLBW9lAAoJECuveozR/AWeb9AP/jm7pK4bJ69etM3hmuAI35gA
r7Y23GysxE1shpkbsBQIJVVAuroPudjIOeBqQJjcfB+WD7iuPlkjtms1CBvi5yY5
U+53P2mERLB1/tIJQvYMOqoDW+yYRtoLURdkJpNOAu5a7C1rccC4/4cKkpCSeBsq
7egYcRWNMTHbcmeKhuAYF0wr2uek2rGdm794yzzV/OGwMy+vat3CA9vCPE5gCKpX
Exke4aOclQ4nXRCjdD110PGGoTDufasY5/NPiklS2b+dSw6ptKPQk412BzvabL77
EgMQGKMC+ZlW+0mQgjjtKYBwaLk8YLacRjl8HmJCEIe3cRniWT72lUXuhGLhGoXp
yu2JLG9K0kSwQBqAJFWx3RRdbUC6hSJYO2X79bR3JTW0HGwvbB87wHFHFFFg13M8
dA9uLFyyh+gkxsxww05Ro0wyY/ZYY+iDWlfoIUJ0YXeY6CGU2bCTUxAPRHZQEwmT
eN6i4vTCE99la04Ds86lBYuBuOLghdkxAjT2yNPpGJtNKLqbVHhk8XWwfmBkz5hY
shk+CZJswx452WPrHkYKK6stwaaQjPHcTreIX3RNgsRqVN5hPEf471rCrspk2KxW
DNBCt2cHXOHSP27+JRQJz2XwHIYabSVFWHfx++NQ5NOeiFtvgFsFHdPHm2NT7db/
MXG7xdKpbAJtmQ6ahVFv
=nFkg
-----END PGP SIGNATURE-----
|
