From: Alex van den Bogaerdt (alexergens.op.het.net)
Date: Sat May 22 2004 - 19:45:13 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I think the behaviour of cleanup(8) is wrong with respect to
adding message-id and making addresses canonical.

RFC2821, section 6.3, paragraph 3 and further come down to:

Postfix MUST NOT change the addresses in the body nor add
a message-id field, unless it knows for sure that it is
an initial submission. I quote:

  "These changes MUST NOT be applied by an SMTP server that
   provides an intermediate relay function."

Adding a message-id is optional. ("...MAY be applied...")

Even worse, adding $myorigin without at least generating warnings
in both the logfile and the message header is probably against the
spirit of the RFC. See the last two paragraphs of section 6.3

I've been playing a bit with various settings and am now able
to generate a message id like <time.inodeADDED.BY.hostname>.
Also I can change "From: <user>" in "From: <userMISSING.INVALID>"
in stead of the ugly "From: <user$myorigin>". Similar for message-id.

Unfortunately, changing these properties happen after header_checks
so I cannot use it to reject messages. It would be a hack anyway...
so even if the bug is fixed [see header_checks(5)] it wouldn't be
a nice solution. Checks similar to envelope checking are prefered.

I understand that this subject is controversial, so it should be
configurable. Since I am talking about RFC2821, this could be
an smtpd configurable item. For instance: (Please note: this is for the
discussion, it is not intended as a ready to go implementation request!)

Actions are {discard, ignore, reject, warn, tag, tag_local}, most are
similar to what header_checks does. "tag" substitutes or appends the
remote ip address+invalid, "tag_local" would be the current behaviour
(and probably be the default).

smtpd_cleanup_restrictions =
    {action}_missing_{from, message_id}
    {action}_non_fqdn_header_{address, from, to, ...}
    {action}_local_header_{address, from, to, ...}
 (where "address" is less specific than "to" and provides a default)

example:
  smtpd_cleanup_restrictions =
           reject_missing_message_id
           reject_local_header_from
           tag_non_fqdn_header_address
           tag_local_non_fqdn_header_to

resulting in:
    "From: <friend>" --> "From: <friend169.254.10.21.invalid>"
    "Reply-To: <friend>" --> "From: <friend169.254.10.21.invalid>"
    "To: <user>" --> "To: <userhost.domain>"
    "From: <ab>" --> "From: <ab.169.254.10.21.invalid>"
    "From: <userhost.domain>" --> rejection
                
Of course there will be exceptions to take care of. The main goal is to
prevent helpdesk calls about mail from and/or replies to "user$myorigin"

cheers,
Alex
--
I ask you to respect any "Reply-To" and "Mail-Follow-Up" headers. If
you reply to me off-list, you'd better tell me you're doing so. If
you don't, and if I reply to the list, that's your problem, not mine.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]