|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: How to retrieve SASL environment after a content filter
From: Alain NAKACHE (alain
alinto.net)
Date: Fri Aug 11 2006 - 04:24:21 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Wietse Venema a écrit :
> Alain NAKACHE:
>
>> Hi all,
>>
>> In our own deliver command called by a pipe(8), we need to retrieve
>> ${sasl_username} but this information is lost after the content_filter
>> (amavisd-new).
>>
>> Did someone found a method to pass this information through the
>> content_filter directive ?
>>
>
> This requires extension of the XFORWARD protocol, in a manner that
> doesn't require updating XFORWARD_README every time an SASL or TLS
> attribute is added.
>
> One way is for the SMTP server to announce a pseudo attribute name
> such as X-OTHER, meaning that the client can send any attribute
> names that start with X-, such as X-SASL_SENDER, X-SASL_USERNAME,
> etc., without having to negotiate with the server.
>
> The sending process would have to xtext-encode attribute values
> before transmission, and the receiving process would have to decode
> and sanitize them before use.
>
> This involves Postfix changes in several places:
>
> - smtpd needs to to receive additional xforwarded attributes
>
> - smtpd needs to send additional xforwarded attributes to smtpd
> proxy client
>
> - smtpd needs to send additional xforwarded attributes to cleanup
>
>
ok
> - cleanup needs to store additional xforwarded attributes into queue
> file
>
> - qmgr needs to retrieve additional xforwarded attributes from queue
> file
>
> - qmgr needs to send additional xforwarded attributes to delivery
> agents
>
> - delivery agents need to send additional xforwarded attributes to
> non-postfix command
>
>
pipe(8) already have this extension since we can use ${sasl_username}.
Then cleanup/qmgr/pipe don't have to be modified. I'm wrong ? If yes,
how pipe(8) can be called with ${sasl*} environment ?
> - fallback/mailbox/best_mx_transport need to pass on additional
> xforwarded attributes to delivery agents
>
>
ok
> Leave out any of the above steps, and the result is a broken mail
> system that behaves inconsistently in surprising ways.
>
>
Very pessimistic conclusion :-(. Do you stil consider such an
improvement for say postfix 2.4 ?
> Wietse
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]