|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: How to retrieve SASL environment after a content filter
From: Alain NAKACHE (alain
alinto.net)
Date: Fri Aug 11 2006 - 08:34:13 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Wietse Venema a écrit :
> Alain NAKACHE:
>
>> Wietse Venema a ?crit :
>>
>>>> pipe(8) already have this extension since we can use ${sasl_username}.
>>>> Then cleanup/qmgr/pipe don't have to be modified. I'm wrong ? If yes,
>>>> how pipe(8) can be called with ${sasl*} environment ?
>>>>
>>> Who says that there is only SASL and nothing else? I expect that
>>> other people will be more interested in TLS attributes, because
>>> they use certificates instead of passwords. In a few months we can
>>> expect to have the exact same discussion for TLS attributes, and
>>> I am trying to get ahead of things.
>>>
>>>
>> It was ont my intention to ask for $sasl* only information. All smtpd
>> collected informations are welcome for me. In fact, we have coded our
>> own deliver frontend that decide or not to allow senders to write to a
>> batch ("|<cmd>") mail address base on SMTP authentication. For the
>> moment, we are using a patched version of QMail which insert/replace a
>> special header containing these informations.
>>
>
> Postfix can place such a special header too:
>
> smtpd_sasl_authenticated_header = yes
>
> Of course headers can be spoofed, but that applies to qmail too.
>
>
In our case we replace the header. It then overwrite the spoofed header.
Does Postfix behave like that ?
Alain
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]