I've been working on a piece of anti-spam software which sits between
the Internet and the local receiver-SMTP, which for the moment is
Exim. My software (SAUCE) uses sendmail -bs communicating through
pipes and passes options like -oMa to exim to tell it the real
characteristics of the incoming SMTP connection.
I've found that even though the user doing this is trusted as far as
Exim is concerned, the information passed by SAUCE does not end up in
the Received lines generated. A typical invocation might be:
sendmail -bs -oem -oMa 127.0.0.1 -oMr smtp -oMs localhost -oMt ian
and the following transaction takes place between SAUCE and Exim:
22:53:36 << 220 anarres.greenend.org.uk ESMTP Exim 2.02 #1 Wed, 9 Sep 1998 22:53:36 +0100
22:53:36 >> helo anarres.greenend.org.uk
22:53:36 << 250 anarres.greenend.org.uk Hello ian at localhost [127.0.0.1]
22:53:36 >> mail from:<real-testac@???>
22:53:36 << 250 <real-testac@???> is syntactically correct
22:53:37 >> rcpt to:<ian@???>
22:53:37 << 250 <ian@???> is syntactically correct
22:53:37 >> data
22:53:37 >> .
22:53:37 << 250 OK id=0zGsBF-00019X-00
The results are a message like this:
From real-testac@??? Wed Sep 09 22:53:27 1998
Return-path: <real-testac@???>
Envelope-to: ian@???
Delivery-date: Wed, 9 Sep 1998 22:53:27 +0100
Received: from anarres.greenend.org.uk [172.18.45.2] (mail)
by davenant.greenend.org.uk with esmtp (Exim 1.92 #1)
id 0zGsB4-0007ZE-00 (Debian); Wed, 9 Sep 1998 22:53:26 +0100
Received: from ian by anarres.greenend.org.uk with smtp (Exim 2.02 #1)
id 0zGsBF-00019X-00 (Debian); Wed, 9 Sep 1998 22:53:37 +0100
Subject: non-blacklisted user to normal
From: real-testac@???
Message-ID: <sauce-test-893106369-b@???>
Bcc:
Date: Wed, 9 Sep 1998 22:53:37 +0100
I would have been hoping for something like:
Received: from localhost [127.0.0.1] (ian)
by anarres.greenend.org.uk with smtp (Exim 2.02 #2)
id 0zGsfL-00019X-00 (Debian); Wed, 9 Sep 1998 22:53:37 +0100
For completeness, I attach a copy of anarres's exim.conf below, but I
don't think it will be very relevant. For the account I'm testing
SAUCE as (and SAUCE does not ever change it's uid or gids), `id' says:
uid=100(ian) gid=100(ian) groups=100(ian),0(root),6(disk),8(mail),9(news),24(cdrom),25(floppy),26(tape),29(audio),33(www-data),35(dos),37(operator),40(src),50(staff),60(games),300(exim),500(midhurst)
Examining debugging output and source code, I see that the problem is
that sender_fullhost is not set by the time the Received header is
generated. In particular, if I apply the following patch to exim.c
then it works fine:
--- src/exim.c~ Mon Aug 3 11:27:34 1998
+++ src/exim.c Wed Sep 9 23:16:58 1998
@@ -2470,7 +2470,7 @@
already been done (which it will have been for inetd). This caters for the
case when it is forced by -oMa. */
-if (sender_host_address != NULL && sender_fullhost != NULL)
+if (sender_host_address != NULL)
host_build_sender_fullhost();
/* Otherwise, set the sender host as unknown. This prevents host checking in
Earlier on, sender_fullhost usually gets set for an inetd-like SMTP
connection only if is_inetd is true. The rules for this seem somewhat
haphazard (having to do with what username exim is running as as well
as the properties of its stdin). Perhaps I need explicit control of
the `from inetd' flag, or perhaps the -oMa option should make is_inetd
become true.
It should certainly be possible to force Exim to really believe all
the stuff I'm putting in its command line options about the incoming
connection. I really also want the anti-relay checking to be done by
Exim, because SAUCE does not reimplement that.
Considering the nature of is_inetd, perhaps a better patch would be
the one below, which makes -oMa turn a non-is_inetd -bs call into one
pretty much functionally equivalent to an is_inetd one. (I didn't
want to set is_inetd because that implies that inetd_sock is valid;
also, I had to arrange for ENOTSOCK from getsockopt to be ignored.)
The patch below also turns up what I think is a memory management bug
in verify.c - see my previous message.
I'm going to run with the patch below for a bit, to see how things go.
I'd appreciate it if you (Philip Hazel) could put some change to
achieve the effect I'm looking for into the next version. If you like
the patch below (and the memory management patches I posted earlier)
I'll get the Debian Exim maintainer to include them straight away.
Thanks,
Ian.
--- src/exim.c~ Mon Aug 3 11:27:34 1998
+++ src/exim.c Wed Sep 9 23:45:13 1998
@@ -1659,7 +1659,7 @@
get it now, because some OS require the first call to os_getloadavg() to
be done as root. What a pain. */
-if ((is_inetd && smtp_load_reserve >= 0) ||
+if (((is_inetd || sender_host_address) && smtp_load_reserve >= 0) ||
(queue_only_load >= 0 &&
(smtp_input || extract_recipients ||
(recipients_arg < argc && !checking))))
@@ -2463,6 +2463,13 @@
verify_get_ident(0);
host_build_sender_fullhost();
set_process_info("handling incoming connection from %s via inetd",
+ sender_fullhost);
+ }
+
+if (!is_inetd && sender_host_address)
+ {
+ host_build_sender_fullhost();
+ set_process_info("handling incoming connection from %s with -oMa",
sender_fullhost);
}
--- src/smtp_in.c~ Mon Aug 3 11:27:37 1998
+++ src/smtp_in.c Wed Sep 9 23:52:48 1998
@@ -908,11 +908,14 @@
if (getsockopt(fileno(smtp_out), IPPROTO_IP, IP_OPTIONS, (char *)(ipopt),
&optlen) < 0)
{
- log_write(0, LOG_MAIN, "getsockopt() failed from %s: %s",
- host_and_ident(), strerror(errno));
- DEBUG(3) debug_printf("451 SMTP service not available\n");
- fprintf(smtp_out, "451 SMTP service not available\r\n");
- return FALSE;
+ if (errno != ENOTSOCK)
+ {
+ log_write(0, LOG_MAIN, "getsockopt() failed from %s: %s",
+ host_and_ident(), strerror(errno));
+ DEBUG(3) debug_printf("451 SMTP service not available\n");
+ fprintf(smtp_out, "451 SMTP service not available\r\n");
+ return FALSE;
+ }
}
else if (optlen > 0)
# This is the main exim configuration file.
# It was originally generated by `eximconfig', part of the exim package
# distributed with Debian, but it may edited by the mail system administrator.
# This file originally generated by eximconfig at Mon Dec 8 00:38:39 GMT 1997
# See exim info section for details of the things that can be configured here.
# General configuration here, such as local domains
LOCAL_HOSTS=anarres.greenend.org.uk:localhost
#local_interfaces=127.0.0.1
qualify_domain=davenant.greenend.org.uk
local_domains=
local_domains_include_host
local_domains_include_host_literals
accept_8bitmime
delivery_date_remove
envelope_to_remove
return_path_remove
receiver_verify_except_hosts=LOCAL_HOSTS
smtp_verify
receiver_verify
sender_verify
sender_verify_log_details
sender_verify_reject
percent_hack_domains=
security=setuid+seteuid
trusted_users=majordom:mail:ian
trusted_groups=mail:daemon:news:majordom:root
primary_hostname=anarres.greenend.org.uk
receiver_unqualified_hosts=LOCAL_HOSTS
sender_unqualified_hosts=LOCAL_HOSTS
sender_host_accept_relay=LOCAL_HOSTS
relay_domains=davenant.greenend.org.uk
log_smtp_confirmation
gecos_pattern = ^([^,:]*)
gecos_name = $1
received_header_text = "Received: \
${if def:sender_fullhost {from ${sender_fullhost} \
${if def:sender_ident {(${sender_ident})}}\n\t}\
{${if def:sender_ident {from ${sender_ident} }}}}\
by ${primary_hostname} \
${if def:received_protocol {with ${received_protocol}}} \
(Exim ${version_number} #${compile_number})\n\t\
id ${message_id} (Debian)"
end
######################################################################
# TRANPORTS CONFIGURATION #
######################################################################
#local_delivery:
# driver = appendfile;
# group = mail
# mode = 0660
# file = /var/spool/mail/${local_part}
#address_pipe:
# driver = pipe;
#address_file:
# driver = appendfile
#address_reply:
# driver = autoreply
# General configuration for SMTP delivery
smtp:
driver = smtp;
end
######################################################################
# DIRECTORS CONFIGURATION #
######################################################################
#real_local:
# prefix = real-,
# driver = localuser,
# transport = local_delivery;
#system_aliases:
# driver = aliasfile;
# file = /etc/aliases,
# search_type = lsearch
# user = list
# Uncomment the above line if you are running smartlist
#userforward:
# no_verify,
# driver = forwardfile;
# file = .forward,
## filter
smart:
driver = smartuser;
new_address = ${local_part}@???
end
######################################################################
# ROUTERS CONFIGURATION #
######################################################################
smarthost:
driver = domainlist,
transport = smtp;
route_list = "* davenant.greenend.org.uk bydns_mx"
end
######################################################################
# RETRY CONFIGURATION #
######################################################################
# Domain Error Retries
# ------ ----- -------
* * F,2h,15m; G,16h,2h,1.5; F,4d,8h
end
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# These rewriters make sure the mail messages appear to have originated
# from the real mail-reading host.
#^(root|postmaster|mailer-daemon)@davenant.greenend.org.uk ${1}@??? Ffr
#*@davenant.greenend.org.uk ${1}@??? Ffr
#*@in.limbo ian@??? Ffr
# End of Exim configuration file
--
*** Exim information can be found at
http://www.exim.org/ ***
