[exim-dev] [PATCH] Rudimentary XFORWARD-support in smtp tran…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Kai Risku
Date:  
À: exim-dev
Sujet: [exim-dev] [PATCH] Rudimentary XFORWARD-support in smtp transport
Hi!

While trying to the p0f passive OS fingerprinting integration to work in
amavisd-new 2.4.1, I realized it depended on the Postfix XFORWARD
feature (see http://www.postfix.org/XFORWARD_README.html).

Instead of switching mailer (yeah, who would want to do that?), I hacked
in some rudimentary XFORWARD-support for the smtp transport in Exim
4.62. It is very limited in that it only supports the ADDR-attribute,
and there are probably lots of error-checking that I simply did not care
to do. However, the small hack might serve as a starting point for
someone with the inspiration to make a more full-fledged XFORWARD
implementation.

The following patch contains changes to a handful of source files (hope
it comes through intact):

--- exim-4.62/src/globals.h.orig    2006-05-15 19:50:01.000000000
+0300
+++ exim-4.62/src/globals.h    2006-05-15 19:52:23.000000000 +0300
@@ -558,6 +558,7 @@
 extern const pcre  *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA
(LMTP) */
 extern const pcre  *regex_PIPELINING;  /* For recognizing PIPELINING */
 extern const pcre  *regex_SIZE;        /* For recognizing SIZE settings
*/
+extern const pcre  *regex_XFORWARD_ADDR; /* For recognizing XFORWARD
ADDR */
 extern const pcre  *regex_ismsgid;     /* Compiled r.e. for message it
*/
 #ifdef WITH_CONTENT_SCAN
 extern uschar *regex_match_string;     /* regex that matched a line
(regex ACL condition) */
@@ -658,6 +659,7 @@
 extern int     smtp_rlr_threshold;     /* Threshold for RCPT rate limit
*/
 extern BOOL    smtp_use_pipelining;    /* Global for passed connections
*/
 extern BOOL    smtp_use_size;          /* Global for passed connections
*/
+extern BOOL       smtp_use_xforward_addr; /* Global for passed
connections */


 #ifdef WITH_CONTENT_SCAN
 extern uschar *spamd_address;          /* address for the spamassassin
daemon */
--- exim-4.62/src/globals.c.orig    2006-05-15 19:49:55.000000000
+0300
+++ exim-4.62/src/globals.c    2006-05-15 19:52:46.000000000 +0300
@@ -866,6 +866,7 @@
 const pcre *regex_IGNOREQUOTA  = NULL;
 const pcre *regex_PIPELINING   = NULL;
 const pcre *regex_SIZE         = NULL;
+const pcre *regex_XFORWARD_ADDR = NULL;
 const pcre *regex_ismsgid      = NULL;
 #ifdef WITH_CONTENT_SCAN
 uschar *regex_match_string     = NULL;
@@ -1063,6 +1064,7 @@
 int     smtp_rlr_threshold     = INT_MAX;
 BOOL    smtp_use_pipelining    = FALSE;
 BOOL    smtp_use_size          = FALSE;
+BOOL    smtp_use_xforward_addr = FALSE;


 #ifdef WITH_CONTENT_SCAN
 uschar *spamd_address          = US"127.0.0.1 783";
--- exim-4.62/src/exim.c.orig    2006-05-15 19:53:06.000000000 +0300
+++ exim-4.62/src/exim.c    2006-05-15 19:55:43.000000000 +0300
@@ -2193,6 +2193,15 @@
       break;
       }


+    /* -MCXA: set the smtp_use_xforward_addr flag; this is useful only
when
+    it preceded -MC (see above) */
+
+    else if (Ustrcmp(argrest, "CXA") == 0)
+      {
+      smtp_use_xforward_addr = TRUE;
+      break;
+      }
+
     /* -MCQ: pass on the pid of the queue-running process that started
     this chain of deliveries and the fd of its synchronizing pipe; this
     is useful only when it precedes -MC (see above) */
--- exim-4.62/src/deliver.c.orig    2006-05-15 19:50:07.000000000
+0300
+++ exim-4.62/src/deliver.c    2006-05-18 08:08:15.000000000 +0300
@@ -5987,6 +5987,10 @@


regex_must_compile(US"\\n250[\\s\\-]AUTH\\s+([\\-\\w\\s]+)(?:\\n|$)",
       FALSE, TRUE);


+  if (regex_XFORWARD_ADDR == NULL) regex_XFORWARD_ADDR =
+
regex_must_compile(US"\\n250[\\s\\-]XFORWARD\\s+(?:\\w+\\s+)*?ADDR(?:\\s
|\\n|$)",
+      FALSE, TRUE);
+
   #ifdef SUPPORT_TLS
   if (regex_STARTTLS == NULL) regex_STARTTLS =
     regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE,
TRUE);
--- exim-4.62/src/transport.c.orig    2006-05-15 19:53:12.000000000
+0300
+++ exim-4.62/src/transport.c    2006-05-15 19:55:00.000000000 +0300
@@ -1764,6 +1764,7 @@


if (smtp_use_size) argv[i++] = US"-MCS";
if (smtp_use_pipelining) argv[i++] = US"-MCP";
+ if (smtp_use_xforward_addr) argv[i++] = US"-MCXA";

   if (queue_run_pid != (pid_t)0)
     {
--- exim-4.62/src/transports/smtp.c.orig    2006-05-15
19:29:03.000000000 +0300
+++ exim-4.62/src/transports/smtp.c    2006-05-18 08:08:28.000000000
+0300
@@ -1137,6 +1137,15 @@
   DEBUG(D_transport) debug_printf("%susing PIPELINING\n",
     smtp_use_pipelining? "" : "not ");


+  /* see if the server supports XFORWARD ADDR */
+  smtp_use_xforward_addr = esmtp &&
+    pcre_exec(regex_XFORWARD_ADDR, NULL, CS buffer, Ustrlen(CS buffer),
0,
+      PCRE_EOPT, NULL, 0) >= 0;
+
+  DEBUG(D_transport) debug_printf("%susing XFORWARD ADDR\n",
+    smtp_use_xforward_addr? "" : "not ");
+
+
   /* Note if the response to EHLO specifies support for the AUTH
extension.
   If it has, check that this host is one we want to authenticate to,
and do
   the business. The host name and address must be available when the
@@ -1307,6 +1316,15 @@
 send_rset = TRUE;
 completed_address = FALSE;


+/* for clients supporting XFORWARD ADDR, we send this information first
*/
+ if (smtp_use_xforward_addr && sender_host_address!=NULL &&
*sender_host_address)
+     {
+         if (smtp_write_command(&outblock, FALSE, "XFORWARD
ADDR=%s\r\n", sender_host_address) < 0)
+             goto SEND_FAILED;
+         /* read the response, but blatantly ignore whatever
result */
+         smtp_read_response(&inblock, buffer, sizeof(buffer),
'2',
+
ob->command_timeout);
+     }


/* Initiate a message transfer. If we know the receiving MTA supports
the SIZE
qualification, send it, adding something to the message size to allow
for



--
Kai.Risku@???     GSM  +358-40-767 8282
Oy Arrak Software Ab   http://www.arrak.fi