Hi!
While trying to the p0f passive OS fingerprinting integration to work in
amavisd-new 2.4.1, I realized it depended on the Postfix XFORWARD
feature (see
http://www.postfix.org/XFORWARD_README.html).
Instead of switching mailer (yeah, who would want to do that?), I hacked
in some rudimentary XFORWARD-support for the smtp transport in Exim
4.62. It is very limited in that it only supports the ADDR-attribute,
and there are probably lots of error-checking that I simply did not care
to do. However, the small hack might serve as a starting point for
someone with the inspiration to make a more full-fledged XFORWARD
implementation.
The following patch contains changes to a handful of source files (hope
it comes through intact):
--- exim-4.62/src/globals.h.orig 2006-05-15 19:50:01.000000000
+0300
+++ exim-4.62/src/globals.h 2006-05-15 19:52:23.000000000 +0300
@@ -558,6 +558,7 @@
extern const pcre *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA
(LMTP) */
extern const pcre *regex_PIPELINING; /* For recognizing PIPELINING */
extern const pcre *regex_SIZE; /* For recognizing SIZE settings
*/
+extern const pcre *regex_XFORWARD_ADDR; /* For recognizing XFORWARD
ADDR */
extern const pcre *regex_ismsgid; /* Compiled r.e. for message it
*/
#ifdef WITH_CONTENT_SCAN
extern uschar *regex_match_string; /* regex that matched a line
(regex ACL condition) */
@@ -658,6 +659,7 @@
extern int smtp_rlr_threshold; /* Threshold for RCPT rate limit
*/
extern BOOL smtp_use_pipelining; /* Global for passed connections
*/
extern BOOL smtp_use_size; /* Global for passed connections
*/
+extern BOOL smtp_use_xforward_addr; /* Global for passed
connections */
#ifdef WITH_CONTENT_SCAN
extern uschar *spamd_address; /* address for the spamassassin
daemon */
--- exim-4.62/src/globals.c.orig 2006-05-15 19:49:55.000000000
+0300
+++ exim-4.62/src/globals.c 2006-05-15 19:52:46.000000000 +0300
@@ -866,6 +866,7 @@
const pcre *regex_IGNOREQUOTA = NULL;
const pcre *regex_PIPELINING = NULL;
const pcre *regex_SIZE = NULL;
+const pcre *regex_XFORWARD_ADDR = NULL;
const pcre *regex_ismsgid = NULL;
#ifdef WITH_CONTENT_SCAN
uschar *regex_match_string = NULL;
@@ -1063,6 +1064,7 @@
int smtp_rlr_threshold = INT_MAX;
BOOL smtp_use_pipelining = FALSE;
BOOL smtp_use_size = FALSE;
+BOOL smtp_use_xforward_addr = FALSE;
#ifdef WITH_CONTENT_SCAN
uschar *spamd_address = US"127.0.0.1 783";
--- exim-4.62/src/exim.c.orig 2006-05-15 19:53:06.000000000 +0300
+++ exim-4.62/src/exim.c 2006-05-15 19:55:43.000000000 +0300
@@ -2193,6 +2193,15 @@
break;
}
+ /* -MCXA: set the smtp_use_xforward_addr flag; this is useful only
when
+ it preceded -MC (see above) */
+
+ else if (Ustrcmp(argrest, "CXA") == 0)
+ {
+ smtp_use_xforward_addr = TRUE;
+ break;
+ }
+
/* -MCQ: pass on the pid of the queue-running process that started
this chain of deliveries and the fd of its synchronizing pipe; this
is useful only when it precedes -MC (see above) */
--- exim-4.62/src/deliver.c.orig 2006-05-15 19:50:07.000000000
+0300
+++ exim-4.62/src/deliver.c 2006-05-18 08:08:15.000000000 +0300
@@ -5987,6 +5987,10 @@
regex_must_compile(US"\\n250[\\s\\-]AUTH\\s+([\\-\\w\\s]+)(?:\\n|$)",
FALSE, TRUE);
+ if (regex_XFORWARD_ADDR == NULL) regex_XFORWARD_ADDR =
+
regex_must_compile(US"\\n250[\\s\\-]XFORWARD\\s+(?:\\w+\\s+)*?ADDR(?:\\s
|\\n|$)",
+ FALSE, TRUE);
+
#ifdef SUPPORT_TLS
if (regex_STARTTLS == NULL) regex_STARTTLS =
regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE,
TRUE);
--- exim-4.62/src/transport.c.orig 2006-05-15 19:53:12.000000000
+0300
+++ exim-4.62/src/transport.c 2006-05-15 19:55:00.000000000 +0300
@@ -1764,6 +1764,7 @@
if (smtp_use_size) argv[i++] = US"-MCS";
if (smtp_use_pipelining) argv[i++] = US"-MCP";
+ if (smtp_use_xforward_addr) argv[i++] = US"-MCXA";
if (queue_run_pid != (pid_t)0)
{
--- exim-4.62/src/transports/smtp.c.orig 2006-05-15
19:29:03.000000000 +0300
+++ exim-4.62/src/transports/smtp.c 2006-05-18 08:08:28.000000000
+0300
@@ -1137,6 +1137,15 @@
DEBUG(D_transport) debug_printf("%susing PIPELINING\n",
smtp_use_pipelining? "" : "not ");
+ /* see if the server supports XFORWARD ADDR */
+ smtp_use_xforward_addr = esmtp &&
+ pcre_exec(regex_XFORWARD_ADDR, NULL, CS buffer, Ustrlen(CS buffer),
0,
+ PCRE_EOPT, NULL, 0) >= 0;
+
+ DEBUG(D_transport) debug_printf("%susing XFORWARD ADDR\n",
+ smtp_use_xforward_addr? "" : "not ");
+
+
/* Note if the response to EHLO specifies support for the AUTH
extension.
If it has, check that this host is one we want to authenticate to,
and do
the business. The host name and address must be available when the
@@ -1307,6 +1316,15 @@
send_rset = TRUE;
completed_address = FALSE;
+/* for clients supporting XFORWARD ADDR, we send this information first
*/
+ if (smtp_use_xforward_addr && sender_host_address!=NULL &&
*sender_host_address)
+ {
+ if (smtp_write_command(&outblock, FALSE, "XFORWARD
ADDR=%s\r\n", sender_host_address) < 0)
+ goto SEND_FAILED;
+ /* read the response, but blatantly ignore whatever
result */
+ smtp_read_response(&inblock, buffer, sizeof(buffer),
'2',
+
ob->command_timeout);
+ }
/* Initiate a message transfer. If we know the receiving MTA supports
the SIZE
qualification, send it, adding something to the message size to allow
for
--
Kai.Risku@??? GSM +358-40-767 8282
Oy Arrak Software Ab http://www.arrak.fi