著者: Ted Cooper 日付: To: Kelly Jones CC: exim-users 題目: Re: [exim] Alternatives to sendmail and milter to control
SMTPconnections
Kelly Jones wrote: > I have an SMTP server that mostly just accepts mail (sends very little
> email out), and I want to write Perl/PHP scripts (not C code!) to
> control every step of a remote connection. At each step, I want the
> option to tempfail/permfail the email or even drop the connection
> entirely. Examples:
>
> Even before the sender says "HELO", I want the ability to return stuff like:
>
> 550 You're on an RBL. Go away.
> 450 Your IP address is already sending me mail. Try again later.
> [drop the connection silently w/ no message; prevents DOS attacks]
> [do nothing at all; let the sender go to the next step]
>
> After the sender says HELO, I might do:
>
> 550 Your HELO is *my* server? I don't think so!
> 450 HELO doesn't match domain, but if you connect twice more, I'll let you in
> 250 Hello, [ip address], how's it going?
>
> [in the 2nd case, I'd keep track of the senders HELO/IP combination
> somewhere, so I could ok them if they connected twice more]
>
> Same sort of thing after I get "MAIL FROM" (maybe I don't like certain
> senders) and each "RCPT TO" (I may graylist certain recipient-sender
> combinations).
>
> Finally, I want the ability to call an arbitrary Perl/PHP script after
> the DATA is sent (maybe run it through spamassassin)
>
> Basically, I'm looking for an SMTP server w/ lots of "hooks"--
> something that works well out of the box, but something I can also
> tweak easily if I want.
>
> I don't like the options I have so far:
>
> 1. Use sendmail and milter (requires coding in C, ugly macros, and
> hard to understand)
>
> 2. Write my own SMTP server (don't want to re-invent the wheel, even
> though the RFC doesn't seem THAT bad)
>
> What's the best SMTP server for my purposes?
>
> And, yes, I realize some of my examples above are lousy-- I'm looking
> for a solid foundation SMTP server to experiment with, not planning to
> use on a production system.
>
Everything in this list is done easily by exim, using just exim, without
you using perl or php. Some additional programs such as a greylistd may
be needed, but otherwise, it's all covered by exim and metric buttload
of documentation that NO ONE ever seems to read.
Each step of the SMTP transaction has an associated ACL in which you can
do pretty much anything you want, including running outside programs to
make decisions for you if you can't implement it with the existing
features of exim.
I have used most of the mail servers whos lists you posted to, and I can
say without too much bias that exim is the best of the lot for its
flexibility and features. Using Qmail is just insane. You have to be
insane to understand Sendmail. I've never used Postfix so I can't
comment on that one, but it just looks like Sendmail with a partially
cleaned up config file cluster.
If a customer of mine has one of these other mail servers implemented
(including Micro$uck $Exchance) and they don't want to change it, I
insist they have an exim box acting as both the incoming and outgoing
gateway. I stop about 90% of the crap before it even gets to the DATA stage.