I'm trying to implement SRS in my setup, using:
http://www.openspf.org/SRS
and the 'srs' debian package. Because i'm doing some test and i've not big
email flow, i'm implementing running directly the script, and not using the
'daemon/socket' mode.
Also, i want to use it only when i forward the email using forward data from
an LDAP database (mailRoutingAddress, old 'laser' schema). At least for now.
My current setup is:
SRS_SECRETFILE = /etc/exim4/srs_secret
SRS_HASHLENGTH = 8
SRS_DOMAIN = ac.test.it
[...]
user_ldap_redirect:
debug_print = "R: user_ldap_redirect for $local_part@$domain"
driver = redirect
domains = +local_domains
.ifdef LOCAL_MAILHOST_NAME
condition = ${if eq{\
${if eq{${lookup ldap {LOCAL_MAILHOST_LDAP_ROUTE_QUERY}}}{}\
{DEFAULT_MAILHOST_NAME}{${lookup ldap {LOCAL_MAILHOST_LDAP_ROUTE_QUERY}}}}\
}{LOCAL_MAILHOST_NAME}}
.endif
.ifdef SRS_SECRETFILE
address_data = ${run{/usr/bin/srs --secretfile=SRS_SECRETFILE --hashlength=SRS_HASHLENGTH --alias=SRS_DOMAIN $sender_address}{$value}{:fail: SRS failure}}
errors_to = ${quote_local_part:${local_part:$address_data}}@${domain:$address_data}
headers_add = "X-SRS-Rewrite: Sender address rewritten from <$sender_address> by $primary_hostname."
.endif
data = ${extract{1}{:}{${lookup ldap {LOCAL_USER_LDAP_REDIRECT_QUERY}}}}
check_ancestor
And seems to work, using 'exim -d -bhc':
[...]
--------> user_ldap_redirect router <--------
local_part=gaio domain=ac.test.it
checking domains
cached yes match for +local_domains
cached lookup data = NULL
ac.test.it in "+local_domains"? yes (matched "+local_domains" - cached)
R: user_ldap_redirect for gaio@???
processing address_data
direct command:
argv[0] = /usr/bin/srs
argv[1] = --secretfile=/etc/exim4/srs_secret
argv[2] = --hashlength=8
argv[3] = --alias=ac.test.it
argv[4] = gaio@???
calling user_ldap_redirect router
rda_interpret (string): ${extract{1}{:}{${lookup ldap {ldaps:///ou=People,dc=ac,dc=test,dc=it?mailRoutingAddress?one?(uid=$local_part)}}}}
search_open: ldap "NULL"
cached open
search_find: file="NULL"
key="ldaps:///ou=People,dc=ac,dc=test,dc=it?mailRoutingAddress?one?(uid=gaio)" partial=-1 affix=NULL starflags=0
LRU list:
:/etc/aliases
End
internal_search_find: file="NULL"
type=ldap key="ldaps:///ou=People,dc=ac,dc=test,dc=it?mailRoutingAddress?one?(uid=gaio)"
database lookup required for ldaps:///ou=People,dc=ac,dc=test,dc=it?mailRoutingAddress?one?(uid=gaio)
LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0 referrals=on
perform_ldap_search: ldap URL = "ldaps:///ou=People,dc=ac,dc=test,dc=it?mailRoutingAddress?one?(uid=gaio)" server=/var/run/slapd/ldapi port=0 sizelimit=0 timelimit=0 tcplimit=0
after ldap_url_parse: host=/var/run/slapd/ldapi port=0
re-using cached connection to LDAP server /var/run/slapd/ldapi
Start search
ldap_result loop
LDAP entry loop
LDAP attr loop mailRoutingAddress:marcogaio@???
search ended by ldap_result yielding 101
ldap_parse_result: 0
ldap_parse_result yielded 0: Success
LDAP search: returning: marcogaio@???
lookup yielded: marcogaio@???
expanded: marcogaio@???
file is not a filter file
parse_forward_list: marcogaio@???
extract item: marcogaio@???
skipped verify errors_to address: already verifying
user_ldap_redirect router generated marcogaio@???
errors_to=SRS0=yVj6WpJ/=HX=sv.work.it=gaio@??? transport=NULL
uid=unset gid=unset home=NULL
routed by user_ldap_redirect router
envelope to: gaio@???
transport: <none>
errors to SRS0=yVj6WpJ/=HX=sv.work.it=gaio@???
Cannot do callout: neither router nor transport provided a host list
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Considering marcogaio@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
routing marcogaio@???
[...]
--------> smarthost router <--------
local_part=marcogaio domain=libero.it
checking domains
cached no match for +local_domains
cached lookup data = NULL
libero.it in "! +local_domains"? yes (end of list)
R: smarthost for marcogaio@???
calling smarthost router
smarthost router called for marcogaio@???
domain = libero.it
route_item = * mailbus.fastweb.it byname
libero.it in "*"? yes (matched "*")
original list of hosts = "mailbus.fastweb.it" options = byname
expanded list of hosts = "mailbus.fastweb.it" options = byname
set transport remote_smtp_smarthost
finding IP address for mailbus.fastweb.it
calling host_find_byname
gethostbyname2(af=inet6) returned 1 (HOST_NOT_FOUND)
85.18.95.140 in "127.0.0.0/8 : 10.0.0.0/8 : 172.16.0.0/12 : 192.168.0.0/16"? no (end of list)
85.18.95.140 in "+bogus_hosts"? no (end of list)
fully qualified name = mailbus.fastweb.it
gethostbyname2 looked up these IP addresses:
name=mailbus.fastweb.it address=85.18.95.140
queued for remote_smtp_smarthost transport: local_part = marcogaio
domain = libero.it
errors_to=SRS0=yVj6WpJ/=HX=sv.work.it=gaio@???
domain_data=NULL localpart_data=NULL
routed by smarthost router
envelope to: marcogaio@???
transport: remote_smtp_smarthost
errors to SRS0=yVj6WpJ/=HX=sv.work.it=gaio@???
host mailbus.fastweb.it [85.18.95.140]
Attempting full verification using callout
locking /var/spool/exim4/db/callout.lockfile
locked /var/spool/exim4/db/callout.lockfile
EXIM_DBOPEN(/var/spool/exim4/db/callout)
returned from EXIM_DBOPEN
opened hints database /var/spool/exim4/db/callout: flags=O_RDWR
dbfn_read: key=libero.it
callout cache: found domain record
dbfn_read: key=marcogaio@???
callout cache: found address record
callout cache: address record is positive
----------- end verify ------------
[...]
But still the sender of the email is set to 'gaio@???'. What i'm missing?
Thanks.
--
Non sara` il canto delle sirene che ci innamorera`
noi lo conosciamo bene, l'abbiamo sentito gia` (F. De Gregori)