Kai Bojens via Exim-users <exim-users@???> (Mi 02 Okt 2019 10:03:21 CEST):
> Is there any chance that SRS[1] moves from "experimental" to "stable and
> activated by default" any time soon? I'm just asking because I prefer
> to use distribution provided packages instead of compiling exim by
> myself every second month.
Yes, I volounteered to develope an alternate workin SRS library as
a part of Exim. But I do not see to happen this for the upcoming release
4.93.
On a talk I proposed the following solution:
# SPF for forwarding incoming
log_selector = +return_path_on_delivery
SRS_DOMAIN = …
domainlist local_domains = SRS_DOMAIN : …
hide perl_startup = use Mail::SRS; \
my $srs = Mail::SRS->new(Secret => 'geheim'); \
sub srs { $srs->forward(shift, 'SRS_DOMAIN') } \
sub unsrs { $srs->reverse(shift) }
…
begin routers
dnslookup:
driver = dnslookup
domains = !+local_domains
transport = smtp
no_more
…
unsrs:
driver = redirect
senders = :
domains = SRS_DOMAIN
caseful_local_part
local_parts = ^(?i)srs[01]=
data = ${perl{unsrs}{$local_part@$domain}}
allow_fail
…
begin transports
#SENDER_HAS_SPF = forany{<\n ${lookup dnsdb{txt=$sender_address_domain}}}{match{$item}{^(?i)v=spf1\\s}}
SENDER_HAS_SPF = !eq{none}{${lookup{$sender_address}spf{0.0.0.0}}}
SENDER_IS_LOCAL_DOMAIN = inlist{$sender_address_domain}{${listnamed:+local_domains}}
smtp:
driver = smtp
return_path = ${if and{{!SENDER_IS_LOCAL_DOMAIN}{SENDER_HAS_SPF}}\
{${perl{srs}{$sender_address}}}fail}
If someone is interested, I'd add some more comments and do some more
testing. But similiar implemntations we did for customers.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
