Re: [exim] SRS still experimental?

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Heiko Schlittermann
日付:  
To: exim-users
題目: Re: [exim] SRS still experimental?
Kai Bojens via Exim-users <exim-users@???> (Mi 02 Okt 2019 10:03:21 CEST):
> Is there any chance that SRS[1] moves from "experimental" to "stable and
> activated by default" any time soon? I'm just asking because I prefer
> to use distribution provided packages instead of compiling exim by
> myself every second month.


Yes, I volounteered to develope an alternate workin SRS library as
a part of Exim. But I do not see to happen this for the upcoming release
4.93.

On a talk I proposed the following solution:

    # SPF for forwarding incoming
    log_selector = +return_path_on_delivery


    SRS_DOMAIN = …
    domainlist local_domains = SRS_DOMAIN : …


    hide perl_startup = use Mail::SRS;                          \
                my $srs = Mail::SRS->new(Secret => 'geheim');   \
                sub srs { $srs->forward(shift, 'SRS_DOMAIN') }  \
                sub unsrs { $srs->reverse(shift) }




    begin routers


    dnslookup:
        driver = dnslookup
        domains = !+local_domains
        transport = smtp
        no_more




    unsrs:
        driver = redirect
        senders = :
        domains = SRS_DOMAIN
        caseful_local_part
        local_parts = ^(?i)srs[01]=
        data = ${perl{unsrs}{$local_part@$domain}}
        allow_fail




    begin transports


    #SENDER_HAS_SPF = forany{<\n ${lookup dnsdb{txt=$sender_address_domain}}}{match{$item}{^(?i)v=spf1\\s}}
    SENDER_HAS_SPF = !eq{none}{${lookup{$sender_address}spf{0.0.0.0}}}
    SENDER_IS_LOCAL_DOMAIN = inlist{$sender_address_domain}{${listnamed:+local_domains}}


    smtp:
        driver = smtp
        return_path = ${if and{{!SENDER_IS_LOCAL_DOMAIN}{SENDER_HAS_SPF}}\
                {${perl{srs}{$sender_address}}}fail}


If someone is interested, I'd add some more comments and do some more
testing. But similiar implemntations we did for customers.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -