recommended smtp proxy script?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

recommended smtp proxy script?

Håkon Alstadheim
I'm thinking about hacking on a before queue proxy filter, but the link
to suggested perl framework at
http://www.postfix.org/SMTPD_PROXY_README.html seems dead. I googled
"Bennett Todd smtp proxy", which brings mee to a git repo last updated
five years ago.

What is the current best starting point for hacking a proxy filter?

I'm running debian stretch on the mail-server, but I believe that would
be irrelevant in this case, as pulling a pre-packaged .deb would only
create extra clutter.
Reply | Threaded
Open this post in threaded view
|

Re: recommended smtp proxy script?

Matus UHLAR - fantomas
On 13.10.17 12:25, Håkon Alstadheim wrote:
>I'm thinking about hacking on a before queue proxy filter, but the link
>to suggested perl framework at
>http://www.postfix.org/SMTPD_PROXY_README.html seems dead. I googled
>"Bennett Todd smtp proxy", which brings mee to a git repo last updated
>five years ago.

what exactly do you need smtp proxy for?

you can use milter with about the same effect milters can do
(and the milter protocol supports some features not found in proxy)

there are some milters around - spamass-*, clamav-* , amavisd-*

the only important part is - you apparently should not use milter on
submission ports.

>What is the current best starting point for hacking a proxy filter?
>
>I'm running debian stretch on the mail-server, but I believe that would
>be irrelevant in this case, as pulling a pre-packaged .deb would only
>create extra clutter.

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Despite the cost of living, have you noticed how popular it remains?
Reply | Threaded
Open this post in threaded view
|

Re: recommended smtp proxy script?

Daniele Nicolodi
On 13/10/17 10:40, Matus UHLAR - fantomas wrote:
> the only important part is - you apparently should not use milter on
> submission ports.

Why?

Cheers,
Dan
Reply | Threaded
Open this post in threaded view
|

Re: recommended smtp proxy script?

Robert Schetterer-2
Am 13.10.2017 um 20:42 schrieb Daniele Nicolodi:
> On 13/10/17 10:40, Matus UHLAR - fantomas wrote:
>> the only important part is - you apparently should not use milter on
>> submission ports.
>
> Why?
>
> Cheers,
> Dan
>

some milters are fine to use with submission
others not, i.e clamav-milter should work, spamass-milter
on the other hand may slow down sending mail, which might lead to anger
for users, it needs time to find out spamness of an email by doing i.e
outside network operations with razor etc.
So it simply depends on what you trying to goal .....,rethink of your
whole mail design , look at your logs then choose the tool or tec which
design fits best for desired task


Best Regards
MfG Robert Schetterer

--
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
Reply | Threaded
Open this post in threaded view
|

Re: recommended smtp proxy script?

Daniele Nicolodi
On 13/10/17 15:30, Robert Schetterer wrote:

> Am 13.10.2017 um 20:42 schrieb Daniele Nicolodi:
>> On 13/10/17 10:40, Matus UHLAR - fantomas wrote:
>>> the only important part is - you apparently should not use milter on
>>> submission ports.
>>
>> Why?
>>
>
> some milters are fine to use with submission
> others not, i.e clamav-milter should work, spamass-milter
> on the other hand may slow down sending mail, which might lead to anger
> for users, it needs time to find out spamness of an email by doing i.e
> outside network operations with razor etc.
> So it simply depends on what you trying to goal .....,rethink of your
> whole mail design , look at your logs then choose the tool or tec which
> design fits best for desired task

This is a much less categorical statement.

The possible issues you point out are not specific to milters, but apply
to all mail filtering techniques.

Cheers,
Dan
Reply | Threaded
Open this post in threaded view
|

Re: recommended smtp proxy script?

Håkon Alstadheim
In reply to this post by Matus UHLAR - fantomas


Den 13. okt. 2017 18:40, skrev Matus UHLAR - fantomas:

> On 13.10.17 12:25, Håkon Alstadheim wrote:
>> I'm thinking about hacking on a before queue proxy filter, but the link
>> to suggested perl framework at
>> http://www.postfix.org/SMTPD_PROXY_README.html seems dead. I googled
>> "Bennett Todd smtp proxy", which brings mee to a git repo last updated
>> five years ago.
>
> what exactly do you need smtp proxy for?>
> you can use milter with about the same effect milters can do
> (and the milter protocol supports some features not found in proxy)
>
I'm contemplating some unsavoury rewriting of incoming mail to make
bloated mails better suited for my personal devices. milter looks like
an easier fit, yes.

Looking into hacking mimedefang for my needs. Seems it is intended for
this kind of hacking, but starting from almost-scratch with a bare-bones
smtp proxy would be cleaner, and maybe more educational for me.

Process of implementing might even educate me to the point where I
realize I should not be doing this :-)

More features is not what I'm looking for. Quite happy with some rbls
and rspamd milter.

> there are some milters around - spamass-*, clamav-* , amavisd-*
>
> the only important part is - you apparently should not use milter on
> submission ports.
>
>> What is the current best starting point for hacking a proxy filter?
>>
>> I'm running debian stretch on the mail-server, but I believe that would
>> be irrelevant in this case, as pulling a pre-packaged .deb would only
>> create extra clutter.
>
Reply | Threaded
Open this post in threaded view
|

Re: recommended smtp proxy script?

Håkon Alstadheim
In reply to this post by Matus UHLAR - fantomas


Den 13. okt. 2017 18:40, skrev Matus UHLAR - fantomas:
> On 13.10.17 12:25, Håkon Alstadheim wrote:
>> I'm thinking about hacking on a before queue proxy filter, but the link
>
> the only important part is - you apparently should not use milter on
> submission ports.

Forgot answering this point. My filter WOULD be on the smtpd listening
on port 25. Going with a mimedefang hack for now anyway. Progressing
slowly, setting up mimedefang in a bare-bones fashion first.

Reply | Threaded
Open this post in threaded view
|

Re: recommended smtp proxy script?

Matus UHLAR - fantomas
In reply to this post by Daniele Nicolodi
>>> On 13/10/17 10:40, Matus UHLAR - fantomas wrote:
>>>> the only important part is - you apparently should not use milter on
>>>> submission ports.

>> Am 13.10.2017 um 20:42 schrieb Daniele Nicolodi:
>>> Why?

>On 13/10/17 15:30, Robert Schetterer wrote:
>> some milters are fine to use with submission
>> others not, i.e clamav-milter should work, spamass-milter
>> on the other hand may slow down sending mail, which might lead to anger
>> for users, it needs time to find out spamness of an email by doing i.e
>> outside network operations with razor etc.
>> So it simply depends on what you trying to goal .....,rethink of your
>> whole mail design , look at your logs then choose the tool or tec which
>> design fits best for desired task

Yes, I should have explained it. Simply said - anything that takes much time
should apparently not be used on submission ports, or you may expect your
users to complain about long mail sending delays.

OTOH, it's more effective when you want to reject mail at SMTP time,
because in that case you don't have to generate bounces.

Just be careful that the processing is done within 10 minutes, which is the
timeout for DATA trermination phase, otherwse you can encounter data
duplication or message retransmission. It may be better to have this under 5
minutes.

On 13.10.17 16:09, Daniele Nicolodi wrote:
>This is a much less categorical statement.
>
>The possible issues you point out are not specific to milters, but apply
>to all mail filtering techniques.

this applies to smtp proxy and milters, but it doesn't apply to content
filter, since that one applies after mail has been received.

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool.