odesilani mailu ze systemu: za zavinacem misto nazvu domeny FQDN hostu
Dan Lukes
dan at obluda.cz
Sat Jul 2 00:02:10 CEST 2005
Ehm, jeste ty slibene attachmenty ...
Pozor, tabulatory opravdu nejsou volne zamenne s mezerami.
Dan
=======================================================
dnl Nasledujici kod zaridi prepsani adresy odesilatele
dnl z formy 1 at 2.3.4... na 1+2.3.4... at 3.4...
dnl provede to ale jen pro ty adresy, kde je za zavinacem HOSTNAME stroje,
dnl na kterem MTA bezi. Ostatni adresy nechava nezmenene.
dnl funkce dostava jako parametr na vstupu emailovou adresu
dnl a na vystupu vraci take adresu - prepsanou
MAILER_DEFINITIONS
SMasqEnv
R$* $: <?> $1 ## prepise "adresa" na "<?> adresa"
R<?> $* < @ $j . > $* $: <!> $1 < @ $j . > $2 ## pokud je za zavinacem "moje" domena nahradi <?> za <!>
R<!> $* < @ $- . $* . > $* $: <?> $1+$2.$3 < @ $3 . > $4 ## zacina-li vyraz <!> provede prepis
R<?> $* $: $1 ## odstrani TAG takze zbyte hola cilova adresa
=======================================================
dnl Kontrola pripustnosti MAIL FROM adresy
dnl Nejprve proveri zda SMTP klient, ktery postu predava ma korektni DNS zaznamy
dnl k tomu vyuziva sendmailem predpripravene promenne 'client_resolve'
dnl Pote vyuzije dodefinovane funkce, ktera k casti adresy za zavinacem
dnl vrati nejlepsi MX zaznam. Odmitne dopis, pokud adresa zaznam nema (neexistuje)
dnl Nakonec prevede tento zaznam na IP. Odmitne dopis, pokud jmeno prevest nelze.
dnl Krome toho, koukne do 'access' na zaznam ve formatu 'MXFrom:IP' a domitne dopis
dnl take, pokud je v access uvedeno 'REJECT'. Tim lze odmitat dopisy, kde zdrojova
dnl adresa resolvi na 127.0.0.1, 10.x.y.z a dalsi podobne nedosazitelne ...
LOCAL_CONFIG
Kmxserved bestmx -z: -T<TEMP>
KAresolve dns -RA -T<TEMP>
LOCAL_RULESETS
SLocal_check_mail
R$* $: < $&{deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2
# check client name: first: did it resolve?
R$* $: < $&{client_resolve} > <$1>
R<TEMP> $* $#error $@ 4.7.1 $: "450 We do not accept mails from you now. Cannot resolve PTR record for " $&{client_addr}
R<FORGED> $* $#error $@ 5.7.1 $: "550 Rejected. The client's address " $&{client_name} " has no consistent hostname (reverse and forward lookup doesn't match)." " It's a common attribute of unsolicited mail and mail containing viruses." " Please contact your network administrator for futher assistance."
R<FAIL> $* $#error $@ 5.7.1 $: "550 Rejected. The DNS lookup failed for " $&{client_name} ". It's a common attribute of unsolicited mail and mail containing viruses." " Please contact your network administrator for futher assistance."
R<$*> $* $: $2
R<> $@ <OK> we MUST accept <> (RFC 1123)
R$+ $: $>3 $1 ### canonize sender
R$* < @ $+ > $: < : $(mxserved $2 $) : > < $1 < @$2 > > ### got MXs for sender's domain
R< : $* <TEMP> : > $* $#error $@ 4.7.1 $: "450 Can not check MX records for sender host " $1
R< : $+ : $* > < $+ > $: < : $1 : > < $3 > ### extract first MX server
R< : $+ : > < $+ > $: < : $(Aresolve $1 $: <PERM> $) : > < $1 > < $2 > obtain MX's IP address
R< : <TEMP> : > < $+ > $* $#error $@ 4.7.1 $: "450 Can not check IP for sender's best MX (" $1 ")"
R< : <PERM> : > < $+ > $* $#error $@ 5.5.4 $: "553 Sender's best MX (" $1 ") has no IP. Please contact your network administrator for futher assistance."
R< : $+ : > < $+ > < $+ > $: $>A <$1> <OK> <+ MXFrom> <$1> <$2> <$3>
R<REJECT> < $+ > < $+ > < $+ > $#error $@ 5.5.4 $: "553 We do not accept the mail because the FROM's best MX IP (" $1 ") is forbidden by system policy"
R<OK> < $+ > < $+ > < $+ > $@ <OK>
R<RELAY> < $+ > < $+ > < $+ > $@ <OK>
R< $+ > < $+ > < $+ > < $+ > $: $4
=======================================================
More information about the Users-l
mailing list