[Pymilter] SRS documentation on sendmail: broken links

Stuart Gathman stuart at gathman.org
Fri Nov 10 18:15:51 EST 2017


On 11/10/2017 05:11 PM, David Friedlander wrote:
>
> OK, i have been able to get pysrs working properly with sendmail
> SOCKETMAP support (a couple of weeks ago, actually).  However, it does
> not work for me with milter. (I keep getting timeouts from sendmail.)
> Is there a compelling reason why I should prefer milter if I have a
> functioning setup with socketmap, security or otherwise? 
The pysrs socketmap just adds the SRS encoding to outgoing localparts. 
Now you want to do the reverse for RCPT TO on incoming emails.  MAIL
FROM <> where the RCPT TO does not have SRS should be rejected.  Invalid
SRS should be rejected. 

By "milter", do you mean my all singing, all dancing, hopeless feature
creep bms milter?  I just got that working on EL7 with pysrs, and
updated github on Nov 8 (rpms at https://gathman.org/linux/el7).  I was
thinking we need srsmilter, just like we now have spfmilter and
dkim-milter - for when you just want to do that one thing. 

It is almost certainly possible to do the reverse SRS logic in sendmail
cf also (it *is* turing complete), using the same socketmap to do the
reversals (or leaving the RCPT TO unchanged) - but it would be easier
for me to just write that srsmilter.

It is *almost* possible to do the forward SRS in milter instead of
sendmail cf using the CHGFROM milter API.  However, milters cannot fully
handle the case of multiple recipients with different SRS policies (some
recipients are not RFC compliant and barf on perfectly valid localpart
chars) - you cannot CHGFROM independently for each recipient, as it can
only be called from the eom() callback.  That is why the forward map is
done via sendmail cf with a socketmap.





More information about the Pymilter mailing list