mirror of
https://github.com/decke/smtprelay.git
synced 2026-04-25 12:55:54 +03:00
[GH-ISSUE #8] More flexible control over allowed user "from" address #1
Labels
No labels
bug
pull-request
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/smtprelay#1
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @JonathonReinhart on GitHub (Feb 13, 2021).
Original GitHub issue: https://github.com/decke/smtprelay/issues/8
Prior to #7, authorized users could only send from a single email address. #7 allowed that field in the
allowedUsersfile to be empty, allowing that user to send from any email address.I would like to have more control, and allow something between 1 and ∞ addreses.
One use case I've identified is very common on Linux machines, running Postfix, where
sendmail(without-ror any remapping) will send from$USER@appserver.internal.example.com. That same machine might also run an application that wants to send asapp@example.comThis won't work withsmptrelaytoday, without allowing the server to send as(anyone)@example.comwhich is more dangerous.Options
I have a couple different ideas for handling this:
Option 1
Expand the
allowedUsersparts[2]syntax even further with two enhancements:internal.example.com(or perhaps@internal.example.com) to mean(anyone)@internal.example.comThe config file for my stated usecase would be:
Pros:
Cons:
Option 2
Update the
allowedUsersparts[2]syntax to accept a regular expression.The config file for my stated usecase would be:
I'm not sure that this can be implemented without breaking backwards compatibility. For example, consider an old config file like this:
If we switched
parts[2]to unconditionally be a regex, then the patternjoe@example.comwould erroneously also match:bobjoe@example.comjoe@example.com.eduThere are options here:
regex::joe passwdhash regex:^.*@example.com$allowed_users_uses_regex = true)Pros:
allowedRecipients,allowedSender)Cons:
I suggest Option 1. A regex is probably more powerful than any user will need, and there are a lot of characters allowed in the local-part of an email address that are special in a regex, requiring escaping.
@decke commented on GitHub (Feb 13, 2021):
Is there a reason why you cannot have two different users?
@JonathonReinhart commented on GitHub (Feb 13, 2021):
The way I'm using
smtprelay, each internal server machine has its local MTA (Postfix or Exim4) configured to use the relay, and is configured with a username. This MTA handles mail from either localsendmailinvocations (which will usually send as e.g.root@server.internal.example.com) or "applications" (which may send as e.g.app@example.com). By allowing this one authenticated user to send from several addresses, or from an entire subdomain, it greatly simplifies per-server configuration.@decke commented on GitHub (Feb 14, 2021):
Okay, this case is a bit similar to "account with multiple sender addresses" and I see that it makes sense. What I am not convinced yet is how to properly integrate it. The way you have chosen seems problematic because it makes assumptions what it means that is written in the email field. A kind of regex, glob, pattern would avoid this problem but I agree that it can be a pain to read and parse properly with our weak format in that file.
@JonathonReinhart commented on GitHub (Feb 14, 2021):
Did you see PR #9 yet? I implemented Option 1, which unambiguously expands the meaning of the third field without breaking backwards compatibility. It is running in production right now.
In #9, the field is a comma-separated list of email addresses or domains. That remains backwards-compatible with the existing single address: An existing single address will be interpreted as a list of of length 1. I have unit tests to prove this is backwards-compatible.
Edit: Err, sorry I didn't see your comments on #9. I see now that I didn't realize that smtprelay could receive mail with local-only addresses (no
@domain.com).