[Mimedefang] TLS {verify} macro patch, notes
Jeremy Mates
jmates at sial.org
Thu Oct 31 14:47:01 EST 2002
The milter interface in sendmail 8.12.6 does not pass the TLS {verify}
macro by default. This macro is useful on the perl side of things to
see whether the TLS verification succeeded. To get this information
to mimedefang.pl, mimedefang.c must be patched:
--- mimedefang.c.orig Thu Oct 31 11:09:00 2002
+++ mimedefang.c Thu Oct 31 11:09:25 2002
@@ -624,6 +624,7 @@
write_macro_value(ctx, "mail_host");
write_macro_value(ctx, "mail_mailer");
write_macro_value(ctx, "tls_version");
+ write_macro_value(ctx, "verify");
DEBUG_EXIT("envfrom", __LINE__, "SMFIS_CONTINUE");
return SMFIS_CONTINUE;
}
Additionally, the following must be added to the .mc file for
sendmail.cf to pass the usual xxfi_helo macros plus {verify}:
define(`confMILTER_MACROS_HELO', ``{tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}, {verify}'')
Leaving {verify} out of the confMILTER_MACROS_HELO list causes no
errors I could see; the value is simply not available on the perl
side of things.
For more information:
http://www.sendmail.org/~ca/email/starttls.html#starttlsmacros
libmilter/docs/smfi_getsymval.html (under Sendmail source)
--
Jeremy Mates http://www.sial.org/
OpenPGP: 0x11C3D628 (4357 1D47 FF78 24BB 0FBF 7AA8 A846 9F86 11C3 D628)
More information about the MIMEDefang
mailing list