[Mimedefang] Real sender address ??

[David F. Skoll]

On Wed, 3 Dec 2003, J.P van Oyen wrote:

> Is it possible to have the 'real' sender IP address as variable to be
> processed in Mimedefang ?

There are two ways to do this:

If you control all of your secondary MX machines and don't mind
running MIMEDefang on them all, you can use the technique in the
mimedefang-filter(7) man page, under the section PRESERVING RELAY
INFORMATION.

If you do not control all of your secondary MX machines, or you don't want
to put MIMEDefang on them all, you need to parse the Received: headers
yourself until you find a relay that you don't own.

Our commercial CanIt product does this, and I'd kind of like to make
money :-) so I won't show the code.  However, it's a relatively simple
matter to open ./HEADERS and parse the Received: headers until you
see an IP address you don't own.

Our CanIt product wraps this in a function called
get_real_relay_from_received_headers.  We have something like this
in filter_begin:

sub filter_begin {
   if (from_secondary_mx($RelayAddr)) {
      my $x = get_real_relay_from_received_headers();
      if (defined($x)) {
         $RealRelayAddr = $RelayAddr;
         $RelayAddr = $x;
      }
   }
}

There are other loose ends to tidy up:  If you notice mail coming from
one of your secondary MX hosts, you need to defer any IP-address based
decisions to filter_end, and not do them in filter_relay, filter_sender
or filter_recipient.  You may also wish to discard rather than bounce
messages if they're coming from your secondary MX hosts, in order to save
on double-bounces.  (It depends on your policy.)

CanIt implements all of this logic.

Regards,

David.