Created
June 7, 2017 13:25
-
-
Save philfry/2885159f3f5eb062db5f80d7088ef7c8 to your computer and use it in GitHub Desktop.
postfix: send dummy authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
send dummy authentication user together with MAIL FROM | |
in order to announce the delivery user to cyrus imapd when | |
connecting to it using lmtp. | |
--- postfix-3.2.0/html/lmtp.8.html.lmtp_dummy_user | |
+++ postfix-3.2.0/html/lmtp.8.html | |
@@ -867,6 +867,12 @@ SMTP(8) | |
<b><a href="postconf.5.html#smtp_tcp_port">smtp_tcp_port</a> (smtp)</b> | |
The default TCP port that the Postfix SMTP client connects to. | |
+ Available only in this version: | |
+ | |
+ <b><a href="postconf.5.html#lmtp_dummy_mail_auth_user">lmtp_dummy_mail_auth_user</a> (empty)</b> | |
+ send dummy authentication user together with MAIL FROM in order to announce the delivery user to | |
+ cyrus imapd when connecting to it using lmtp. | |
+ | |
<b>SEE ALSO</b> | |
<a href="generic.5.html">generic(5)</a>, output address rewriting | |
<a href="header_checks.5.html">header_checks(5)</a>, message header content inspection | |
--- postfix-3.2.0/html/smtp.8.html.lmtp_dummy_user | |
+++ postfix-3.2.0/html/smtp.8.html | |
@@ -867,6 +867,12 @@ SMTP(8) | |
<b><a href="postconf.5.html#smtp_tcp_port">smtp_tcp_port</a> (smtp)</b> | |
The default TCP port that the Postfix SMTP client connects to. | |
+ Available only in this version: | |
+ | |
+ <b><a href="postconf.5.html#lmtp_dummy_mail_auth_user">lmtp_dummy_mail_auth_user</a> (empty)</b> | |
+ send dummy authentication user together with MAIL FROM in order to announce the delivery user to | |
+ cyrus imapd when connecting to it using lmtp. | |
+ | |
<b>SEE ALSO</b> | |
<a href="generic.5.html">generic(5)</a>, output address rewriting | |
<a href="header_checks.5.html">header_checks(5)</a>, message header content inspection | |
--- postfix-3.2.0/mantools/postlink.lmtp_dummy_user | |
+++ postfix-3.2.0/mantools/postlink | |
@@ -227,6 +227,7 @@ while (<>) { | |
s;\blmtp_reply_filter\b;<a href="postconf.5.html#lmtp_reply_filter">$&</a>;g; | |
s;\blmtp_sasl_password_maps\b;<a href="postconf.5.html#lmtp_sasl_password_maps">$&</a>;g; | |
s;\blmtp_send_dummy_mail_auth\b;<a href="postconf.5.html#lmtp_send_dummy_mail_auth">$&</a>;g; | |
+ s;\blmtp_dummy_mail_auth_user\b;<a href="postconf.5.html#lmtp_dummy_mail_auth_user">$&</a>;g; | |
s;\blmtp_sender_dependent_authentication\b;<a href="postconf.5.html#lmtp_sender_dependent_authentication">$&</a>;g; | |
s;\blmtp_bind_address\b;<a href="postconf.5.html#lmtp_bind_address">$&</a>;g; | |
s;\blmtp_bind_address6\b;<a href="postconf.5.html#lmtp_bind_address6">$&</a>;g; | |
--- postfix-3.2.0/proto/postconf.proto.lmtp_dummy_user | |
+++ postfix-3.2.0/proto/postconf.proto | |
@@ -15552,6 +15552,14 @@ configuration parameter. See there for | |
<p> This feature is available in Postfix 2.9 and later. </p> | |
+%PARAM lmtp_dummy_mail_auth_user | |
+ | |
+<p> Send dummy authentication user together with MAIL FROM in order | |
+to announce the delivery user to cyrus imapd when connecting to it | |
+using lmtp. </p> | |
+ | |
+<p> This feature is only available in this release. </p> | |
+ | |
%PARAM address_verify_sender_ttl 0s | |
<p> The time between changes in the time-dependent portion of address | |
--- postfix-3.2.0/src/global/mail_params.h.lmtp_dummy_user | |
+++ postfix-3.2.0/src/global/mail_params.h | |
@@ -1775,6 +1775,10 @@ extern char *var_lmtp_sasl_path; | |
#define DEF_LMTP_DUMMY_MAIL_AUTH 0 | |
extern bool var_lmtp_dummy_mail_auth; | |
+#define VAR_LMTP_DUMMY_MAIL_AUTH_USER "lmtp_dummy_mail_auth_user" | |
+#define DEF_LMTP_DUMMY_MAIL_AUTH_USER "" | |
+extern char *var_lmtp_dummy_mail_auth_user; | |
+ | |
/* | |
* SASL-based relay etc. control. | |
*/ | |
--- postfix-3.2.0/src/smtp/lmtp_params.c.lmtp_dummy_user | |
+++ postfix-3.2.0/src/smtp/lmtp_params.c | |
@@ -61,6 +61,7 @@ | |
VAR_LMTP_DNS_RES_OPT, DEF_LMTP_DNS_RES_OPT, &var_smtp_dns_res_opt, 0, 0, | |
VAR_LMTP_DSN_FILTER, DEF_LMTP_DSN_FILTER, &var_smtp_dsn_filter, 0, 0, | |
VAR_LMTP_DNS_RE_FILTER, DEF_LMTP_DNS_RE_FILTER, &var_smtp_dns_re_filter, 0, 0, | |
+ VAR_LMTP_DUMMY_MAIL_AUTH_USER, DEF_LMTP_DUMMY_MAIL_AUTH_USER, &var_lmtp_dummy_mail_auth_user, 0, 0, | |
0, | |
}; | |
static const CONFIG_TIME_TABLE lmtp_time_table[] = { | |
--- postfix-3.2.0/src/smtp/smtp.c.lmtp_dummy_user | |
+++ postfix-3.2.0/src/smtp/smtp.c | |
@@ -263,6 +263,12 @@ | |
/* deliveries. | |
/* .IP "\fBsmtp_dns_reply_filter (empty)\fR" | |
/* Optional filter for Postfix SMTP client DNS lookup results. | |
+/* .PP | |
+/* Available only in this release: | |
+/* .IP "\fBlmtp_dummy_mail_auth_user (empty)\fR" | |
+/* send dummy authentication user together with MAIL FROM in order to | |
+/* announce the delivery user to cyrus imapd when connecting to it using | |
+/* lmtp. | |
/* MIME PROCESSING CONTROLS | |
/* .ad | |
/* .fi | |
@@ -932,6 +938,7 @@ char *var_smtp_dns_res_opt; | |
char *var_smtp_dns_support; | |
bool var_smtp_rec_deadline; | |
bool var_smtp_dummy_mail_auth; | |
+char *var_lmtp_dummy_mail_auth_user; | |
char *var_smtp_dsn_filter; | |
char *var_smtp_dns_re_filter; | |
--- postfix-3.2.0/src/smtp/smtp_params.c.lmtp_dummy_user | |
+++ postfix-3.2.0/src/smtp/smtp_params.c | |
@@ -62,6 +62,7 @@ | |
VAR_SMTP_DNS_RES_OPT, DEF_SMTP_DNS_RES_OPT, &var_smtp_dns_res_opt, 0, 0, | |
VAR_SMTP_DSN_FILTER, DEF_SMTP_DSN_FILTER, &var_smtp_dsn_filter, 0, 0, | |
VAR_SMTP_DNS_RE_FILTER, DEF_SMTP_DNS_RE_FILTER, &var_smtp_dns_re_filter, 0, 0, | |
+ VAR_LMTP_DUMMY_MAIL_AUTH_USER, DEF_LMTP_DUMMY_MAIL_AUTH_USER, &var_lmtp_dummy_mail_auth_user, 0, 0, | |
0, | |
}; | |
static const CONFIG_TIME_TABLE smtp_time_table[] = { | |
--- postfix-3.2.0/src/smtp/smtp_proto.c.lmtp_dummy_user | |
+++ postfix-3.2.0/src/smtp/smtp_proto.c | |
@@ -1506,6 +1506,15 @@ static int smtp_loop(SMTP_STATE *state, | |
vstring_strcat(next_command, " AUTH=<>"); | |
#endif | |
+ /* | |
+ * send dummy authentication user together with MAIL FROM | |
+ * in order to announce the delivery user to cyrus imapd when | |
+ * connecting to it using lmtp. | |
+ */ | |
+ if (!smtp_mode && (*var_lmtp_dummy_mail_auth_user != 0)) | |
+ vstring_sprintf_append(next_command, " AUTH=%s", | |
+ var_lmtp_dummy_mail_auth_user); | |
+ | |
/* | |
* CVE-2009-3555 (TLS renegotiation). Try to detect a mail | |
* hijacking attack that prepends malicious EHLO/MAIL/RCPT/DATA |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment