Configurable validation of SMTP recipients #49
Comments
|
Andrew Richards's qmail-verify is a practical improvement on realrcptto: the recipient-validation logic moves into a new service that runs as Wild speculation about config: when we have extensions, it might be sensible for us to ship the Wild speculation about design: maybe we can avoid duplicating the logic. Instead, extract the originals to objects that can be linked into their original call sites and also into Caveat: though realrcptto has been made to work with |
|
I have patches at my qmail patch site that do that verification if you use vpopmail and have the users in the filesystem (in contrast to a database). Similar code is in Qsmtpd which I have in production for more than a decade and it just works. It detects the .qmail-default catchalls and rejects, and it also works with sub-addresses of users. I'm not 100% sure for the naked qmail patch, but that can probably be adapted to the latest code I have in Qsmtp. |
|
I think we can ship a decent solution relatively cheaply by repurposing existing code, so I’m suggesting this as one of the small number of new features for 1.09 and will submit a PR soonish. |
In 1.9 or so, we'll add Paweł Foremski's qmail-spp to
qmail-smtpd. It's a very general-purpose API. Programs can very easily influence just about any SMTP behavior. Admins control which programs run for which events incontrol/smtpplugins.qmail-spp is not the only patch that adds enough API to do recipient checking. A much simpler API, specific for this purpose, is Jay Soffian's RCPTCHECK.
Since RCPTCHECK is a subset of qmail-spp, we can easily support both APIs. In my rejectutils,
qmail-rcptcheckruns the sequence of RCPTCHECK-compatible programs incontrol/rcptchecks, rejecting if any of them reject. (It runs underqmail-smtpdwith either the RCPTCHECK patch or the qmail-spp patch, though only the latter is important for us here.)rejectutils also includes several RCPTCHECK-compatible programs, repackaged from familiar SMTP recipient validation patches:
qmail-rcptcheck-realrcpttois derived from Paul Jarc's realrcpttoqmail-rcptcheck-badrcpttois derived from Ward Vandewege's badrcpttoqmail-rcptcheck-qregexis derived from Andrew St. Jean's qregex(There are a couple other programs in rejectutils that may be interesting for notqmail, but probably not for this precise issue.)
rejectutils does not include every SMTP recipient validator anyone might want. That's fine, because qmail-spp provides hooks for every SMTP everything anyone might want, and we plan to freely accept extensions.
The text was updated successfully, but these errors were encountered: