You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In 1.9 or so, we'll add Paweł Foremski's qmail-spp to qmail-smtpd. It's a very general-purpose API. Programs can very easily influence just about any SMTP behavior. Admins control which programs run for which events in control/smtpplugins.
qmail-spp is not the only patch that adds enough API to do recipient checking. A much simpler API, specific for this purpose, is Jay Soffian's RCPTCHECK.
Since RCPTCHECK is a subset of qmail-spp, we can easily support both APIs. In my rejectutils, qmail-rcptcheck runs the sequence of RCPTCHECK-compatible programs in control/rcptchecks, rejecting if any of them reject. (It runs under qmail-smtpd with either the RCPTCHECK patch or the qmail-spp patch, though only the latter is important for us here.)
rejectutils also includes several RCPTCHECK-compatible programs, repackaged from familiar SMTP recipient validation patches:
(There are a couple other programs in rejectutils that may be interesting for notqmail, but probably not for this precise issue.)
rejectutils does not include every SMTP recipient validator anyone might want. That's fine, because qmail-spp provides hooks for every SMTP everything anyone might want, and we plan to freely accept extensions.
The text was updated successfully, but these errors were encountered:
Andrew Richards's qmail-verify is a practical improvement on realrcptto: the recipient-validation logic moves into a new service that runs as root, so it produces more accurate results than qmaild can. I should probably add a qmail-rcptcheck-verify program to rejectutils.
Wild speculation about config: when we have extensions, it might be sensible for us to ship the qmail-verify daemon and recommend enabling qmail-rcptcheck-verify. It's qmail's own delivery logic, after all.
Wild speculation about design: maybe we can avoid duplicating the logic. Instead, extract the originals to objects that can be linked into their original call sites and also into qmail-verify.
Caveat: though realrcptto has been made to work with qmail-qmtpd, qmail-verify has not, as yet.
I have patches at my qmail patch site that do that verification if you use vpopmail and have the users in the filesystem (in contrast to a database). Similar code is in Qsmtpd which I have in production for more than a decade and it just works. It detects the .qmail-default catchalls and rejects, and it also works with sub-addresses of users. I'm not 100% sure for the naked qmail patch, but that can probably be adapted to the latest code I have in Qsmtp.
I think we can ship a decent solution relatively cheaply by repurposing existing code, so I’m suggesting this as one of the small number of new features for 1.09 and will submit a PR soonish.
In 1.9 or so, we'll add Paweł Foremski's qmail-spp to
qmail-smtpd
. It's a very general-purpose API. Programs can very easily influence just about any SMTP behavior. Admins control which programs run for which events incontrol/smtpplugins
.qmail-spp is not the only patch that adds enough API to do recipient checking. A much simpler API, specific for this purpose, is Jay Soffian's RCPTCHECK.
Since RCPTCHECK is a subset of qmail-spp, we can easily support both APIs. In my rejectutils,
qmail-rcptcheck
runs the sequence of RCPTCHECK-compatible programs incontrol/rcptchecks
, rejecting if any of them reject. (It runs underqmail-smtpd
with either the RCPTCHECK patch or the qmail-spp patch, though only the latter is important for us here.)rejectutils also includes several RCPTCHECK-compatible programs, repackaged from familiar SMTP recipient validation patches:
qmail-rcptcheck-realrcptto
is derived from Paul Jarc's realrcpttoqmail-rcptcheck-badrcptto
is derived from Ward Vandewege's badrcpttoqmail-rcptcheck-qregex
is derived from Andrew St. Jean's qregex(There are a couple other programs in rejectutils that may be interesting for notqmail, but probably not for this precise issue.)
rejectutils does not include every SMTP recipient validator anyone might want. That's fine, because qmail-spp provides hooks for every SMTP everything anyone might want, and we plan to freely accept extensions.
The text was updated successfully, but these errors were encountered: