OpenSMTPD filters and "Masquerading"

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSMTPD filters and "Masquerading"

Jon Arlund
Hi misc,
I was delighted to see the inclusion of OpenSMTPD filters in the latest snapshot.
Knowing this has been a frequently requested feature, does someone know if/how filters could be used to implement domain rewriting/masquerading of the From header in the DATA section?
I know the "senders" parameter in combination with the "masquerade" option is capable of rewriting the From header for authenticated users. Unfortunately, we still have legacy systems that don't support SMTP authentication but are allowed to relay messages based on their IP address.
Any information will be greatly appreciated.
Kind regards,
Jon
Reply | Threaded
Open this post in threaded view
|

Re: OpenSMTPD filters and "Masquerading"

Edgar Pettijohn III-2
Search the opensmtpd mailing list archives. I believe someone posted an awk script that does this or at least something similar.

Good luck,

Edgar
On Oct 4, 2019 3:08 AM, Jon Arlund <[hidden email]> wrote:
>
> Hi misc,
> I was delighted to see the inclusion of OpenSMTPD filters in the latest snapshot.
> Knowing this has been a frequently requested feature, does someone know if/how filters could be used to implement domain rewriting/masquerading of the From header in the DATA section?
> I know the "senders" parameter in combination with the "masquerade" option is capable of rewriting the From header for authenticated users. Unfortunately, we still have legacy systems that don't support SMTP authentication but are allowed to relay messages based on their IP address.
> Any information will be greatly appreciated.
> Kind regards,
> Jon

Reply | Threaded
Open this post in threaded view
|

Re: OpenSMTPD filters and "Masquerading"

Eric Elena-3
In reply to this post by Jon Arlund
Hi Jon,

I already described the solution I use for masquerading here https://marc.info/?l=openbsd-misc&m=154811965001823&w=2
Users don't need to be authenticated when your smtp server receives the initial email. The authenticated user is local to the smtp server, it's just a trick to rewrite the header.
In my case an external server from an SNS sends me a message (in fact to a friend), the server rewrites the from (envelope and header), changes the recipient to a gmail address, and forwards the message to gmail. The SNS is obviously not authenticated. I needed it so gmail is happy with this indirection flow.

Thanks,
Eric

On Fri, 4 Oct 2019 08:08:57 +0000 (UTC) Jon Arlund wrote:
> Hi misc,
> I was delighted to see the inclusion of OpenSMTPD filters in the latest snapshot.
> Knowing this has been a frequently requested feature, does someone know if/how filters could be used to implement domain rewriting/masquerading of the From header in the DATA section?
> I know the "senders" parameter in combination with the "masquerade" option is capable of rewriting the From header for authenticated users. Unfortunately, we still have legacy systems that don't support SMTP authentication but are allowed to relay messages based on their IP address.
> Any information will be greatly appreciated.
> Kind regards,
> Jon