Closed abhas closed 9 years ago
@abhas
Firstly - yes; the hmail.rcpt_to looks like a bug. Your fix isn't quite right though as hmail.todo.rcpt_to is an array of Address objects so instead of having to call those replaces you can simply do this:
address = hmail.todo.rcpt_to[0].address();
To your related question; yes - this will only work for outbound recipients as it uses the get_mx hook and you absolutely can't do what you have done and set connection.relaying = true
in hook_rcpt as you're making yourself an open-relay as all someone needs to do is send a mail to a valid user, get the connection marked as relaying = true, and then send a bunch of recipients to non-local domains....
The correct way to do this - provided you don't ever need to use any of the queue/* plugins is to create a plugin with the following:
var constants = require('./constants');
var outbound = require('./outbound');
exports.hook_queue = exports.hook_queue_outbound = function (next, connection) {
var transaction = connection.transaction;
transaction.notes.remote_host = connection.remote_host;
transaction.notes.remote_ip = connection.remote_ip;
transaction.notes.auth_user = connection.notes.auth_user;
outbound.send_email(connection.transaction, function(retval, msg) {
switch(retval) {
case constants.ok:
return next(OK, msg);
break;
case constants.deny:
return next(DENY, msg);
break;
default:
return next(DENYSOFT, msg);
}
});
}
That basically makes all messages not marked as connection.relaying = true
go via the built-in outbound mechanism.
@msimerson - I didn't want to simply go and fix the hmail.todo problem as I know you contributed this plugin from an upstream source and I therefore didn't want you to potentially miss this issue being as you'll probably have to fix it elsewhere too.
@smfreegard Thanks a lot for the inputs and help. Really appreciate your time.
Since I don't plan to use any queue/* plugins, I will try the above piece of code out. I didn't realise the open relay bit about setting the flag in the rcpt hook.
It would be interesting to add LDAP support to rcpt_to.routes.js. I'll work on it one of these days so that this code can be a drop in replacement for qmail-ldap clusters.
since this plugin uses the get_mx hook, it can only be used for outbound mails where connection.relaying is set.
I stepped around this by using the queue/deliver
plugin with a tiny modification, remove the connection.relaying
test. (I might have also had to make deliver
listen on hook_queue, but I don't recall.) The only messages that ever make it to the queue hook are ones with validated recipients. Those messages are thus queued and then delivered by outbound.
rcpt_to.routes.js
tries to extract the email address fromhmail.rcpt_to
on line 105. However, after much debugging I noticed that I don't havehmail.rcpt_to
at all -- instead I havehmail.todo.rcpt_to
. Additionally the email address extracted fromhmail.todo.rcpt_to[0].original
has '<' and '>' which need to be removed before a successful match can be made against thercpt_to.routes.ini
file.Basically I rewrote lines 105 and 106 as:
I had a related question - since this plugin uses the
get_mx
hook, it can only be used for outbound mails where connection.relaying is set. Hence, this plugin can not be used in a situation where haraka is the MX for a domain and needs to distribute emails to multiple mail servers using recipient maps of this sort. Basically I'm trying to do something similar to what qmail-ldap does with the mailHost attribute and qmqp. Would it be possible to use this without relaying being set?What I tried to do (and it worked) was to add the following code where the rcpt hook is handled. Will this have any undesired side-effects?