Add sender rewriting scheme (SRS).

2020-09-12 13:58:52 +02:00 · 2020-09-12 13:58:52 +02:00 · 43fd2da518
commit 43fd2da518
parent f24ce8295d
4 changed files with 116 additions and 15 deletions
--- a/mail_system/tasks/database.yml
+++ b/mail_system/tasks/database.yml
@ -146,6 +146,7 @@
    - t timestamp default now()
    - original varchar(250) not null
    - rewritten varchar(250) not null
    - srs_id bigint
 - name: database index mail_from__rewritten
  postgresql_idx:
@ -158,3 +159,15 @@
    table: mail_from
    columns: rewritten
    idxname: mail_from__rewritten
 - name: database index mail_from__srs_id
  postgresql_idx:
    login_host: "{{ mailserver.postgresql.host }}"
    port: "{{ mailserver.postgresql.port }}"
    login_user: "{{ mailserver.postgresql.username }}"
    login_password: "{{ mailserver.postgresql.password }}"
    db: "{{ mailserver.postgresql.dbname }}"
    ssl_mode: disable
    table: mail_from
    columns: srs_id
    idxname: mail_from__srs_id
--- a/mail_system/templates/postfix/main.cf
+++ b/mail_system/templates/postfix/main.cf
@ -99,10 +99,10 @@ smtpd_relay_restrictions =
 # VERP marking
 # Envelope sender addresses matching mydomains are marked.
 # The marker is removed from envelope recipient addresses.
-canonical_classes = envelope_sender, envelope_recipient
+canonical_classes = envelope_sender, envelope_recipient, header_recipient
 sender_canonical_classes = envelope_sender
 sender_canonical_maps = pgsql:/etc/postfix/sender_canonical_maps.cf
-recipient_canonical_classes = envelope_recipient
+recipient_canonical_classes = envelope_recipient, header_recipient
 recipient_canonical_maps = pgsql:/etc/postfix/recipient_canonical_maps.cf
--- a/mail_system/templates/postfix/recipient_canonical_maps.cf
+++ b/mail_system/templates/postfix/recipient_canonical_maps.cf
@ -1,5 +1,11 @@
 # THIS FILE IS CONTROLLED BY ANSIBLE - DO NOT CHANGE IN DEPLOYMENT!
 # Rewrite (envelope and header) recipient addresses:
 # - if the recipient address has a local domain and does
 #   not begin with SRS0 or SRS1, then strip our verp_marker
 # - if the recipient address has a local domain and does
 #   begin with SRS0 or SRS1, try to extract our srs_id
 #   and lookup the corresponding original address
 # man pgsql_table
@ -7,4 +13,35 @@ user = {{ mailserver.postgresql.username }}
 password = {{ mailserver.postgresql.password }}
 dbname = {{ mailserver.postgresql.dbname }}
 hosts = {{ mailserver.postgresql.host }}
-query = select regexp_replace('%s', '\+(.*){{ mailserver.postfix.verp_marker }}-\d+@', '+\1@')
+query =
  with
    mydomains as (select regexp_replace('%s', '.*@([^@]+)$', '\1') in (select name from domains) v),
    srs0 as (select lower(substr('%s', 1, 4)) = 'srs0' v),
    srs1 as (select lower(substr('%s', 1, 4)) = 'srs1' v)
  select
    case
      when mydomains.v and not srs0.v and not srs1.v
      then regexp_replace('%s', '^(.*)\+{{ mailserver.postfix.verp_marker }}-\d+@', '\1@')
      else
        case
          when mydomains.v
          then
            case
              when srs0.v
              then
                case
                  when '%s' ~* '^SRS0=\d+@[^@]+$'
                  then (select original from mail_from
                         where srs_id = regexp_replace('%s', '^.....(\d+)@[^@]+$', '\1')::bigint
                           and original<>rewritten)
                  else '%s'
                end
              else (with t2 as (select regexp_replace('%s', '^(.*)@[^@]+$', '\1') v)
                    select original from mail_from, t2
                    where lower(substr(rewritten, 1, length(t2.v))) = lower(t2.v)
                      and lower(substr(original, 1, 4)) = 'srs0')
            end
          else '%s'
        end
    end
  from mydomains, srs0, srs1
--- a/mail_system/templates/postfix/sender_canonical_maps.cf
+++ b/mail_system/templates/postfix/sender_canonical_maps.cf
@ -1,5 +1,21 @@
 # THIS FILE IS CONTROLLED BY ANSIBLE - DO NOT CHANGE IN DEPLOYMENT!
 # Rewrite envelope sender addresses:
 # - if the sender address has a local domain, then add our verp_marker
 # - else implement sender rewriting scheme (cf.
 #     https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme,
 #     http://www.libsrs2.org/srs/srs.pdf
 #   ):
 #     * if the address does not begin with SRS0 or SRS1:
 #       rewrite address to srs0={random_bigint}@main_local_domain
 #     * if the address begins with SRS0:
 #       replace SRS0 with srs1={random_bigint}= and
 #       replace the domain with our main local domain
 #     * if the address begins with SRS0:
 #       replace the domain with our main local domain
 #   The main local domain is the first domain with a name
 #   that is not equal to 'role_specific'.
 #   The random_bigint has at not 15 decimal digits.
 # man pgsql_table
@ -7,15 +23,50 @@ user = {{ mailserver.postgresql.username }}
 password = {{ mailserver.postgresql.password }}
 dbname = {{ mailserver.postgresql.dbname }}
 hosts = {{ mailserver.postgresql.host }}
-query = insert into mail_from (id, original, rewritten)
+query =
-  values (nextval('mail_from_id_seq'), '%s',
+  with
-    case
+    rnd as (select (random() * 1000000000000000)::bigint v),
-    when regexp_replace('%s', '.*@([^@]+)$', '\1') in (select name from domains)
+    mydomains as (select regexp_replace('%s', '.*@([^@]+)$', '\1') in (select name from domains) v),
-    then case
+    srs0 as (select lower(substr('%s', 1, 4)) = 'srs0' v),
-         when '%s'~*'{{ mailserver.postfix.verp_marker }}-\d+@'
+    srs1 as (select lower(substr('%s', 1, 4)) = 'srs1' v),
-         then '%s'
+    new_row as (
-         else regexp_replace('%s', '^(.*)@[^@]+$', '\1') || case when '%s'~'\+' then '{{ mailserver.postfix.verp_marker }}-' else '+{{ mailserver.postfix.verp_marker }}-' end || lastval()::text || '@' || regexp_replace('%s', '.*@([^@]+)$', '\1')
+      select
-         end
+        nextval('mail_from_id_seq') new_id,
-    else '%s'
+        '%s' original,
-    end
+        case
-  ) returning rewritten
+          when mydomains.v and not srs0.v and not srs1.v
          then
            case
              when '%s'~*'\+{{ mailserver.postfix.verp_marker }}-\d+@'
              then '%s'
              else regexp_replace('%s', '^(.*)@[^@]+$', '\1') || '+{{ mailserver.postfix.verp_marker }}-'
                || lastval()::text || '@' || regexp_replace('%s', '.*@([^@]+)$', '\1')
            end
          else
            case
              when not mydomains.v and not srs0.v and not srs1.v
              then 'SRS0=' || LPAD(rnd.v::text, 15 , '0') || '@' || (select name from domains where name<>'role_specific' order by id limit 1)
              else
                case
                  when srs0.v
                  then
                    case
                      when mydomains.v
                      then '%s'
                      else 'SRS1=' || LPAD(rnd.v::text, 15 , '0') || '='
                        || regexp_replace(substr('%s', 5), '^(.*)@[^@]+$', '\1@'
                        || (select name from domains where name<>'role_specific' order by id limit 1))
                    end
                  else regexp_replace('%s', '^(.*)@[^@]+$', '\1@' || (select name from domains where name<>'role_specific' order by id limit 1))
                end
            end
        end rewritten,
        rnd.v srs_id
      from rnd, mydomains, srs0, srs1
      where '%s' <> '""'
    ),
    ins_row as (insert into mail_from (id, original, rewritten, srs_id)
                select new_row.new_id, new_row.original, new_row.rewritten, case when mydomains.v and not srs0.v and not srs1.v then null else new_row.srs_id end
                from new_row, mydomains, srs0, srs1 where new_row.original<>new_row.rewritten),
    orig(o) as (values('%s'))
  select rewritten from new_row