A postfix smtp proxy which has the ability to interject smtp traffic and replace large files inside the mail with links
|
||
---|---|---|
include | ||
src | ||
.gitignore | ||
clean.sh | ||
LICENSE | ||
Makefile | ||
README |
MAILATTACH This program starts a process which listens on the LOOPBACKv4 address for incoming connections from postfix. The postfix master should view this as an advanced filter as explained in their documentation for post queue filtering: http://www.postfix.org/FILTER_README.html The original attempt was to implement this as a pre queue filter, but this required the milter protocol and postfix currently does not implement the replace body function from libmilter. You can specify the following command line options: --abort-pgp --noabort-pgp To either abort the attachment process if PGP encryption or signatures have been detected or not. If true, the mail will not be modified. --abort-dkim --noabort-dkim To either abort the attachment process if DKIM signatures have been detected or not. If true, the mail will not be modified. --in-port -i The incoming smtp port/the port from which mail is received. Defaults to 4269. --out-port -o The outgoing smtp port/the port to which mail ist passed through. Defaults 4270 --directory -d The directory inside of which the attachments will be stored in. Please DON'T specify a / at the end! --url -u The base which should point to the same location as the directory does, for exaple if the directory is /var/www/html and the URL base is https://example.com then a file in /var/www/html/attachment01.pdf should be linkable via https://example.com/attachment01.pdf Ah and please, please, pretty please disable directory indexing on your webserver! That WILL BE a security riks! Please don't specify a / at the end, and have the URL encoded! --other-base64 --only-base64 Decides wether ONLY base64 encoded files should be removed from the actual mail, or ALL files. --minfilesize -s The minimum file size which a file has to have before beeing attached. Thissize is before base64 decoding if nescessary. Size is in bytes, ONLY bytes. Do NOT prefix a M or K, it will not be parsed! Defaults to 500Kb. If 0 is specified, all files will be attached. A negative value effectively disables us. ##### HOWTO We essentially are MITM sniffing your email traffic and playing proxy from your postfix to your postfix. That's how this is intended to work according to the postfix website. This program needs to be started via it's own systemd service on system boot. You need to add the in and oputput ports to your postfix queue as described in the link above. For example, a setup with the default values looks like this: |-------| SMTP |-----------| SMTP |-------| |POSTFIX| --> | MAILATTACH| --> |POSTFIX| |-------| n 4269 |-----------| n 4270 |-------| | | v |-----------| |Attachments| |-----------| #### POSTFIX CONFIGURATION The following is an example postfix configuration which I deploy with opendkim and spamassassin as well as mailattach itself: master.cf: smtp inet n - n - - smtpd -o content_filter=scan:localhost:4269 -o receive_override_options=no_address_mappings,no_milters smtps inet n - n - - smtpd -o content_filter=scan:localhost:4269 -o receive_override_options=no_address_mappings,no_milters ... Rest of config file scan unix - - n - 10 smtp -o smtp_send_xforward_command=yes -o disable_mime_output_conversion=yes -o smtp_tls_security_level=none localhost:4270 inet n - n - 10 smtpd -o content_filter=spamassassin -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= # Postfix 2.10 and later: specify empty smtpd_relay_restrictions. -o smtpd_relay_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o smtpd_authorized_xforward_hosts=127.0.0.0/8 -o smtp_tls_security_level=none spamassassin unix - n n - - pipe flags=R user=spamd argv=/usr/bin/vendor_perl/spamc -e /usr/bin/sendmail -oi -f ${sender} ${recipient} Of course your configuration may vary, but I will try to explain some parts which are important: - In the first two smtp/smtps commands the no_milters option has been specified. This was done to avoid dkim signing of the incoming email before it's attachments have been removed. The same goes for the localhost:4270 service. - The no_address_mappings options have been specified because "This is typically specified BEFORE an external content filter. ". It disables address macro expansion. - The smtp_tls_security_level=none options in the scan and localhost:4720 services prevent postfix from starting a TLS connection via the STARTTLS command. Note that this is ONLY INTERNALLY. It will receive external STARTTLS connections. The remaining configuration options have been more or less taken from the postfix manual and are explained in more depth there: http://www.postfix.org/FILTER_README.html #### DIRECTORY CLEANING If you want to regularly purge old files from the directory, you can start the shell script clean.sh in this repository via a chron job. It will by default remove all files older than 10 days. If you want to write your own shell script or let something else do the job for you, the directories where files are stored are structured like this: 2020-01-01T1430-3893482323323 ^DATE ^TIME^RANDOM NUMBER The random number at the end consists of several signed integers, therefore it sometimes has one or more - in it. #### Building To build the plugin simply run make. The resulting binary will spawn in bin/mailattach. Copy it to the desired location. It doesn't link against any external librarys. Well maybe that isn't true, it requires the glibc.