mailattach/README

149 lines
5.9 KiB
Text
Raw Permalink Normal View History

MAILATTACH
This program starts a process which listens on the LOOPBACKv4 address for
incoming connections from postfix. The postfix master should view this as an
advanced filter as explained in their documentation for post queue filtering:
http://www.postfix.org/FILTER_README.html
The original attempt was to implement this as a pre queue filter, but this
required the milter protocol and postfix currently does not implement the
replace body function from libmilter.
You can specify the following command line options:
--abort-pgp --noabort-pgp
To either abort the attachment process if PGP encryption or signatures
have been detected or not. If true, the mail will not be modified.
--abort-dkim --noabort-dkim
To either abort the attachment process if DKIM signatures have been
detected or not. If true, the mail will not be modified.
--in-port -i
The incoming smtp port/the port from which mail is received. Defaults to
4269.
--out-port -o
The outgoing smtp port/the port to which mail ist passed through.
Defaults 4270
--directory -d
The directory inside of which the attachments will be stored in. Please
DON'T specify a / at the end!
--url -u
The base which should point to the same location as the directory does,
for exaple if the directory is /var/www/html and the URL base is
https://example.com then a file in /var/www/html/attachment01.pdf should
be linkable via https://example.com/attachment01.pdf
Ah and please, please, pretty please disable directory indexing on your
webserver!
That WILL BE a security riks!
Please don't specify a / at the end, and have the URL encoded!
--other-base64 --only-base64
Decides wether ONLY base64 encoded files should be removed from the
actual mail, or ALL files.
--minfilesize -s
The minimum file size which a file has to have before beeing attached.
Thissize is before base64 decoding if nescessary. Size is in bytes,
ONLY bytes. Do NOT prefix a M or K, it will not be parsed! Defaults to
500Kb. If 0 is specified, all files will be attached. A negative value
effectively disables us.
##### HOWTO
We essentially are MITM sniffing your email traffic and playing proxy from your
postfix to your postfix. That's how this is intended to work according to the
postfix website.
This program needs to be started via it's own systemd service on system boot.
You need to add the in and oputput ports to your postfix queue as described in
the link above. For example, a setup with the default values looks like this:
|-------| SMTP |-----------| SMTP |-------|
|POSTFIX| --> | MAILATTACH| --> |POSTFIX|
|-------| n 4269 |-----------| n 4270 |-------|
|
|
v
|-----------|
|Attachments|
|-----------|
#### POSTFIX CONFIGURATION
The following is an example postfix configuration which I deploy with opendkim
and spamassassin as well as mailattach itself:
master.cf:
smtp inet n - n - - smtpd
-o content_filter=scan:localhost:4269
-o receive_override_options=no_address_mappings,no_milters
smtps inet n - n - - smtpd
-o content_filter=scan:localhost:4269
-o receive_override_options=no_address_mappings,no_milters
... Rest of config file
scan unix - - n - 10 smtp
-o smtp_send_xforward_command=yes
-o disable_mime_output_conversion=yes
-o smtp_tls_security_level=none
localhost:4270 inet n - n - 10 smtpd
-o content_filter=spamassassin
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
# Postfix 2.10 and later: specify empty smtpd_relay_restrictions.
-o smtpd_relay_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtp_tls_security_level=none
spamassassin unix - n n - - pipe
flags=R user=spamd argv=/usr/bin/vendor_perl/spamc -e /usr/bin/sendmail -oi -f ${sender} ${recipient}
Of course your configuration may vary, but I will try to explain some parts
which are important:
- In the first two smtp/smtps commands the no_milters option has been specified.
This was done to avoid dkim signing of the incoming email before it's
attachments have been removed. The same goes for the localhost:4270 service.
- The no_address_mappings options have been specified because "This is
typically specified BEFORE an external content filter. ". It disables address
macro expansion.
- The smtp_tls_security_level=none options in the scan and localhost:4720
services prevent postfix from starting a TLS connection via the STARTTLS
command. Note that this is ONLY INTERNALLY. It will receive external
STARTTLS connections.
The remaining configuration options have been more or less taken from the
postfix manual and are explained in more depth there:
http://www.postfix.org/FILTER_README.html
#### DIRECTORY CLEANING
If you want to regularly purge old files from the directory, you can start the
shell script clean.sh in this repository via a chron job. It will by default
remove all files older than 10 days. If you want to write your own shell script
or let something else do the job for you, the directories where files are stored
are structured like this:
2020-01-01T1430-3893482323323
^DATE ^TIME^RANDOM NUMBER
The random number at the end consists of several signed integers, therefore it
sometimes has one or more - in it.
#### Building
To build the plugin simply run make. The resulting binary will spawn in
bin/mailattach. Copy it to the desired location. It doesn't link against any
external librarys. Well maybe that isn't true, it requires the glibc.