tyrolyean/mailattach
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
mailattach/README
tyrolyean a9383c9175
Added Documentation and cleanup shell skript 
Signed-off-by: tyrolyean <tyrolyean@tyrolyean.net>
2020-05-01 15:48:04 +02:00

86 lines
3.3 KiB
Text
Raw Blame History

MAILATTACH
This program starts a process which listens on the LOOPBACKv4 address for
incoming connections from postfix. The postfix master should view this as an
advanced filter as explained in their documentation for post queue filtering:
http://www.postfix.org/FILTER_README.html
The original attempt was to implement this as a pre queue filter, but this
required the milter protocol and postfix currently does not implement the
replace body function from libmilter.
You can specify the following command line options:
--abort-pgp --noabort-pgp
To either abort the attachment process if PGP encryption or signatures
have been detected or not. If true, the mail will not be modified.
--abort-dkim --noabort-dkim
To either abort the attachment process if DKIM signatures have been
detected or not. If true, the mail will not be modified.
--in-port -i
The incoming smtp port/the port from which mail is received. Defaults to
4269.
--out-port -o
The outgoing smtp port/the port to which mail ist passed through.
Defaults 4270
--directory -d
The directory inside of which the attachments will be stored in. Please
DON'T specify a / at the end!
--url -u
The base which should point to the same location as the directory does,
for exaple if the directory is /var/www/html and the URL base is
https://example.com then a file in /var/www/html/attachment01.pdf should
be linkable via https://example.com/attachment01.pdf
Ah and please, please, pretty please disable directory indexing on your
webserver!
That WILL BE a security riks!
Please don't specify a / at the end, and have the URL encoded!
--other-base64 --only-base64
Decides wether ONLY base64 encoded files should be removed from the
actual mail, or ALL files.
--minfilesize -s
The minimum file size which a file has to have before beeing attached.
Thissize is before base64 decoding if nescessary. Size is in bytes,
ONLY bytes. Do NOT prefix a M or K, it will not be parsed! Defaults to
500Kb. If 0 is specified, all files will be attached. A negative value
effectively disables us.
HOWTO
We essentially are MITM sniffing your email traffic and playing proxy from your
postfix to your postfix. That's how this is intended to work according to the
postfix website.
This program needs to be started via it's own systemd service on system boot.
You need to add the in and oputput ports to your postfix queue as described in
the link above. For example, a setup with the default values looks like this:
|-------| SMTP |-----------| SMTP |-------|
|POSTFIX| --> | MAILATTACH| --> |POSTFIX|
|-------| n 4269 |-----------| n 4270 |-------|
|
|
v
|-----------|
|Attachments|
|-----------|
DIRECTORY CLEANING
If you want to regularly purge old files from the directory, you can start the
shell script clean.sh in this repository via a chron job. It will by default
remove all files older than 10 days. If you want to write your own shell script
or let something else do the job for you, the directories where files are stored
are structured like this:
2020-01-01T1430-3893482323323
^DATE ^TIME^RANDOM NUMBER
The random number at the end consists of several signed integers, therefore it
sometimes has one or more - in it.
Reference in a new issue View git blame Copy permalink