• gilles@poolp.org [2024-09-03 14:41]:
> September 3, 2024 12:04 AM, "Christian Schulte" <schulte.it@gmail.com> wrote:
> 
>> This adds a new flag F_SUBMISSION to be used to decide if a listener
>> is to be operating as an MSA and moves the existing logic deciding this
>> into where listeners are configured (parse.y).
>>
>> This could later be extended and used to do more checks or verifications
>> based on RFC 6409. Only functional difference is that port 465 is handled
>> the same way as port 587.
>>
>> Maybe a new listener option msa (!msa) can be introduced in a later step
>> giving users a chance to control the behaviour themselves and stop
>> deciding this automatically based on port numbers. No changes to the
>> smtpd.conf(5) format for now.
>>
>> Ok?
>>
> 
> Generally ok with the idea of introducing F_SUBMISSION, also ok with the idea
> to later introduce a listener mode (though I think keyword "submission" would
> be better as "msa" will confuse most users).

"submission" is also keyword which e.g. Exim uses, and looking what it 
does in submission mode could give some helpful hints as to what 
OpenSMTPD could do in submission mode:

https://www.exim.org/exim-html-current/doc/html/spec_html/ch-message_processing.html#SECTsubmodnon

> I'm however not sure about adding port 465 as part of this diff, smtps is not
> necessarily a submission port: private mail networks may mandate its use even
> for MX to MX communications, and all sessions would be flagged incorrectly as
> submission with this diff.
> 
> Since the code has assumed 587 == submission for a long time without any user
> complaining, we might want to just introduce F_SUBMISSION on local and 587 as
> a first step, it would be iso with today's behavior, then we can work on that
> mode for listeners and let users set mode themselves for port 587 and 465.
> 
> I also need to read RFC 6409 before I comment further, I have an intuition we
> can be smarter than this but I need to be sure it is legal: shouldn't we flag
> F_SUBMISSION any mail that was submitted from an authenticated session ?

frequently an MTA would be using an authenticated session.

> 
> 
>> Index: usr.sbin/smtpd/smtpd.h
>> ===================================================================
>> RCS file: /cvs/src/usr.sbin/smtpd/smtpd.h,v
>> retrieving revision 1.683
>> diff -u -p -r1.683 smtpd.h
>> --- usr.sbin/smtpd/smtpd.h 2 Mar 2024 22:40:28 -0000 1.683
>> +++ usr.sbin/smtpd/smtpd.h 2 Sep 2024 21:12:51 -0000
>> @@ -89,6 +89,7 @@
>> #define F_MASQUERADE 0x1000
>> #define F_FILTERED 0x2000
>> #define F_PROXY 0x4000
>> +#define F_SUBMISSION 0x8000
>>
>> #define RELAY_TLS_OPPORTUNISTIC 0
>> #define RELAY_TLS_STARTTLS 1
>> Index: usr.sbin/smtpd/parse.y
>> ===================================================================
>> RCS file: /cvs/src/usr.sbin/smtpd/parse.y,v
>> retrieving revision 1.299
>> diff -u -p -r1.299 parse.y
>> --- usr.sbin/smtpd/parse.y 19 Feb 2024 21:00:19 -0000 1.299
>> +++ usr.sbin/smtpd/parse.y 2 Sep 2024 21:12:52 -0000
>> @@ -3363,7 +3363,10 @@ config_listener(struct listener *h, str
>>
>> if (lo->ssl & F_STARTTLS_REQUIRE)
>> h->flags |= F_STARTTLS_REQUIRE;
>> -
>> +
>> + if (h->local || h->port == htons(587) || h->port == htons(465))
>> + h->flags |= F_SUBMISSION;
>> +
>> if (h != conf->sc_sock_listener)
>> TAILQ_INSERT_TAIL(conf->sc_listeners, h, entry);
>> }
>> Index: usr.sbin/smtpd/smtp_session.c
>> ===================================================================
>> RCS file: /cvs/src/usr.sbin/smtpd/smtp_session.c,v
>> retrieving revision 1.442
>> diff -u -p -r1.442 smtp_session.c
>> --- usr.sbin/smtpd/smtp_session.c 20 Mar 2024 17:52:43 -0000 1.442
>> +++ usr.sbin/smtpd/smtp_session.c 2 Sep 2024 21:12:52 -0000
>> @@ -2624,9 +2624,7 @@ smtp_tx_dataline(struct smtp_tx *tx, con
>> break;
>>
>> case RFC5322_END_OF_HEADERS:
>> - if (tx->session->listener->local ||
>> - tx->session->listener->port == htons(587)) {
>> -
>> + if (tx->session->listener->flags & F_SUBMISSION) {
>> if (!tx->has_date) {
>> log_debug("debug: %p: adding Date", tx);
>> smtp_message_printf(tx, "Date: %s\n",
>