From: patrick keshishian Subject: [patch] smtpd-filters.7 - Few fixes in FILTER REQUESTS To: tech@openbsd.org Date: Thu, 23 Jan 2025 18:12:57 -0800 Hi guys, Fiddling with the smtpd-filters(7) interface I came to realize the inconsistency between the documentation and what the actual code sends over for the "filter" request for the "connect" phase. I am assuming the documentation is incorrect - basic copy and paste from the "report" event for "link-connect". The latter stating that the event specific param for link-connect includes: link-connect: rdns fcrdns src dest which is copied for "connect" phase in the FILTER REQUESTS section: connect: rdns fcrdns src dest While in fact, the "connect" phase param consists only of "rdns" and "src". Here are actual examples logged by my filter program demonstrating difference between "report ... link-connect" and "filter ... connect": $ telnet localhost 25 report|0.7|1737667524.180287|smtp-in|link-connect|ed211f331e52ea06|localhost|pass|127.0.0.1:13455|127.0.0.1:25 filter|0.7|1737667524.181485|smtp-in|connect|ed211f331e52ea06|df4279847dbec98a|localhost|127.0.0.1 $ telnet ::1 25 report|0.7|1737618643.739838|smtp-in|link-connect|156e8e029558f448|localhost|pass|[::1]:28610|[::1]:25 filter|0.7|1737618643.740355|smtp-in|connect|156e8e029558f448|1d8054e802f0ca74|localhost|[::1] $ mail user Subject: testing hi . EOT report|0.7|1737665197.527146|smtp-in|link-connect|1f61d2743cb71695|myhost.mydomain|pass|unix:/var/run/smtpd.sock|unix:/var/run/smtpd.sock filter|0.7|1737665197.527570|smtp-in|connect|1f61d2743cb71695|3d87240f23bb8951|myhost.mydomain|local The diff defines format of "src" in each of the three possible forms (IPv4, IPv6 and Unix socket). The first (inline) diff is against OPENBSD_7_5, and the 2nd is against HEAD. Thoughts? --patrick Index: smtpd-filters.7 =================================================================== RCS file: /cvs/obsd/src/usr.sbin/smtpd/smtpd-filters.7,v retrieving revision 1.10 diff -u -p -u -p -r1.10 smtpd-filters.7 --- smtpd-filters.7 7 Jul 2023 14:52:00 -0000 1.10 +++ smtpd-filters.7 24 Jan 2025 01:19:08 -0000 @@ -462,7 +462,7 @@ Fields are separated by the .Dq | character. .Bd -literal -offset indent -filter|0.5|1576146008.006099|smtp-in|connect|7641df9771b4ed00|1ef1c203cc576e5d|mail.openbsd.org|pass|199.185.178.25:33174|45.77.67.80:25 +filter|0.7|1576146008.006099|smtp-in|connect|7641df9771b4ed00|1ef1c203cc576e5d|mail.openbsd.org|199.185.178.25 .Ed .Pp The format consists of a protocol prefix containing the stream, @@ -473,7 +473,7 @@ the filtering phase, the unique session identifier and an opaque token that the filter should provide in its response: .Bd -literal -offset indent -filter|0.5|1576146008.006099|smtp-in|connect|7641df9771b4ed00|1ef1c203cc576e5d +filter|0.7|1576146008.006099|smtp-in|connect|7641df9771b4ed00|1ef1c203cc576e5d .Ed .Pp It is followed by a suffix containing the phase-specific parameters of the @@ -481,7 +481,7 @@ filter request, also separated by .Dq | : .Bd -literal -offset indent -mail.openbsd.org|pass|199.185.178.25:33174|45.77.67.80:25 +mail.openbsd.org|199.185.178.25 .Ed .Pp Unlike with report events, @@ -550,9 +550,19 @@ filter-dataline|7641df9771b4ed00|1ef1c20 .Pp The list of events and event-specific parameters for smtp-in are as follows: .Bl -tag -width Ds -.It Ic connect : Ar rdns fcrdns src dest +.It Ic connect : Ar rdns src This request is emitted after connection, before the banner is displayed. +.Pp +.Ar src +contains either the IP address of the source address, +in the format +.Dq a.b.c.d +in case of IPv4, or +.Dq [x:x:x:x:x:x:x:x] +in case of IPv6, or +.Dq local +in case of UNIX socket. .It Ic helo : Ar identity This request is emitted after the client has emitted .Dq HELO . Index: smtpd-filters.7 =================================================================== RCS file: /cvs/obsd/src/usr.sbin/smtpd/smtpd-filters.7,v retrieving revision 1.13 diff -u -p -u -p -r1.13 smtpd-filters.7 --- smtpd-filters.7 5 Nov 2024 19:36:53 -0000 1.13 +++ smtpd-filters.7 24 Jan 2025 01:58:22 -0000 @@ -465,7 +465,7 @@ Fields are separated by the .Dq | character. .Bd -literal -offset indent -filter|0.7|1576146008.006099|smtp-in|connect|7641df9771b4ed00|1ef1c203cc576e5d|mail.openbsd.org|pass|199.185.178.25:33174|45.77.67.80:25 +filter|0.7|1576146008.006099|smtp-in|connect|7641df9771b4ed00|1ef1c203cc576e5d|mail.openbsd.org|199.185.178.25 .Ed .Pp The format consists of a protocol prefix containing the stream, @@ -484,7 +484,7 @@ filter request, also separated by .Dq | : .Bd -literal -offset indent -mail.openbsd.org|pass|199.185.178.25:33174|45.77.67.80:25 +mail.openbsd.org|199.185.178.25 .Ed .Pp Unlike with report events, @@ -553,9 +553,19 @@ filter-dataline|7641df9771b4ed00|1ef1c20 .Pp The list of events and event-specific parameters for smtp-in are as follows: .Bl -tag -width Ds -.It Ic connect : Ar rdns fcrdns src dest +.It Ic connect : Ar rdns src This request is emitted after connection, before the banner is displayed. +.Pp +.Ar src +contains either the IP address of the source address, +in the format +.Dq a.b.c.d +in case of IPv4, or +.Dq [x:x:x:x:x:x:x:x] +in case of IPv6, or +.Dq local +in case of UNIX socket. .It Ic helo : Ar identity This request is emitted after the client has emitted .Dq HELO .