Mercurial > hg > nginx-mail
comparison src/mail/ngx_mail_auth_http_module.c @ 400:f1e2fab7a46c
Mail: smtp proxy without authentication.
Activated by auth method "unauth" in smtp_auth directive.
Waits for MAIL FROM and first RCPT TO from client, asks auth_http for
backend with additional headers Auth-SMTP-Helo, Auth-SMTP-From,
Auth-SMTP-To, and establishes connection to backend.
Auth-SMTP-From/To currently contain full command (e.g. "mail from: <>"),
this may change in future.
The functionality was designed to take off load from real smtp servers.
Additionally it may be used to implement pop-before-smtp authentication
(but dont do it unless you really need it - use real auth instead).
Current bug-features:
- If only "unauth" method activated in config, other methods (e.g. plain,
login) not advertised but accepted. Make sure your auth server handles
this gracefully.
- If backend server returns error on MAIL FROM / RCPT TO command while
proxy tunnel setup, nginx will close connection to client with 4xx
error. One may use proxy_pass_error_message directive to pass original
error message to client.
- Syntax of MAIL FROM / RCPT TO commands from client isn't checked.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Sun, 22 Jul 2007 23:55:12 +0000 |
parents | a96157df5186 |
children | 481e8f936572 |
comparison
equal
deleted
inserted
replaced
399:137505db4246 | 400:f1e2fab7a46c |
---|---|
135 static char *ngx_mail_auth_http_protocol[] = { "pop3", "imap", "smtp" }; | 135 static char *ngx_mail_auth_http_protocol[] = { "pop3", "imap", "smtp" }; |
136 static ngx_str_t ngx_mail_auth_http_method[] = { | 136 static ngx_str_t ngx_mail_auth_http_method[] = { |
137 ngx_string("plain"), | 137 ngx_string("plain"), |
138 ngx_string("plain"), | 138 ngx_string("plain"), |
139 ngx_string("apop"), | 139 ngx_string("apop"), |
140 ngx_string("cram-md5") | 140 ngx_string("cram-md5"), |
141 ngx_string("unauth") | |
141 }; | 142 }; |
142 | 143 |
143 static ngx_str_t ngx_mail_smtp_errcode = ngx_string("535 5.7.0"); | 144 static ngx_str_t ngx_mail_smtp_errcode = ngx_string("535 5.7.0"); |
144 | 145 |
145 void | 146 void |
1171 + sizeof("Auth-Protocol: imap" CRLF) - 1 | 1172 + sizeof("Auth-Protocol: imap" CRLF) - 1 |
1172 + sizeof("Auth-Login-Attempt: ") - 1 + NGX_INT_T_LEN | 1173 + sizeof("Auth-Login-Attempt: ") - 1 + NGX_INT_T_LEN |
1173 + sizeof(CRLF) - 1 | 1174 + sizeof(CRLF) - 1 |
1174 + sizeof("Client-IP: ") - 1 + s->connection->addr_text.len | 1175 + sizeof("Client-IP: ") - 1 + s->connection->addr_text.len |
1175 + sizeof(CRLF) - 1 | 1176 + sizeof(CRLF) - 1 |
1177 + sizeof("Auth-SMTP-Helo: ") - 1 + s->smtp_helo.len | |
1178 + sizeof("Auth-SMTP-From: ") - 1 + s->smtp_from.len | |
1179 + sizeof("Auth-SMTP-To: ") - 1 + s->smtp_to.len | |
1176 + ahcf->header.len | 1180 + ahcf->header.len |
1177 + sizeof(CRLF) - 1; | 1181 + sizeof(CRLF) - 1; |
1178 | 1182 |
1179 b = ngx_create_temp_buf(pool, len); | 1183 b = ngx_create_temp_buf(pool, len); |
1180 if (b == NULL) { | 1184 if (b == NULL) { |
1225 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1); | 1229 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1); |
1226 b->last = ngx_copy(b->last, s->connection->addr_text.data, | 1230 b->last = ngx_copy(b->last, s->connection->addr_text.data, |
1227 s->connection->addr_text.len); | 1231 s->connection->addr_text.len); |
1228 *b->last++ = CR; *b->last++ = LF; | 1232 *b->last++ = CR; *b->last++ = LF; |
1229 | 1233 |
1234 if (s->auth_method == NGX_MAIL_AUTH_UNAUTH) { | |
1235 | |
1236 /* HELO / MAIL FROM / RCPT TO can't contain CRLF, no need to escape */ | |
1237 | |
1238 b->last = ngx_cpymem(b->last, "Auth-SMTP-Helo: ", | |
1239 sizeof("Auth-SMTP-Helo: ") - 1); | |
1240 b->last = ngx_copy(b->last, s->smtp_helo.data, s->smtp_helo.len); | |
1241 *b->last++ = CR; *b->last++ = LF; | |
1242 | |
1243 b->last = ngx_cpymem(b->last, "Auth-SMTP-From: ", | |
1244 sizeof("Auth-SMTP-From: ") - 1); | |
1245 b->last = ngx_copy(b->last, s->smtp_from.data, s->smtp_from.len); | |
1246 *b->last++ = CR; *b->last++ = LF; | |
1247 | |
1248 b->last = ngx_cpymem(b->last, "Auth-SMTP-To: ", | |
1249 sizeof("Auth-SMTP-To: ") - 1); | |
1250 b->last = ngx_copy(b->last, s->smtp_to.data, s->smtp_to.len); | |
1251 *b->last++ = CR; *b->last++ = LF; | |
1252 | |
1253 } | |
1254 | |
1230 if (ahcf->header.len) { | 1255 if (ahcf->header.len) { |
1231 b->last = ngx_copy(b->last, ahcf->header.data, ahcf->header.len); | 1256 b->last = ngx_copy(b->last, ahcf->header.data, ahcf->header.len); |
1232 } | 1257 } |
1233 | 1258 |
1234 /* add "\r\n" at the header end */ | 1259 /* add "\r\n" at the header end */ |