[BALUG-Talk] Recommendations for email resender/"forwarder"? (infrastructure: Debian oldstable amd64, MTA exim4)
Rick Moen
rick@linuxmafia.com
Sat Aug 12 17:28:24 PDT 2017
Quoting Glen Martin (glen@glen-martin.com):
> MLMs can achieve this, imperfectly, and are overkill. But they're
> not magic, they just screw with the headers so downstream can't
> detect the envelope or body changes.
What you call screwing with the headers is, in my experience, the only
way that retransmitted mail is going to arrive at its end-destination
not seeming like an attempt to forge the upstream sender's domain.
> Have you tried to use the pipe syntax of aliases, eg
> don@linuxmafia.org: | /usr/sbin/DKIMstripper-sendmail.sh
> donmarti@whereever.com
> // I just made this up, don't shoot me
Alas, shell pipelines in /etc/aliases are so notoriously a security
hazard that modern MTAs of my experience disable parsing them by
default, and you re-enable that parsing at your peril.
Of course, there are other ways of stripping DKIM headers, and that's
tempting. I can imagine any number of reasons why this action might
end up having adverse consequences, though.
More information about the BALUG-Talk
mailing list