Mailing List CGatePro@mail.stalker.com Message #92647
From: Nicolas Hatier <nicolas.hatier@niversoft.com>
Subject: Feature request: a way to get CGP's expected response to a message envelope
Date: Tue, 18 Sep 2007 16:19:44 -0400
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>

A CLI command, named for instance GetEnvelopeResult - there is surely a better way to name this but I can't find one, please continue reading.

This command would take a few parameters: source IP address, return-path (email address), envelope-to
(email address, maybe more than one)

CGP would process those three parameters as if it was a message coming from the specified IP address, with this return-path, this or these recipients, and the response would be the status of this supposed message according to all protection modules of CGP happening before the DATA command of the SMTP session.

This would include (in no particular order) RBL status, blacklisting according to network settings, client IP status, SPF, temporary blacklist, whitelist, whitelist by dns, unknown recipient, authentication required, and other possible errors or warning flags happening at this state.

This feature would allow mail proxies or backup mail servers to query the CGP server and ensure a consistent protection of the mail flow, without duplicating the settings or reimplementing them. This would also allow
external filters to be outsourced to separate servers to reduce the load, as these filters could be enhanced with a simple SMTP proxy and that would perform this command before relaying.

Unfortunately the current CLI commands does not allow to get the result of many protection settings without reimplementing most of them and transferring a lot of data between servers.

Another way to implement this feature would be to add a new command to the SMTP session, such as
FROM IP:xx.xx.xx.xx
MAIL FROM:test@example.ext
RCPT TO: user@local

The CGP server would then process the email as if it was coming from the said IP. As a simple security measure, CGP would test each protection setting with the real IP the connection is coming from and with the provided IP, and would report the "worst" of the two results.

Thank you.
Nicolas Hatier

--

Nicolas Hatier
Niversoft idées logicielles
http://www.niversoft.com


 
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster