Mark wrote:
I am well familiar with DRAC, and still use it myself (you know, that pesky
thing where you keep telling your users, for years, to start using SMTP
AUTH, but where they scream red at the chance of DRAC ever be removed, so
you keep it hanging around in perpetuity).
Kdrac btree /etc/mail/dracd
.....
SLocal_check_rcpt
R$* $: $&{client_addr}
R$+ $: $(drac $1 $: ? $)
R? $@ ?
R$+ $@ $#OK
You just quoted part the problem: a DRAC authentication result is not
persistently available (basically just at check_mail; which is
SLocal_check_rcpt here). To integrate it, spf-milter, for starters, would
always have to run in "mx" mode (where SPF checks are delayed until
envrcpt_callback).
Furthermore, for this to work even, a DRAC macro will need to be exported.
In your "local info", define this 'storage' map:
Kstorage macro
Now insert a line into SLocal_check_rcpt, to store the DRAC result:
R$* $: $&{client_addr}
R$+ $: $(drac $1 $: ? $)
R$+ $: $(storage {DRAC_auth} $@ $1 $) $1
R? $@ ?
R$+ $@ $#OK
Finally, export the macro:
O Milter.macros.envrcpt={rcpt_mailer}, {rcpt_host}, {rcpt_addr}, {DRAC_auth}
That, in principle, provides the basic key to using DRAC in a Milter. If
people are interested in it, I could integrate it into spf-milter.
It should just be a case for checking for the presence of DRAC_auth in the
envrcpt_callback, no?
--- spf-milter 2004-03-31 10:08:39.000000000 +0100
+++ spf-milter 2004-03-31 10:14:56.000000000 +0100
@@ -507,6 +507,7 @@
# We're done if we're already authenticated.
return SMFIS_CONTINUE if ($priv_data->{'is_authenticated'});
+ return SMFIS_CONTINUE if ($ctx -> getsymval ('{DRAC_auth}'));
# Here we do the opposite check of envfrom_callback: if not "mx" mode,
# we bale rightaway.
(remember that spf-milter *nust* run in "mx mode" to support this type of
authentication, as checks are delayed until RCPT TO: time)
Cheers, Paul.