Bypassing filters in specific conditions

Sun, 28 Apr 2024 07:21:42 -0700 

Hello,
I have a OpenBSD 7.5 with OpenSMTPD+rspamd+postgresql+dovecot setup with virtuals (users and domains) and credentials in a postgresql database. 


In addition to theses virtual users, i do some redirections to other 
mail servers for specific aliases, and in that specific situation, i was 
wondering if i could make opensmtpd completely bypass filters 
(especially the rspamd filter).


Here is my smtpd config :


# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.

srs key REDACTED
srs key backup REDACTED

## Certs
pki gamindustri.fr cert "REDACTED"
pki gamindustri.fr key "REDACTED"

table domains postgres:/etc/mail/domains-pgsql.conf
table virtuals postgres:/etc/mail/virtuals-pgsql.conf
table passwd postgres:/etc/mail/passwd-pgsql.conf
table sympa file:/etc/mail/sympa.table
table sndrs postgres:/etc/mail/sndrs-pgsql.conf

table domains-max file:/etc/mail/domains-max.table
table addr-max file:/etc/mail/addr-max.table


filter   "rdns" phase connect match   !rdns disconnect "550 Incorrect 
rDNS error"
filter "fcrdns" phase connect match !fcrdns disconnect "550 Incorrect 
fcrDNS error"

filter "rspamd" proc-exec "filter-rspamd"

## Ports to listen on, and how to listen on them
listen on lo0 port 25 filter "rspamd"

listen on egress port 25 tls pki gamindustri.fr hostname 
compa.gamindustri.fr filter { "rdns", "fcrdns", "rspamd" }
listen on egress port 465 smtps pki gamindustri.fr hostname 
compa.gamindustri.fr mask-src received-auth senders <sndrs> 
auth-optional <passwd> filter "rspamd"
listen on egress port submission tls-require pki gamindustri.fr 
hostname compa.gamindustri.fr mask-src received-auth senders <sndrs> 
auth <passwd> filter "rspamd"


action "dovecotFinal" lmtp "/var/dovecot/lmtp" rcpt-to virtual <virtuals>
action "send" relay srs
action "send-to-sympa" relay host smtp://REDACTED srs
action "send-to-max" relay host smtp://REDACTED srs

match from src REDACTED action "send"

match from any for domain <domains> rcpt-to <sympa> action 
"send-to-sympa"

match from any for domain <domains-max> action "send-to-max"

match from src REDACTED mail-from mailer-dae...@compa.gamindustri.fr 
action "send"

match from src REDACTED action "send"

match from any for domain <domains> action "dovecotFinal"
match from auth for any action "send"
match from local for any action "send














    











					Reply via email to