Welcome! Log In Create A New Profile

Advanced

Re: Nginx mail proxy - ensure sender match authenticated user

Maxim Dounin
May 20, 2021 09:30AM
Hello!

On Thu, May 20, 2021 at 03:25:48AM -0400, mbrother wrote:

> I am a fan of nginx and I really like nginx mail proxy module. I'm having a
> problem between the authenticated account and the sender when using this
> module. For better understanding, please see my test below:
>
> root@nginx:~# telnet xx.xx.xx.xx 25
> Trying xx.xx.xx.xx ...
> Connected to xx.xx.xx.xx .
> Escape character is '^]'.
> 220 smtp.xxx.xxx ESMTP ready
> ehlo mail.example.com
> 250-smtp. xxx.xxx
> 250 AUTH LOGIN
> AUTH LOGIN
> 334 VXNlcm5hbWU6
> xxxxxxxxxxxxxxxxxxxxxxxxxx
> 334 UGFzc3dvcmQ6
> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> 235 2.0.0 OK
> mail from: admin@gmail.com
> 250 OK <admin@gmail.com> Sender ok
> rcpt to: admin@gmail.com
> 250 OK <admin@gmail.com> Recipient ok
> data
> 354 Start mail input; end with <CRLF>.<CRLF>
> test
> test
> .
> 250 OK
> quit
> 221 Service closing transmission channel
> Connection closed by foreign host.
>
> As you have seen, after successful authentication, I can send email using
> any account and nginx skips checking if this account matches the previously
> authenticated account.

After successful authentication nginx establishes an opaque pipe
between the client and the backend server, and no longer controls
what the client does. It's up to the backend server to check if
the client is allowed to send relevant messages or not.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Nginx mail proxy - ensure sender match authenticated user

mbrother May 20, 2021 03:25AM

Re: Nginx mail proxy - ensure sender match authenticated user

Maxim Dounin May 20, 2021 09:30AM

Re: Nginx mail proxy - ensure sender match authenticated user

mbrother May 20, 2021 10:13PM

Re: Nginx mail proxy - ensure sender match authenticated user

Maxim Dounin May 21, 2021 10:46AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 129
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready