Forum Discussion
nrelihan_68143
Mar 29, 2012Nimbostratus
Append TLS header to SMTP payload
Hey,
After implementing the "SMTP Start TLS" ( https://devcentral.f5.com/wiki/iRules.SMTP_Start_TLS.ashx ) with a little configuration, there is a requirement for the TLS header be attached or appended to the SMTP payload or header (for client side TLS troubleshooting).
Could this be achieved by using the "TCP::payload replace" command in the iRule's "when SERVER_DATA" conditional statment.
Is it possible that the iRule's 4Mb data collection limit could be reached in this circumstance?
Thanks.
- nrelihan_68143NimbostratusiRule in question:
when CLIENT_ACCEPTED { set ehlo 0 SSL::disable } when SERVER_CONNECTED { TCP::collect } when CLIENT_DATA { set lcpayload [string tolower [TCP::payload]] if { $lcpayload starts_with "ehlo" } { set ehlo 1 TCP::release serverside { TCP::collect } } elseif { $lcpayload starts_with "starttls" } { TCP::respond "220 Ready to start TLS\r\n" TCP::payload replace 0 [TCP::payload length] "" TCP::release SSL::enable } else { TCP::release } } when SERVER_DATA { set lspayload [string tolower [TCP::payload]] if { $ehlo == 1 and not ( $lspayload contains "starttls" ) } { if { $lspayload contains "250 ok\r\n" } { TCP::payload replace [expr [TCP::payload length] - 8] 0 "250-STARTTLS\r\n" } } TCP::release clientside { TCP::collect } }
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects