For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

andresneri1's avatar
andresneri1
Icon for Nimbostratus rankNimbostratus
Jul 22, 2022
Solved

iRule for TCP/SMTP and extract fields "MAIL FROM: "

I need a iRule to extract fields from "MAIL FROM:" in an SMTP traffic. for example: S->220 mail.mycompany.com Microsoft ESMTP MAIL Service ready ... C->EHLO 172.16.1.100 S->250-mail.mycompany.com...
application delivery
iRules TCP::payload TCP::collect
Kevin_Davies's avatar
Kevin_Davies
Icon for Nacreous rankNacreous
Jul 24, 2022

There are a number iRule implementations of SMTP proxies. I have linked a couple below. I have also implemented a proxy for SMTP myself based on haproxy's proxy protocol. I linked another example as well.  That should give you plenty of guidance on how to read these headers. If you are still stuck after reading them, reach out.

SMTP Proxy - DevCentral (f5.com)
SMTP filter and forward proxy - DevCentral (f5.com)
Proxy Protocol Receiver - DevCentral (f5.com)