Forum Discussion
asharicz_6648
Nimbostratus
Jun 14, 2011Masking the SMTP greeting
I wrote an iRule to mask an SMTP server greeting. For me this is great because I can use one farm for multiple virtual "mail hosts" Most sending servers don't care too much about the greeting, but I like it for consistency, and also to go along with the iRules I am working on to do all of our TLS with the BIGIP. This rule works great combined with the TLS offloading on the same Virtual.
This is mostly informational, but submitted for feedback. I have one outstanding issue, which is if the host connects, issues the "HELO" or "EHLO" I am masking the first line of the response, but if they issue the EHLO/HELO a second time my rule doesn't catch it. I understand why that is, because I have "released the TCP" at that point. I like that because it is effiicient for high volume stuff, and I am providing Saas email solution so I have lots of volume. The problem is that it looks like clients that do a "STARTTLS" will issue the greeting again after going secure, and at that point I am not masking the greeting anymore.
Any ideas on how to mask a subsequent greeting and keep it efficient? Maybe I trigger again on a STARTTLS or a counter or something, I am not sure how to make it better.
Here's the iRule, hopefully it works, I got a lot of problems trying to figure how to post code in the editor with my IE9.
when SERVER_CONNECTED {
TCP::collect
}
when SERVER_DATA {
set sdata [TCP::payload]
if { [ string length $sdata ] <= 0 } {
return
}
if { $sdata starts_with "220 mxXX.mydomain.com" } {
TCP::payload replace 0 [TCP::payload length] "220 mailXX.mydomain.com\r\n"
TCP::release
TCP::collect
return
}
if { $sdata starts_with "250-mxXX.mydomain.com"} {
TCP::payload replace 0 21 "250-mailXX.mydomain.com"
TCP::release
return
}
if { $sdata starts_with "250 mxXX.mydomain.com "} {
TCP::payload replace 0 [TCP::payload length] "250 mailXX.mydomain.com \r\n"
TCP::release
return
}
TCP::release
}
No RepliesBe the first to reply
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects