Forum Discussion

asharicz_6648's avatar
asharicz_6648
Icon for Nimbostratus rankNimbostratus
Jun 14, 2011

Masking the SMTP greeting

I wrote an iRule to mask an SMTP server greeting. For me this is great because I can use one farm for multiple virtual "mail hosts" Most sending servers don't care too much about the greeting, but I like it for consistency, and also to go along with the iRules I am working on to do all of our TLS with the BIGIP. This rule works great combined with the TLS offloading on the same Virtual.

 

 

This is mostly informational, but submitted for feedback. I have one outstanding issue, which is if the host connects, issues the "HELO" or "EHLO" I am masking the first line of the response, but if they issue the EHLO/HELO a second time my rule doesn't catch it. I understand why that is, because I have "released the TCP" at that point. I like that because it is effiicient for high volume stuff, and I am providing Saas email solution so I have lots of volume. The problem is that it looks like clients that do a "STARTTLS" will issue the greeting again after going secure, and at that point I am not masking the greeting anymore.

 

 

Any ideas on how to mask a subsequent greeting and keep it efficient? Maybe I trigger again on a STARTTLS or a counter or something, I am not sure how to make it better.

 

 

Here's the iRule, hopefully it works, I got a lot of problems trying to figure how to post code in the editor with my IE9.

 

 

 


when SERVER_CONNECTED {
    TCP::collect
}
when SERVER_DATA {
    set sdata [TCP::payload]
if { [ string length $sdata ] <= 0 } {
       return
    }
  if { $sdata starts_with "220 mxXX.mydomain.com" } {
   TCP::payload replace 0 [TCP::payload length] "220 mailXX.mydomain.com\r\n"
   TCP::release
   TCP::collect
       return
   }
if { $sdata starts_with "250-mxXX.mydomain.com"} {
       TCP::payload replace 0 21 "250-mailXX.mydomain.com"
       TCP::release 
return
    }
if { $sdata starts_with "250 mxXX.mydomain.com "} {
       TCP::payload replace 0 [TCP::payload length] "250 mailXX.mydomain.com \r\n"
       TCP::release 
return
    }
    TCP::release
}

 

 

No RepliesBe the first to reply