AltostratusHello Folks,
Can anyone help me by sharing an iRule which only allows if the receiver email address contains my company name? Can I extract RCPT details and control allow / disallow based on the value match?
For eg. abc.com xyz.com should be allowed. Rest should be deny.
Thank you, Darshan
EmployeeGoing out on a limb here, and this is completely untested, but based on the SMTPProxy iRule here:
https://devcentral.f5.com/wiki/iRules.SMTPProxy.ashx
I've made a small modification:
when RULE_INIT {
user-defined: local mail domain
set static::mydomain "@mydomain.com"
}
when CLIENT_ACCEPTED {
set chelo ""
set cfrom ""
set crcpt ""
TCP::respond "220\r\n"
log local0. "client accepted"
TCP::collect
}
when CLIENT_DATA {
set cdata [TCP::payload]
if { [ string length $cdata ] <= 0 } {
return
}
if { not ( $cdata contains "\r\n" ) } {
log local0. "get <$cdata> so far"
return
}
if { $cdata starts_with "HELO" } {
set chelo [TCP::payload]
log local0. "get helo <$cdata>"
TCP::respond "250 OK\r\n"
TCP::payload replace 0 [string length $chelo] ""
return
}
if { $cdata starts_with "MAIL FROM:" } {
set cfrom [TCP::payload]
log local0. "get from <$cfrom>"
TCP::respond "250 OK\r\n"
TCP::payload replace 0 [string length $cfrom] ""
return
}
if { $cdata starts_with "RCPT TO:" } {
set crcpt "$crcpt[TCP::payload]"
log local0. "get rcpt <$crcpt>"
code inserted to validate receiver domain
if { not ( [string tolower $crcpt] contains $static::mydomain ) } {
rcpt to domain does not match allowed
reject
}
TCP::respond "250 OK\r\n"
TCP::payload replace 0 [string length [TCP::payload]] ""
return
}
if { $cdata starts_with "DATA" } {
log local0. "get data <$cdata>"
TCP::payload replace 0 0 $chelo$cfrom$crcpt
}
log local0. "payload [TCP::payload]"
TCP::release
TCP::collect
}
when SERVER_CONNECTED {
log "server connected"
TCP::collect
}
when SERVER_DATA {
set sdata [TCP::payload]
if { $sdata starts_with "220" } {
log local0. "get data <$sdata>"
TCP::payload replace 0 [string length $sdata] ""
return
}
if { $sdata contains "\r\n354 " } {
log local0. "get data <$sdata>"
TCP::payload replace 0 [string length $sdata] "354\r\n"
}
if { [ string length $sdata ] <= 0 } {
return
}
log local0. "payload <[TCP::payload]>"
TCP::release
TCP::collect
}
when CLIENT_CLOSED {
log local0. "client closed"
}
AltostratusDear Kevin,
Thank you very much. Do you think following, the smaller version would work to achieve the requirement? I made it before I received this one.
when CLIENT_ACCEPTED {
set cto ""
set cdata ""
}
when CLIENT_DATA {
set cdata [TCP::payload]
if { [string match -nocase "RCPT TO:*" $cdata] } {
set cto [TCP::payload]
set fromaddr [regsub -all \[\\r\\n\\s\] $cto ""]
set toaddrs [findstr $toaddrs ":" 1]
set todomain [findstr $toaddrs "@" 1]
if { [ class match $todomain equals "MailAddrList" ] } {
log local0. "Email Accept based on the receipeint email address"
TCP::payload replace 0 0 $cto
TCP::release
TCP::collect
else {
}
drop }
}
}
I can't test it, but the logic looks sound.
AltostratusThanks Kevin!
Altocumulusand did the small one work for you ?
Nimbostratuscould you please share the iRule code which would perform below task.
where i would have two pools.
pool 1 should receive mails which are being sent to @firstdomain.com
pool2 should receive mails which are being sent to @seconddomain.com
Nimbostratuscould you please share the iRule code which would perform below task.
where i would have two pools, need to forward traffic to either of the pools based on specific domain