Nginx mail proxy - ensure sender match authenticated user
mbrother
nginx-forum at forum.nginx.org
Thu May 20 07:25:48 UTC 2021
Hello,
I am a fan of nginx and I really like nginx mail proxy module. I'm having a
problem between the authenticated account and the sender when using this
module. For better understanding, please see my test below:
root at nginx:~# telnet xx.xx.xx.xx 25
Trying xx.xx.xx.xx ...
Connected to xx.xx.xx.xx .
Escape character is '^]'.
220 smtp.xxx.xxx ESMTP ready
ehlo mail.example.com
250-smtp. xxx.xxx
250 AUTH LOGIN
AUTH LOGIN
334 VXNlcm5hbWU6
xxxxxxxxxxxxxxxxxxxxxxxxxx
334 UGFzc3dvcmQ6
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
235 2.0.0 OK
mail from: admin at gmail.com
250 OK <admin at gmail.com> Sender ok
rcpt to: admin at gmail.com
250 OK <admin at gmail.com> Recipient ok
data
354 Start mail input; end with <CRLF>.<CRLF>
test
test
.
250 OK
quit
221 Service closing transmission channel
Connection closed by foreign host.
As you have seen, after successful authentication, I can send email using
any account and nginx skips checking if this account matches the previously
authenticated account.
I want to write more code in the source code of the mail module in nginx to
be able to check if this account matches the previously authenticated
account, however I don't know C programming nor understand how functions in
.c source code files work.
Currently my server is being used to spam emails a lot. So I would really
appreciate it if you could give me some advice to fix my problem.
Thank you very much!
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,291574,291574#msg-291574
More information about the nginx
mailing list