|
  
|
|
|
Erzeugt bei intern gerouteten E-Mails in etwa das Verhalten der Option „S/MIME sign outgoing mails with the following text in subject:“ (Outgoing) .
Mit dieser Variante werden E-Mails tatsächlich signiert und nicht nur markiert.
Zeile |
Code |
|---|---|
01 |
# Begin: Custom commands for incoming e-mails BEFORE decryption |
02 |
log(1,'Begin: Custom commands for incoming e-mails BEFORE decryption'); |
|
|
03 |
# Begin: Sign internally routed e-mails, marked to be SIGNED |
04 |
log(1,'Begin: Sign internally routed e-mails, marked to be SIGNED'); |
|
|
05 |
if (from_managed_domain()) { |
06 |
log(1,'E-mail is from managed domain...'); |
07 |
if (!compareattr('connect_from', 'equal', '127.0.0.1')) { |
08 |
log(1,'...not form localhost...'); |
09 |
if (check_sender(false, false, true)) { |
10 |
log(1,'...but is not allowed to relay, dropping'); |
11 |
drop('554' '5.7.1 Relay access denied'); |
12 |
} else { |
13 |
log(1,'...and is allowed to relay, signing e-mail, if requested'); |
14 |
$custom_sign; |
15 |
} |
16 |
} else { |
17 |
log(1,'...but generated on localhost, going on in standard ruleset'); |
18 |
} |
19 |
} |
|
|
20 |
log(1,'End: Sign internally routed e-mails, marked to be SIGNED'); |
21 |
# End: Sign internally routed e-mails, marked to be SIGNED |
|
|
22 |
log(1,'End: Custom commands for incoming e-mails BEFORE decryption'); |
23 |
# End: Custom commands for incoming e-mails BEFORE decryption |
Das in oben genannten Code verwendete Macro $custom_sign für das Signieren, muss bei dieser Variante zusätzlich unter Custom macros and commands for all e-mails BEFORE processing wie folgt definiert werden:
Zeile |
Code |
|---|---|
01 |
# Begin: Custom macros and commands for all e-mails BEFORE processing |
02 |
log(1,'Begin: Custom macros and commands for all e-mails BEFORE processing'); |
|
|
03 |
custom_sign = { |
04 |
if (compare('x-smsign','equal','yes')) { |
05 |
log(1,'Signing requested by Add-In, tag as SIGNED'); |
06 |
rmheader('x-smenc'); |
07 |
flag('sign',1); |
08 |
} |
|
|
09 |
if (compare('subject','substitute','@SIGNTEXT@')) { |
10 |
log(1,'Signing requested by subject-tag, tag as SIGNED'); |
11 |
flag('sign',1); |
12 |
} |
|
|
13 |
if (flag('sign',0) { |
14 |
if (!authenticated()) { |
15 |
createaccount(); |
16 |
createkeys('4'); |
17 |
} |
18 |
if (authenticated()) { |
19 |
if (has_smime_key()) { |
20 |
log(1,'S/MIME key available, trying to sign'); |
21 |
if (sign_smime()) { |
22 |
log(1,'signing successful'); |
23 |
tagsubject('[signed OK]'); |
24 |
} else { |
25 |
log(1,'signing failed, bouncing e-mail'); |
26 |
bounce('noseckey'); |
27 |
} |
28 |
} else { |
29 |
log(1,'no S/MIME key available, bouncing'); |
30 |
bounce('noseckey'); |
31 |
} |
32 |
} else { |
33 |
log(1,'user not authenticated, bouncing'); |
34 |
bounce('noauth'); |
35 |
} |
36 |
} |
37 |
}; |
|
|
38 |
log(1,'End: Custom macros and commands for all e-mails BEFORE processing'); |
39 |
# End: Custom macros and commands for all e-mails BEFORE processing |
