This projects aims at implementing
- a SRS library in pure Rust
- Address parser
- Receive rewriting
- Forward rewriting
- Rust Docs
- A daemon exposing above functionality in a Postfix-compatible way
- Postfix-compatible TCP / unix socket lookup table server
- Configuration format & parsing
- Key Rollover
- Logging & Stats
- Rule-based rewriting policy
This project was started by a novice Rust programmer and is still under development.
The Sender Rewriting Scheme is a technique to rewrite the envelope sender address
(SMTP MAIL FROM
) in order to not break the Sender Policy Framework on mail relays
that are not whitelisted in the original sender's SPF record.
A part of the return path is encoded in the local part of the rewritten envelope sender address:
SMTP servers implementing SRS support perform the rewriting on forwards and reverse it on reception of a bounce.
A cryptographic hash / HMAC is employed to protect a reversing SMTP server from becoming an open relay for forged requests.
A to B: MAIL FROM user@a
B to C: MAIL FROM SRS0=HHH1=TT=a=user@b
C to D: MAIL FROM SRS1=HHH2=b=HHH1=TT=a=user@c
Subsequent forwardes just change the domain-part of the address.
D to E: MAIL FROM SRS1=HHH2=b=HHH1=TT=a=user@d
E bounces => SRS1=HHH2=b=HHH1=TT=a=user@d is rewritten to SRS0=HHH1=TT=a=user@b
E TO B: MAIL FROM SRS0=HHH1=TT=a=user@b
B rewrites SRS0=HHH1=TT=a=user@b to user@a
B TO A: MAIL FROM user@a
=> the return path is exactly 2 hops long
=> intermediate hosts are short-circuited