Need help with creating email filter
SMTP email proxy and relay server
Brought to you by:
graeme_walker
Menu
▾
▴
#94 Need help with creating email filter
Hi, I apologize if this isn't the best way to get assistance with this. I just recently started working on trying to set this up. I have successfully setup the mail server so that it forwards emails as expected to office 365. However, i'd like to filter out all emails that do not match approved IP addresses so that they are automatically denied. Here are examples of code i've cobbled together below, both in python and in javascript. I'm not sure why but regardless of what i do the program will not run through the if statement properly to determine if the IP is an approved IP it just defaults to whatever the last return code is in the script.
I'm validating this by having 3 approved ip addresses in the variable (i have 4 that i need but have removed one for testing) then i send an email from the 4th IP address. It will still make it through even though it's not an approved IP. I then edit it to where the return code of 1 is the last thing entered in and no matter what if its an approved IP or not it still gets rejected. Any help or guidance would be greatly appreciated.
Python code:
import sys
def main():
envelope_file = sys.argv[1]
ip = None
with open(envelope_file, 'r') as f:
for line in f:
if line.startswith('X-MailRelay-Client:'):
ip = line.split(':')[1].strip()
break
trusted_ips = ["ip 1", "ip 2", "ip 3"]
if ip in trusted_ips:
print(0)
else:
print(1)
if name == "main":
main()
javascript:
// If the line starts with "X-MailRelay-Client:", extract the IP address
if (line.startsWith("X-MailRelay-Client:")) {
var re = new RegExp("X-MailRelay-Client: (.*)");
var match = line.match(re);
// If the IP address could be extracted, assign it to the variable 'ip'
if (match) {
var ip = match[1];
// Debug log: Print the extracted IP address
console.log('Extracted IP address:', ip);
// Define the list of approved IP addresses
var approvedIPs = ["ip1", "ip2", "ip3"];
// Check if the sender's IP address is in the list of approved IP addresses
if (approvedIPs.includes(ip)) {
// Debug log: Print that the IP is approved
console.log('Approved IP address:', ip);
// If the IP address is approved, quit the script with a status code of 0
WScript.Quit(0);
} else {
// Debug log: Print that the IP is not approved
console.log('Non-approved IP address:', ip);
// If the IP address is not approved, quit the script with a status code of 1
WScript.Quit(1);
}
}
}
}
// If the sender's IP address cannot be extracted from the envelope file, quit the script with a status code of 1
console.log('No IP address found in the envelope file.');
WScript.Quit(1);
examples of the output i'm getting:
emailrelay: 20240118.163040.376: info: IP4; filter [emailfilter.py]: [emailrelay.10264.1705613440.1]: running C:\programdata\e-mailrelay\emailfilter.py
emailrelay: 20240118.163040.411: warning: IP4; filter [emailfilter.py] failed: exit code 1: [rejected]
emailrelay: 20240118.163040.411: info: IP4; filter [emailfilter.py]: [emailrelay.10264.1705613440.1]: failed response=[rejected]
emailrelay: 20240118.163040.411: info: IP4; rejected by filter: [rejected]
emailrelay: 20240118.163040.411: info: IP4; tx>>: "452 rejected"
emailrelay: 20240118.163040.415: info: IP4; smtp connection closed: peer shutdown: IP4:64761
emailrelay: 20240118.163040.415: info: forwarding: [client disconnect]
emailrelay: 20240118.163040.416: info: forwarding: no messages to send
In the python you have "print(0)" and "print(1)". Shouldn't that be "sys.exit(0)" and "sys.exit(1)"?
With javascript does your console log agree with the emailrelay behaviour?
You should be able to debug this by copying an envelope file so that you can edit it and then run "cscript //nologo //B emailfilter.py test.content test.envelope" to run the script, possibly followed immediately by "echo %errorlevel%". Add plenty of print statements to trace the logic flow.
Thank you for the suggestion Graeme! I actually did try sys.exit(0) and 1 in a previous script (gone through numerous iterations trying to nail this down for both python and javascript) and it unfortunately didn't work. I'll give the debugging option you suggested a try and report back.
there might be an easier way, the config file contains a section where you can define ip-adresses/ranges that are allowed to use the service.
Hi, do you remember the attribute in the config file that is used for this?
I used the emailrelay.auth file with this parameter for my local subnets:
server none 192.168.0.0/16 localnet
Thank you for your help. I used this method and was able to successfully filter out emails from non approved IP addresses!