[SOLVED] Dynamic action: possible?

M

mmaridev

Member
Jun 4, 2020
10
0
6
Hi everybody,

I'm trying to understand if it's possible in PMG to use a dynamic action.
My goal is to replace the "From" header depending on the source IP address but in order to do it with standard PMG tools i would need to create one action, one who object and one rule for every IP address I need to rewrite (100+).
Is there any way I can dynamically pass the new "From" to the replace header action? Or can I create a custom action using an external script?

Thanks,
All the best,
Marco
 
I'm not sure I understand what exactly you're trying to accomplish - could you please provide an example (and the motivation for modifying the from-header in PMG instead of - the user agent or the downstream server) - this would help to see if this is possible with PMG and how it would be adressed best.

However currently the Modify Field action does not have a larger templateing functionality - apart from the macros described in:
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#rule_system_macros
 
Hi Stoiko! Thank you for your reply.
I need to setup a mail gateway to allow a certain amount of hosts in a LAN to send out mails and still pass SPF/DKIM/DMARC checks. Also, not all hosts in the LAN will be authorized to send mails and I want to keep some sort of traceability for the end user.
I want to do is rewrite the from address based on the source ip, e.g.
You think it's possible?
Motivation: email senders are stupid copiers that are not that configurable.
May I possibly implement a new macro?
 
mmaridev said:
allow a certain amount of hosts in a LAN to send out mails and still pass SPF/DKIM/DMARC checks
Click to expand...
this should be doable by just relaying through PMG, having PMGs IP in the SPF record, adding the hosts to the mail-proxy whitelist (if you use SPF checks on the mail proxy level), and have PMG do the DKIM signing.

mmaridev said:
lso, not all hosts in the LAN will be authorized to send mails
Click to expand...
depending on how the hosts are distributed you could only add the allowed IPs to the Trusted Networks - or block in the rulesystem using a fitting who-object

mmaridev said:
I want to keep some sort of traceability for the end user.
Click to expand...
you could add another header (originating-ip) with '__SENDER_IP__ ' as value (though this is not as visible)

mmaridev said:
want to do is rewrite the from address based on the source ip, e.g.
Click to expand...
a lookuptable (use john for 10.1.1.1 and mary for 10.1.1.2) is currently not possible (and I don't see an easy way of getting that, short of creating a rule for each IP->from match)
You could try to 'prepend' the IP - but this would only work if the from-header address is the same as the envelop-sender address
(add a Modify Field action - modifying 'From' - to contain: '__SENDER_IP__ __SENDER__' - but you'd need to try that and see if the result actually parses correctly)

I hope this helps!
 
Dear Stoiko,

thank you so much for your help!
I decided to write a Python script with Proxmoxer to "automatically" create rules for every host. It won't be easy to manage but it's something.
I'll be linking the script here once published on (our) git.

Thank you again,
Marco
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back