Wildcard MX Support

Use this forum if you have problems with a hMailServer script, such as hMailServer WebAdmin or code in an event handler.
Post Reply
mikedibella
Normal user
Normal user
Posts: 230
Joined: 2016-12-08 02:21

Wildcard MX Support

Post by mikedibella » 2020-03-05 20:58

Academic question for the community.

If I had a use case where I wanted to receive mail for a dynamically-generated subdomain, say thread-id.domain.com, using a wildcard MX record at domain.com, what would the pseudo-code look like for the scripting to dynamically generate the Domain object and set-up a catch-all address for all local-part variants @thread-id.domain.com?

What On... event would trigger the on-demand provisioning?

palinka
Senior user
Senior user
Posts: 2172
Joined: 2017-09-12 17:57

Re: Wildcard MX Support

Post by palinka » 2020-03-05 22:05

mikedibella wrote:
2020-03-05 20:58
Academic question for the community.

If I had a use case where I wanted to receive mail for a dynamically-generated subdomain, say thread-id.domain.com, using a wildcard MX record at domain.com, what would the pseudo-code look like for the scripting to dynamically generate the Domain object and set-up a catch-all address for all local-part variants @thread-id.domain.com?

What On... event would trigger the on-demand provisioning?
I think the domain has to be created before you receive a message on it, or else hms will kick it for non existent address.

That also makes the task a lot easier because you can use any old com script to add/delete the domain.

Are these messages all coming from the same IP? if yes, you could use OnClientConnect to create the domain. Make sure you force the connection to wait until the domain is created before allowing the client to pass RCPT TO.

User avatar
mattg
Moderator
Moderator
Posts: 21103
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Wildcard MX Support

Post by mattg » 2020-03-06 01:35

I think this is a use case for 'default domain', much as I really dislike that concept normally
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

mikedibella
Normal user
Normal user
Posts: 230
Joined: 2016-12-08 02:21

Re: Wildcard MX Support

Post by mikedibella » 2020-03-06 03:36

palinka wrote:
2020-03-05 22:05
I think the domain has to be created before you receive a message on it, or else hms will kick it for non existent address.
Yup, I think you are right. I thought I remembered that there was an OnSMTPData event, that I presumed was kicked once for each verb in the protocol sequence, but I don't see that in the documentation. I must have been remembering another platform's hooks.

So I can't hook the RCPT TO verb and create a Domain and Account under it for missing subdomains under the desired parent.

User avatar
mattg
Moderator
Moderator
Posts: 21103
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Wildcard MX Support

Post by mattg » 2020-03-06 04:13

Default domain, with a catch-all address will ACCEPT all mail
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

mikedibella
Normal user
Normal user
Posts: 230
Joined: 2016-12-08 02:21

Re: Wildcard MX Support

Post by mikedibella » 2020-03-06 04:31

My understanding of Default Domain is that it acted as the RFC 5322 domain part for an address that contains only a local part. So that if a message is submitted

RCPT TO:local-user

It will be processed as

RCPT TO:local-part@default-domain

Am I misunderstanding how it works?

But in the use case described above, the envelope looks like:

RCPT TO:local-part@on-the-fly-part.parent-domain

the domain on-the-fly-part.parent-domain doesn't exist when the RCPT TO: verb is invoked.

User avatar
mattg
Moderator
Moderator
Posts: 21103
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Wildcard MX Support

Post by mattg » 2020-03-06 06:24

My aging memory says that any non-routable domain will have the 'default domain' appended to it

For example

If Default domain is 'example.com"
Mail addresses to matt@sub.domain.local
will be delivered to matt@sub.domain.local@example.com

And that a catchall at example.com, would in fact receive that mail message


I find this really silly for normal use, but it may suit your purposes
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
jimimaseye
Moderator
Moderator
Posts: 8777
Joined: 2011-09-08 17:48

Re: Wildcard MX Support

Post by jimimaseye » 2020-03-06 09:56

mattg wrote:
2020-03-06 06:24
My aging memory says that any non-routable domain will have the 'default domain' appended to it

For example

If Default domain is 'example.com"
Mail addresses to matt@sub.domain.local
will be delivered to matt@sub.domain.local@example.com
I would find that astonishing if that were true to the point of I don't believe it. I think it's more like mike's method. In fact documentation says:
Default domain

This setting allows you to specify what domain hMailServer should default to if a user does not specify the domain name when logging on. For example, if you specify that the default domain is example.com, and a person tries to log on using the user name "bob", hMailServer will assume that it is "bob@example.com" which is trying to logon.
That goes along with our belief. I guess testing will prove one way or the other.

[Entered by mobile. Excuse my spelling.]
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: Wildcard MX Support

Post by SorenR » 2020-03-06 14:11

mikedibella wrote:
2020-03-06 03:36
palinka wrote:
2020-03-05 22:05
I think the domain has to be created before you receive a message on it, or else hms will kick it for non existent address.
Yup, I think you are right. I thought I remembered that there was an OnSMTPData event, that I presumed was kicked once for each verb in the protocol sequence, but I don't see that in the documentation. I must have been remembering another platform's hooks.

So I can't hook the RCPT TO verb and create a Domain and Account under it for missing subdomains under the desired parent.
There IS an OnSMTPData event but it does not kick in until AFTER recipient has been validated.

You MAY succeed IF you run TWO hMailServer in tandem, the first as a relay (BackupMX'ish) to capture details from the emails in transit in order to potentially trigger a script to create the targeted domain on THE SECOND hmailserver BEFORE the email is delivered.

This is hardcore :mrgreen: 8)

Actually... In the domain configuration there is a tab "Names"... If you add a domain in here it becomes an alias that can be addressed. :idea:

... And no ... you can't add "*.mydomain.tld" in Names, already tried it :mrgreen: BUT you can add "subdomain1.mydomain.tld", "subdomain2.mydomain.tld", "subdomain3.mydomain.tld" ... etc. for as long as you like.
Last edited by SorenR on 2020-03-06 14:36, edited 1 time in total.
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

palinka
Senior user
Senior user
Posts: 2172
Joined: 2017-09-12 17:57

Re: Wildcard MX Support

Post by palinka » 2020-03-06 14:32

SorenR wrote:
2020-03-06 14:11
Actually... In the domain configuration there is a tab "Names"... If you add a domain in here it becomes an alias that can be addressed. :idea:
Now we're getting somewhere. Maybe its possible to program the sending client to make its HELO rando-subdomain.domain.com. Then, you could capture the subdomain at OnHELO and use it to add the "Name". Of course, this would only work if the message is not relayed through another server. OP has not mentioned the probable sequence of events yet (who, what, how the message is being sent).

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: Wildcard MX Support

Post by SorenR » 2020-03-06 14:51

SorenR wrote:
2020-03-06 14:11
... And no ... you can't add "*.mydomain.tld" in Names, already tried it :mrgreen:
It may actually work ... I tried to send from one domain to another domain (acme.inc) on the same server and just realized since "new.acme.inc" does not exist on the server it will do a DNS lookup and fail since I don't have A/MX records for "*.acme.inc" defined.

Perhaps a "wildcard route" could do it, it would allow time to create the domain alias before the message comes back into the server - IIRC it stays in the delivery queue for 1 minute and once the domain alias is created it would (probably) not use the wildcard route again for that domain alias.
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

mikedibella
Normal user
Normal user
Posts: 230
Joined: 2016-12-08 02:21

Re: Wildcard MX Support

Post by mikedibella » 2020-03-06 21:21

OK, so maybe all I need to have is a configuration that allows the submission to be accepted regardless of subdomain so that the on-demand provisioning can be handled in the OnSMTPData firing BEFORE delivery takes place.

I do think a single-hMS implementation of this solution would be preferable to a relay-endpoint model, even though I'm inclined to think best practice would be not to commingle "static" and "dynamic" domains on the same server.

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: Wildcard MX Support

Post by SorenR » 2020-03-06 22:50

Well, could not help it :mrgreen:

My test domain is: acme.inc
I created the domain in hMailServer and assigned "*.acme.inc" under the "Names" tab on the domain.
I created the domain "acme.inc" in my local DNS and set "*.acme.inc MX 10 mx.myhmailserver.tld"

As it is right now, the first email to an unknown acme.inc SUBDOMAIN (like wile.e.coyote@new.acme.inc) will be lost into oblivian or where ever hMailServer do away with it :roll: but the subdomain is added to the Names tab for the domain.

Perhaps some intelligent routing via an external server can bring that first email back, I dont' have the extra servers to play with right now.

Anyways...

Code: Select all

Function oLookup(strRegEx, strMatch, bGlobal)
    If strRegEx = "" Then strRegEx = StrReverse(strMatch)
    With CreateObject("VBScript.RegExp")
        .Pattern = strRegEx
        .Global = bGlobal
        .MultiLine = True
        .IgnoreCase = True
        Set oLookup = .Execute(strMatch)
    End With
End Function


Sub OnSMTPData(oClient, oMessage)

    '
    '   Test to create subdomain on demand.
    '

    EventLog.Write( "OnSMTPData - Setting up -> SubDomain on Demand <-" )
    Dim oApp
    Set oApp = CreateObject("hMailServer.Application")
    Call oApp.Authenticate("Administrator", "#VERYSECRETPASSWORD")          ' <=== DCOM logon
    Const WildcardDomains = "(acme\.inc)|(contoso\.com)"                    ' <=== CHANGE THIS, RegEx format!
    Dim i, j, strTo, strRcptTo, strAlias, oMatch, oMatches, oDomain, oAlias, NewAlias
    For i = 0 To oMessage.Recipients.Count-1
        strRcptTo = Split(oMessage.Recipients(i).Address, "@")
        strAlias = Trim(strRcptTo(1))
        EventLog.Write( "OnSMTPData - looking up domain " & strAlias )
        Set oMatches = oLookup(WildcardDomains, strAlias, False)
        For Each oMatch In oMatches
            EventLog.Write( "OnSMTPData - found domain " & oMatch )
            Set oDomain = oApp.Domains.ItemByName(CStr(oMatch))
            EventLog.Write( "OnSMTPData - number of subdomains " & oDomain.DomainAliases.Count )
            NewAlias = True
            For j = 0 To oDomain.DomainAliases.Count-1
                EventLog.Write( "OnSMTPData - lListing subdomains: " & oDomain.DomainAliases(j).AliasName )
                If strAlias = oDomain.DomainAliases(j).AliasName Then NewAlias = False
            Next
            If NewAlias Then
                EventLog.Write( "OnSMTPData - adding subdomain " & strAlias )
                Set oAlias = oDomain.DomainAliases.Add
                oAlias.AliasName = strAlias
                oAlias.Save
            End If
        Next
    Next

End Sub
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

User avatar
Dravion
Senior user
Senior user
Posts: 1688
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Re: Wildcard MX Support

Post by Dravion » 2020-03-06 23:19

This all doesnt make sense because MX entries are maintained by an DNS-Server in its hierachical Zonefile Databases (its not an SQL or NoSQL Database, its more like a LDAP Database).

However:
You can only setup 1 (one) MX DNS Entry per DNS-Domain but you can Subclass a Subdomain within the DNS-Database which needs to be propagated. A Subdomain isnt a TLD item, so propagation should be in effect within milliseconds and after it, you can add up new hMailServee Domains via VBScript.

But if you dont prepare your DNS-Server in the first plsce by another script it will not work as expected.

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: Wildcard MX Support

Post by SorenR » 2020-03-06 23:29

Dravion wrote:
2020-03-06 23:19
This all doesnt make sense because MX entries are maintained by an DNS-Server in its hierachical Zonefile Databases (its not an SQL or NoSQL Database, its more like a LDAP Database).

However:
You can only setup 1 (one) MX DNS Entry per DNS-Domain but you can Subclass a Subdomain within the DNS-Database which needs to be propagated. A Subdomain isnt a TLD item, so propagation should be in effect within milliseconds and after it, you can add up new hMailServee Domains via VBScript.

But if you dont prepare your DNS-Server in the first plsce by another script it will not work as expected.
This has NOTHING to do with DNS servers... It's 100% hMailServer and how to create domain aliases to match subdomains as they come in as emails.

And the acme.inc DNS record on my local DNS... Only YOU and I know about it and I am the only one who can use it because it is behind my firewall :mrgreen:

BUT since you mention DNS servers and subdomains...
https://en.wikipedia.org/wiki/Wildcard_DNS_record
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

User avatar
Dravion
Senior user
Senior user
Posts: 1688
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Re: Wildcard MX Support

Post by Dravion » 2020-03-06 23:49

if I had a use case where I wanted to receive mail for a dynamically-generated subdomain, say thread-id.domain.com
This part is DNS-Server related and hMailServer can only
work on top of functioning DNS-Zone Information. In hMailServers code, it regulary sents DNS-Queries to the Windows OS defined DNS-Resolvers.

I doubt this is a private LAN Setup, behind a NAT-Router and a Thirdparty SMTP-Relay server.

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: Wildcard MX Support

Post by SorenR » 2020-03-07 00:46

Dravion wrote:
2020-03-06 23:49
if I had a use case where I wanted to receive mail for a dynamically-generated subdomain, say thread-id.domain.com
This part is DNS-Server related and hMailServer can only
work on top of functioning DNS-Zone Information. In hMailServers code, it regulary sents DNS-Queries to the Windows OS defined DNS-Resolvers.

I doubt this is a private LAN Setup, behind a NAT-Router and a Thirdparty SMTP-Relay server.
Why do you always overcomplicate things?

It's quite simple, the wildcard domain MX record point to hMailServer and it is up to hMailServer to do something with the email.
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

mikedibella
Normal user
Normal user
Posts: 230
Joined: 2016-12-08 02:21

Re: Wildcard MX Support

Post by mikedibella » 2020-03-07 01:29

Dravion wrote:
2020-03-06 23:19
You can only setup 1 (one) MX DNS Entry per DNS-Domain but you can Subclass a Subdomain within the DNS-Database which needs to be propagated.
I tested this using my own authoritative domain. I created a RR at mx.otamdm.net with name "*", type MX, and data [10] mx.sfatech.com.

Now, an MX query to any-host.mx.otamdm.net returns mx.sfatech.com.

mikedibella
Normal user
Normal user
Posts: 230
Joined: 2016-12-08 02:21

Re: Wildcard MX Support

Post by mikedibella » 2020-03-07 01:32

SorenR wrote:
2020-03-06 22:50
As it is right now, the first email to an unknown acme.inc SUBDOMAIN (like wile.e.coyote@new.acme.inc) will be lost into oblivian or where ever hMailServer do away with it :roll: but the subdomain is added to the Names tab for the domain.
I might have a dig into the source to try to figure this out. My guess is that hMS had decided that the mail was unroutable before OnSMTPData was fired, but fired it anyway. So by the time the script had paved the way, the vehicle had already driven into a ditch.

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: Wildcard MX Support

Post by SorenR » 2020-03-07 01:47

mikedibella wrote:
2020-03-07 01:32
SorenR wrote:
2020-03-06 22:50
As it is right now, the first email to an unknown acme.inc SUBDOMAIN (like wile.e.coyote@new.acme.inc) will be lost into oblivian or where ever hMailServer do away with it :roll: but the subdomain is added to the Names tab for the domain.
I might have a dig into the source to try to figure this out. My guess is that hMS had decided that the mail was unroutable before OnSMTPData was fired, but fired it anyway. So by the time the script had paved the way, the vehicle had already driven into a ditch.
I only tested this locally, it may behave differently if mail is received from external source. Anyways, the code describe how to extract the domain and update the DomainAlias and ...

Set oApp = CreateObject("hMailServer.Application", "otherserver")

will work with DCOM on "otherserver" in case you want to try the relay/backupmx route...
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

User avatar
Dravion
Senior user
Senior user
Posts: 1688
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Re: Wildcard MX Support

Post by Dravion » 2020-03-07 02:35

SorenR wrote:
2020-03-07 00:46
Why do you always overcomplicate things?
Its not my problem that you dont know anything about how DNS-Servers work.

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: Wildcard MX Support

Post by SorenR » 2020-03-07 03:41

Dravion wrote:
2020-03-07 02:35
SorenR wrote:
2020-03-07 00:46
Why do you always overcomplicate things?
Its not my problem that you dont know anything about how DNS-Servers work.
I know enough and if I need to know more I'll read the rest of the book.
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

Post Reply