Hi,
On Wed, Jul 26, 2017 at 06:18:44PM +0300, Beeblebrox wrote:
Hello.
I'm looking for an email (IMAP) proxy for a small LAN gateway. The sole purpose of
the proxy is to run ClamAV on incoming emails. Please feel free to correct me if any of
the concepts I've stated here are inconsistent with how things work.
Objectives:
* Most devices on the LAN are mobiles, I would prefer to not store or manage user email
credentials on the gateway and have the auth mechanism passed directly from device to
proxy to main server (ex: gmail).
* Handoff to ClamAV, then process message based on scan result.
* If proxy is required to make this work, a Transparent, Lightweight, Non-Caching
solution.
* Clients do not use POP3, so an IMAP-only solution is OK.
* Support for TLS (gmail) connection. Preference: query & close (not keep-alive).
* Platform: FreeBSD 11-Stable with Jailed ClamAV, clamd listening for incoming scan
requests.
From what I've read Perdition seems capable of doing this, I would like to confirm as
such.
If I understand the above correctly it would require the proxy to inspect
messages and thus have some understanding of the IMAP protocol after
authentication is complete. Unfortunately perdition currently only
understands the IMAP protocol during the authentication phase. After
authentication communication at the application layer is simply relayed
between the end-user and the back-end server on a byte-by-byte basis.