Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Goでつくる透過型SMTPプロキシ / Transparent SMTP proxy in Go

linyows
June 10, 2021
Programming
1
990

Goでつくる透過型SMTPプロキシ / Transparent SMTP proxy in Go

Fukuoka.go #17 Jun 10, 2021 の発表資料です。

linyows

June 10, 2021
Tweet

More Decks by linyows

See All by linyows
研究を支える拡張性の高い ワークフローツールの提案 / Proposal of highly expandable workflow tools to support research
linyows
0
130
非コンテナ環境において宣言的Deploymentを手軽に実現する / Declarative deployment in non-container environments
linyows
0
28
メール送信サーバの集約における透過型SMTP プロキシの定量評価 / Quantitative Evaluation of Transparent SMTP Proxy in Email Sending Server Aggregation
linyows
0
490
透過型SMTPプロキシによる送信メールの可観測性向上: Update Edition / Improved observability of outgoing emails with transparent smtp proxy: Update edition
linyows
2
270
研究の再現性を高める 仕組みをGoでつくる / Creating a system to improve the reproducibility of research using go
linyows
1
140
奥が深いメールのシステム / The depth of Email system
linyows
4
460
IaCにおけるテスト考察 / Tests in IaC
linyows
2
490
リバースエンジニアリングとGoでSlackの認知負荷を下げる / Reducing cognitive load in Slack with Reverse-engineering and Go
linyows
2
300
透過型SMTPプロキシによる送信メールの可観測性向上 / Improved observability of outgoing emails with transparent smtp proxy
linyows
2
1k

Other Decks in Programming

See All in Programming
Cloudflare MCP ServerでClaude Desktop からWeb APIを構築
kutakutat
1
570
StarlingMonkeyを触ってみた話 - 2024冬
syumai
3
280
短期間での新規プロダクト開発における「コスパの良い」Goのテスト戦略」 / kamakura.go
n3xem
2
180
DevFest - Serverless 101 with Google Cloud Functions
tunmise
0
120
Fibonacci Function Gallery - Part 1
philipschwarz
PRO
0
230
iOS開発におけるCopilot For XcodeとCode Completion / copilot for xcode
fuyan777
1
110
Beyond ORM
77web
8
1.2k
Stackless и stackful? Корутины и асинхронность в Go
lamodatech
0
950
Semantic Kernelのネイティブプラグインで知識拡張をしてみる
tomokusaba
0
180
テストコード文化を0から作り、変化し続けた組織
kazatohiei
2
1.5k
ドメインイベント増えすぎ問題
h0r15h0
2
420
17年周年のWebアプリケーションにTanStack Queryを導入する / Implementing TanStack Query in a 17th Anniversary Web Application
saitolume
0
250

Featured

See All Featured
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
28
4.4k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.4k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
Become a Pro
speakerdeck
PRO
26
5k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
17
2.3k
Testing 201, or: Great Expectations
jmmastey
41
7.1k
Keith and Marios Guide to Fast Websites
keithpitt
410
22k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.6k
StorybookのUI Testing Handbookを読んだ
zakiyama
27
5.4k
Fontdeck: Realign not Redesign
paulrobertlloyd
82
5.3k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
Building an army of robots
kneath
302
44k

Transcript

  1. Fukuoka.go #17 Tomohisa Oda / Jun 10, 2021 Transparent SMTP

    Proxy in Go GoͰͭ͘ΔಁաܕSMTPϓϩΩγ

  2. Fukuoka.go #17 @linyows Blog: tomohisaoda.com Af fi liation: GMO pepabo,

    inc. Fukuoka.go and Fukuoka.ts Organizer

  3. Fukuoka.go #17 @linyows Blog: tomohisaoda.com Af fi liation: GMO pepabo,

    inc. Fukuoka.go and Fukuoka.ts Organizer ࠷ۙɺNotionʹࣅإֆΛॻ͍ͯ΋Β͍·ͨ͠ɻ

  4. Fukuoka.go #17 ๏ ϗεςΟϯάࣄۀ෦ Senior Engineering Lead ࣄۀ෦ͷCTO΍VPoEͷΑ͏ͳ΋ͷ ๏ ϖύϘݚڀॴ

    ۝भେֶڞಉݚڀ 2020 Պݚඅ࠾୒ https://kaken.nii.ac.jp/grant/KAKENHI-PROJECT-20K11791/ ܰྔίϯςφʹΑΔେن໛ߴूੵϝʔϧϗεςΟϯάج൫ʹ͓͚Δૹ৴ػೳͷߴػೳԽ In Pepabo…

  5. Fukuoka.go #17 Private Projects ΞϓϦέʔγϣϯࣗ਎͕ϦϙδτϦ͔ Β࠷৽ͷίʔυΛݕ஌ͯࣗ͠ಈͰσϓϩ ΠͱσϦόϦʔΛߦ͏πʔϧ linuxͷuser໊લղܾΛGitHubͷ Teamϝϯόʔ΍ϦϙδτϦͷΞΫηε ݖݶऀ͔Βߦ͏πʔϧ

    ϝʔϧૹ৴༻ͷಁաܕSMTPϓϩΩγͰ ϦΫΤετͱϨεϙϯεΛϩά΍σʔλ ϕʔεʹग़ྗ͢Δ͜ͱ͕Ͱ͖Δ New!!

  6. Fukuoka.go #17 ϝʔϧͷ࢓૊ΈͱϝʔϧϗεςΟϯάͷ՝୊

  7. Fukuoka.go #17 ✉ Architecture 💻 🖥 Mail Submission Agent :587

    Mail Transfer Agent :25 Mail Delivery Agent :993 Postfix Postfix Dovecot ✉ ✉ SMTP SMTP LMTP IMAP 📱 📱 DNS MX TXT(SPF, DKIM, DMARC…)

  8. Fukuoka.go #17 ✉ Architecture 💻 🖥 Mail Submission Agent :587

    Mail Transfer Agent :25 Mail Delivery Agent :993 Postfix Postfix Dovecot ✉ ✉ SMTP SMTP LMTP IMAP 📱 📱 [email protected] DNS MX TXT(SPF, DKIM, DMARC…) [email protected] Bob Alice ϝʔϧϗεςΟϯάʹ͓͍ͯ ϝʔϧΛ૬खઌʹ ౸ୡͤ͞Δ͜ͱ͕ॏཁ

  9. Fukuoka.go #17 ϝʔϧͷ౸ୡੑʹӨڹΛ༩͑Δ̐ͭͷ͜ͱ via: https://sendgrid.kke.co.jp/blog/?p=4494 by Jillian Smith ๏ ϝʔϧΠϯϑϥͷ݈શੑʢωοτϫʔΫͱDNSʣ

    ๏ ϝʔϧͷίϯςϯπʢఴ෇ϑΝΠϧ, ຊจ, ϔομʔͳͲʣ ๏ ϝʔϧͷૹ৴ݩʢૹ৴ݩIP, υϝΠϯ, ૹ৴ྔͳͲʣ ๏ ड৴ଆαʔόͷՄ༻ੑ

  10. Fukuoka.go #17 ๏ ϝʔϧΠϯϑϥͷ݈શੑʢωοτϫʔΫͱDNSʣ ๏ ϝʔϧͷίϯςϯπʢఴ෇ϑΝΠϧ, ຊจ, ϔομʔͳͲʣ ๏ ϝʔϧͷૹ৴ݩʢૹ৴ݩIP,

    υϝΠϯ, ૹ৴ྔͳͲʣ ๏ ड৴ଆαʔόͷՄ༻ੑ ϝʔϧͷ౸ୡੑʹӨڹΛ༩͑Δ̐ͭͷ͜ͱ via: https://sendgrid.kke.co.jp/blog/?p=4494 by Jillian Smith %/4#-ʹొ࿥͞ΕΔͳͲ Ϩϐϡςʔγϣϯʢධ൑ʣʹӨڹ͢Δ

  11. Fukuoka.go #17 ๏ ༷ʑͳϢʔβ͕࢖͏ϚϧνςφϯτͰ͋ΔͨΊɺϝʔϧΛ೔ৗతʹͨ͘͞Μૹ৴͢ ΔΞΧ΢ϯτ΋͋Ε͹ɺීஈ͸গͳ͍͕ͨ·ʹେྔૹ৴͢ΔΞΧ΢ϯτ΋͋Δ ๏ ͦ΋ͦ΋ΞΧ΢ϯτΛ৐ͬऔΒΕΔέʔε΋͋Δ ๏ ड৴ऀ͕ͳͥड͚औΓڋ൱Λͨ͠ͷ͔͕෼͔Γʹ͍͘ʢDMARCରԠ͕͋Ε͹ผʣ ๏

    ϝʔϧ͸૒ํͷ΍ΓͱΓͳͷͰɺૹ৴ଆ͕εύϜߦҝͱࢥ͍ͬͯͳͯ͘΋ड৴ऀ͕ εύϜߦҝͩͱײ͡Δ͜ͱ΋͋Γ͏Δ ϝʔϧϗεςΟϯάʹ͓͚Δ՝୊

  12. Fukuoka.go #17 ๏ ༷ʑͳϢʔβ͕࢖͏ϚϧνςφϯτͰ͋ΔͨΊɺϝʔϧΛ೔ৗతʹͨ͘͞Μૹ৴͢ ΔΞΧ΢ϯτ΋͋Ε͹ɺීஈ͸গͳ͍͕ͨ·ʹେྔૹ৴͢ΔΞΧ΢ϯτ΋͋Δ ๏ ͦ΋ͦ΋ΞΧ΢ϯτΛ৐ͬऔΒΕΔέʔε΋͋Δ ๏ ड৴ऀ͕ͳͥड͚औΓڋ൱Λͨ͠ͷ͔͕෼͔Γʹ͍͘ʢDMARCରԠ͕͋Ε͹ผʣ ๏

    ϝʔϧ͸૒ํͷ΍ΓͱΓͳͷͰɺૹ৴ଆ͕εύϜߦҝͱࢥ͍ͬͯͳͯ͘΋ड৴ऀ͕ εύϜߦҝͩͱײ͡Δ͜ͱ΋͋Γ͏Δ ϝʔϧϗεςΟϯάʹ͓͚Δ՝୊ ϝʔϧૹ৴࣌ͷͲΜͳৼΔ෣͍͕ड৴ڋ൱ʹࢸ͔ͬͨʁ ෼ੳ͠ݕ஌Ͱ͖ΔΑ͏ʹ͍ͨ͠ʂ

  13. Fukuoka.go #17 ✉ Architecture 💻 🖥 Mail Submission Agent :587

    Mail Transfer Agent :25 Mail Delivery Agent :993 Postfix Postfix Dovecot ✉ ✉ SMTP SMTP LMTP IMAP 📱 📱 [email protected] DNS MX TXT(SPF, DKIM, DMARC…) [email protected] Bob Alice ͜ͷ΍ΓͱΓΛ෼ੳͰ͖Δɺ͔ͭ ໰୊Λݕ஌Ͱ͖Ε͹ ૹ৴ΛϒϩοΫͰ͖Δ࢓૊Έ͕ඞཁ

  14. Fukuoka.go #17 ࣮ݱํ๏ͷൺֱ

  15. Fukuoka.go #17 ϝʔϧϦϨʔ vs. ಁաܕϓϩΩγ Mail Transfer Agent :25 Mail

    Transfer Agent :25 Postfix Postfix [email protected] Transparent Proxy :25 Mail Transfer Agent :25 ? Postfix [email protected] Mail Submission Agent :587 Postfix [email protected] Mail Submission Agent :587 Postfix [email protected] ✉ ✉ ✉ ✉ ϝʔϧϦϨʔΛߦ͏ͱϗοϓ͕૿͑ ϝʔϧΩϡʔͷ؅ཧ͕ෳࡶʹͳΔ 4.51ड͚ྲྀ͢ಁաܕϓϩΩγͩͱ ϝʔϧΩϡʔ؅ཧ͕ݱߦͱมΘΒͣ γϯϓϧͰ͋Δɻ͔͠͠ɺͦͷΑ͏ ͳϛυϧ΢ΣΞ͕ݟ౰ͨΒͳ͍ɻ

  16. Fukuoka.go #17 ϝʔϧϦϨʔ vs. ಁաܕϓϩΩγ Mail Transfer Agent :25 Mail

    Transfer Agent :25 Postfix Postfix [email protected] Transparent Proxy :25 Mail Transfer Agent :25 ? Postfix [email protected] Mail Submission Agent :587 Postfix [email protected] Mail Submission Agent :587 Postfix [email protected] ✉ ✉ ✉ ✉ ϝʔϧϦϨʔΛߦ͏ͱϗοϓ͕૿͑ ϝʔϧΩϡʔͷ؅ཧ͕ෳࡶʹͳΔ 4.51ड͚ྲྀ͢ಁաܕϓϩΩγͩͱ ϝʔϧΩϡʔ؅ཧ͕ݱߦͱมΘΒͣ γϯϓϧͰ͋Δɻ͔͠͠ɺͦͷΑ͏ ͳϛυϧ΢ΣΞ͕ݟ౰ͨΒͳ͍ɻ

  17. Fukuoka.go #17 GoͰͭ͘ΔಁաܕSMTPϓϩΩγ

  18. Fukuoka.go #17 Ͳ͏΍ͬͯಁաܕϓϩΩγΛ࣮ݱ͢Δ͔ ๏ Port25൪ѼΛDNATͰશͯProxyʹૹΔ ๏ getsockopt(2)ͰѼઌมߋલͷΞυϨεΛऔಘ͢Δ

  19. Fukuoka.go #17 SMTP Example via: https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol 4.51͸04*-ͷͱͯ΋γϯϓϧͳϓϩτίϧ

  20. Fukuoka.go #17 Goͷio.CopyΛ࢖͑͹ָউͳΜ͡Όͳ͍ʁ

  21. Fukuoka.go #17 Transparent Proxy Go Mail Transfer Agent Postfix [email protected]

    Mail Submission Agent Postfix [email protected] io.Copy(internalConn, externalConn) io.Copy(externalConn, internalConn)

  22. Fukuoka.go #17 PoC ී௨ʹϝʔϧΛૹड৴Ͱ͖ͨͷͰ׬શʹ͏·͍ͬ͘ ͨͱࢥͬͨɻ ͔͠͠ɺHPSPVUJOF಺ͷม਺Λग़ྗͯ͠ΈΔͱɺ ్த͔Βจࣈ͕ಡΊͳ͍ײ͡ʹ

  23. Fukuoka.go #17 STARTTLSͷ͜ͱΛ๨Ε͍ͯͨ!!!

  24. Fukuoka.go #17 μ΢ϯάϨʔυ߈ܸରԠʹ͢Δ

  25. Fukuoka.go #17 ୯ʹJP$PQZͰ͸ͳ͘ 5-4ίωΫγϣϯ·Ͱ ੍ޚ͢Δඞཁ͕͋ͬͨ

  26. Fukuoka.go #17 45"355-4ʹରԠͯ͠ͳ͍ Ϩεϙϯεʹ͢Δ

  27. Fukuoka.go #17 όοϑΝϦϯάͨ͠σʔλΛ5-4 ίωΫγϣϯͱͦͷޙͷఆܕ΍Γ औΓޙʹૹ৴͢Δ

  28. Fukuoka.go #17 Demo: ࣌ؒͳ͍͔΋

  29. Fukuoka.go #17 ๏ Integration Testͷख๏Λߟ͑ΔʢPostfix ґଘΛͲ͏͢΂͖͔ʣ ๏ ऩूͨ͠৘ใΛDatabaseʹ஝ੵͱ෼ੳ ๏ IptablesґଘϧʔςΟϯάΛBPF/XDPΛ

    ࢖͏Α͏ʹ͢Δ ๏ Production΁ΧφϦΞϦϦʔε ࠓޙͷܭը — github.com/linyows/warp

  30. Fukuoka.go #17 ๏ ϝʔϧͷ౸ୡੑʹؔΘΔ̐ͭͷ߲໨͕͋Δ ๏ ϝʔϧϗεςΟϯάʹ͓͚Δ՝୊͸ड৴ڋ൱ͷཧ༝͕Θ͔Βͳ͍͜ͱ ๏ ϝʔϧૹ৴࣌ͷΞΧ΢ϯτ͝ͱͷৼΔ෣͍ͱड৴ڋ൱ͷؔ܎Λݟ͚ͭΔͨΊͷಁաܕϓϩ Ωγ ๏

    ಁաܕϓϩΩγʹ͢Δʹ͸DNATͱgetsockoptΛ࢖ͬͨ ๏ SMTPͷಁաܕϓϩΩγͷ࣮૷͸io.Copy͢Δ͚ͩͰ͸μϝͰμ΢ϯάϨʔυ߈ܸΛରԠ ͢Δඞཁ͕͋Γ࣮૷͕গ͠ෳࡶ Conclusion

  31. Fukuoka.go #17 Thank you \ʕ⊙౪⚆ʔ/