ORF External Agent Platform?

In the last few months, I talked with quite a few ORF users who wrote External Agents to implement tests based more complex rules than otherwise allowed by ORF. I have also seen a few good agent proposals that never seen the light and I started wondering why and how could we help these agents born.

The first idea was to write an article about creating agents, with code samples in various languages from C# to PHP, etc., but the more I was thinking of this the more pointless the article seemed. After all, if you already know how to program in Perl, parsing command line parameters would not be big trouble, right? So why not start writing the agent?

My guess is that starting is hard. Banality or not, writing an agent takes a couple of things, like a command-line parser, a MIME parser, maybe a config reader/writer, a testing environment, etc. commonly called “PITA” and when you suddenly realize that, your great agent idea just does not seem that great.

Well, I may be easily wrong here, but if that is a real problem, would not a common source code platform for creating agents help?

What I have been thinking of is an open source C# external agent backbone, hosted on a collaborative development site such as SourceForge.net. The platform would already have most common things in place, like the command-line parser or the MIME parser. It would make adding new tests very easy (just implement a C# interface) and would have a built-in test environment. Due to the “plugin” architecture, you would need to run just one agent (thus save resources) and the end user could select which tests to run.

What do you think, would you participate?

10 thoughts on “ORF External Agent Platform?

  1. Sam Russo

    Hi Peter,

    I’m all for extending the capabilities of ORF and what you propose sounds interesting. I like the idea of having one external agent gateway and selectable plug-ins to allow each site to customize its tests.

    Personally I’d need to get up to speed with C# but I’d be willing to try. It’s been on my radar and I’ve done various flavors of C, C++ before.

    Just curious: does C# imply the dot.net framework? Would that then imply other scripting options such as VB.NET? This may not be a good idea anyway since it could be confusing to the project to support more than one language.


  2. Peter

    I expected problems with the language, as most admins, especially those with Unix background, tend to prefer languages like Perl, PHP or Python more, so this could be a problem. If you have C++ or Java knowledge, it is very easy to learn C#, though.

    Unfortunately, as I am not familiar with Perl or Python, I could not help with these languages, but the idea is language-independent :)

    As for C# vs. VB.NET, the .NET CLR/CTS makes it possible to use VB.NET or even IronPython code from a C# project, but I am not sure about the details. Probably it needs another assembly.

  3. Prayag Pal

    Hi Peter,

    I’m willing to participate. Ever since I’ve started using ORF I’ve been interested in adding new features and functionalities into this program.

    I’m not a hard core programmer myself, so my participation will be limited to sharing external agent ideas, enhancing / commenting on other ideas and finally testing the agents once code is ready.

    Right now, I’m working with another colleague of mine (a developer by profession) to add some ‘end user reporting’ feature to ORF, a whole approval mechanism for end-users and regional admins to be able to ask for white-listing onto the program. We’re also extending a challenge response mechanism for internet users to be able to request for whitelisting on our Mail Gateway system. I’ll check with him, if he’ll be interested to participate on the External Agent development process.

  4. Peter Post author


    Thank you. I should point out that External Agents of ORF has limited capabilities, they are mostly useful to implement specific test (that are not really recipient-dependent), so probably it would not help with end user reporting, but a C/R probably would work.

  5. Peter Post author


    Sure, I was thinking about a Visual C# Express project, too :) All this hosted on SourceForge with an SVN code repository + SourceForge mailing list.

    I will try to get some time this weekend to design the basics and create a project at SourceForge.

  6. allianz

    I could contribute to this idea in the c# space. Right now I am waiting for MS to fully release the 64bit Exchange etc for testing next release.

    Also before I start writing any agents, I need to write a complete protocol filter that will run before ORF. There has been an issue with the AT&T relay that has been pissing me off for some time now.

    Many spammers send stuff to your AT&T account with a return path set to you. After Orfee bounces this shit, AT&T then relay it back to me with the subject line: Returned+mail:+delivery+problems+encountered and the usual blank sender.

    Now because AT&T are an intermediate host in this context OFREE does this: Email whitelisted (email from a trusted intermediate host or intranet).

    So I get this shit, sometimes hundreds of them a day stuffed into my mailbox. Applying filtering to senders does not help.

    Now I never relay via AT&T so I know absolutely that when I get an from them, its something I have no interest in at all.

    So my idea is to write a protocol filter that will reply with a 551 redirection response whenever I get a from them.

    According to RFC2821 the 551 allows you to redirect the item to another location that will in this case be abuse@attglobal.net.

    How about it peter, do you think this will get up AT&T’s left nostril? Maybe start world war3?

    Seriously though what are your interpretations of the 551? I suspect that they may not process it but it will spew out messages on their logs and someone will look into it. If it did end up in their abuse tracking system, there is going to be a lot of them, either way someone is not going to like it. Then again I slso suspect that their abuse@attglobal.net is a robot that sends out a soothing message then promptly sends the report to /dev/null.

  7. Peter Post author


    I am not sure if 551 is supported by AT&T — I have to admit that this is the first time I ever heard about it.

  8. allianz

    About 13 months ago AT&T made some changes to their servers when this started to happen.

    When ORFEE rejects mail and they bounce it back it me, the headers are missing so you can’t see where it really originated from past on their server.

    I will have another attempt at jawboning them: I will reply to each one and request that either they forward the complete headers or stop spamming me. As I said, the abusebot gives you a soothing reply and that is the last you hear from them.

    If this fails, I will be writing a protocol filter, but I think my time could be more productively employed elsewhere, like being the sysadmin of an agent developer user group or something.

    The filter will respond to the original as:

    S: 550 5.7.1 Spoofed sender; Federal Crime! [108-187 CAN-THE-SPAM: SEC. 4. 1037(a)]

    and to any bounce within a 20 minute window as:

    S: 220 OK
    C: RCPT TO:
    S: 551 5.4.6 Loop back detected after spoofed sender rejected; please try

  9. Peter Post author

    Sounds fair :)

    As for the agent developer group, I think we would need a few more people in this group, otherwise there is a good change that the project will die, due to lack of interest. Maybe I am wrong, but… who knows. Anyhow, I already registered to sourceforge.net and will register the project as soon as I will have a little time.

Leave a Reply

Your email address will not be published. Required fields are marked *

AlphaOmega Captcha Classica  –  Enter Security Code