initial upload

2004-09-20 19:34:09 +00:00
parent 5de3c72eab
commit 6f06324736
41 changed files with 5416 additions and 0 deletions
--- a/smmapd_prototype/index.html
+++ b/smmapd_prototype/index.html
@ -0,0 +1,327 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
+<html>
+  <head>
+    <title>Sender Address Verifier for Sendmail</title>
+    <meta name="generator" content="emacs-wiki.el">
+    <meta http-equiv="Content-Type"
+	  content="text/html; charset=iso-8859-1">
+    <link rev="made" href="mailto:woho@hottis.de">
+    <link rel="stylesheet" type="text/css" href="/web/default.css" />
+  </head>
+  <body>
+    <h1>Sender Address Verifier for Sendmail</h1>
+    <!-- Page published by Emacs Wiki begins here -->
+<p>
+Author: Wolfgang Hottgenroth <<a href="mailto:woho@hottis.de">woho@hottis.de</a>>, 2004-05-17
+
+</p>
+
+<p>
+This is the prototype of a sender address verifier for sendmail-8.13.
+
+</p>
+
+<p>
+It consists of a m4 file containing a FEATURE to be included in your
+<code>sendmail.mc</code> and a verifier daemon in a bit of python code.
+
+</p>
+
+<p>
+By including the FEATURE in your sendmail.mc file and running the
+verifier daemon, sendmail file verify either
+
+</p>
+
+<ul>
+<li>all sender addresses (with certain exceptions) or
+</li>
+<li>only certain sender addresses
+</li>
+</ul>
+
+<p>
+This will be done by connecting to the best MX servers of the
+particular domain, trying to send a mail to the particular address and
+collect the replies. 
+
+</p>
+
+<p>
+Actually only the <code>HELO</code>, <code>MAIL</code> and <code>RCPT</code> commands are issued.
+
+</p>
+
+<p>
+If a positive reply was found, the mail is considered as valid.
+
+</p>
+
+<p>
+If a permanent negative reply was found, the mail is considered as
+invalid.
+
+</p>
+
+<p>
+If no MX entry was found, the mail is considered as invalid.
+
+</p>
+
+<p>
+If a temporary negative reply was found, the mail is considered as
+temporary invalid.
+
+</p>
+
+<p>
+If there is more than one best MX server all of these servers are
+connected in parallel and the first permanent reply (either positive
+or negative) is returned.
+
+</p>
+
+<h3>Download</h3>
+
+<p>
+The complete sources: <a href="./download/">download</a>
+
+</p>
+
+<p>
+Have a look into the sources: <a href="http://www.hottis.de/cgi-bin/cvsweb.cgi/sender_verifier/">sources</a>
+
+</p>
+
+<h3>Requirements</h3>
+
+<h4>sendmail</h4>
+
+<p>
+sendmail-8.13 is required, since this thing uses the fresh introduced
+socket map.
+
+</p>
+
+<p>
+Find it <a href="http://www.sendmail.org">here</a> on the sendmail homepage.
+
+</p>
+
+<p>
+Your need to build sendmail with support for the socket map. Include 
+
+</p>
+
+<pre class="example">
+APPENDDEF(`confMAPDEF',`-DSOCKETMAP')
+</pre>
+
+<p>
+in your <code>site.config.m4</code>.
+
+</p>
+
+<h4>Python</h4>
+
+<p>
+Python 2.2 or 2.3 is required. If you have Python 2.3 you must delete
+the <code>import timeoutsocket</code> line from <code>verifier.py</code>.
+
+</p>
+
+<p>
+Additionally the python package <code>python-dns</code> is required. Find it
+<a href="http://pydns.sourceforge.net/">http://pydns.sourceforge.net</a>.
+
+</p>
+
+<h3>Configuration of sendmail</h3>
+
+<p>
+Include the FEATURE in your <code>sendmail.mc</code> file. You need to give two
+parameters:
+
+</p>
+
+<pre class="example">
+FEATURE(`verifysender', `mode', `return')
+</pre>
+
+<p>
+For <code>mode</code> you must give either <code>white</code> or <code>black</code>.
+
+</p>
+
+<dl>
+<dt><code>white</code></dt>
+<dd>
+All sender addresses but those mentioned in the whitelist
+file are verified. Complete addresses or just domains can be listed in
+the file. The default location of the whitelist is
+<code>/etc/mail/verify-white-list</code>. If you need a different location,
+define it to <code>confVERIFIER_WHITELIST</code>.
+</dd>
+<dt><code>black</code></dt>
+<dd>
+only addresses or addresses within domains listed in the
+blacklist file are verified. It is obviously only useful to mention
+domains in the blacklist. The default location of the blacklist is
+<code>/etc/mail/verify-black-list</code>. If you need a different location,
+define it to <code>confVERIFIER_BLACKLIST</code>.
+</dd>
+</dl>
+
+<p>
+Both the blacklist and the whitelist file are maps, they must be
+created with <code>makemap</code>. Therefore the entries need a LHS (the address
+or domain) and a RHS. The actual content of the RHS has NO meaning at
+all.
+
+</p>
+
+<p>
+The FEATURE defines a socket map. The default target of the map is
+<code>inet:8884@127.0.0.1</code>, according to the default setting in
+<code>Config.py</code>. If you need something different, define it to
+<code>confVERIFIER_MAP</code>, but don't forget to also adjust <code>Config.py</code>.
+
+</p>
+
+<h3>Configuration of the verification daemon</h3>
+
+<p>
+The configuration of the daemon is done in the file <code>Config.py</code>.
+
+</p>
+
+<p>
+This is the default of this file:
+
+</p>
+
+<pre class="example">
+[Daemon]
+Address: 127.0.0.1
+Port: 8884
+PidFile: smmapd.pid
+Plugins: Verifier,Verifier2
+
+[Logging]
+ApplId: smmapd
+
+[Verifier]
+ContainerModule: VerifierHandler
+ContainerClass: VerifierHandlerContainer
+WorkerModule: VerifierHandler
+WorkerClass: VerifierHandlerWorker
+EnableCaching: 1
+CacheExpiration: 20
+SMTPTimeOut: 20
+SMTPHeloParam: local
+SMTPCheckSender: &lt;&gt;
+
+[Verifier2]
+ContainerModule: VerifierHandler
+ContainerClass: VerifierHandlerContainer
+WorkerModule: VerifierHandler
+WorkerClass: VerifierHandlerWorker
+EnableCaching: 1
+CacheExpiration: 20
+SMTPTimeOut: 20
+SMTPHeloParam: hottis.de
+SMTPCheckSender: &lt;postmaster@hottis.de&gt;</pre>
+
+<p>
+<code>Port</code> and <code>Address</code> are specifying the socket the daemon should
+listen to for communication with sendmail. These settings must be
+reflected in the <code>confVERIFIER_MAP</code> if you change it.
+
+</p>
+
+<p>
+<code>SMTPTimeOut</code> is the timeout for the communication with the MX servers
+when verifying addresses.
+
+</p>
+
+<p>
+<code>SMTPHeloParam</code> is the parameter the verifier will use with the <code>HELO</code>
+command when verifying.
+
+</p>
+
+<p>
+<code>SMTPCheckSender</code> is the sender address used during
+verifications. You should not change it unless you know what you do to
+avoid verification loops.
+
+</p>
+
+<p>
+Since the verification is a time and resource consuming process,
+results can be cached, which is enabled by default. Set
+<code>EnableCaching</code> to 0 to disable it.
+
+</p>
+
+<p>
+<code>CacheExpiration</code> is the time in seconds an entry in the cache is
+considered as valid. It should be much higher.
+
+</p>
+
+<h3>Operation</h3>
+
+<p>
+Configure sendmail and the daemon according to your needs. Start the
+daemon:
+
+</p>
+
+<pre class="example">
+./verifier.py
+</pre>
+
+<h3>Changes</h3>
+
+<ul>
+<li>According to a comment in comp.mail.sendmail I've introduced a class
+  <code>verifier_fix_white</code> in the FEATURE file, currently containing only
+  the string <code>postmaster</code>. Addresses with userpart in this class will
+  never ever be verified to avoid infinite verifying loops.
+</li>
+</ul>
+
+<h4>2004-05-17</h4>
+
+<ul>
+<li>support plugins
+</li>
+<li>separate container and worker object, thereby enable multiple
+  instances of the same plugins
+</li>
+</ul>
+
+
+    <!-- Page published by Emacs Wiki ends here -->
+    <div class="navfoot">
+      <hr>
+      <table width="100%" border="0" summary="Footer navigation">
+	<tr>
+	  <td width="33%" align="left">
+	    <span class="footdate">UPDATED: 2004-05-17</span>
+	  </td>
+	  <td width="34%" align="center">
+	    <span class="foothome">
+	      
+	    </span>
+	  </td>
+	  <td width="33%" align="right">
+	    
+	  </td>
+	</tr>
+      </table>
+    </div>
+  </body>
+</html>