initial upload
This commit is contained in:
195
smmapd_prototype/index.wiki
Normal file
195
smmapd_prototype/index.wiki
Normal file
@ -0,0 +1,195 @@
|
||||
#title Sender Address Verifier for Sendmail
|
||||
#style /web/default.css
|
||||
|
||||
|
||||
Author: Wolfgang Hottgenroth <woho@hottis.de>, 2004-05-17
|
||||
|
||||
|
||||
|
||||
|
||||
This is the prototype of a sender address verifier for sendmail-8.13.
|
||||
|
||||
It consists of a m4 file containing a FEATURE to be included in your
|
||||
=sendmail.mc= and a verifier daemon in a bit of python code.
|
||||
|
||||
|
||||
By including the FEATURE in your sendmail.mc file and running the
|
||||
verifier daemon, sendmail file verify either
|
||||
|
||||
- all sender addresses (with certain exceptions) or
|
||||
- only certain sender addresses
|
||||
|
||||
This will be done by connecting to the best MX servers of the
|
||||
particular domain, trying to send a mail to the particular address and
|
||||
collect the replies.
|
||||
|
||||
Actually only the =HELO=, =MAIL= and =RCPT= commands are issued.
|
||||
|
||||
If a positive reply was found, the mail is considered as valid.
|
||||
|
||||
If a permanent negative reply was found, the mail is considered as
|
||||
invalid.
|
||||
|
||||
If no MX entry was found, the mail is considered as invalid.
|
||||
|
||||
If a temporary negative reply was found, the mail is considered as
|
||||
temporary invalid.
|
||||
|
||||
If there is more than one best MX server all of these servers are
|
||||
connected in parallel and the first permanent reply (either positive
|
||||
or negative) is returned.
|
||||
|
||||
|
||||
** Download
|
||||
|
||||
The complete sources: [[./download/][download]]
|
||||
|
||||
Have a look into the sources: [[http://www.hottis.de/cgi-bin/cvsweb.cgi/sender_verifier/][sources]]
|
||||
|
||||
|
||||
|
||||
|
||||
** Requirements
|
||||
|
||||
*** sendmail
|
||||
|
||||
sendmail-8.13 is required, since this thing uses the fresh introduced
|
||||
socket map.
|
||||
|
||||
Find it [[http://www.sendmail.org][here]] on the sendmail homepage.
|
||||
|
||||
Your need to build sendmail with support for the socket map. Include
|
||||
|
||||
<example>
|
||||
APPENDDEF(`confMAPDEF',`-DSOCKETMAP')
|
||||
</example>
|
||||
|
||||
in your =site.config.m4=.
|
||||
|
||||
|
||||
*** Python
|
||||
|
||||
Python 2.2 or 2.3 is required. If you have Python 2.3 you must delete
|
||||
the =import timeoutsocket= line from =verifier.py=.
|
||||
|
||||
Additionally the python package =python-dns= is required. Find it
|
||||
[[http://pydns.sourceforge.net/][http://pydns.sourceforge.net]].
|
||||
|
||||
|
||||
|
||||
** Configuration of sendmail
|
||||
|
||||
Include the FEATURE in your =sendmail.mc= file. You need to give two
|
||||
parameters:
|
||||
|
||||
<example>
|
||||
FEATURE(`verifysender', `mode', `return')
|
||||
</example>
|
||||
|
||||
For =mode= you must give either =white= or =black=.
|
||||
|
||||
=white= :: All sender addresses but those mentioned in the whitelist
|
||||
file are verified. Complete addresses or just domains can be listed in
|
||||
the file. The default location of the whitelist is
|
||||
=/etc/mail/verify-white-list=. If you need a different location,
|
||||
define it to =confVERIFIER_WHITELIST=.
|
||||
|
||||
=black= :: only addresses or addresses within domains listed in the
|
||||
blacklist file are verified. It is obviously only useful to mention
|
||||
domains in the blacklist. The default location of the blacklist is
|
||||
=/etc/mail/verify-black-list=. If you need a different location,
|
||||
define it to =confVERIFIER_BLACKLIST=.
|
||||
|
||||
Both the blacklist and the whitelist file are maps, they must be
|
||||
created with =makemap=. Therefore the entries need a LHS (the address
|
||||
or domain) and a RHS. The actual content of the RHS has NO meaning at
|
||||
all.
|
||||
|
||||
The FEATURE defines a socket map. The default target of the map is
|
||||
=inet:8884@127.0.0.1=, according to the default setting in
|
||||
=Config.py=. If you need something different, define it to
|
||||
=confVERIFIER_MAP=, but don't forget to also adjust =Config.py=.
|
||||
|
||||
|
||||
** Configuration of the verification daemon
|
||||
|
||||
The configuration of the daemon is done in the file =Config.py=.
|
||||
|
||||
This is the default of this file:
|
||||
|
||||
<example>
|
||||
[Daemon]
|
||||
Address: 127.0.0.1
|
||||
Port: 8884
|
||||
PidFile: smmapd.pid
|
||||
Plugins: Verifier,Verifier2
|
||||
|
||||
[Logging]
|
||||
ApplId: smmapd
|
||||
|
||||
[Verifier]
|
||||
ContainerModule: VerifierHandler
|
||||
ContainerClass: VerifierHandlerContainer
|
||||
WorkerModule: VerifierHandler
|
||||
WorkerClass: VerifierHandlerWorker
|
||||
EnableCaching: 1
|
||||
CacheExpiration: 20
|
||||
SMTPTimeOut: 20
|
||||
SMTPHeloParam: local
|
||||
SMTPCheckSender: <>
|
||||
|
||||
[Verifier2]
|
||||
ContainerModule: VerifierHandler
|
||||
ContainerClass: VerifierHandlerContainer
|
||||
WorkerModule: VerifierHandler
|
||||
WorkerClass: VerifierHandlerWorker
|
||||
EnableCaching: 1
|
||||
CacheExpiration: 20
|
||||
SMTPTimeOut: 20
|
||||
SMTPHeloParam: hottis.de
|
||||
SMTPCheckSender: <postmaster@hottis.de></example>
|
||||
|
||||
=Port= and =Address= are specifying the socket the daemon should
|
||||
listen to for communication with sendmail. These settings must be
|
||||
reflected in the =confVERIFIER_MAP= if you change it.
|
||||
|
||||
=SMTPTimeOut= is the timeout for the communication with the MX servers
|
||||
when verifying addresses.
|
||||
|
||||
=SMTPHeloParam= is the parameter the verifier will use with the =HELO=
|
||||
command when verifying.
|
||||
|
||||
=SMTPCheckSender= is the sender address used during
|
||||
verifications. You should not change it unless you know what you do to
|
||||
avoid verification loops.
|
||||
|
||||
Since the verification is a time and resource consuming process,
|
||||
results can be cached, which is enabled by default. Set
|
||||
=EnableCaching= to 0 to disable it.
|
||||
|
||||
=CacheExpiration= is the time in seconds an entry in the cache is
|
||||
considered as valid. It should be much higher.
|
||||
|
||||
|
||||
** Operation
|
||||
|
||||
Configure sendmail and the daemon according to your needs. Start the
|
||||
daemon:
|
||||
|
||||
<example>
|
||||
./verifier.py
|
||||
</example>
|
||||
|
||||
|
||||
** Changes
|
||||
|
||||
- According to a comment in comp.mail.sendmail I've introduced a class
|
||||
=verifier_fix_white= in the FEATURE file, currently containing only
|
||||
the string =postmaster=. Addresses with userpart in this class will
|
||||
never ever be verified to avoid infinite verifying loops.
|
||||
|
||||
*** 2004-05-17
|
||||
- support plugins
|
||||
- separate container and worker object, thereby enable multiple
|
||||
instances of the same plugins
|
||||
|
Reference in New Issue
Block a user