wn/smmapdfw
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
smmapdfw/smmapd_prototype/index.wiki
whottgen 6f06324736 initial upload
2004-09-20 19:34:09 +00:00

196 lines
5.3 KiB
Plaintext
Raw Blame History

#title Sender Address Verifier for Sendmail
#style /web/default.css
Author: Wolfgang Hottgenroth <woho@hottis.de>, 2004-05-17
This is the prototype of a sender address verifier for sendmail-8.13.
It consists of a m4 file containing a FEATURE to be included in your
=sendmail.mc= and a verifier daemon in a bit of python code.
By including the FEATURE in your sendmail.mc file and running the
verifier daemon, sendmail file verify either
- all sender addresses (with certain exceptions) or
- only certain sender addresses
This will be done by connecting to the best MX servers of the
particular domain, trying to send a mail to the particular address and
collect the replies.
Actually only the =HELO=, =MAIL= and =RCPT= commands are issued.
If a positive reply was found, the mail is considered as valid.
If a permanent negative reply was found, the mail is considered as
invalid.
If no MX entry was found, the mail is considered as invalid.
If a temporary negative reply was found, the mail is considered as
temporary invalid.
If there is more than one best MX server all of these servers are
connected in parallel and the first permanent reply (either positive
or negative) is returned.
** Download
The complete sources: [[./download/][download]]
Have a look into the sources: [[http://www.hottis.de/cgi-bin/cvsweb.cgi/sender_verifier/][sources]]
** Requirements
*** sendmail
sendmail-8.13 is required, since this thing uses the fresh introduced
socket map.
Find it [[http://www.sendmail.org][here]] on the sendmail homepage.
Your need to build sendmail with support for the socket map. Include
<example>
APPENDDEF(`confMAPDEF',`-DSOCKETMAP')
</example>
in your =site.config.m4=.
*** Python
Python 2.2 or 2.3 is required. If you have Python 2.3 you must delete
the =import timeoutsocket= line from =verifier.py=.
Additionally the python package =python-dns= is required. Find it
[[http://pydns.sourceforge.net/][http://pydns.sourceforge.net]].
** Configuration of sendmail
Include the FEATURE in your =sendmail.mc= file. You need to give two
parameters:
<example>
FEATURE(`verifysender', `mode', `return')
</example>
For =mode= you must give either =white= or =black=.
=white= :: All sender addresses but those mentioned in the whitelist
file are verified. Complete addresses or just domains can be listed in
the file. The default location of the whitelist is
=/etc/mail/verify-white-list=. If you need a different location,
define it to =confVERIFIER_WHITELIST=.
=black= :: only addresses or addresses within domains listed in the
blacklist file are verified. It is obviously only useful to mention
domains in the blacklist. The default location of the blacklist is
=/etc/mail/verify-black-list=. If you need a different location,
define it to =confVERIFIER_BLACKLIST=.
Both the blacklist and the whitelist file are maps, they must be
created with =makemap=. Therefore the entries need a LHS (the address
or domain) and a RHS. The actual content of the RHS has NO meaning at
all.
The FEATURE defines a socket map. The default target of the map is
=inet:8884@127.0.0.1=, according to the default setting in
=Config.py=. If you need something different, define it to
=confVERIFIER_MAP=, but don't forget to also adjust =Config.py=.
** Configuration of the verification daemon
The configuration of the daemon is done in the file =Config.py=.
This is the default of this file:
<example>
[Daemon]
Address: 127.0.0.1
Port: 8884
PidFile: smmapd.pid
Plugins: Verifier,Verifier2
[Logging]
ApplId: smmapd
[Verifier]
ContainerModule: VerifierHandler
ContainerClass: VerifierHandlerContainer
WorkerModule: VerifierHandler
WorkerClass: VerifierHandlerWorker
EnableCaching: 1
CacheExpiration: 20
SMTPTimeOut: 20
SMTPHeloParam: local
SMTPCheckSender: <>
[Verifier2]
ContainerModule: VerifierHandler
ContainerClass: VerifierHandlerContainer
WorkerModule: VerifierHandler
WorkerClass: VerifierHandlerWorker
EnableCaching: 1
CacheExpiration: 20
SMTPTimeOut: 20
SMTPHeloParam: hottis.de
SMTPCheckSender: <postmaster@hottis.de></example>
=Port= and =Address= are specifying the socket the daemon should
listen to for communication with sendmail. These settings must be
reflected in the =confVERIFIER_MAP= if you change it.
=SMTPTimeOut= is the timeout for the communication with the MX servers
when verifying addresses.
=SMTPHeloParam= is the parameter the verifier will use with the =HELO=
command when verifying.
=SMTPCheckSender= is the sender address used during
verifications. You should not change it unless you know what you do to
avoid verification loops.
Since the verification is a time and resource consuming process,
results can be cached, which is enabled by default. Set
=EnableCaching= to 0 to disable it.
=CacheExpiration= is the time in seconds an entry in the cache is
considered as valid. It should be much higher.
** Operation
Configure sendmail and the daemon according to your needs. Start the
daemon:
<example>
./verifier.py
</example>
** Changes
- According to a comment in comp.mail.sendmail I've introduced a class
=verifier_fix_white= in the FEATURE file, currently containing only
the string =postmaster=. Addresses with userpart in this class will
never ever be verified to avoid infinite verifying loops.
*** 2004-05-17
- support plugins
- separate container and worker object, thereby enable multiple
instances of the same plugins
Reference in New Issue View Git Blame Copy Permalink