sendmail Milters

Bryan Costales has been involved with sendmail for more than fifteen years. He is the author ofsendmail, Third Edition, (O'Reilly, 2003) and books on C programming and UNIX communications. Marcia Flynt has twenty-five years of experience in software engineering, including managing e-mail development for opt-in custom e-mail businesses.

Preface xiiiPart I The Nefarious Spam Problem 1Chapter 1 Gorilla Versus Guerrilla 31.1 When a Gorilla Sneezes 4

1.2 When a Guerrilla Masquerades as You 5

1.3 The Major Proposals for Standards 6

1.4 Email Fraud 7

1.5 The Cost of Spam Suppression 9

1.6 Vikings 10

Chapter 2 The Characteristics of Spam Email 112.1 Connection Behavior 12

2.2 Relaying through MX Servers 13

2.3 Falsifying the Envelope Sender Address 15

2.4 Disguising the Subject: Header 16

2.5 Camouflaging the HTML Body 18

2.6 Attempting to Fool Signature Detectors 23

2.7 Unnecessary Encoding 24

2.8 Grokking the Site 26

2.9 Loose Ends 38

2.10 Think Like a Spammer 38

Part II Creating a Test Environment 41Chapter 3 Setting Up a Bait Machine 433.1 Choose Your Platform 44

3.2 Set Up DNS Records 47

3.3 Configure sendmail 50

3.4 Set Up Logging 54

3.5 Excluding Non-email Ports 56

3.6 Make Sure the Machine Reboots 58

Chapter 4 Baiting the Hook 614.1 Create Fake Recipients 61

4.2 Protect Good Email 64

4.3 Run a Web Server 65

4.4 Post to a Usenet Group 67

Chapter 5 Preventive Measures 755.1 Tell Users about Plus Addressing 75

5.2 Turn Off EXPN and VRFY 77

5.3 Mask Web Addresses 78

5.4 Watch Out for finger 81

Part III The Parts of a sendmail Milter 83Chapter 6 The Roles and Flow of a Milter 856.1 A Milter's Role in the Middle 85

6.2 A Milter from the Point of View of sendmail 86

6.3 The Milter Flow 87

Chapter 7 The Milter-Library 977.1 Overview 97

7.2 main() 99

7.3 The smfi Data Access Routines 113

7.4 The smfi Modifier Routines 127

Chapter 8 The xxfi Handler Milter Functions 1518.1 Overview 153

8.2 The xxfi Orientations 154

8.3 Abort Logic 155

8.4 xxfi_connect() Reviews the Connection 156

8.5 xxfi_helo() Reviews SMTP HELO/EHLO 161

8.6 xxfi_envfrom() Reviews SMTP MAIL FROM 165

8.7 xxfi_envrcpt() Reviews SMTP RCPT TO 171

8.8 xxfi_header() Reviews Headers 176

8.9 xxfi_eoh Reviews at End of Headers 182

8.10 xxfi_body Reviews Each Body Chunk 186

8.11 xxfi_eom Reviews at End of Envelope 190

8.12 xxfi_abort Handles Envelope Abort 197

8.13 xxfi_close Handles Connection Cleanup 200

Part IV Nuts and Bolts 205Chapter 9 Milters and the Environment 207

9.1 Where to Run Your Milter 208

9.2 Your Milter's User ID 210

9.3 How to Start and Stop Your Milter 213

9.4 Put Your Milter into the Background 217

9.5 Handle Signals 219

9.6 Anticipate MX Servers 221

9.7 Status and Logging 225

9.8 Consider Portability Early 226

9.9 Avoid Memory Leaks 227

9.10 Final Words 229

Chapter 10 User and Temporal Feedback 23110.1 Consider Architecture 231

10.2 Model the End User 233

10.3 Maintain a History 234

10.4 Possible Feedback Mechanisms 237

10.5 Whitelisting 241

10.6 Graylisting 242

10.7 Archive, Reject, or Pass Through Spam 244

10.8 Dynamic Configurations 246

10.9 In Summary 253

Chapter 11 Handy Routines for the Message Body 25511.1 Parsing MIME-Encoded Boundaries 256

11.2 Decoding Base64 Encoding 258

11.3 Decoding Quoted-Printable Encoding 265

11.4 Decoding Character-Entity Encoding 269

11.5 Decoding URL-Encoding 277

11.6 Stripping HTML Comments 279

11.7 How to Use /etc/magic 284

11.8 How to Use /usr/share/dict/words 288

11.9 More 293

Appendix A Useful Source Code 295Bibliography 297Index 307