• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

init/H25-Oct-2006-163109

COPYINGH A D13-Dec-200717.6 KiB341281

ChangeLogH A D25-May-20133.3 KiB11795

MakefileH A D13-Dec-20071 KiB5033

install.shH A D13-Dec-2007666 3732

readmeH A D03-May-20226.3 KiB161122

smf-sav.cH A D03-May-202240.4 KiB1,4831,295

smf-sav.confH A D03-May-20224.4 KiB18585

readme

1Preamble: Fork of smf-sav project
2=================================
3
4As the original Author Eugene Kurmanin has no interest in this widely
5used software any more, and didn't fix any bug, I, Gabriele Maria Plutzar
6release a "reloaded" version with heavy bugfixes.
7This version (smf-sav reloaded 2.0) should exactly do what you expect.
8
9If you have bugfixes, or comments send them to smf-sav@anw.at. Perhaps
10someone could test the IPV6 support, as I haven't done that yet.
11
12
13About
14=====
15  It's a lightweight, fast and reliable Sendmail milter that implements
16a real-time Sender e-Mail Address Verification technology. This technology
17can stop some kinds of SPAM with a spoofed sender's e-Mail address.
18  Also it implements a real-time Recipient e-Mail Address Verification
19technology. It can be useful if your machine is a backup MX for the recipient's
20domains or if your machine forwards all e-Mail messages as a relay host for your
21domains to another internal or external e-Mail servers.
22  It's a lite alternative for the spamilter, milter-sender and milter-ahead
23milters.
24
25  Features:
26
27    - external editable configuration file;
28    - whitelist by an IP address (in CIDR notation);
29    - whitelist by a PTR (reverse DNS) record;
30    - whitelist by an envelope sender e-Mail address;
31    - whitelist by an envelope recipient e-Mail address;
32    - scalable and tunable fast in-memory cache engine;
33    - SMTP AUTH support;
34    - strictly RFC-2821 compliant MX callback engine;
35    - tolerance against non RFC-2821 compliant e-Mail servers;
36    - blocking of e-Mail messages with a spoofed sender's e-Mail address;
37    - recipient's e-Mail address verification with authoritative e-Mail stores;
38    - progressive slowdown of recipient's e-Mail address brute force attacks;
39    - Sendmail virtusertable and mailertable features full support.
40
41Install
42=======
43  Requirements: Linux/FreeBSD/Solaris, Sendmail v8.11 and higher compiled with
44the MILTER API support enabled, Sendmail Development Kit, POSIX threads library.
45Under FreeBSD the BIND v8 is required (pkg_add -r bind).
46
47  Edit the Makefile according to version of your Sendmail program and OS.
48
49  Under the root account:
50make
51make install
52
53  Inspect and edit the /usr/local/etc/smf-sav.conf file.
54
55/usr/local/sbin/smf-sav
56or
57/usr/local/sbin/smf-sav -c /usr/local/etc/smf-sav.conf
58
59  Add this milter to start-up scripts before starting a Sendmail daemon.
60Look at the contributed samples of start-up scripts.
61
62  Add these lines to your Sendmail configuration file (usually sendmail.mc):
63define(`confMILTER_MACROS_HELO', confMILTER_MACROS_HELO`, {verify}')dnl
64INPUT_MAIL_FILTER(`smf-sav', `S=unix:%%SMFSAV_RUN_DIR%%/smf-sav.sock, T=S:30s;R:4m')dnl
65
66IMPORTANT: make sure that /var/run is not a group writable directory! If so,
67or chmod 755 /var/run, or if it's impossible switch to another directory.
68
69IMPORTANT: make sure that libmilter is compiled with BROKEN_PTHREAD_SLEEP defined.
70If this symbol is not defined, libmilter will use sleep() in signal-handler thread,
71which may cause various program misbehaviors, including coredumps.
72To rebuild Sendmail with this symbol defined, add the following line to your
73Sendmail/devtools/Site/site.config.m4:
74
75  APPENDDEF(`confENVDEF', `-DBROKEN_PTHREAD_SLEEP')
76
77If you are using the milter-greylist milter, please, bear in mind that it has an
78incorrect proposition about the Sendmail macroses configuration. This one can
79break the smf-sav milter functionality.
80
81If you have the smf-zombie and smf-grey milters installed, the smf-sav milter
82should be inserted after the smf-zombie milter and before the smf-grey milter.
83
84If you want to have a highly improved and fully supported fusion of the smf-zombie,
85smf-sav and smf-grey milters consider to acquire the milter-spamblocker milter.
86
87Rebuild of your Sendmail configuration file and restart a Sendmail daemon.
88
89  Under Linux add this line to your syslog.conf file and restart a Syslog daemon:
90xxx.info	-/var/log/sav.log
91
92  Under FreeBSD run this command: touch /var/log/sav.log
93Then, add these lines to your syslog.conf file and restart a Syslog daemon:
94!smf-sav
95xxx.info	-/var/log/sav.log
96
97Where xxx is a corresponded syslog facility from your smf-sav configuration
98file.
99
100If you want to exclude from logging the successfully verificated e-Mail addresses,
101and cached records set the syslog priority to 'notice' instead 'info'. They
102are just will be filtered out by a Syslog daemon.
103
104Notes: The successfully authenticated senders will bypass all verification checks.
105  Wildcard MX records with [square brackets] and standard MX records are fully
106supported for the Sendmail mailertable feature.
107
108It's very useful to add at your Sendmail configuration file these lines:
109
110define(`confPRIVACY_FLAGS', `goaway,noetrn,nobodyreturn,noreceipts')dnl
111define(`confTO_COMMAND', `1m')dnl
112define(`confTO_IDENT', `0s')dnl
113define(`confMAX_DAEMON_CHILDREN', `256')dnl enlarge if it's required
114define(`confCONNECTION_RATE_THROTTLE', `8')dnl enlarge if it's required
115define(`confBAD_RCPT_THROTTLE', `1')dnl Sendmail v8.12+
116FEATURE(`greet_pause', `5000')dnl Sendmail v8.13+
117
118Greetz Fly Out To
119=================
120  Jim Holland (Zimbabwe)
121  Nikolaj Wicker (Germany)
122
123TODO
124====
125  (maj) SAV policy switcher (reject/tag/quarantine) (v1.5.0);
126  (maj) e-Mail messages Subject and header tagging (v1.5.0);
127  (min) anti zombie hosts tricks and features (v1.6.0);
128  (min) legitimate e-Mail messages friendly Greylisting technique (v1.7.0);
129  (min) whitelists auto reloading (v1.8.0);
130  (min) cache data dumping (v1.9.0);
131  (min) cache data replication between multiple MX servers (v2.0.0);
132  (?)   something else? just let me know.
133
134(min) - minor priority;
135(med) - medium priority;
136(maj) - major priority.
137
138  If you like this program, consider to purchase any of my commercial milters
139from http://spamfree.ru/
140  Thank you!
141
142======================================
143Become a sponsor for the SMFS project!
144======================================
145
146Any suggestions, support requests and bugs please send to <me@kurmanin.info>
147
148Subscribe to SMFS announcements mailing list here:
149  https://lists.sourceforge.net/lists/listinfo/smfs-list
150
151Subscribe to SMFS users mailing list here:
152  https://lists.sourceforge.net/lists/listinfo/smfs-users
153
154SMFS development blog (opened for all):
155  http://smfs.wordpress.com/
156
157http://smfs.sourceforge.net/
158http://sourceforge.net/projects/smfs/
159http://kurmanin.info/
160
161