readme
1About
2=====
3 It's a lightweight, fast and reliable Sendmail milter that implements
4a real-time Sender e-Mail Address Verification technology. This technology
5can stop some kinds of SPAM with a spoofed sender's e-Mail address.
6 Also it implements a real-time Recipient e-Mail Address Verification
7technology. It can be useful if your machine is a backup MX for the recipient's
8domains or if your machine forwards all e-Mail messages as a relay host for your
9domains to another internal or external e-Mail servers.
10 It's a lite alternative for the spamilter, milter-sender and milter-ahead
11milters.
12
13 Features:
14
15 - external editable configuration file;
16 - whitelist by an IP address (in CIDR notation);
17 - whitelist by a PTR (reverse DNS) record;
18 - whitelist by an envelope sender e-Mail address;
19 - whitelist by an envelope recipient e-Mail address;
20 - scalable and tunable fast in-memory cache engine;
21 - SMTP AUTH support;
22 - strictly RFC-2821 compliant MX callback engine;
23 - tolerance against non RFC-2821 compliant e-Mail servers;
24 - blocking of e-Mail messages with a spoofed sender's e-Mail address;
25 - recipient's e-Mail address verification with authoritative e-Mail stores;
26 - progressive slowdown of recipient's e-Mail address brute force attacks;
27 - Sendmail virtusertable and mailertable features full support.
28
29Install
30=======
31 Requirements: Linux/FreeBSD/Solaris, Sendmail v8.11 and higher compiled with
32the MILTER API support enabled, Sendmail Development Kit, POSIX threads library.
33Under FreeBSD the BIND v8 is required (pkg_add -r bind).
34
35 Edit the Makefile according to version of your Sendmail program and OS.
36
37 Under the root account:
38make
39make install
40
41 Inspect and edit the /usr/local/etc/smf-sav.conf file.
42
43/usr/local/sbin/smf-sav
44or
45/usr/local/sbin/smf-sav -c /usr/local/etc/smf-sav.conf
46
47 Add this milter to start-up scripts before starting a Sendmail daemon.
48Look at the contributed samples of start-up scripts.
49
50 Add these lines to your Sendmail configuration file (usually sendmail.mc):
51define(`confMILTER_MACROS_HELO', confMILTER_MACROS_HELO`, {verify}')dnl
52INPUT_MAIL_FILTER(`smf-sav', `S=unix:/var/run/smfs/smf-sav.sock, T=S:30s;R:4m')dnl
53
54IMPORTANT: make sure that /var/run is not a group writable directory! If so,
55or chmod 755 /var/run, or if it's impossible switch to another directory.
56
57IMPORTANT: make sure that libmilter is compiled with BROKEN_PTHREAD_SLEEP defined.
58If this symbol is not defined, libmilter will use sleep() in signal-handler thread,
59which may cause various program misbehaviors, including coredumps.
60To rebuild Sendmail with this symbol defined, add the following line to your
61Sendmail/devtools/Site/site.config.m4:
62
63 APPENDDEF(`confENVDEF', `-DBROKEN_PTHREAD_SLEEP')
64
65If you are using the milter-greylist milter, please, bear in mind that it has an
66incorrect proposition about the Sendmail macroses configuration. This one can
67break the smf-sav milter functionality.
68
69If you have the smf-zombie and smf-grey milters installed, the smf-sav milter
70should be inserted after the smf-zombie milter and before the smf-grey milter.
71
72If you want to have a highly improved and fully supported fusion of the smf-zombie,
73smf-sav and smf-grey milters consider to acquire the milter-spamblocker milter.
74
75Rebuild of your Sendmail configuration file and restart a Sendmail daemon.
76
77 Under Linux add this line to your syslog.conf file and restart a Syslog daemon:
78xxx.info -/var/log/sav.log
79
80 Under FreeBSD run this command: touch /var/log/sav.log
81Then, add these lines to your syslog.conf file and restart a Syslog daemon:
82!smf-sav
83xxx.info -/var/log/sav.log
84
85Where xxx is a corresponded syslog facility from your smf-sav configuration
86file.
87
88If you want to exclude from logging the successfully verificated e-Mail addresses,
89and cached records set the syslog priority to 'notice' instead 'info'. They
90are just will be filtered out by a Syslog daemon.
91
92Notes: The successfully authenticated senders will bypass all verification checks.
93 Wildcard MX records with [square brackets] and standard MX records are fully
94supported for the Sendmail mailertable feature.
95
96It's very useful to add at your Sendmail configuration file these lines:
97
98define(`confPRIVACY_FLAGS', `goaway,noetrn,nobodyreturn,noreceipts')dnl
99define(`confTO_COMMAND', `1m')dnl
100define(`confTO_IDENT', `0s')dnl
101define(`confMAX_DAEMON_CHILDREN', `256')dnl enlarge if it's required
102define(`confCONNECTION_RATE_THROTTLE', `8')dnl enlarge if it's required
103define(`confBAD_RCPT_THROTTLE', `1')dnl Sendmail v8.12+
104FEATURE(`greet_pause', `5000')dnl Sendmail v8.13+
105
106Greetz Fly Out To
107=================
108 Jim Holland (Zimbabwe)
109 Nikolaj Wicker (Germany)
110
111TODO
112====
113 (maj) SAV policy switcher (reject/tag/quarantine) (v1.5.0);
114 (maj) e-Mail messages Subject and header tagging (v1.5.0);
115 (min) anti zombie hosts tricks and features (v1.6.0);
116 (min) legitimate e-Mail messages friendly Greylisting technique (v1.7.0);
117 (min) whitelists auto reloading (v1.8.0);
118 (min) cache data dumping (v1.9.0);
119 (min) cache data replication between multiple MX servers (v2.0.0);
120 (?) something else? just let me know.
121
122(min) - minor priority;
123(med) - medium priority;
124(maj) - major priority.
125
126 If you like this program, consider to purchase any of my commercial milters
127from http://spamfree.ru/
128 Thank you!
129
130======================================
131Become a sponsor for the SMFS project!
132======================================
133
134Any suggestions, support requests and bugs please send to <me@kurmanin.info>
135
136Subscribe to SMFS announcements mailing list here:
137 https://lists.sourceforge.net/lists/listinfo/smfs-list
138
139Subscribe to SMFS users mailing list here:
140 https://lists.sourceforge.net/lists/listinfo/smfs-users
141
142SMFS development blog (opened for all):
143 http://smfs.wordpress.com/
144
145http://smfs.sourceforge.net/
146http://sourceforge.net/projects/smfs/
147http://kurmanin.info/
148