In case anybody needs it, here's how to run the TMDA challenge-response and mail filtering system under XMail. This assumes Unix where users have home directories of their own, with different privileges. TMDA doesn't work on Windows. Home page: http://www.tmda.net/
1. Get and configure TMDA. For outgoing mail you use "smtp" because the sendmail interface doesn't (yet) work (it needs to send from <> which uses a separate argument). You must also set the CONFIRM_ADDRESS, USERNAME and HOSTNAME to refer to your full address if they are different in XMail than your local system. Use "sendmail" as MAIL_TRANSFER_AGENT and set the delimiter to '-'. 2. Call, using mailproc.tab from your user's directory, the script pasted below. You need Dan Bernstein's daemontools for the setuidgid program, or modify it to use something else. Modify the script to refer to yourself instead of "sgucukoglu" my local username for my email account. The script is written in Tcl, so get and install it. This parses the spool file format for the raw message, then calls TMDA with sender set to the first argument, recipient the second, the spool file the third, extension separated by a hyphen and parsed out of the recipient, and your home directory. Mailproc.tab uses the external command to pass $(FROM), $(RCPT) and $(FILE). 3. If you want to use POP3 with XMail's built-in server you will create a symlink inside your XMail home directory that refers to the Maildir you configure TMDA to deliver to. (Hint: if you use IMAP you can browse your pending queue with it, because TMDA can store pending mail in a Maildir also.) 4. Use aliases.tab to make local-* at your domain an alias for local. Local is the part before the @ in your email address that XMail accepts mail for. 5. You may want to clear ErrorsAdmin and TempErrorsAdmin in server.tab, so as to avoid a ton of copied bounces sent by XMail to the addresses for deliveries made by TMDA (MAIL FROM:<>). You want to avoid spam, so you don't really want to know when mail goes nowhere. Besides, you'll have to whitelist such messages, and TMDA provides better support using tmda-ofmipd and "Dated" addresses for your own bounces. It makes sense also not to whitelist yourself, or <>, as some spammers have worked that out. 6. Set up other countermeasures. TMDA sends pretend bounces, which may well go to innocent sites. You absolutely must do everything else to prevent accepting bad mail, virus checks, SPF, etc, as befits your policy. If you don't want mail from IP addresses or email addresses, use XMail's features, not TMDA. I enjoyed doing this, but it took some trial and error and a bit of lost mail. I think the documentation in particular on mailproc.tab needs to explicitly say that spool files are used for local deliveries rather than as done to the Maildir dropbox. And we already know about the sendmail wrapper. Cheers, Sabahattin Here is the script, tmda-proc: #!/usr/bin/tclsh set user "sgucukoglu" set first [string first "-" [lindex $argv 1]] if {$first!=-1} { incr first set last [string last "@" [lindex $argv 1]] if {$last==-1} { set env(EXT) [string range [lindex $argv 1] $first end] } else { incr last -1 set env(EXT) [string range [lindex $argv 1] $first $last] } } else { set env(EXT) "" } set env(HOME) "/home/$user" set env(SENDER) [lindex $argv 0] set env(RECIPIENT) [lindex $argv 1] set infile [open [lindex $argv 2]] fconfigure $infile -encoding binary -translation crlf while {[gets $infile] ne "<<MAIL-DATA>>"} continue set msg [read $infile] close $infile set outpipe [open "|/usr/bin/setuidgid $user /usr/local/bin/tmda-filter" w] fconfigure $outpipe -encoding binary -translation crlf -buffering none puts $outpipe "Return-Path: <[lindex $argv 0]>" puts -nonewline $outpipe $msg close $outpipe
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail