| Summary: | qmail SPAMControl patch available, suggest adding to qmail ebuilds | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | elfarto <elfarto69> |
| Component: | New packages | Assignee: | Net-Mail Packages <net-mail+disabled> |
| Status: | VERIFIED WORKSFORME | ||
| Severity: | enhancement | CC: | vapier |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.fehcom.de/qmail/spamcontrol.html | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 29485 | ||
most of the stuff on this list is already included in my qmail ebuilds. somebody submitted this once before, but that was at least 6 months ago. if you want to find that bug, and go thru the latest qmail -r15 ebuild to check which of this stuff isn't there, i'll be happy to add it into our ebuild. off the top of my head: relaymailfrom - i'm not adding this bad* filters SMTP SIZE SMTP AUTH - normally allowed after TLS only, there is a use flag to allow it before Split Horizon evaluation of badhelo and badmailfrom - double check this NULLSENDER single RECIPIENT enforcement Limit size of bounces Russel Nelson's double bounce trim - double check this Bruce Guenter's Bigtodo patch I'll be glad to see a dynamic tarpit patch included into future ebuilds, the normal tarpit.patch available is just too dumb to be of any utility against decided spammers, it allows the client to continue sending data even while the sleep loop is running. It seems that the tarpit patch included in spamcontrol is of no use either. Perhaps http://spamthrottle.qmail.ca/ should be the right thing to add to the ebuild. Sorry for my mistake. Should i open a new bug ? elfarto: yes open a new bug. closing this as we have most of it. Most of it but not: Recipient Whitelising Extension: Accept E-Mails on a per-user bases, instead of per-domain. This is a critical patch IMO and will prevent tons of mail for non-existent users ending up in the queue and using up bandwidth. You can use SPP for that. |
SPAMCONTROL is an add-on (patch) for qmail-smtpd to filter and control unsolicited commercial E-Mails (UCE/SPAM) by means of the available (E)SMTP session protocol elements. Version 2.2 of SPAMCONTROL includes (E)SMTP Authentication and 'Whitelisting' of the SMTP Recipients. Features of SPAMCONTROL: Relaying: Relaymailfrom support ("MAIL from:") Unified Bad* Filters: Wildcard HELO/EHLO Greeting filter Wildcard SENDER filter Wildcard RECIPIENT filter MIME Type Filter: Signaturs of Base 64 encoded MIME types can be added on-the-fly in a cdb using qmail-newbmt The filter is triggered my means of the environment variabel $BADMIMETYPE DNS MX Lookups: DNS Lookup for SMTP SENDER envelope address (MFDNSCHECK) Includes option to remove trailing blanks DNS Lookup for hostname in SMTP HELO/EHLO Greeting (HELODNSCHECK) Nasty stuff: SMTP session may be closed in case of a filter condition! BLACKHOLED Sender for the notorious (E)SMTP Extensions: SMTP SIZE extension [RFC 1870] E(SMTP) Authentication [RFC 2554]Improved! Recipient Whitelising Extension: Accept E-Mails on a per-user bases, instead per-domain Multiple User data-bases in cdb format User data-base fastforward compatible or to be constructed on-the-fly via qmail-recipients Controlling: Limitation for the number of "RCPT To:'s" per SMTP session Split Horizon evaluation of badhelo and badmailfrom filters (depending on $RELAYCLIENT) Tarpitting Reverse Split Horizon mechanism: Anti-spoofing for "MAIL from:" addresses for $RELAYCLIENTs (in particular if SMTP Authenticated) Very useful to identify backdoor/trojan infected hosts! Enforcement for SMTP Authentication for particular senders! Enforcement of brackets for SMTP addresses Controlling Bounces: NULLSENDER single RECIPIENT enforcement Limit size of bounces Russel Nelson's double bounce trim Extensible logging (via splogger or multilog): Accepted and Rejected SMTP sessions Accepted and Rejected SMTP authentication attempts Performance enhancements (experimental): Bruce Guenter's Bigtodo patch Andre Oppermann's Runonce patch Larger input buffer for reading control files Reproducible: Always Steps to Reproduce: 1. 2. 3.