Project mailfromd

mailfromd

8.17  —  2023-07-07
* Multiple handler definitions

Multiple "prog" declarations with the same handler name are now
allowed.  Such declarations are processed the same way multiple
"begin" and "end" sections were processed in prior versions:
when compiling the filter program, the code from all "prog"
declarations having the same handler name is combined into one code
block, in the same order the declarations appear in the source
file(s).

This allows MFL modules to define handler snippets.

* New special handler: action

The "action" special handler is executed before communicating the reply
action (accept, reject, etc.) to the server.  The handler takes four
arguments: numeric identifier of the action that is about to be
returned, SMTP response code, extended response code, and textual
message passed along with the action.  The last three arguments are
meaningful only for reject and tempfail actions.

Action handlers can be used for logging or accounting of the executed
actions.

* New variable: milter_state

The milter_state variable is initialized with the numeric code of
the current milter state.  Using this variable a function can execute
code depending on the handler it was called from.

The new module "milter.mfl" defines numeric constants for milter
states.  The functions milter_state_name and milter_state_code can
be used to convert this code to symbolic name and vice versa.

* New functions

The following new functions are provided to convert numeric
identifiers of various MFL entities to strings and vice-versa:

** string milter_state_name (number code)

Returns symbolic name of the milter state identified by its code.

** number milter_state_code (string name)

Returns numeric code of the state identified by its name.

** string milter_action_name (number code)

Returns symbolic name of the reply action identified by its code.

** number milter_action_name (string name)

Returns numeric code of the action identified by its name.

** void dbbreak (number @var{dbn})

Stop sequential access to the database and deallocate all associated
resources.  Use this function if you need to break from the sequential
access loop, e.g.:

  loop for number dbn dbfirst(dbname)
  do
    if some_condition
      dbbreak(dbn)
      break
    fi
  done while dbnext(dbn)

* New module: cdb

The "cdb" (control database) module provides functions for deciding
what MFL action to take depending on the result of a look up in a DBM
file.  Keys in the database have the format "PREFIX:KEY", where PREFIX
is one of:

  email		match sender email
  ip            match sender IP address
  domain        match sender domain part
  subdomain     search for a match among the domain part and its parent
                domains
  mx            match MX of the sender domain part

Values are (case-insensitive):

  OK            continue executing the MFL code
  ACCEPT        accept the mail
  REJECT	reject the mail (550)
  TEMPFAIL      return a temporary failure (451)
  GREYLIST      greylist the mail

or action specification in the form

  [code [xcode]] text

where code is 3-digit SMTP response code, xcode is extended SMTP code,
and text is explanatory reason text.  Both code and xcode must begin
with '4' or '5'.  If code and xcode are missing, reject the mail with
550 5.1.0 and the given text.

This module exports one function:

  func cdb_check(string prefix, string key)

Depending on the value of the prefix argument it does the following:

  ip
      Look up the "ip:KEY" in the database.  If found, take the action
      as described above.
  email
      Key is an email address.  Obtain its canonical form by
      splitting it into local and domain parts, converting the latter
      to lower case, reassembling the parts back into an email address
      and prefixing it with the string "email:".  Look up the resulting
      string in the database.  Take action indicated by the value.
  domain
      Key is an email address.  Extract its domain part, convert it
      to lower case and prefix it with "domain:".  Look up resulting
      string in the database.  If the look up succeeds, take action
      indicated by the value found.
  subdomain
      Same as above, but in case of failure, strip the shortest
      hostname prefix (everything up to the first dot, inclusively)
      from the domain and restart with the resulting value.  Continue
      process until a match is found or the argument is reduced to empty
      string.
  mx
      Key is an email address.  Extract its domain part.  For each of
      its MX servers, look up the key "mx:SERVER" and, if found, take
      action indicated by the value found.

The cdb_check function returns to caller only if the key was not
found in the database, or the lookup returned "OK" (case-insensitive)
or an empty string.  Otherwise, if the lookup returns an action, this
action will be performed and further execution of the filter code will
stop.

If the looked up value was "GREYLIST" while the function was called
from the handler prior to "envrcpt" (i.e. "connect", "helo", or
"envfrom"), the current handler will return and normal control flow
will resume from the next handler (as if by "continue" action). Actual
greylisting will be performed later, on entry to "envrcpt" handler.

The following global variables control the functionality of the
module:

  cdb_name    Name of the control database file.  Defaults to
              /etc/mail/mfctl.db
  cdb_greylist_interval
              Greylisting time.  Defaults to 900 seconds.

* mtasim: check expected textual replies

The "\E" command accepts optional second argument.  If supplied,
it is treated as an extended regular expression.  The subsequent
command will then succeed if its return code matched the one supplied
as the first argument, and its extended SMTP code and textual message
match the supplied regular expression.

* Bugfixes

** mtasim: correctly pass final body chunk to the milter

** Fix discrepancy between $N and $(N)

Both terms now mean exactly the same: Nth variadic argument.

** fix type conversions of typed variadic arguments

** Milter library: eliminate trailing space from arguments passed to handlers

** Milter server: don't pass extra \0 when sending multiple strings

** Fix handling of reply actions without explicit message text

In previous versions, the reject and tempfail actions would use the
default reply code if called without explicit message text (3rd
argument).
	  

Mailfromd is a general-purpose mail filtering daemon for Sendmail, Postfix and MeTA1. It is able to filter both incoming and outgoing messages using criteria of arbitrary complexity, supplied by the administrator in the form of a script file. The daemon interfaces with the MTA using Milter or PMilter protocols.