blackmilter - blacklist mail filter module

Fetch the software. Release notes.
This software is still in beta test. Use at your own risk. Current status:
  • I haven't added the socket update code.
  • I need to package up some of the log-analysis scripts I've written to provide input to blackmilter.

Sendmail includes a facility for plugging in custom mail filters, called milters. It's documented here. Blackmilter implements a blacklist of IP addresses which are not permitted to send mail to this host. Any mail attempts from blacklisted addresses are rejected immediately upon connection, before the mail gets transmitted.

This could also be accomplished by turning the blacklists into a set of firewall rules for port 25. However, current firewall implementations process their rules sequentially, one by one. If you have a lot of hosts you want blocked, this is too costly. Blackmilter stores the IP addresses in a data structure that is both fast and reasonably compact. If you wanted to, you could block millions of addresses quite efficiently.

A more reasonable alternative is the access database built into sendmail. However, benchmarking shows that blackmilter is much faster at this task - from thirty to sixty times faster. Same for using a DNS-based RBL - blackmilter is vastly faster. If you are getting a lot of mail and blocking a lot of IP addresses, this can make a difference. Also blackmilter has some advantages in flexibility, such as the autoupdate and socket update features.

Blackmilter does not specify any particular blacklisting policy. It is merely a clean and simple tool to let you efficiently implement whatever policy you choose.


Release Notes

Version 0.81, 14aug2014:

Version 0.80, 16jul2014:

Version 0.75, 03aug2005:

Version 0.74, 20jun2005:

Version 0.73, 08jun2005:

Version 0.72, 06jun2005:

Version 0.71, 31may2005:

Version 0.70, 09dec2004:

Version 0.60, 14sep2004:

Version 0.50, 26may2004:


Installation

This is very abbreviated, intended mainly as a reminder for those who have worked with milters before. If it's your first milter, you should look on the web for more thorough documentation. Also, these instructions are pretty specific to FreeBSD, and will have to be adapted for other OSs.

  1. Make sure your sendmail is compiled with the MILTER option. (Starting with version 8.13 this is enabled by default.) You can use this command to check:
    
    sendmail -d0.1 -bt < /dev/null | grep MILTER
            
    If you don't see MILTER in the compilation options, you will have to re-build sendmail.
  2. Build and install the blackmilter executable, by doing a 'make install'.
  3. Edit your sendmail.mc and add a mail filter macro, for example:
    
    INPUT_MAIL_FILTER(`blackmilter',`S=unix:/var/run/blackmilter.sock, T=S:4m;R:4m')
            
    Rebuild and install sendmail.cf.
  4. Run blackmilter, with your blacklist args and the same socket argument you used in sendmail.mc:
    
    # blackmilter -b /etc/smtp_blacklist unix:/var/run/blackmilter.sock
            
  5. Stop and re-start sendmail.
  6. Look in /var/log/maillog for messages from blackmilter.
  7. When you've verified that it's working, add lines to your /etc/rc.conf so it starts up at boot time:
    
    blackmilter_enable="YES"
    blackmilter_flags="-a -b /etc/smtp_blacklist"
    blackmilter_socket="unix:/var/run/blackmilter.sock"
            

See also: spfmilter, sfcmilter, graymilter, sample_milter.
ACME Labs / Software / blackmilter
email