spfmilter

spfmilter - SPF mail filter module

This software is still in beta test. Use at your own risk. Current status:

spfmilter 0.97

No known issues with the milter itself.

libspf v1.0.0-p3

Does not implement MX mode.
Takes much too long on most connections, to the point where it's not usable on a busy system because of the hundreds of sendmail processes waiting around for an answer.
Some problem with double-freeing memory.

v1.0-RC6-pre6

The --trustedforwarders flag seems to cause all results to come back as "unknown".
Does not implement MX mode.
Otherwise stable.

libspf2 1.2.5

Port in progress (23dec2005).

1.0.4

Mutex-related crashes on the order of once every week or two.
Slow memory leak - 10 MB / week or so.

A note on version numbers. There is another site which distributes spfmilter packages with 1.0.x versions numbers. You might be tempted to think that since the version numbers are numerically higher, those packages are the most up to date. Wrong. The 1.0.x series are unauthorized copies of old versions from here. Their version numbers were changed for political reasons, not engineering reasons. Those versions should be ignored.
Because of this issue, there will never be a legitimate 1.x version of spfmilter. If the libraries ever get stable enough to merit a non-beta release of spfmilter, my intention is to call it 2.0.

Sendmail includes a facility for plugging in custom mail filters, called milters. It's documented here. Spfmilter implements the Sender Policy Framework (SPF) as a milter, using either the libspf or libspf2 libraries.

The idea of SPF is to prevent email forgery. Each participating site sets up a little definition of which hosts are allowed to send mail claiming to be from that site. When another site receives mail, it checks the permitted-senders definition for the originating site. If the check fails, the mail is rejected.

Setting up the permitted-senders definition is very easy, you go to the SPF Wizard and fill out a little form, then put the resulting string into your DNS records. This milter implements the second half of SPF, checking the mail you receive against other sites' SPF records.

Mailing Lists

Are you using spfmilter? There's a mailing list: spfmilter@mail.acme.com (spfmilter-request@mail.acme.com to subscribe). And an announcements-only mailing list: spfmilter-announce@mail.acme.com (spfmilter-announce-request@mail.acme.com to subscribe). Anything send to the announcements list also goes to the regular list, so you don't need to be on both.

Release Notes

Version 0.97, 20jun2005:

Some improvements to the redhat rcscripts. (Paul Howarth)
Deal with the unknown-family connections which occasionally show up on some OSs, such as Solaris. (Joel Lord)

Version 0.96, 26apr2005:

Use smfi_insheader() if it's available, so that the Received-SPF header goes at the front where the spec says it belongs.

Version 0.95, 26sep2004:

Fixed problem with guess/fallback mode when using libspf.

Version 0.94, 10sep2004:

Clean up memory from the iparray module, so that valgrind doesn't complain.
If fetching the {j} macro from sendmail doesn't give us the local hostname, call gethostname().
Avoid potential memory leak from multiple HELOs in the same connection.
Avoid potential SEGV from no HELO.
If the envelope-from address is empty or doesn't have an @, make a fake one using the HELO domain.
Trim CRs off the ends of addresses.
Added ifdef to optionally not use libspf2's caching DNS layer.
Added autoconf stuff.

Version 0.93, 07aug2004:

Moved the larger local string buffers to the connection-data object, so the threads don't use so much stack space.

Version 0.92, 05aug2004:

Minor tweak so my spfmilter.c works with Shevek's autoconf setup.

Version 0.91, 05aug2004:

Match fallback patterns against only the hostname part of from-addresses, not the whole address. (Paul Howarth)
Only delete SPF headers that claim to be from the local hostname. (Paul Howarth)
Added an rc_scripts directory.
Fixed memory leak. (Ken Serrine)

Version 0.90, 30jul2004:

Accept authenticated messages without doing the SPF check. (Ivan Martinez, Mike Markley)
Better version of --recipientmx check. (Paul Howarth)
First version of code to work with libspf as well as libspf2. To use with libspf, edit the Makefile and switch the commenting on the first four lines. This code runs but has not been tested for more than a few minutes.

Version 0.86, 15jul2004:

Fixed a bug that only showed up when the resolver pool had to be expanded to deal with more than 100 threads.

Version 0.85, 15jul2004:

Changed the behavior on DNS errors. Previously, the message triggering the error was returned with a temporary failure code. If the DNS error persisted, then eventually the message would time out and bounce. As of this version, such messages are accepted and marked with a Received-SPF header, which should contain an explanation of the error.

Version 0.80, 11jul2004:

Added IP whitelisting.
Added wildcard fallback records.

Version 0.50, 19jun2004:

Packaging help from Shevek.
Worked around a memory leak in the resolver library by adding a persistent pool of resolver objects.

Version 0.10, 31may2004:

First version.

Installation

This is very abbreviated, intended mainly as a reminder for those who have worked with milters before. If it's your first milter, you should look on the web for more thorough documentation. Also, these instructions are pretty specific to FreeBSD, and will have to be adapted for other OSs.

Make sure your sendmail is compiled with the MILTER option. (Starting with version 8.13 this is enabled by default.) You can use this command to check:

sendmail -d0.1 -bt < /dev/null | grep MILTER

If you don't see MILTER in the compilation options, you will have to re-build sendmail.

Fetch, build, and install either libspf or libspf2. If you use libspf be sure to configure with the "--enable-pthreads" option.
Build and install the spfmilter executable, by doing a './configure ; make ; make install'.
Edit your sendmail.mc and add a mail filter macro, for example:
INPUT_MAIL_FILTER(`spfmilter',`S=unix:/var/run/spfmilter.sock, T=S:8m;R:8m')
Rebuild and install sendmail.cf.
Run spfmilter, with the same socket argument you used in sendmail.mc:
# spfmilter unix:/var/run/spfmilter.sock
Stop and re-start sendmail.
Look in /var/log/maillog for messages from spfmilter.
When you've verified that it's working, add lines to your /etc/rc.conf so it starts up at boot time:
spfmilter_enable="YES" spfmilter_flags="-t" spfmilter_socket="unix:/var/run/spfmilter.sock"

Other SPF Milters

SPF milter in Perl.
Generic milter in Python that can do SPF checking.
spamilter, a general anti-spam milter in C that includes SPF checking.

See also: sfcmilter, blackmilter, graymilter, sample_milter.
Sender ID.
Back to ACME Labs Software.
Back to ACME Labs.