spfmilter - SPF mail filter module

Fetch the software. Release notes.

A note on version numbers. There is another site which distributes spfmilter packages with 1.0.x versions numbers. The 1.0.x series are unauthorized copies of old versions from here. Their version numbers were changed for political reasons, not engineering reasons. Those versions should be ignored.

Because of this issue, there has never been a legitimate 1.x version of spfmilter. The legitimate versions went from 0.99 straight to 2.0.


Sendmail includes a facility for plugging in custom mail filters, called milters. It's documented here. Spfmilter implements the Sender Policy Framework (SPF) as a milter, using either the libspf or libspf2 libraries.

The idea of SPF is to prevent email forgery. Each participating site sets up a little definition of which hosts are allowed to send mail claiming to be from that site. When another site receives mail, it checks the permitted-senders definition for the originating site. If the check fails, the mail is rejected.

Setting up the permitted-senders definition is very easy, you go to the SPF Wizard and fill out a little form, then put the resulting string into your DNS records. This milter implements the second half of SPF, checking the mail you receive against other sites' SPF records.


Mailing List

Are you using spfmilter? There's a mailing list. Join the conversation!


Release Notes

Version 2.001, 25feb2015:

Version 2.0, 12feb2015:

Version 0.99, 14aug2014:

Version 0.98, 16jul2014:

Version 0.97, 20jun2005:

Version 0.96, 26apr2005:

Version 0.95, 26sep2004:

Version 0.94, 10sep2004:

Version 0.93, 07aug2004:

Version 0.92, 05aug2004:

Version 0.91, 05aug2004:

Version 0.90, 30jul2004:

Version 0.86, 15jul2004:

Version 0.85, 15jul2004:

Version 0.80, 11jul2004:

Version 0.50, 19jun2004:

Version 0.10, 31may2004:


Installation

This is very abbreviated, intended mainly as a reminder for those who have worked with milters before. If it's your first milter, you should look on the web for more thorough documentation. Also, these instructions are pretty specific to FreeBSD, and will have to be adapted for other OSs.

  1. Make sure your sendmail is compiled with the MILTER option. (Starting with version 8.13 this is enabled by default.) You can use this command to check:
    
    sendmail -d0.1 -bt < /dev/null | grep MILTER
            
    If you don't see MILTER in the compilation options, you will have to re-build sendmail.
  2. Fetch, build, and install either libspf or libspf2. If you use libspf be sure to configure with the "--enable-pthreads" option.
  3. Build and install the spfmilter executable, by doing a './configure ; make ; make install'.
  4. Edit your sendmail.mc and add a mail filter macro, for example:
    
    INPUT_MAIL_FILTER(`spfmilter',`S=unix:/var/run/spfmilter.sock')
            
    Rebuild and install sendmail.cf.
  5. Run spfmilter, with the same socket argument you used in sendmail.mc:
    
    # spfmilter unix:/var/run/spfmilter.sock
            
  6. Stop and re-start sendmail.
  7. Look in /var/log/maillog for messages from spfmilter.
  8. When you've verified that it's working, add lines to your /etc/rc.conf so it starts up at boot time:
    
    spfmilter_enable="YES"
    spfmilter_socket="unix:/var/run/spfmilter.sock"
            

Other SPF Milters


See also: sfcmilter, blackmilter, graymilter, sample_milter.
Sender ID.
ACME Labs / Software / spfmilter
email