Plugin details: qmail-spp-filter 

qmail-spp-filter details

 This program enables qmail-spp commands to be issued based on matches of
   TCPREMOTEIP, SMTPMAILFROM or SMTPRCPTTO with records in text files.

   The TinyCDB library (http://www.corpit.ru/mjt/tinycdb.html) is used.  Or if
   is not available, the standard CDB library is used
   (http://cr.yp.to/cdb/install.html).

   Compile plugin using something like this for TinyCDB:

     gcc -g -Wall qmail-spp-filter.c -o qmail-spp-filter -lcdb

   Or this for standard CDB:

     gcc -g -Wall qmail-spp-filter.c -o qmail-spp-filter /usr/lib/cdb.a \
       /usr/lib/unix.a /usr/lib/buffer.a /usr/lib/alloc.a /usr/lib/byte.a

   Put qmail-spp-filter in the qmail plugins directory
   (ex. "/var/qmail/plugins") and add to smtpplugins file
   (ex. "/var/qmail/control/smtpplugins") after [rcpt]
   section:

     [rcpt]
     plugins/qmail-spp-filter

   If the "RELAYCLIENT" environment variable (envar) is set, this module
   exits without doing anything, since the client has permission to relay.

   IPv6 is supported if TCPREMOTEIP contains an IPv6 address or if
   TCP6REMOTEIP envar is set.

   Filters are specified by setting the following envars.

     SPP_FILTER_#_DEF
     SPP_FILTER_#_CMD

   '#' starts at 1 and increments numerically (base 10, no leading zeros) until
   there is no matching envar.  For each DEF envar, there must be a matching
   CMD envar.

   DEF envars are defined as:

     "type:pathname"

   where "type" is one of:

      ip         list of IP addresses
      from       list of from/sender email addresses
      regexfrom  list of regular expressions to match with from/sender addrs
      rcpt       list of destination/rcptto email addresses
      regexrcpt  list of regular expressions to match with dest/rcptto addrs

   and pathname is the full filename of a text file with one record per line.
   Comments start with '#' in the text files.  CDB hash files
   (http://cr.yp.to/cdb.html) are automatically generated for all but regular
   expression files.  CDB generation is triggered if it appears that the
   source text file is newer than the accompanying CDB file or if a CDB file
   does not exist.  The "qmaild" user must have write access to the directory
   containing the file.

   The regular expressions are of the POSIX Extended Regular Expression
   regex(3) format and are case-insensitive.

   Possible settings of CMD envars are taken from
   http://qmail-spp.sourceforge.net/doc/ :

     Command       Description
     -----------------------------------------------------------------------
     A             accept mail - turn off qmail-spp in this session
     N             next - accept current SMTP command (do not execute
                   remaining plugins for this command)
     O             ok - like N, but omits qmail checks in MAIL and RCPT
     Emsg          error - do not accept this SMTP command and immediately
                   send msg to the client
     LMmsg         later, mail - like E, but shows error after MAIL command
     LRmsg         later, rcpt - like E, but shows error after RCPT command
     LDmsg         later, data - like E, but shows error after DATA command
     Rmsg          reject mail - send msg to the client and drop connection
     D             drop connection immediately, without printing anything
     Svar=value    set environmental variable var to value
     Uvar          unset var variable
     Hcontent      header - add header content (eg. X-Spam-Flag: YES)
     Cfoo@bar.com  change last address provided by the client to foo@bar.com
                   (MAIL FROM or RCPT TO address)
     Pmsg          print - send msg to the client

   Separate commands are separated by a comma or a carriage return.  Be
   careful not to include a comma for any other reason.

   Once a match is found and a CMD is processed, the plugin exits.

   An optional SPP_FILTER_NOMATCH_CMD envar can be set if you want the program
   to issue a qmail-spp command (or commands) if there is a failure to find
   any match.

   Except for the SPP_FILTER_NOMATCH_CMD envar, if any CMDs include the
   special string "send-filter-def" then "send-filter-def" will
   be replaced by the content of the SPP_FILTER_#_DEF envar that matched.

   Example envars:

     SPP_FILTER_1_DEF="ip:/var/qmail/control/whitelist_ips"
     SPP_FILTER_1_CMD="A,SSPP_FILTER_WHITELISTEDIP_MATCHED=1"
     SPP_FILTER_2_DEF="regexrcpt:/var/qmail/control/whitelist_regex_rcpts"
     SPP_FILTER_2_CMD="A,HSPP-Filter-Match: send-filter-def"
     SPP_FILTER_3_DEF="regexfrom:/var/qmail/control/blacklist_regex_senders"
     SPP_FILTER_3_CMD="E550 Blacklisted!"
     SPP_FILTER_4_DEF="rcpt:/var/qmail/control/whitelist_rcpts"
     SPP_FILTER_4_CMD="A"
     SPP_FILTER_5_DEF="from:/var/qmail/control/whitelist_senders"
     SPP_FILTER_5_CMD="A"
     SPP_FILTER_6_DEF="from:/var/qmail/control/blacklist_senders"
     SPP_FILTER_6_CMD="E550 Blacklisted!"
     SPP_FILTER_NOMATCH_CMD="SSPP_FILTER_FOUND_NO_MATCH=1"

   Example "ip" text file:

     127.0.0.1  # full IP address, with no leading zeros
     192.168.2  # partial IP address
     192.168    # partial IP address
     10         # partial IP address
     2001:0db8:0000:0000:0000:0000  # invariant part of IPv6 addresses need to
                                    # be explicit (no "::" or ":0:" compression
                                    # since simple text matching is used.

   Example "from" or "rcpt" text file:

     # list of email addresses to whitelist
     foo@bar.com   # comment
     bar@foo.com

   Example "regexfrom" or "regexrcpt" regex text file:

     # ^ and $ operators are automatically added by the plugin.
     .*@bar.com       # match any email from bar.com
     john-.*@doe.com


Author: Chris Caputo
Added on: 2008-11-12
URL: https://www.caputo.com/foss/qmail-spp-filter/


<<< Back to plugins

Copyright © 2004-2008 Paweł Foremski

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license can be found here.