Release 0.8.7

ChangeLog

@@ -0,0 +1,214 @@
+# Revision 1.69  2006/11/04 22:09:39  customdesigned
+# Another lame DSN heuristic.  Block PTR cache poisoning attack.
+#
+# Revision 1.68  2006/10/04 03:46:01  customdesigned
+# Fix defaults.
+#
+# Revision 1.67  2006/10/01 01:44:06  customdesigned
+# case_sensitive_localpart option, more delayed bounce heuristics,
+# optional smart_alias section.
+#
+# Revision 1.66  2006/07/26 16:42:26  customdesigned
+# Support CBV timeout
+#
+# Revision 1.65  2006/06/21 22:22:00  customdesigned
+# Handle multi-line headers in delayed dsns.
+#
+# Revision 1.64  2006/06/21 21:12:04  customdesigned
+# More delayed reject token headers.
+# Don't require HELO pass for CBV.
+#
+# Revision 1.63  2006/05/21 03:41:44  customdesigned
+# Fail dsn
+#
+# Revision 1.61  2006/05/17 21:28:07  customdesigned
+# Create GOSSiP record only when connection will procede to DATA.
+#
+# Revision 1.60  2006/05/12 16:14:48  customdesigned
+# Don't require SPF pass for white/black listing mail from trusted relay.
+# Support localpart wildcard for white and black lists.
+#
+# Revision 1.59  2006/04/06 18:14:17  customdesigned
+# Check whitelist/blacklist even when not checking SPF (e.g. trusted relay).
+#
+# Revision 1.58  2006/03/10 20:52:49  customdesigned
+# Use re to recognize failure DSNs.
+#
+# Revision 1.57  2006/03/07 20:50:54  customdesigned
+# Use signed Message-ID in delayed reject to blacklist senders
+#
+# Revision 1.56  2006/02/24 02:12:54  customdesigned
+# Properly report hard PermError (lax mode fails also) by always setting
+# perm_error attribute with PermError exception.  Improve reporting of
+# invalid domain PermError.
+#
+# Revision 1.55  2006/02/17 05:04:29  customdesigned
+# Use SRS sign domain list.
+# Accept but do not use for training whitelisted senders without SPF pass.
+# Immediate rejection of unsigned bounces.
+#
+# Revision 1.54  2006/02/16 02:16:36  customdesigned
+# User specific SPF receiver policy.
+#
+# Revision 1.53  2006/02/12 04:15:01  customdesigned
+# Remove spf dependency for iniplist
+#
+# Revision 1.52  2006/02/12 02:12:08  customdesigned
+# Use CIDR notation for internal connect list.
+#
+# Revision 1.51  2006/02/12 01:13:58  customdesigned
+# Don't check rcpt user list when signed MFROM.
+#
+# Revision 1.50  2006/02/09 20:39:43  customdesigned
+# Use CIDR notation for trusted_relay iplist
+#
+# Revision 1.49  2006/01/30 23:14:48  customdesigned
+# put back eom condition
+#
+# Revision 1.48  2006/01/12 20:31:24  customdesigned
+# Accelerate training via whitelist and blacklist.
+#
+# Revision 1.47  2005/12/29 04:49:10  customdesigned
+# Do not auto-whitelist autoreplys
+#
+# Revision 1.46  2005/12/28 20:17:29  customdesigned
+# Expire and renew AddrCache entries
+#
+# Revision 1.45  2005/12/23 22:34:46  customdesigned
+# Put guessed result in separate header.
+#
+# Revision 1.44  2005/12/23 21:47:07  customdesigned
+# Move Received-SPF header to top.
+#
+# Revision 1.43  2005/12/09 16:54:01  customdesigned
+# Select neutral DSN template for best_guess
+#
+# Revision 1.42  2005/12/01 22:42:32  customdesigned
+# improve gossip support.
+# Initialize srs_domain from srs.srs config property.  Should probably
+# always block unsigned DSN when signing all.
+#
+# Revision 1.41  2005/12/01 18:59:25  customdesigned
+# Fix neutral policy.  pobox.com -> openspf.org
+#
+# Revision 1.40  2005/11/07 21:22:35  customdesigned
+# GOSSiP support, local database only.
+#
+# Revision 1.39  2005/10/31 00:04:58  customdesigned
+# Simple implementation of trusted_forwarder list.  Inefficient for
+# more than 1 or 2 entries.
+#
+# Revision 1.38  2005/10/28 19:36:54  customdesigned
+# Don't check internal_domains for trusted_relay.
+#
+# Revision 1.37  2005/10/28 09:30:49  customdesigned
+# Do not send quarantine DSN when sender is DSN.
+#
+# Revision 1.36  2005/10/23 16:01:29  customdesigned
+# Consider MAIL FROM a match for supply_sender when a subdomain of From or Sender
+#
+# Revision 1.35  2005/10/20 18:47:27  customdesigned
+# Configure auto_whitelist senders.
+#
+# Revision 1.34  2005/10/19 21:07:49  customdesigned
+# access.db stores keys in lower case
+#
+# Revision 1.33  2005/10/19 19:37:50  customdesigned
+# Train screener on whitelisted messages.
+#
+# Revision 1.32  2005/10/14 16:17:31  customdesigned
+# Auto whitelist refinements.
+#
+# Revision 1.31  2005/10/14 01:14:08  customdesigned
+# Auto whitelist feature.
+#
+# Revision 1.30  2005/10/12 16:36:30  customdesigned
+# Release 0.8.3
+#
+# Revision 1.29  2005/10/11 22:50:07  customdesigned
+# Always check HELO except for SPF pass, temperror.
+#
+# Revision 1.28  2005/10/10 23:50:20  customdesigned
+# Use logging module to make logging threadsafe (avoid splitting log lines)
+#
+# Revision 1.27  2005/10/10 20:15:33  customdesigned
+# Configure SPF policy via sendmail access file.
+#
+# Revision 1.26  2005/10/07 03:23:40  customdesigned
+# Banned users option.  Experimental feature to supply Sender when
+# missing and MFROM domain doesn't match From.  Log cipher bits for
+# SMTP AUTH.  Sketch access file feature.
+#
+# Revision 1.25  2005/09/08 03:55:08  customdesigned
+# Handle perverse MFROM quoting.
+#
+# Revision 1.24  2005/08/18 03:36:54  customdesigned
+# Don't innoculate with SCREENED mail.
+#
+# Revision 1.23  2005/08/17 19:35:27  customdesigned
+# Send DSN before adding message to quarantine.
+#
+# Revision 1.22  2005/08/11 22:17:58  customdesigned
+# Consider SMTP AUTH connections internal.
+#
+# Revision 1.21  2005/08/04 21:21:31  customdesigned
+# Treat fail like softfail for selected (braindead) domains.
+# Treat mail according to extended processing results, but
+# report any PermError that would officially result via DSN.
+#
+# Revision 1.20  2005/08/02 18:04:35  customdesigned
+# Keep screened honeypot mail, but optionally discard honeypot only mail.
+#
+# Revision 1.19  2005/07/20 03:30:04  customdesigned
+# Check pydspam version for honeypot, include latest pyspf changes.
+#
+# Revision 1.18  2005/07/17 01:25:44  customdesigned
+# Log as well as use extended result for best guess.
+#
+# Revision 1.17  2005/07/15 20:25:36  customdesigned
+# Use extended results processing for best_guess.
+#
+# Revision 1.16  2005/07/14 03:23:33  customdesigned
+# Make SES package optional.  Initial honeypot support.
+#
+# Revision 1.15  2005/07/06 04:05:40  customdesigned
+# Initial SES integration.
+#
+# Revision 1.14  2005/07/02 23:27:31  customdesigned
+# Don't match hostnames for internal connects.
+#
+# Revision 1.13  2005/07/01 16:30:24  customdesigned
+# Always log trusted Received and Received-SPF headers.
+#
+# Revision 1.12  2005/06/20 22:35:35  customdesigned
+# Setreply for rejectvirus.
+#
+# Revision 1.11  2005/06/17 02:07:20  customdesigned
+# Release 0.8.1
+#
+# Revision 1.10  2005/06/16 18:35:51  customdesigned
+# Ignore HeaderParseError decoding header
+#
+# Revision 1.9  2005/06/14 21:55:29  customdesigned
+# Check internal_domains for outgoing mail.
+#
+# Revision 1.8  2005/06/06 18:24:59  customdesigned
+# Properly log exceptions from pydspam
+#
+# Revision 1.7  2005/06/04 19:41:16  customdesigned
+# Fix bugs from testing RPM
+#
+# Revision 1.6  2005/06/03 04:57:05  customdesigned
+# Organize config reader by section.  Create defang section.
+#
+# Revision 1.5  2005/06/02 15:00:17  customdesigned
+# Configure banned extensions.  Scan zipfile option with test case.
+#
+# Revision 1.4  2005/06/02 04:18:55  customdesigned
+# Update copyright notices after reading article on /.
+#
+# Revision 1.3  2005/06/02 02:09:00  customdesigned
+# Record timestamp in send_dsn.log
+#
+# Revision 1.2  2005/06/02 01:00:36  customdesigned
+# Support configurable templates for DSNs.

NEWS

@@ -1,4 +1,7 @@
 Here is a history of user visible changes to Python milter.
+0.8.7	Move spf module to pyspf
+	Prevent PTR cache poisoning
+	More lame bounce heuristics
 0.8.6	Support CBV timeout
 	Support fail template, headers in templates
 	Create GOSSiP record only when connection will procede to DATA.

cid2spf.py

@@ -1,153 +0,0 @@
-#!/usr/bin/python2.3
-
-# Convert a MS Caller-ID entry (XML) to a SPF entry
-#
-# (c) 2004 by Ernesto Baschny
-# (c) 2004 Python version by Stuart Gathman
-#
-# Date: 2004-02-25
-# Version: 1.0
-#
-# Usage:
-#  ./cid2spf.pl "<ep xmlns='http://ms.net/1'>...</ep>"
-#
-# Note that the 'include' directives will also have to be checked and
-# "translated". Future versions of this script might be able to get a
-# domain name as an argument and "crawl" the DNS for the necessary
-# information.
-#
-# A complete reverse translation (SPF -> CID) might be impossible, since
-# there are no way to handle:
-# - PTR and EXISTS mechanism 
-# - MX mechanism with an different domain as argument
-# - macros
-# 
-# References:
-# http://www.microsoft.com/mscorp/twc/privacy/spam_callerid.mspx
-# http://spf.pobox.com/
-#
-# Known bugs:
-# - Currently it won't handle the exclusions provided in the A and R
-#   tags (prefix '!'). They will show up "as-is" in the SPF record
-# - I really haven't read the MS-CID specs in-depth, so there are probably
-#   other bugs too :)
-#
-# Ernesto Baschny <ernst@baschny.de>
-#
-
-import xml.sax
-import spf
-
-# -------------------------------------------------------------------------
-class CIDParser(xml.sax.ContentHandler):
-  "Convert a MS Caller-ID entry (XML) to a SPF entry"
-
-  def __init__(self,q=None):
-    self.spf = []
-    self.action = '-all'
-    self.has_servers = None
-    self.spf_entry = None
-    if q:
-      self.spf_query = q
-    else:
-      self.spf_query = spf.query(i='127.0.0.1', s='localhost', h='unknown')
-
-  def startElement(self,tag,attr):
-      if tag == 'm':
-	if self.has_servers != None and not self.has_servers:
-	  raise ValueError(
-    "Declared <noMailServers\> and later <m>, this CID entry is not valid."
-	  )
-	self.has_servers = True
-      elif tag == 'noMailServers':
-	if self.has_servers:
-	  raise ValueError(
-    "Declared <m> and later <noMailServers\>, this CID entry is not valid."
-	  )
-	self.has_servers = False
-      elif tag == 'ep':
-	if attr.has_key('testing') and attr.getValue('testing') == 'true':
-	  # A CID with 'testing' found:
-	  # From the MS-specs:
-	  #  "Documents in which such attribute is present with a true
-	  #  value SHOULD be entirely ignored (one should act as if the
-	  #  document were absent)"
-	  # From the SPF-specs:
-	  #  "Neutral (?): The SPF client MUST proceed as if a domain did
-	  #  not publish SPF data."
-	  # So we set SPF action to "neutral":
-	  self.action = '?all'
-      elif tag == 'mx':
-	  # The empty MX-tag, same as SPF's MX-mechanism
-	  self.spf.append('mx')
-      self.tag = tag
-
-  def characters(self,text):
-	tag = self.tag
-	# Remove starting and trailing spaces from text:
-	text = text.strip()
-
-	if tag == 'a' or tag == 'r':
-	    # The A and R tags from MS-CID are both handled by the 
-	    # ipv4/6-mechanisms from SPF:
-	    if text.find(':') < 0:
-	      mechanism = 'ip4'
-	    else:
-	      mechanism = 'ip6'
-	    self.spf.append(mechanism + ':' + text)
-	elif tag == 'indirect':
-	    # MS-CID's indirect is "sort of" the include from SPF:
-	    # Not really true, because the <indirect> tag from MS-CID also 
-	    # provides a fallback in case the included domain doesn't provide
-	    # _ep-records: The inbound MX-servers of the included domains
-	    # are added to the list of allowed outgoing mailservers for the
-	    # domain that declared the _ep-record with the <indirect> tag.
-	    # In SPF you would use the 'mx:domain' to handle this, but this
-	    # wouldn't depend on referred domain having or not SPF-records.
-	    cid_xml = self.cid_txt(text)
-	    if cid_xml:
-	      p = CIDParser()
-	      xml.sax.parseString(cid_xml,p)
-	      if p.has_servers != False:
-		self.spf += p.spf
-	    else:
-	      self.spf.append('mx:' + text)
-
-  def cid_txt(self,domain):
-    q = self.spf_query
-    domain='_ep.' + domain
-    a = q.dns_txt(domain)
-    if not a: return None
-    if a[0].lower().startswith('<ep ') and a[-1].lower().endswith('</ep>'):
-      return ''.join(a)
-    return None
-
-  def endElement(self,tag):
-      if tag == 'ep':
-	# This is the end... assemble what we've got
-	spf_entry = ['v=spf1']
-	if self.has_servers != False:
-	  spf_entry += self.spf
-	spf_entry.append(self.action)
-	self.spf_entry = ' '.join(spf_entry)
-
-  def spf_txt(self,cid_xml):
-    if not cid_xml.startswith('<'):
-      cid_xml = self.cid_txt(cid_xml)
-      if not cid_xml: return None
-    # Parse the beast. Any XML-problem will be reported by xlm.sax
-    self.spf_entry = None
-    xml.sax.parseString(cid_xml,self)
-    return self.spf_entry
-
-if __name__ == '__main__':
-  import sys
-  if len(sys.argv) < 2:
-    print >>sys.stderr, \
-      """Usage: %s "<ep xmlns='http://ms.net/1'>...</ep>" """ % sys.argv[0]
-    sys.exit(1)
-
-  cid_xml = sys.argv[1]
-
-  p = CIDParser()
-  print p.spf_txt(cid_xml)

milter.spec

@@ -1,23 +1,20 @@
 %define name milter
-%define version 0.8.6
+%define version 0.8.7
-%define release 2.RH7
+%define release 1
 # what version of RH are we building for?
-%define redhat9 0
+%define redhat7 0
-%define redhat7 1
-%define redhat6 0
 
 # Options for Redhat version 6.x:
-# rpm -ba|--rebuild --define "rh6 1"
+# rpm -ba|--rebuild --define "rh7 1"
-%{?rh6:%define redhat7 0}
+%{?rh7:%define redhat7 1}
-%{?rh6:%define redhat6 1}
 
 # some systems dont have initrddir defined
 %{?_initrddir:%define _initrddir /etc/rc.d/init.d}
 
-%if %{redhat9}
+%if %{redhat7} # Redhat 7.x and earlier (multiple ps lines per thread)
-%define sysvinit milter.rc
-%else	# Redhat 7.x and earlier (multiple ps lines per thread)
 %define sysvinit milter.rc7
+%else	
+%define sysvinit milter.rc
 %endif
 # RH9, other systems (single ps line per process)
 %ifos Linux
@@ -43,22 +40,23 @@ Requires: %{python} >= 2.4, sendmail >= 8.13
 %ifos Linux
 Requires: chkconfig
 %endif
-BuildRequires: %{python}-devel , sendmail-devel >= 8.13
+BuildRequires: %{python}-devel >= 2.4, sendmail-devel >= 8.13
 
 %description
 This is a python extension module to enable python scripts to
 attach to sendmail's libmilter functionality.  Additional python
-modules provide for navigating and modifying MIME parts.
+modules provide for navigating and modifying MIME parts, sending
+DSNs, and doing CBV.
 
 %prep
 %setup
 #patch -p0 -b .bms
 
 %build
-%if %{redhat9}
+%if %{redhat7}
-  LDFLAGS="-g"
-%else
   LDFLAGS="-s"
+%else # Redhat builds debug packages after 7.3
+  LDFLAGS="-g"
 %endif
 env CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$LDFLAGS" %{python} setup.py build
 
@@ -176,6 +174,10 @@ rm -rf $RPM_BUILD_ROOT
 /usr/share/sendmail-cf/hack/rhsbl.m4
 
 %changelog
+* Sat Nov 04 2006 Stuart Gathman <stuart@bmsi.com> 0.8.7-1
+- Prevent PTR cache poisoning
+- More lame bounce heuristics
+- SPF moved to pyspf RPM
 * Tue May 23 2006 Stuart Gathman <stuart@bmsi.com> 0.8.6-2
 - Support CBV timeout
 - Support fail template, headers in templates

quarantine.txt

@@ -22,6 +22,19 @@ their quarantined mail and may notice your message.  If your message is
 important, please contact them via other means.  You may also try sending
 them a simple plain text message.
 
+If you never sent the above message, then your domain, %(sender_domain)s,
+was forged - i.e. used without your knowlege or authorization by
+someone attempting to steal your mail identity.  This is a very
+serious problem, and you need to provide authentication for your
+SMTP (email) servers to prevent criminals from forging your
+domain.  The simplest step is usually to publish an SPF record
+with your Sender Policy.  
+
+For more information, see: http://www.openspf.org
+
+Your mail admin needs to publish a strict SPF record so that I can reject
+those forgeries instead of bugging you with them.
+
 If you need further assistance, please do not hesitate to contact me.
 
 Kind regards,

setup.py

@@ -15,13 +15,13 @@ if sys.version < '2.2.3':
   DistributionMetadata.download_url = None
 
 # NOTE: importing Milter to obtain version fails when milter.so not built
-setup(name = "milter", version = '0.8.6',
+setup(name = "milter", version = '0.8.7',
 	description="Python interface to sendmail milter API",
 	long_description="""\
 This is a python extension module to enable python scripts to
 attach to sendmail's libmilter functionality.  Additional python
 modules provide for navigating and modifying MIME parts, and
-querying SPF records.
+sending DSNs or doing CBVs.
 """,
 	author="Jim Niemira",
 	author_email="urmane@urmane.org",
@@ -29,7 +29,7 @@ querying SPF records.
 	maintainer_email="stuart@bmsi.com",
 	license="GPL",
 	url="http://www.bmsi.com/python/milter.html",
-	py_modules=["mime","spf"],
+	py_modules=["mime"],
 	packages = ['Milter'],
 	ext_modules=[
 	  Extension("milter", ["miltermodule.c"],

softfail.txt

@@ -17,7 +17,7 @@ Subject: %(subject)s
 Received-SPF: %(spf_result)s
 
 Your sender policy indicated that the above email was likely forged and that
-feedback was desired.  If you are sending from a foreign ISP,
+feedback was desired for debugging.  If you are sending from a foreign ISP,
 then you may need to follow your home ISPs instructions for configuring
 your outgoing mail server.
 

spfquery.py

@@ -1,99 +0,0 @@
-#!/usr/bin/python2.3
-
-# Author: Stuart D. Gathman <stuart@bmsi.com>
-# Copyright 2004 Business Management Systems, Inc.
-# This code is under the GNU General Public License.  See COPYING for details.
-
-# $Log$
-# Revision 1.1.1.1  2005/05/31 18:07:19  customdesigned
-# Release 0.6.9
-#
-# Revision 2.3  2004/04/19 22:12:11  stuart
-# Release 0.6.9
-#
-# Revision 2.2  2004/04/18 03:29:35  stuart
-# Pass most tests except -local and -rcpt-to
-#
-# Revision 2.1  2004/04/08 18:41:15  stuart
-# Reject numeric hello names
-#
-# Driver for SPF test system
-
-import spf
-import sys
-
-from optparse import OptionParser
-
-class PerlOptionParser(OptionParser):
-    def _process_args (self, largs, rargs, values):
-        """_process_args(largs : [string],
-                         rargs : [string],
-                         values : Values)
-
-        Process command-line arguments and populate 'values', consuming
-        options and arguments from 'rargs'.  If 'allow_interspersed_args' is
-        false, stop at the first non-option argument.  If true, accumulate any
-        interspersed non-option arguments in 'largs'.
-        """
-        while rargs:
-            arg = rargs[0]
-            # We handle bare "--" explicitly, and bare "-" is handled by the
-            # standard arg handler since the short arg case ensures that the
-            # len of the opt string is greater than 1.
-            if arg == "--":
-                del rargs[0]
-                return
-            elif arg[0:2] == "--":
-                # process a single long option (possibly with value(s))
-                self._process_long_opt(rargs, values)
-            elif arg[:1] == "-" and len(arg) > 1:
-                # process a single perl style long option
-		rargs[0] = '-' + arg
-                self._process_long_opt(rargs, values)
-            elif self.allow_interspersed_args:
-                largs.append(arg)
-                del rargs[0]
-            else:
-		return
-
-def format(q):
-  res,code,txt = q.check()
-  print res
-  if res in ('pass','neutral','unknown'): print
-  else: print txt
-  print 'spfquery:',q.get_header_comment(res)
-  print 'Received-SPF:',q.get_header(res,'spfquery')
-
-def main(argv):
-  parser = PerlOptionParser()
-  parser.add_option("--file",dest="file")
-  parser.add_option("--ip",dest="ip")
-  parser.add_option("--sender",dest="sender")
-  parser.add_option("--helo",dest="hello_name")
-  parser.add_option("--local",dest="local_policy")
-  parser.add_option("--rcpt-to",dest="rcpt")
-  parser.add_option("--default-explanation",dest="explanation")
-  parser.add_option("--sanitize",type="int",dest="sanitize")
-  parser.add_option("--debug",type="int",dest="debug")
-  opts,args = parser.parse_args(argv)
-  if opts.ip:
-    q = spf.query(opts.ip,opts.sender,opts.hello_name,local=opts.local_policy)
-    if opts.explanation:
-      q.set_default_explanation(opts.explanation)
-    format(q)
-  if opts.file:
-    if opts.file == '0':
-      fp = sys.stdin
-    else:
-      fp = open(opts.file,'r')
-    for ln in fp:
-      ip,sender,helo,rcpt = ln.split(None,3)
-      q = spf.query(ip,sender,helo,local=opts.local_policy)
-      if opts.explanation:
-	q.set_default_explanation(opts.explanation)
-      format(q)
-    fp.close()
-    
-if __name__ == "__main__":
-  import sys
-  main(sys.argv[1:])