From 8f8de8fa97f5919b5fb0273e4f63bc1a3978e8c0 Mon Sep 17 00:00:00 2001 From: Stuart Gathman Date: Fri, 14 Oct 2005 16:17:31 +0000 Subject: [PATCH] Auto whitelist refinements. --- Milter/__init__.py | 2 +- NEWS | 1 + TODO | 16 +++++----- bms.py | 32 +++++++++++-------- logmsgs.html | 76 ++++++++++++++++++++++++++++++++++++++++++++++ milter.html | 21 +++++++++++-- 6 files changed, 124 insertions(+), 24 deletions(-) create mode 100644 logmsgs.html diff --git a/Milter/__init__.py b/Milter/__init__.py index b56a90c..0031a54 100755 --- a/Milter/__init__.py +++ b/Milter/__init__.py @@ -44,7 +44,7 @@ class Milter: for i in msg: print i, print - def connect(self,hostname,unused,hostaddr): + def connect(self,hostname,family,hostaddr): "Called for each connection to sendmail." self.log("connect from %s at %s" % (hostname,hostaddr)) return CONTINUE diff --git a/NEWS b/NEWS index c7369eb..ccfbc1a 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,6 @@ Here is a history of user visible changes to Python milter. +0.8.4 Auto-whitelist recipients of outgoing email. 0.8.3 Keep screened honeypot mail, but optionally discard honeypot only mail. spf_accept_fail option for braindead SPF senders (treats fail like softfail) diff --git a/TODO b/TODO index a63cf7d..ab412e8 100644 --- a/TODO +++ b/TODO @@ -1,10 +1,10 @@ +Train honeypot with auto-whitelisted mail as ham. This should result in +a totally self training auto screener. Rescind whitelist for banned +extensions, in case sender is infected. + Find rfc2822 policy for MFROM quoting. -Use /etc/mail/access for domain specific SPF policies. - -SPF-Fail: REJECT -SPF-Softfail: OK -SPF-Neutral: OK +Support explicit errors for SPF policy in access file: SPF-Neutral:aol.com ERROR:"550 AOL mail must get SPF PASS" Defer TEMPERROR in SPF evaluation - give precedence to security @@ -16,9 +16,6 @@ Option to add Received-SPF header, but never reject on SPF. Create null config that does nothing - except maybe add Received-SPF headers. Many admins would like to turn features on one at a time. -Auto whitelist based on outgoing email - perhaps with magic subject -or recipient prefix. - Can't output messages with malformed rfc822 attachments. Move milter,Milter,mime,spf modules to pymilter @@ -33,7 +30,8 @@ check spam keywords with character classes, e.g. Implement RRS - a backdoor for non-SRS forwarders. User lists non-SRS forwarder accounts, and a util provides a special local alias for the -user to give to the forwarder. Alias only works for mail from that +user to give to the forwarder. (Or user just adds arbitrary alias +unique to that forwarder to a database.) Alias only works for mail from that forwarder. Milter gets forwarder domain from alias and uses it to SPF check forwarder. diff --git a/bms.py b/bms.py index f401a86..69809a4 100644 --- a/bms.py +++ b/bms.py @@ -1,6 +1,9 @@ #!/usr/bin/env python # A simple milter that has grown quite a bit. # $Log$ +# Revision 1.31 2005/10/14 01:14:08 customdesigned +# Auto whitelist feature. +# # Revision 1.30 2005/10/12 16:36:30 customdesigned # Release 0.8.3 # @@ -666,20 +669,21 @@ class AddrCache(object): l = time.strptime(ts,AddrCache.time_format) t = time.mktime(l) if t > too_old: - cache[rcpt] = None + cache[rcpt.lower()] = None except: - cache[ln.strip()] = None + cache[ln.strip().lower()] = None except IOError: pass def has_key(self,sender): - return self.cache.has_key(sender) + return self.cache.has_key(sender.lower()) def __getitem__(self,sender): - return self.cache[sender] + return self.cache[sender.lower()] def __setitem__(self,sender,res): - cached = sender in self.cache - self.cache[sender] = res + lsender = sender.lower() + cached = lsender in self.cache + self.cache[lsender] = res if not cached and not res: s = time.strftime(AddrCache.time_format,time.localtime()) print >>open(self.fname,'a'),sender,s # log who we sent DSNs to @@ -1017,9 +1021,9 @@ class bmsMilter(Milter.Milter): return Milter.TEMPFAIL self.add_header('Received-SPF',q.get_header(res,receiver)) self.spf = q - if self.dspam and not self.internal_connection and res == 'pass': - if auto_whitelist.has_key(self.canon_from): - self.dspam = False + if self.dspam and res == 'pass' and auto_whitelist.has_key(self.canon_from): + self.dspam = False + self.log("WHITELIST",self.canon_from) return Milter.CONTINUE # hide_path causes a copy of the message to be saved - until we @@ -1358,9 +1362,13 @@ class bmsMilter(Milter.Milter): force_result=dspam.DSR_ISSPAM) self.log("HONEYPOT:",rcpt) return Milter.DISCARD - #if not self.dspam: - # FIXME: tag, but force as ham - txt = ds.check_spam(user,txt,self.recipients) + if not self.dspam: + # Sender whitelisted: tag, but force as ham. + # User can change if actually spam. + txt = ds.check_spam(user,txt,self.recipients, + force_result=dspam.DSR_ISINNOCENT) + else: + txt = ds.check_spam(user,txt,self.recipients) if not txt: # DISCARD if quarrantined for any recipient. It # will be resent to all recipients if they submit diff --git a/logmsgs.html b/logmsgs.html new file mode 100644 index 0000000..5797c7b --- /dev/null +++ b/logmsgs.html @@ -0,0 +1,76 @@ + + + +Python Milter Log Documentation + + + +

Milter Log Documentation

+ +The milter log has a variety of "tags" in it that indicate what it did. + +
+
DSPAM: honeypot SCREENED +
message was quarantined to the honeypot quarantine + +
REJECT: hello SPF: fail 550 access denied +
REJECT: hello SPF: softfail 550 domain in transition +
REJECT: hello SPF: neutral 550 access neither permitted nor denied +
message was rejected because there was an SPF policy for the +HELO name, and it did not pass. + +
CBV: sender-17-44662668-643@bluepenmagic.com +
we performed a call back verification + +
dspam +
dspam identifier was added to the message + +
REJECT: spam from self: jsconnor.com +
message was reject because HELO was us (jsconnor.com) + +
INNOC: richh +
message was used to update richh's dspam dictionary + +
HONEYPOT: michaelb@jsconnor.com +
message was sent to a honeypot address (michaelb@jsconnor.com), the +message was added to the honeypot dspam dictionary as spam + +
REJECT: numeric hello name: 63.217.19.146 +
message was rejected because helo name was invalid (numeric) + +
eom +
message was successfully received + +
TEMPFAIL: CBV: 450 No MX servers available +
we tried to do a call back verification but could not look up +MX record, we told the sender to try again later + +
CBV: info@emailpizzahut.com (cached) +
call back verification was needed, we had already done it recently + +
abort after 0 body chars +
sender hung up on us + +
REJECT: SPF fail 550 SPF fail: see + http://openspf.com/why.html?sender=m.hendersonxk@163.net&ip=213.47.161.100 +
message was reject because its sender's spf policy said to + +
REJECT: Subject: Cialis - No prescription needed! +
message was rejected because its subject contained a bad expression + +
DSPAM: tonyc tonyc@jsconnor.com +
message was sent to tonyc@jsconnor.com and it was identified as spam +and placed in the tonyc dspam quarantine + +
REJECT: CBV: 550 calvinalstonis@ix.netcom.com...User unknown +
REJECT: CBV: 553 sorry, that domain isn't in my list +
REJECT: CBV: 554 delivery error: dd This user doesn't have an account +
message was rejected because call back verification gave us a fatal +error +
+ +Please add more tags to this list if you know of any. Thanks. + + diff --git a/milter.html b/milter.html index 5e9f732..4e52bd0 100644 --- a/milter.html +++ b/milter.html @@ -24,7 +24,7 @@ ALT="Viewable With Any Browser" BORDER="0"> Stuart D. Gathman
This web page is written by Stuart D. Gathman
and
sponsored by Business Management Systems, Inc.
-Last updated Aug 28, 2005 +Last updated Oct 12, 2005 See the FAQ | Download now | Subscribe to mailing list | @@ -47,10 +47,25 @@ efficient and secure. I recommend upgrading.

Recent Changes

-Python milter is being moved to +Python milter has been moved to pymilter Sourceforge project for development and release downloads.

+Release 0.8.3 uses the standard logging module, and supports configuring +more detailed SPF policy via the sendmail access map. SMTP AUTH connections +are considered INTERNAL. Preventing forgery between internal domains is +just a matter of specifying the user-domain map - I'll define something +for the next version. We now send DSNs when mail is quarantined (rejecting +if DSN fails) and for SPF syntax errors (PermError). There is an +experimental option to add a Sender header when it is missing and the From +domain doesn't match the MAIL FROM domain. Next release, we may start +renaming and replacing an existing Sender header when neither it nor the +From domain matches MAIL FROM. Since bogus MAIL FROMs are rejected +(to varying degrees depending on the configured SPF policy), and +both Sender and From and displayed by default in many email clients, +this provides some phishing protection without rejecting mail based +on headers. +

Release 0.8.2 has changes to SPF to bring it in line with the newly official RFC. It adds SES @@ -245,6 +260,8 @@ content filtering. SPF checking requires pydns. Configuration documentation is currently included as comments in the sample config file for the bms.py milter. +See also the HOWTO and +Milter Log Message Tags.

Python milter is under GPL. The authors can probably be convinced to change this to LGPL if needed.