This commit was manufactured by cvs2svn to create tag 'milter-0_8_0'.

Sprout from bmsi 2005-05-31 18:23:49 UTC Stuart Gathman <stuart@gathman.org> 'Development changes since 0.7.2' Cherrypick from master 2005-06-06 18:24:59 UTC Stuart Gathman <stuart@gathman.org> 'Properly log exceptions from pydspam': COPYING MANIFEST.in Milter/__init__.py Milter/dsn.py Milter/dynip.py NEWS TODO bms.py milter.cfg milter.html milter.spec miltermodule.c mime.py setup.cfg setup.py softfail.txt spf.py spfquery.py strike3.txt test/zip1 testmime.py
2005-06-06 18:25:00 +00:00
46 changed files with 4756 additions and 1794 deletions
@@ -1,8 +1,8 @@
 		    GNU GENERAL PUBLIC LICENSE
 		       Version 2, June 1991

- Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+                       59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

@@ -15,7 +15,7 @@ software--to make sure the software is free for all its users.  This
 General Public License applies to most of the Free Software
 Foundation's software and to any other program whose authors commit to
 using it.  (Some other Free Software Foundation software is covered by
-the GNU Lesser General Public License instead.)  You can apply it to
+the GNU Library General Public License instead.)  You can apply it to
 your programs, too.

  When we speak of free software, we are referring to freedom, not
@@ -55,7 +55,7 @@ patent must be licensed for everyone's free use or not licensed at all.

  The precise terms and conditions for copying, distribution and
 modification follow.
-
+
 		    GNU GENERAL PUBLIC LICENSE
   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

@@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions:
    License.  (Exception: if the Program itself is interactive but
    does not normally print such an announcement, your work based on
    the Program is not required to print an announcement.)
-
+
 These requirements apply to the modified work as a whole.  If
 identifiable sections of that work are not derived from the Program,
 and can be reasonably considered independent and separate works in
@@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent
 access to copy the source code from the same place counts as
 distribution of the source code, even though third parties are not
 compelled to copy the source along with the object code.
-
+
  4. You may not copy, modify, sublicense, or distribute the Program
 except as expressly provided under this License.  Any attempt
 otherwise to copy, modify, sublicense or distribute the Program is
@@ -225,7 +225,7 @@ impose that choice.

 This section is intended to make thoroughly clear what is believed to
 be a consequence of the rest of this License.
-
+
  8. If the distribution and/or use of the Program is restricted in
 certain countries either by patents or by copyrighted interfaces, the
 original copyright holder who places the Program under this License
@@ -278,7 +278,7 @@ PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGES.

 		     END OF TERMS AND CONDITIONS
-
+
 	    How to Apply These Terms to Your New Programs

  If you develop a new program, and you want it to be of the greatest
@@ -303,9 +303,10 @@ the "copyright" line and a pointer to where the full notice is found.
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+

 Also add information on how to contact you by electronic and paper mail.

@@ -335,5 +336,5 @@ necessary.  Here is a sample; alter the names:
 This General Public License does not permit incorporating your program into
 proprietary programs.  If your program is a subroutine library, you may
 consider it more useful to permit linking proprietary applications with the
-library.  If this is what you want to do, use the GNU Lesser General
+library.  If this is what you want to do, use the GNU Library General
 Public License instead of this License.
@@ -5,18 +5,10 @@ wrapper (Milter.py) that handles attachments, did lots of testing, packaged
 it with distutils, and generally transformed it from a quick hack to a
 real, usable Python extension.

-Other contributors (in random order):
+Other contributors:

-Dwayne Litzenberger, B.A.Sc.
-  for library_dirs patch to compile on Debian 
-Dave MacQuigg 
-  for noticing that smfi_insheader wasn't supported, and creating
-  a template to help first time pymilter users create their own milter.
 Terence Way
  for providing a Python port of SPF
-Scott Kitterman
-  for doing lots of testing and debugging of SPF against draft standard,
-  and for putting up a web page that validates SPF records using spf.py
 Alexander Kourakos
  for plugging several memory leaks
 George Graf at Vienna University of Economics and Business Administration
@@ -30,9 +22,6 @@ John Draper
  then pointing out that it would be easier to just write the MTA in Python.
 Eric S. Johansson
  for helpful design discussions while working on camram
-Alex Savguira
-  for finding bugs with international headers and
-  suggesting the scan_zip option.
 Business Management Systems - http://www.bmsi.com
  for hosting the website, and providing paying clients who need milter service
  so I can work on it as part of my day job.
@@ -1,214 +0,0 @@
-# Revision 1.69  2006/11/04 22:09:39  customdesigned
-# Another lame DSN heuristic.  Block PTR cache poisoning attack.
-#
-# Revision 1.68  2006/10/04 03:46:01  customdesigned
-# Fix defaults.
-#
-# Revision 1.67  2006/10/01 01:44:06  customdesigned
-# case_sensitive_localpart option, more delayed bounce heuristics,
-# optional smart_alias section.
-#
-# Revision 1.66  2006/07/26 16:42:26  customdesigned
-# Support CBV timeout
-#
-# Revision 1.65  2006/06/21 22:22:00  customdesigned
-# Handle multi-line headers in delayed dsns.
-#
-# Revision 1.64  2006/06/21 21:12:04  customdesigned
-# More delayed reject token headers.
-# Don't require HELO pass for CBV.
-#
-# Revision 1.63  2006/05/21 03:41:44  customdesigned
-# Fail dsn
-#
-# Revision 1.61  2006/05/17 21:28:07  customdesigned
-# Create GOSSiP record only when connection will procede to DATA.
-#
-# Revision 1.60  2006/05/12 16:14:48  customdesigned
-# Don't require SPF pass for white/black listing mail from trusted relay.
-# Support localpart wildcard for white and black lists.
-#
-# Revision 1.59  2006/04/06 18:14:17  customdesigned
-# Check whitelist/blacklist even when not checking SPF (e.g. trusted relay).
-#
-# Revision 1.58  2006/03/10 20:52:49  customdesigned
-# Use re to recognize failure DSNs.
-#
-# Revision 1.57  2006/03/07 20:50:54  customdesigned
-# Use signed Message-ID in delayed reject to blacklist senders
-#
-# Revision 1.56  2006/02/24 02:12:54  customdesigned
-# Properly report hard PermError (lax mode fails also) by always setting
-# perm_error attribute with PermError exception.  Improve reporting of
-# invalid domain PermError.
-#
-# Revision 1.55  2006/02/17 05:04:29  customdesigned
-# Use SRS sign domain list.
-# Accept but do not use for training whitelisted senders without SPF pass.
-# Immediate rejection of unsigned bounces.
-#
-# Revision 1.54  2006/02/16 02:16:36  customdesigned
-# User specific SPF receiver policy.
-#
-# Revision 1.53  2006/02/12 04:15:01  customdesigned
-# Remove spf dependency for iniplist
-#
-# Revision 1.52  2006/02/12 02:12:08  customdesigned
-# Use CIDR notation for internal connect list.
-#
-# Revision 1.51  2006/02/12 01:13:58  customdesigned
-# Don't check rcpt user list when signed MFROM.
-#
-# Revision 1.50  2006/02/09 20:39:43  customdesigned
-# Use CIDR notation for trusted_relay iplist
-#
-# Revision 1.49  2006/01/30 23:14:48  customdesigned
-# put back eom condition
-#
-# Revision 1.48  2006/01/12 20:31:24  customdesigned
-# Accelerate training via whitelist and blacklist.
-#
-# Revision 1.47  2005/12/29 04:49:10  customdesigned
-# Do not auto-whitelist autoreplys
-#
-# Revision 1.46  2005/12/28 20:17:29  customdesigned
-# Expire and renew AddrCache entries
-#
-# Revision 1.45  2005/12/23 22:34:46  customdesigned
-# Put guessed result in separate header.
-#
-# Revision 1.44  2005/12/23 21:47:07  customdesigned
-# Move Received-SPF header to top.
-#
-# Revision 1.43  2005/12/09 16:54:01  customdesigned
-# Select neutral DSN template for best_guess
-#
-# Revision 1.42  2005/12/01 22:42:32  customdesigned
-# improve gossip support.
-# Initialize srs_domain from srs.srs config property.  Should probably
-# always block unsigned DSN when signing all.
-#
-# Revision 1.41  2005/12/01 18:59:25  customdesigned
-# Fix neutral policy.  pobox.com -> openspf.org
-#
-# Revision 1.40  2005/11/07 21:22:35  customdesigned
-# GOSSiP support, local database only.
-#
-# Revision 1.39  2005/10/31 00:04:58  customdesigned
-# Simple implementation of trusted_forwarder list.  Inefficient for
-# more than 1 or 2 entries.
-#
-# Revision 1.38  2005/10/28 19:36:54  customdesigned
-# Don't check internal_domains for trusted_relay.
-#
-# Revision 1.37  2005/10/28 09:30:49  customdesigned
-# Do not send quarantine DSN when sender is DSN.
-#
-# Revision 1.36  2005/10/23 16:01:29  customdesigned
-# Consider MAIL FROM a match for supply_sender when a subdomain of From or Sender
-#
-# Revision 1.35  2005/10/20 18:47:27  customdesigned
-# Configure auto_whitelist senders.
-#
-# Revision 1.34  2005/10/19 21:07:49  customdesigned
-# access.db stores keys in lower case
-#
-# Revision 1.33  2005/10/19 19:37:50  customdesigned
-# Train screener on whitelisted messages.
-#
-# Revision 1.32  2005/10/14 16:17:31  customdesigned
-# Auto whitelist refinements.
-#
-# Revision 1.31  2005/10/14 01:14:08  customdesigned
-# Auto whitelist feature.
-#
-# Revision 1.30  2005/10/12 16:36:30  customdesigned
-# Release 0.8.3
-#
-# Revision 1.29  2005/10/11 22:50:07  customdesigned
-# Always check HELO except for SPF pass, temperror.
-#
-# Revision 1.28  2005/10/10 23:50:20  customdesigned
-# Use logging module to make logging threadsafe (avoid splitting log lines)
-#
-# Revision 1.27  2005/10/10 20:15:33  customdesigned
-# Configure SPF policy via sendmail access file.
-#
-# Revision 1.26  2005/10/07 03:23:40  customdesigned
-# Banned users option.  Experimental feature to supply Sender when
-# missing and MFROM domain doesn't match From.  Log cipher bits for
-# SMTP AUTH.  Sketch access file feature.
-#
-# Revision 1.25  2005/09/08 03:55:08  customdesigned
-# Handle perverse MFROM quoting.
-#
-# Revision 1.24  2005/08/18 03:36:54  customdesigned
-# Don't innoculate with SCREENED mail.
-#
-# Revision 1.23  2005/08/17 19:35:27  customdesigned
-# Send DSN before adding message to quarantine.
-#
-# Revision 1.22  2005/08/11 22:17:58  customdesigned
-# Consider SMTP AUTH connections internal.
-#
-# Revision 1.21  2005/08/04 21:21:31  customdesigned
-# Treat fail like softfail for selected (braindead) domains.
-# Treat mail according to extended processing results, but
-# report any PermError that would officially result via DSN.
-#
-# Revision 1.20  2005/08/02 18:04:35  customdesigned
-# Keep screened honeypot mail, but optionally discard honeypot only mail.
-#
-# Revision 1.19  2005/07/20 03:30:04  customdesigned
-# Check pydspam version for honeypot, include latest pyspf changes.
-#
-# Revision 1.18  2005/07/17 01:25:44  customdesigned
-# Log as well as use extended result for best guess.
-#
-# Revision 1.17  2005/07/15 20:25:36  customdesigned
-# Use extended results processing for best_guess.
-#
-# Revision 1.16  2005/07/14 03:23:33  customdesigned
-# Make SES package optional.  Initial honeypot support.
-#
-# Revision 1.15  2005/07/06 04:05:40  customdesigned
-# Initial SES integration.
-#
-# Revision 1.14  2005/07/02 23:27:31  customdesigned
-# Don't match hostnames for internal connects.
-#
-# Revision 1.13  2005/07/01 16:30:24  customdesigned
-# Always log trusted Received and Received-SPF headers.
-#
-# Revision 1.12  2005/06/20 22:35:35  customdesigned
-# Setreply for rejectvirus.
-#
-# Revision 1.11  2005/06/17 02:07:20  customdesigned
-# Release 0.8.1
-#
-# Revision 1.10  2005/06/16 18:35:51  customdesigned
-# Ignore HeaderParseError decoding header
-#
-# Revision 1.9  2005/06/14 21:55:29  customdesigned
-# Check internal_domains for outgoing mail.
-#
-# Revision 1.8  2005/06/06 18:24:59  customdesigned
-# Properly log exceptions from pydspam
-#
-# Revision 1.7  2005/06/04 19:41:16  customdesigned
-# Fix bugs from testing RPM
-#
-# Revision 1.6  2005/06/03 04:57:05  customdesigned
-# Organize config reader by section.  Create defang section.
-#
-# Revision 1.5  2005/06/02 15:00:17  customdesigned
-# Configure banned extensions.  Scan zipfile option with test case.
-#
-# Revision 1.4  2005/06/02 04:18:55  customdesigned
-# Update copyright notices after reading article on /.
-#
-# Revision 1.3  2005/06/02 02:09:00  customdesigned
-# Record timestamp in send_dsn.log
-#
-# Revision 1.2  2005/06/02 01:00:36  customdesigned
-# Support configurable templates for DSNs.
@@ -3,15 +3,24 @@ include TODO
 include NEWS
 include CREDITS
 include README
-include ChangeLog
 include MANIFEST.in
 include testsample.py
 include testmime.py
-include testutils.py
+include testbms.py
+include testdspam.py
+include rejects.py
+include bms.py
+include spf.py
+include spfquery.py
 include test.py
 include sample.py
-include milter-template.py
 include test/*
 include Milter/*.py
 include *.spec
 include start.sh
+include milter.rc
+include milter.rc7
+include milter.cfg
+include rhsbl.m4
+include softfail.txt
+include strike3.txt
@@ -0,0 +1,203 @@
+
+# Author: Stuart D. Gathman <stuart@bmsi.com>
+# Copyright 2001 Business Management Systems, Inc.
+# This code is under GPL.  See COPYING for details.
+
+import os
+import milter
+import thread
+
+from milter import ACCEPT,CONTINUE,REJECT,DISCARD,TEMPFAIL,	\
+  set_flags, setdbg, setbacklog, settimeout, \
+  ADDHDRS, CHGBODY, ADDRCPT, DELRCPT, CHGHDRS,	\
+  V1_ACTS, V2_ACTS, CURR_ACTS
+
+try: from milter import QUARANTINE
+except: pass
+
+_seq_lock = thread.allocate_lock()
+_seq = 0
+
+def uniqueID():
+  """Return a sequence number unique to this process.
+  """
+  global _seq
+  _seq_lock.acquire()
+  seqno = _seq = _seq + 1
+  _seq_lock.release()
+  return seqno
+  
+class Milter:
+  """A simple class interface to the milter module.
+  """
+  def _setctx(self,ctx):
+    self.__ctx = ctx
+    if ctx:
+      ctx.setpriv(self)
+
+  # user replaceable callbacks
+  def log(self,*msg):
+    print 'Milter:',
+    for i in msg: print i,
+    print
+
+  def connect(self,hostname,unused,hostaddr):
+    "Called for each connection to sendmail."
+    self.log("connect from %s at %s" % (hostname,hostaddr))
+    return CONTINUE
+
+  def hello(self,hostname):
+    "Called after the HELO command."
+    self.log("hello from %s" % hostname)
+    return CONTINUE
+
+  def envfrom(self,f,*str):
+    """Called to begin each message.
+    f -> string		message sender
+    str -> tuple	additional ESMTP parameters
+    """
+    self.log("mail from",f,str)
+    return CONTINUE
+
+  def envrcpt(self,to,*str):
+    "Called for each message recipient."
+    self.log("rcpt to",to,str)
+    return CONTINUE
+
+  def header(self,field,value):
+    "Called for each message header."
+    self.log("%s: %s" % (field,value))
+    return CONTINUE
+
+  def eoh(self):
+    "Called after all headers are processed."
+    self.log("eoh")
+    return CONTINUE
+
+  def body(self,unused):
+    "Called to transfer the message body."
+    return CONTINUE
+
+  def eom(self):
+    "Called at the end of message."
+    self.log("eom")
+    return CONTINUE
+
+  def abort(self):
+    "Called if the connection is terminated abnormally."
+    self.log("abort")
+    return CONTINUE
+
+  def close(self):
+    "Called at the end of connection, even if aborted."
+    self.log("close")
+    return CONTINUE
+
+  # Milter methods which can be invoked from callbacks
+  def getsymval(self,sym):
+    return self.__ctx.getsymval(sym)
+
+  # If sendmail does not support setmlreply, then only the
+  # first msg line is used.
+  def setreply(self,rcode,xcode=None,msg=None,*ml):
+    return self.__ctx.setreply(rcode,xcode,msg,*ml)
+
+  # Milter methods which can only be called from eom callback.
+  def addheader(self,field,value):
+    return self.__ctx.addheader(field,value)
+
+  def chgheader(self,field,idx,value):
+    return self.__ctx.chgheader(field,idx,value)
+
+  def addrcpt(self,rcpt):
+    return self.__ctx.addrcpt(rcpt)
+
+  def delrcpt(self,rcpt):
+    return self.__ctx.delrcpt(rcpt)
+
+  def replacebody(self,body):
+    return self.__ctx.replacebody(body)
+
+  # When quarantined, a message goes into the mailq as if to be delivered,
+  # but delivery is deferred until the message is unquarantined.
+  def quarantine(self,reason):
+    return self.__ctx.quarantine(reason)
+
+  def progress(self):
+    return self.__ctx.progress()
+
+factory = Milter
+
+def connectcallback(ctx,hostname,family,hostaddr):
+  m = factory()
+  m._setctx(ctx)
+  return m.connect(hostname,family,hostaddr)
+
+def closecallback(ctx):
+  m = ctx.getpriv()
+  if not m: return CONTINUE
+  rc = m.close()
+  m._setctx(None)	# release milterContext
+  return rc
+
+def envcallback(c,args):
+  """Convert ESMTP parms to keyword parameters.
+  Can be used in the envfrom and/or envrcpt callbacks to process
+  ESMTP parameters as python keyword parameters."""
+  kw = {}
+  for s in args[1:]:
+    pos = s.find('=')
+    if pos > 0:
+      kw[s[:pos]] = s[pos+1:]
+  return apply(c,args,kw)
+
+def runmilter(name,socketname,timeout = 0):
+  # This bit is here on the assumption that you will be starting this filter
+  # before sendmail.  If sendmail is not running and the socket already exists,
+  # libmilter will throw a warning.  If sendmail is running, this is still
+  # safe if there are no messages currently being processed.  It's safer to
+  # shutdown sendmail, kill the filter process, restart the filter, and then
+  # restart sendmail.
+  pos = socketname.find(':')
+  if pos > 1:
+    s = socketname[:pos]
+    fname = socketname[pos+1:]
+  else:
+    s = "unix"
+    fname = socketname
+  if s == "unix" or s == "local":
+    print "Removing %s" % fname
+    try:
+      os.unlink(fname)
+    except:
+      pass
+
+  # The default flags set include everything
+  # milter.set_flags(milter.ADDHDRS)
+  milter.set_connect_callback(connectcallback)
+  milter.set_helo_callback(lambda ctx, host: ctx.getpriv().hello(host))
+  milter.set_envfrom_callback(lambda ctx,*str:
+  	ctx.getpriv().envfrom(*str))
+#  	envcallback(ctx.getpriv().envfrom,str))
+  milter.set_envrcpt_callback(lambda ctx,*str:
+  	ctx.getpriv().envrcpt(*str))
+#  	envcallback(ctx.getpriv().envrcpt,str))
+  milter.set_header_callback(lambda ctx,fld,val:
+  	ctx.getpriv().header(fld,val))
+  milter.set_eoh_callback(lambda ctx: ctx.getpriv().eoh())
+  milter.set_body_callback(lambda ctx,chunk: ctx.getpriv().body(chunk))
+  milter.set_eom_callback(lambda ctx: ctx.getpriv().eom())
+  milter.set_abort_callback(lambda ctx: ctx.getpriv().abort())
+  milter.set_close_callback(closecallback)
+
+  milter.setconn(socketname)
+  if timeout > 0: milter.settimeout(timeout)
+  # The name *must* match the X line in sendmail.cf (supposedly)
+  milter.register(name)
+  start_seq = _seq
+  try:
+    milter.main()
+  except milter.error:
+    if start_seq == _seq: raise	# couldn't start
+    # milter has been running for a while, but now it can't start new threads
+    raise milter.error("out of thread resources")
@@ -9,15 +9,13 @@ import milter
 import thread

 from milter import ACCEPT,CONTINUE,REJECT,DISCARD,TEMPFAIL,	\
-  set_flags, setdbg, setbacklog, settimeout, error,	\
+  set_flags, setdbg, setbacklog, settimeout, \
  ADDHDRS, CHGBODY, ADDRCPT, DELRCPT, CHGHDRS,	\
  V1_ACTS, V2_ACTS, CURR_ACTS

 try: from milter import QUARANTINE
 except: pass

-__version__ = '0.8.5'
-
 _seq_lock = thread.allocate_lock()
 _seq = 0

@@ -44,7 +42,7 @@ class Milter:
    for i in msg: print i,
    print

-  def connect(self,hostname,family,hostaddr):
+  def connect(self,hostname,unused,hostaddr):
    "Called for each connection to sendmail."
    self.log("connect from %s at %s" % (hostname,hostaddr))
    return CONTINUE
@@ -106,14 +104,14 @@ class Milter:
    return self.__ctx.setreply(rcode,xcode,msg,*ml)

  # Milter methods which can only be called from eom callback.
-  def addheader(self,field,value,idx=-1):
-    return self.__ctx.addheader(field,value,idx)
+  def addheader(self,field,value):
+    return self.__ctx.addheader(field,value)

  def chgheader(self,field,idx,value):
    return self.__ctx.chgheader(field,idx,value)

-  def addrcpt(self,rcpt,params=None):
-    return self.__ctx.addrcpt(rcpt,params)
+  def addrcpt(self,rcpt):
+    return self.__ctx.addrcpt(rcpt)

  def delrcpt(self,rcpt):
    return self.__ctx.delrcpt(rcpt)
@@ -121,9 +119,6 @@ class Milter:
  def replacebody(self,body):
    return self.__ctx.replacebody(body)

-  def chgfrom(self,sender,params=None):
-    return self.__ctx.chgfrom(sender,params)
-
  # When quarantined, a message goes into the mailq as if to be delivered,
  # but delivery is deferred until the message is unquarantined.
  def quarantine(self,reason):
@@ -146,28 +141,16 @@ def closecallback(ctx):
  m._setctx(None)	# release milterContext
  return rc

-def dictfromlist(args):
-  "Convert ESMTP parm list to keyword dictionary."
-  kw = {}
-  for s in args:
-    pos = s.find('=')
-    if pos > 0:
-      kw[s[:pos].upper()] = s[pos+1:]
-  return kw
-
 def envcallback(c,args):
-  """Call function c with ESMTP parms converted to keyword parameters.
+  """Convert ESMTP parms to keyword parameters.
  Can be used in the envfrom and/or envrcpt callbacks to process
  ESMTP parameters as python keyword parameters."""
  kw = {}
-  pargs = [args[0]]
  for s in args[1:]:
    pos = s.find('=')
    if pos > 0:
-      kw[s[:pos].upper()] = s[pos+1:]
-    else:
-      pargs.append(s)
-  return c(*pargs,**kw)
+      kw[s[:pos]] = s[pos+1:]
+  return apply(c,args,kw)

 def runmilter(name,socketname,timeout = 0):
  # This bit is here on the assumption that you will be starting this filter
@@ -187,22 +170,21 @@ def runmilter(name,socketname,timeout = 0):
    print "Removing %s" % fname
    try:
      os.unlink(fname)
-    except os.error, x:
-      import errno
-      if x.errno != errno.ENOENT:
-        raise milter.error(x)
+    except:
+      pass

  # The default flags set include everything
  # milter.set_flags(milter.ADDHDRS)
  milter.set_connect_callback(connectcallback)
  milter.set_helo_callback(lambda ctx, host: ctx.getpriv().hello(host))
-  # For envfrom and envrcpt, we would like to convert ESMTP parms to keyword
-  # parms, but then all existing users would have to include **kw to accept
-  # arbitrary keywords without crashing.  We do provide envcallback and
-  # dictfromlist to make parsing the ESMTP args convenient.
-  milter.set_envfrom_callback(lambda ctx,*str: ctx.getpriv().envfrom(*str))
-  milter.set_envrcpt_callback(lambda ctx,*str: ctx.getpriv().envrcpt(*str))
-  milter.set_header_callback(lambda ctx,fld,val: ctx.getpriv().header(fld,val))
+  milter.set_envfrom_callback(lambda ctx,*str:
+  	ctx.getpriv().envfrom(*str))
+#  	envcallback(ctx.getpriv().envfrom,str))
+  milter.set_envrcpt_callback(lambda ctx,*str:
+  	ctx.getpriv().envrcpt(*str))
+#  	envcallback(ctx.getpriv().envrcpt,str))
+  milter.set_header_callback(lambda ctx,fld,val:
+  	ctx.getpriv().header(fld,val))
  milter.set_eoh_callback(lambda ctx: ctx.getpriv().eoh())
  milter.set_body_callback(lambda ctx,chunk: ctx.getpriv().body(chunk))
  milter.set_eom_callback(lambda ctx: ctx.getpriv().eom())
@@ -222,6 +204,6 @@ def runmilter(name,socketname,timeout = 0):
    raise milter.error("out of thread resources")

 __all__ = globals().copy()
-for priv in ('os','milter','thread','factory','_seq','_seq_lock','__version__'):
+for priv in ('os','milter','thread','factory','_seq','_seq_lock'):
  del __all__[priv]
 __all__ = __all__.keys()
@@ -1,158 +0,0 @@
-# Email address list with expiration
-#
-# This class acts like a map.  Entries with a value of None are persistent,
-# but disappear after a time limit.  This is useful for automatic whitelists
-# and blacklists with expiration.  The persistent store is a simple ascii
-# file with sender and timestamp on each line.  Entries can be appended
-# to the store, and will be picked up the next time it is loaded.
-#
-# Entries with other values are not persistent.  This is used to hold failed
-# CBV results.
-#
-# $Log$
-# Revision 1.8  2007/09/03 16:18:45  customdesigned
-# Delete unparseable timestamps when loading address cache.  These have
-# arisen because of failure to parse MAIL FROM properly.   Will have to
-# tighten up MAIL FROM parsing to match RFC.
-#
-# Revision 1.7  2007/01/25 22:47:26  customdesigned
-# Persist blacklisting from delayed DSNs.
-#
-# Revision 1.6  2007/01/19 23:31:38  customdesigned
-# Move parse_header to Milter.utils.
-# Test case for delayed DSN parsing.
-# Fix plock when source missing or cannot set owner/group.
-#
-# Revision 1.5  2007/01/11 19:59:40  customdesigned
-# Purge old entries in auto_whitelist and send_dsn logs.
-#
-# Revision 1.4  2007/01/11 04:31:26  customdesigned
-# Negative feedback for bad headers.  Purge cache logs on startup.
-#
-# Revision 1.3  2007/01/08 23:20:54  customdesigned
-# Get user feedback.
-#
-# Revision 1.2  2007/01/05 23:33:55  customdesigned
-# Make blacklist an AddrCache
-#
-# Revision 1.1  2007/01/05 21:25:40  customdesigned
-# Move AddrCache to Milter package.
-#
-
-# Author: Stuart D. Gathman <stuart@bmsi.com>
-# Copyright 2001,2002,2003,2004,2005 Business Management Systems, Inc.
-# This code is under the GNU General Public License.  See COPYING for details.
-
-import time
-from plock import PLock
-
-class AddrCache(object):
-  time_format = '%Y%b%d %H:%M:%S %Z'
-
-  def __init__(self,renew=7,fname=None):
-    self.age = renew
-    self.cache = {}
-    self.fname = fname
-
-  def load(self,fname,age=0):
-    "Load address cache from persistent store."
-    if not age:
-      age = self.age
-    self.fname = fname
-    cache = {}
-    self.cache = cache
-    now = time.time()
-    lock = PLock(self.fname)
-    wfp = lock.lock()
-    changed = False
-    try:
-      too_old = now - age*24*60*60	# max age in days
-      try:
-        fp = open(self.fname)
-      except OSError:
-        fp = ()
-      for ln in fp:
-	try:
-	  rcpt,ts = ln.strip().split(None,1)
-          try:
-            l = time.strptime(ts,AddrCache.time_format)
-            t = time.mktime(l)
-            if t < too_old:
-              changed = True
-              continue
-            cache[rcpt.lower()] = (t,None)
-          except:       # unparsable timestamp - likely garbage
-            changed = True
-            continue
-	except: # manual entry (no timestamp)
-	  cache[ln.strip().lower()] = (now,None)
-	wfp.write(ln)
-      if changed:
-	lock.commit(self.fname+'.old')
-      else:
-        lock.unlock()
-    except IOError:
-      lock.unlock()
-
-  def has_precise_key(self,sender):
-    """True if precise sender is cached and has not expired.  Don't
-    try looking up wildcard entries.
-    """
-    try:
-      lsender = sender and sender.lower()
-      ts,res = self.cache[lsender]
-      too_old = time.time() - self.age*24*60*60	# max age in days
-      if not ts or ts > too_old:
-        return True
-      del self.cache[lsender]
-    except KeyError: pass
-    return False
-
-  def has_key(self,sender):
-    "True if sender is cached and has not expired."
-    if self.has_precise_key(sender):
-      return True
-    try:
-      user,host = sender.split('@',1)
-      return self.has_precise_key(host)
-    except: pass
-    return False
-
-  __contains__ = has_key
-
-  def __getitem__(self,sender):
-    try:
-      lsender = sender.lower()
-      ts,res = self.cache[lsender]
-      too_old = time.time() - self.age*24*60*60	# max age in days
-      if not ts or ts > too_old:
-	return res
-      del self.cache[lsender]
-      raise KeyError, sender
-    except KeyError,x:
-      try:
-	user,host = sender.split('@',1)
-	return self.__getitem__(host)
-      except ValueError:
-        raise x
-
-  def addperm(self,sender,res=None):
-    "Add a permanent sender."
-    lsender = sender.lower()
-    if self.has_key(lsender):
-      ts,res = self.cache[lsender]
-      if not ts: return		# already permanent
-    self.cache[lsender] = (None,res)
-    if not res:
-      print >>open(self.fname,'a'),sender
-    
-  def __setitem__(self,sender,res):
-    lsender = sender.lower()
-    now = time.time()
-    self.cache[lsender] = (now,res)
-    if not res and self.fname:
-      s = time.strftime(AddrCache.time_format,time.localtime(now))
-      print >>open(self.fname,'a'),sender,s # log refreshed senders
-
-  def __len__(self):
-    return len(self.cache)
@@ -1,64 +0,0 @@
-from ConfigParser import ConfigParser
-
-class MilterConfigParser(ConfigParser):
-
-  def __init__(self,defaults={}):
-    ConfigParser.__init__(self)
-    self.defaults = defaults
-
-  # The defaults provided by ConfigParser show up in all sections,
-  # which screws up iterating over all options in a section.
-  # Worse, passing "defaults" with vars= overrides the config file!
-  # So we roll our own defaults.
-  def get(self,sect,opt):
-    if not self.has_option(sect,opt) and opt in self.defaults:
-      return self.defaults[opt]
-    return ConfigParser.get(self,sect,opt)
-    
-  def getlist(self,sect,opt):
-    if self.has_option(sect,opt):
-      return [q.strip() for q in self.get(sect,opt).split(',')]
-    return []
-
-  def getaddrset(self,sect,opt):
-    if not self.has_option(sect,opt):
-      return {}
-    s = self.get(sect,opt)
-    d = {}
-    for q in s.split(','):
-      q = q.strip()
-      if q.startswith('file:'):
-        domain = q[5:].lower()
-	d[domain] = d.setdefault(domain,[]) + open(domain,'r').read().split()
-      else:
-	user,domain = q.split('@')
-	d.setdefault(domain.lower(),[]).append(user)
-    return d
-  
-  def getaddrdict(self,sect,opt):
-    if not self.has_option(sect,opt):
-      return {}
-    d = {}
-    for q in self.get(sect,opt).split(','):
-      q = q.strip()
-      if self.has_option(sect,q):
-        l = self.get(sect,q)
-	for addr in l.split(','):
-	  addr = addr.strip()
-	  if addr.startswith('file:'):
-	    fname = addr[5:]
-	    for a in open(fname,'r').read().split():
-	      d[a] = q
-	  else:
-	    d[addr] = q
-    return d
-
-  def getdefault(self,sect,opt,default=None):
-    if self.has_option(sect,opt):
-      return self.get(sect,opt)
-    return default
-
-  def getintdefault(self,sect,opt,default=None):
-    if self.has_option(sect,opt):
-      return self.getint(sect,opt)
-    return default
@@ -1,90 +0,0 @@
-# provide a higher level interface to pydns
-
-import DNS
-from DNS import DNSError
-
-MAX_CNAME = 10
-
-def DNSLookup(name, qtype):
-    try:
-        req = DNS.DnsRequest(name, qtype=qtype)
-        resp = req.req()
-        #resp.show()
-        # key k: ('wayforward.net', 'A'), value v
-        # FIXME: pydns returns AAAA RR as 16 byte binary string, but
-        # A RR as dotted quad.  For consistency, this driver should
-        # return both as binary string.
-        return [((a['name'], a['typename']), a['data']) for a in resp.answers]
-    except IOError, x:
-        raise DNSError, str(x)
-
-class Session(object):
-  """A Session object has a simple cache with no TTL that is valid
-   for a single "session", for example an SMTP conversation."""
-  def __init__(self):
-    self.cache = {}
-
-  # We have to be careful which additional DNS RRs we cache.  For
-  # instance, PTR records are controlled by the connecting IP, and they
-  # could poison our local cache with bogus A and MX records.  
-
-  SAFE2CACHE = {
-    ('MX','A'): None,
-    ('MX','MX'): None,
-    ('CNAME','A'): None,
-    ('CNAME','CNAME'): None,
-    ('A','A'): None,
-    ('AAAA','AAAA'): None,
-    ('PTR','PTR'): None,
-    ('NS','NS'): None,
-    ('NS','A'): None,
-    ('TXT','TXT'): None,
-    ('SPF','SPF'): None
-  }
-
-
-  def dns(self, name, qtype, cnames=None):
-    """DNS query.
-
-    If the result is in cache, return that.  Otherwise pull the
-    result from DNS, and cache ALL answers, so additional info
-    is available for further queries later.
-
-    CNAMEs are followed.
-
-    If there is no data, [] is returned.
-
-    pre: qtype in ['A', 'AAAA', 'MX', 'PTR', 'TXT', 'SPF']
-    post: isinstance(__return__, types.ListType)
-    """
-    result = self.cache.get( (name, qtype) )
-    cname = None
-
-    if not result:
-        safe2cache = Session.SAFE2CACHE
-        for k, v in DNSLookup(name, qtype):
-            if k == (name, 'CNAME'):
-                cname = v
-            if (qtype,k[1]) in safe2cache:
-                self.cache.setdefault(k, []).append(v)
-        result = self.cache.get( (name, qtype), [])
-    if not result and cname:
-        if not cnames:
-            cnames = {}
-        elif len(cnames) >= MAX_CNAME:
-            #return result    # if too many == NX_DOMAIN
-            raise DNSError('Length of CNAME chain exceeds %d' % MAX_CNAME)
-        cnames[name] = cname
-        if cname in cnames:
-            raise DNSError, 'CNAME loop'
-        result = self.dns(cname, qtype, cnames=cnames)
-    return result
-
-DNS.DiscoverNameServers()
-
-if __name__ == '__main__':
-  import sys
-  s = Session()
-  for n,t in zip(*[iter(sys.argv[1:])]*2):
-    print n,t
-    print s.dns(n,t)
@@ -4,62 +4,115 @@

 # Send DSNs, do call back verification,
 # and generate DSN messages from a template
-# $Log$
-# Revision 1.15  2007/09/24 20:13:26  customdesigned
-# Remove explicit spf dependency.
-#
-# Revision 1.14  2007/03/03 18:19:40  customdesigned
-# Handle DNS error sending DSN.
-#
-# Revision 1.13  2007/01/04 18:01:11  customdesigned
-# Do plain CBV when template missing.
-#
-# Revision 1.12  2006/07/26 16:37:35  customdesigned
-# Support timeout.
-#
-# Revision 1.11  2006/06/21 21:07:11  customdesigned
-# Include header fields in DSN template.
-#
-# Revision 1.10  2006/05/24 20:56:35  customdesigned
-# Remove default templates.  Scrub test.
-#

 import smtplib
+import spf
 import socket
 from email.Message import Message
-import Milter
-import time
-import dns

-def send_dsn(mailfrom,receiver,msg=None,timeout=600,session=None):
-  """Send DSN.  If msg is None, do callback verification.
-     Mailfrom is original sender we are sending DSN or CBV to.
-     Receiver is the MTA sending the DSN.
-     Return None for success or (code,msg) for failure."""
+nospf_msg = """Subject: Critical mail server configuration error
+
+This is an automatically generated Delivery Status Notification.
+
+THIS IS A WARNING MESSAGE ONLY.
+
+YOU DO *NOT* NEED TO RESEND YOUR MESSAGE.
+
+Delivery to the following recipients has been delayed.
+
+	%(rcpt)s
+
+Subject: %(subject)s 
+
+Someone at IP address %(connectip)s sent an email claiming
+to be from %(sender)s.  
+
+If that wasn't you, then your domain, %(sender_domain)s,
+was forged - i.e. used without your knowlege or authorization by
+someone attempting to steal your mail identity.  This is a very
+serious problem, and you need to provide authentication for your
+SMTP (email) servers to prevent criminals from forging your
+domain.  The simplest step is usually to publish an SPF record
+with your Sender Policy.  
+
+For more information, see: http://spfhelp.net
+
+I hate to annoy you with a DSN (Delivery Status
+Notification) from a possibly forged email, but since you
+have not published a sender policy, there is no other way
+of bringing this to your attention.
+
+If it *was* you that sent the email, then your email domain
+or configuration is in error.  If you don't know anything
+about mail servers, then pass this on to your SMTP (mail)
+server administrator.  We have accepted the email anyway, in
+case it is important, but we couldn't find anything about
+the mail submitter at %(connectip)s to distinguish it from a
+zombie (compromised/infected computer - usually a Windows
+PC).  There was no PTR record for its IP address (PTR names
+that contain the IP address don't count).  RFC2821 requires
+that your hello name be a FQN (Fully Qualified domain Name,
+i.e. at least one dot) that resolves to the IP address of
+the mail sender.  In addition, just like for PTR, we don't
+accept a helo name that contains the IP, since this doesn't
+help to identify you.  The hello name you used,
+%(heloname)s, was invalid.
+
+Furthermore, there was no SPF record for the sending domain
+%(sender_domain)s.  We even tried to find its IP in any A or
+MX records for your domain, but that failed also.  We really
+should reject mail from anonymous mail clients, but in case
+it is important, we are accepting it anyway.
+
+We are sending you this message to alert you to the fact that
+
+Either - Someone is forging your domain.
+Or - You have problems with your email configuration.
+Or - Possibly both.
+
+If you need further assistance, please do not hesitate to
+contact me again.
+
+Kind regards,
+
+postmaster@%(receiver)s
+"""
+
+softfail_msg = """Subject: SPF softfail (POSSIBLE FORGERY)
+
+This is an automatically generated Delivery Status Notification.
+
+THIS IS A WARNING MESSAGE ONLY.
+
+YOU DO *NOT* NEED TO RESEND YOUR MESSAGE.
+
+Delivery to the following recipients has been delayed.
+
+       %(rcpt)s
+
+Subject: %(subject)s
+Received-SPF: %(spf_result)s
+"""
+
+def send_dsn(mailfrom,receiver,msg=None):
+  "Send DSN.  If msg is None, do callback verification."
  user,domain = mailfrom.split('@')
-  if not session: session = dns.Session()
-  try:
-    mxlist = session.dns(domain,'MX')
-  except dns.DNSError:
-    return (450,'DNS Timeout: %s MX'%domain)	# temp error
+  q = spf.query(None,None,None)
+  mxlist = q.dns(domain,'MX')
  if not mxlist:
-    mxlist = (0,domain),	# fallback to A record when no MX
+    mxlist = (0,domain),
  else:
    mxlist.sort()
  smtp = smtplib.SMTP()
-  toolate = time.time() + timeout
  for prior,host in mxlist:
    try:
      smtp.connect(host)
      code,resp = smtp.helo(receiver)
      # some wiley spammers have MX records that resolve to 127.0.0.1
-      a = resp.split()
-      if not a:
-        return (553,'MX for %s has no hostname in banner: %s' % (domain,host))
-      if a[0] == receiver:
-        return (553,'Fraudulent MX for %s: %s' % (domain,host))
+      if resp.split()[0] == receiver:
+        return (553,'Fraudulent MX for %s' % domain)
      if not (200 <= code <= 299):
-	raise smtplib.SMTPHeloError(code, resp)
+	raise SMTPHeloError(code, resp)
      if msg:
        try:
 	  smtp.sendmail('<>',mailfrom,msg)
@@ -69,7 +122,7 @@ def send_dsn(mailfrom,receiver,msg=None,timeout=600,session=None):
      else:	# CBV
 	code,resp = smtp.docmd('MAIL FROM: <>')
 	if code != 250:
-	  raise smtplib.SMTPSenderRefused(code, resp, '<>')
+	  raise SMTPSenderRefused(code, resp, '<>')
 	code,resp = smtp.rcpt(mailfrom)
 	if code not in (250,251):
 	  return (code,resp)		# permanent error
@@ -78,90 +131,55 @@ def send_dsn(mailfrom,receiver,msg=None,timeout=600,session=None):
    except smtplib.SMTPRecipientsRefused,x:
      return x.recipients[mailfrom]	# permanent error
    except smtplib.SMTPSenderRefused,x:
-      return x.args[:2]			# does not accept DSN
+      return x		# does not accept DSN
    except smtplib.SMTPDataError,x:
-      return x.args			# permanent error
+      return x				# permanent error
    except smtplib.SMTPException:
      pass		# any other error, try next MX
    except socket.error:
      pass		# MX didn't accept connections, try next one
-    except socket.timeout:
-      pass		# MX too slow, try next one
    smtp.close()
-    if time.time() > toolate:
-      return (450,'No MX response within %f minutes'%(timeout/60.0))
  return (450,'No MX servers available')	# temp error

-class Vars: pass
-
-# NOTE: Caller can pass an object to create_msg that in a typical milter
-# collects things like heloname or sender anyway.
-def create_msg(v,rcptlist=None,origmsg=None,template=None):
-  """Create a DSN message from a template.  Template must be '\n' separated.
-     v - an object whose attributes are used for substitutions.  Must
-       have sender and receiver attributes at a minimum.
-     rcptlist - used to set v.rcpt if given
-     origmsg - used to set v.subject and v.spf_result if given
-     template - a '\n' separated string with python '%(name)s' substitutions.
-  """
-  if not template:
-    return None
-  if hasattr(v,'perm_error'):
-    # likely to be an spf.query, try translating for backward compatibility
-    q = v
-    v = Vars()
+def create_msg(q,rcptlist,origmsg=None,template=None):
+  "Create a DSN message from a template.  Template must be '\n' separated."
+  heloname = q.h
+  sender = q.s
+  connectip = q.i
+  receiver = q.r
+  sender_domain = q.o
+  rcpt = '\n\t'.join(rcptlist)
+  try: subject = origmsg['Subject']
+  except: subject = '(none)'
  try:
-      v.heloname = q.h
-      v.sender = q.s
-      v.connectip = q.i
-      v.receiver = q.r
-      v.sender_domain = q.o
-      v.result = q.result
-      v.perm_error = q.perm_error
-    except: v = q
-  if rcptlist:
-    v.rcpt = '\n\t'.join(rcptlist)
-  if origmsg:
-    try: v.subject = origmsg['Subject']
-    except: v.subject = '(none)'
-    try:
-      v.spf_result = origmsg['Received-SPF']
-    except: v.spf_result = None
+    spf_result = origmsg['Received-SPF']
+    if not spf_result.startswith('softfail'):
+      spf_result = None
+  except: spf_result = None

  msg = Message()

-  msg.add_header('X-Mailer','PyMilter-'+Milter.__version__)
+  msg.add_header('To',sender)
+  msg.add_header('From','postmaster@%s'%receiver)
+  msg.add_header('Auto-Submitted','auto-generated (configuration error)')
  msg.set_type('text/plain')

-  hdrs,body = template.split('\n\n',1)
+  if not template:
+    if spf_result: template = softfail_msg
+    else: template = nospf_msg
+  hdrs,body = template.split('\n',1)
  for ln in hdrs.splitlines():
    name,val = ln.split(':',1)
-    msg.add_header(name,(val % v.__dict__).strip())
-  msg.set_payload(body % v.__dict__)
-  # add headers if missing from old template
-  if 'to' not in msg:
-    msg.add_header('To',v.sender)
-  if 'from' not in msg:
-    msg.add_header('From','postmaster@%s'%v.receiver)
-  if 'auto-submitted' not in msg:
-    msg.add_header('Auto-Submitted','auto-generated')
+    msg.add_header(name,(val % locals()).strip())
+  msg.set_payload(body % locals())
+
  return msg

 if __name__ == '__main__':
-  import spf
  q = spf.query('192.168.9.50',
-  'SRS0=pmeHL=RH==stuart@example.com',
-  'red.example.com',receiver='mail.example.com')
-  q.result = 'softfail'
-  q.perm_error = None
-  msg = create_msg(q,['charlie@example.com'],None,
-"""From: postmaster@%(receiver)s
-To: %(sender)s
-Subject: Test
-
-Test DSN template
-"""
-  )
+  'SRS0=pmeHL=RH=bmsi.com=stuart@bmsi.com',
+  'bmsred.bmsi.com',receiver='mail.bmsi.com')
+  msg = create_msg(q,['charlie@jsconnor.com'],None,None)
  print msg.as_string()
  # print send_dsn(f,msg.as_string())
-  # print send_dsn(q.s,'mail.example.com',msg.as_string())
+  print send_dsn(q.s,'mail.bmsi.com',msg.as_string())
@@ -44,8 +44,6 @@ def is_dynip(host,addr):
  True
  >>> is_dynip('[1.2.3.4]','1.2.3.4')
  True
-  >>> is_dynip('c-71-63-151-151.hsd1.mn.comcast.net','71.63.151.151')
-  True
  """
  if host.startswith('[') and host.endswith(']'):
    return True
@@ -56,7 +54,7 @@ def is_dynip(host,addr):
    h = host
    m = ip3.findall(host)
    if m:
-      g = map(int,m)[:4]
+      g = map(int,m)
      ia3 = (ia[1:],ia[:3])
      if g[-3:] in ia3: return True
      if g[0] == ia[3] and g[1:3] == ia[:2]: return True
@@ -1,74 +0,0 @@
-import time
-import shelve
-import thread
-import logging
-import urllib
-
-log = logging.getLogger('milter.greylist')
-
-def quoteAddress(s):
-  '''Quote an address so that it's safe to store in the file-system.
-  Address can either be a domain name, or local part.
-  Returns the quoted address.'''
-
-  s = urllib.quote(s, '@_-+~!.%')
-  if s.startswith('.'): s = '%2e' + s[1:]
-  return s
-
-class Record(object):
-  __slots__ = ( 'firstseen', 'lastseen', 'umis', 'cnt' )
-
-  def __init__(self):
-    now = time.time()
-    self.firstseen = now
-    self.lastseen = now
-    self.cnt = 0
-    self.umis = None
-
-class Greylist(object):
-
-  def __init__(self,dbname,grey_time=10,grey_expire=4,grey_retain=36):
-    self.ignoreLastByte = False
-    self.greylist_time = grey_time * 60         # minutes
-    self.greylist_expire = grey_expire * 3600   # hours
-    self.greylist_retain = grey_retain * 24 * 3600   # days
-    self.dbp = shelve.open(dbname,'c',protocol=2)
-    self.lock = thread.allocate_lock()
-  
-  def check(self,ip,sender,recipient):
-    "Return number of allowed messages for greylist triple."
-    sender = quoteAddress(sender)
-    recipient = quoteAddress(recipient)
-    key = ip + ':' + sender + ':' + recipient
-    self.lock.acquire()
-    try:
-      dbp = self.dbp
-      try:
-        r = dbp[key]
-        now = time.time()
-        if now > r.lastseen + self.greylist_retain:
-          # expired
-          log.debug('Expired greylist: %s',key)
-          r = Record()
-        elif now < r.firstseen + self.greylist_time:
-          # still greylisted
-          log.debug('Early greylist: %s',key)
-          #r = Record()
-          r.lastseen = now
-        elif r.cnt or now < r.firstseen + self.greylist_expire:
-          # in greylist window or active
-          r.lastseen = now
-          r.cnt += 1
-          log.debug('Active greylist(%d): %s',r.cnt,key)
-        else:
-          # passed greylist window
-          log.debug('Late greylist: %s',key)
-          r = Record()
-        dbp[key] = r
-      except:
-        r = Record()
-        dbp[key] = r
-      dbp.sync()
-    finally:
-      self.lock.release()
-    return r.cnt
@@ -1,66 +0,0 @@
-# Author: Stuart D. Gathman <stuart@bmsi.com>
-# Copyright 2001 Business Management Systems, Inc.
-# This code is under the GNU General Public License.  See COPYING for details.
-
-import os
-from time import sleep
-
-class PLock(object):
-  "A simple /etc/passwd style lock,update,rename protocol for updating files."
-  def __init__(self,basename):
-    self.basename = basename
-    self.fp = None
-
-  def lock(self,lockname=None,mode=0660,strict_perms=False):
-    "Start an update transaction.  Return FILE to write new version."
-    self.unlock()
-    if not lockname:
-      lockname = self.basename + '.lock'
-    self.lockname = lockname
-    try:
-      st = os.stat(self.basename)
-      mode |= st.st_mode
-    except OSError: pass
-    u = os.umask(0002)
-    try:
-      fd = os.open(lockname,os.O_WRONLY+os.O_CREAT+os.O_EXCL,mode)
-    finally:
-      os.umask(u)
-    self.fp = os.fdopen(fd,'w')
-    try:
-      os.chown(self.lockname,-1,st.st_gid)
-    except:
-      if strict_perms:
-	self.unlock()
-	raise
-    return self.fp
-
-  def wlock(self,lockname=None):
-    "Wait until lock is free, then start an update transaction."
-    while True:
-      try:
-        return self.lock(lockname)
-      except OSError:
-        sleep(2)
-
-  def commit(self,backname=None):
-    "Commit update transaction with optional backup file."
-    if not self.fp:
-      raise IOError,"File not locked"
-    self.fp.close()
-    self.fp = None
-    if backname:
-      try:
-	os.remove(backname)
-      except OSError: pass
-      os.link(self.basename,backname)
-    os.rename(self.lockname,self.basename)
-
-  def unlock(self):
-    "Cancel update transaction."
-    if self.fp:
-      try:
-        self.fp.close()
-      except: pass
-      self.fp = None
-      os.remove(self.lockname)
@@ -1,17 +0,0 @@
-# Author: Stuart D. Gathman <stuart@bmsi.com>
-# Copyright 2005 Business Management Systems, Inc.
-# This code is under the GNU General Public License.  See COPYING for details.
-
-# The localpart of SMTP return addresses is often signed.  The format
-# of the signing is application specific and doesn't concern us -
-# except that we wish to extract some sort of fixed string from
-# the variable signature which represents the "source" of the message.
-
-def unsign(s):
-  """Attempt to unsign localpart and return original email.
-  No attempt is made to verify the signature.
-  >>> unsign('SRS0=8Y3CZ=3U=jsconnor.com=bills@bmsi.com')
-  'bills@jsconnor.com'
-  """
-  # not implemented yet
-  return s
@@ -1,125 +0,0 @@
-import re
-import struct
-import socket
-import email.Errors
-from fnmatch import fnmatchcase
-from email.Header import decode_header
-#import email.Utils
-import rfc822
-
-ip4re = re.compile(r'^[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*$')
-
-# from spf.py
-def addr2bin(str):
-  "Convert a string IPv4 address into an unsigned integer."
-  return struct.unpack("!L", socket.inet_aton(str))[0]
-
-MASK = 0xFFFFFFFFL
-
-def cidr(i,n):
-  return ~(MASK >> n) & MASK & i
-
-def iniplist(ipaddr,iplist):
-  """Return whether ip is in cidr list
-  >>> iniplist('66.179.26.146',['127.0.0.1','66.179.26.128/26'])
-  True
-  >>> iniplist('127.0.0.1',['127.0.0.1','66.179.26.128/26'])
-  True
-  >>> iniplist('192.168.0.45',['192.168.0.*'])
-  True
-  """
-  ipnum = addr2bin(ipaddr)
-  for pat in iplist:
-    p = pat.split('/',1)
-    if ip4re.match(p[0]):
-      if len(p) > 1:
-	n = int(p[1])
-      else:
-        n = 32
-      if cidr(addr2bin(p[0]),n) == cidr(ipnum,n):
-        return True
-    elif fnmatchcase(ipaddr,pat):
-      return True
-  return False
-
-def parseaddr(t):
-  """Split email into Fullname and address.
-
-  >>> parseaddr('user@example.com')
-  ('', 'user@example.com')
-  >>> parseaddr('"Full Name" <foo@example.com>')
-  ('Full Name', 'foo@example.com')
-  >>> parseaddr('spam@spammer.com <foo@example.com>')
-  ('spam@spammer.com', 'foo@example.com')
-  >>> parseaddr('God@heaven <@hop1.org,@hop2.net:jeff@spec.org>')
-  ('God@heaven', 'jeff@spec.org')
-  >>> parseaddr('Real Name ((comment)) <addr...@example.com>')
-  ('Real Name', 'addr...@example.com')
-  >>> parseaddr('a(WRONG)@b')
-  ('WRONG', 'a@b')
-  """
-  #return email.Utils.parseaddr(t)
-  res = rfc822.parseaddr(t)
-  # dirty fix for some broken cases
-  if not res[0]:
-    pos = t.find('<')
-    if pos > 0 and t[-1] == '>':
-      addrspec = t[pos+1:-1]
-      pos1 = addrspec.rfind(':')
-      if pos1 > 0:
-        addrspec = addrspec[pos1+1:]
-      return rfc822.parseaddr('"%s" <%s>' % (t[:pos].strip(),addrspec))
-  if not res[1]:
-    pos = t.find('<')
-    if pos > 0 and t[-1] == '>':
-      addrspec = t[pos+1:-1]
-      pos1 = addrspec.rfind(':')
-      if pos1 > 0:
-        addrspec = addrspec[pos1+1:]
-      return rfc822.parseaddr('%s<%s>' % (t[:pos].strip(),addrspec))
-  return res
-    
-
-def parse_addr(t):
-  """Split email into user,domain.
-
-  >>> parse_addr('user@example.com')
-  ['user', 'example.com']
-  >>> parse_addr('"user@example.com"')
-  ['user@example.com']
-  >>> parse_addr('"user@bar"@example.com')
-  ['user@bar', 'example.com']
-  >>> parse_addr('foo')
-  ['foo']
-  """
-  if t.startswith('<') and t.endswith('>'): t = t[1:-1]
-  if t.startswith('"'):
-    if t.endswith('"'): return [t[1:-1]]
-    pos = t.find('"@')
-    if pos > 0: return [t[1:pos],t[pos+2:]]
-  return t.split('@')
-
-def parse_header(val):
-  """Decode headers gratuitously encoded to hide the content.
-  """
-  try:
-    h = decode_header(val)
-    if not len(h) or (not h[0][1] and len(h) == 1): return val
-    u = []
-    for s,enc in h:
-      if enc:
-        try:
-	  u.append(unicode(s,enc))
-	except LookupError:
-	  u.append(unicode(s))
-      else:
-	u.append(unicode(s))
-    u = ''.join(u)
-    for enc in ('us-ascii','iso-8859-1','utf8'):
-      try:
-	return u.encode(enc)
-      except UnicodeError: continue
-  except UnicodeDecodeError: pass
-  except LookupError: pass
-  except email.Errors.HeaderParseError: pass
-  return val
@@ -1,74 +1,11 @@
-See pymilter.spec for recent history.
+Here is a history of user visible changes to Python milter.

-Here is a history of older changes to Python milter.
-0.8.8	move AddrCache, parse_addr, iniplist, parse_header to Milter package
-	fix plock for missing source and can't change owner/group
-	add sample spfmilter.py milter
-	private_relay config option
-0.8.7	Move spf module to pyspf
-	Prevent PTR cache poisoning
-	More lame bounce heuristics
-	Do plain CBV when template is missing
-0.8.6	Support CBV timeout
-	Support fail template, headers in templates
-	Create GOSSiP record only when connection will procede to DATA.
-	More SPF lax heuristics
-	Don't require SPF pass for white/black listing mail from trusted relay.
-	Support localpart wildcard for white and black lists.
-	Delay reject of unsigned RCPT for postmaster and abuse only
-	Fix dsn reporting of hard permerror
-	Resolve FIXME for wrap_close in miltermodule.c
-	Add Message-ID to DSNs
-	Use signed Message-ID in delayed reject to blacklist senders
-	Auto-train via blacklist and auto-whitelist
-	Don't check userlist for signed MFROM
-	Accept but skip DSPAM training for whitelisted senders without SPF PASS
-	Report GC stats 
-	Support CIDR matching for IP lists
-	Support pysrs sign feature
-	Support localpart specific SPF policy in access file
-0.8.5	Simple trusted_forwarder implementation.
-	Fix access_file neutral policy
-	Move Received-SPF header to beginning of headers
-	Supply keyword info for all results in Received-SPF header.
-	Move guessed SPF result to separate header
-	Activate smfi_insheader only when SMFIR_INSHEADER defined
-	Handle NULL MX in spf.py
-	in-process GOSSiP server support (to be extended later)
-	Expire CBV cache and renew auto-whitelist entries
-0.8.4	Auto-whitelist recipients of outgoing email.
-	Fix SPF policy via sendmail access map (case insensitive keys).
-	Train screener on whitelisted messages
-	Optional idx parameter to addheader to invoke smfi_insheader
-	Activate progress API when SMFIR_PROGRESS defined
-0.8.3   Keep screened honeypot mail, but optionally discard honeypot only mail.
-	spf_accept_fail option for braindead SPF senders 
-	  (treats fail like softfail)
-	Option to set SPF policy via sendmail access map.
-	Option to supply Sender header from MAIL FROM when missing.
-	Consider SMTP AUTH connections internal.
-	Send DSN for SPF errors corrected by extended processing.
-	Send DSN before SCREENED mail is quarantined
-	Use logging package to keep log lines atomic.
-0.8.2	Strict processing limits per SPF RFC
-	Fixed several parsing bugs under RFC 
-	Support official IANA SPF record (type99)
-	Honeypot support (requires pydspam-1.1.9)
-	Extended SPF processing results beyond strict RFC limits
-	Support original SES for bounce protection (requires pysrs-0.30.10)
-	Callback exception processing option in milter module
-	Handle corrupt ZIP attachments
-0.8.1	Fix zip in zip loop in mime.py
-	Fix HeaderParseError in bms.py header callback
-	Check internal_domains for outgoing mail
-	Fix inconsistent results from send_dsn
 0.8.0	Move Milter module to subpackage.
 	DSN support for Three strikes rule and SPF SOFTFAIL
 	Move /*mime*/ and dynip to Milter subpackage
 	Fix SPF unknown mechanism list not cleared
 	Make banned extensions configurable.
 	Option to scan zipfiles for bad extensions.
-	Properly log pydspam exceptions
 0.7.3	Experimental release with python2.4 support
 0.7.2	Return unknown for invalid ip address in mechanism
 	Recognize dynamic PTR names, and don't count them as authentication.
@@ -42,7 +42,7 @@ Quick Installation
 1. Build and install Sendmail, enabling libmilter (see libmilter/README).
 2. Build and install Python, enabling threading.
 3. Install this module: python setup.py --help
-4. Add these two lines to sendmail.cf[*]:
+4. Add these two lines to sendmail.cf:

 O InputMailFilters=pythonfilter
 Xpythonfilter,        S=local:/home/username/pythonsock
@@ -51,17 +51,9 @@ Xpythonfilter,        S=local:/home/username/pythonsock
 Note that milters should almost certainly not run as root.

 That's it.  Incoming mail will cause the milter to print some things, and
-some email will be rejected (see the "header" method).  Edit and play.  
-See spfmilter.py for a functional SPF milter, or see bms.py for an complex
-milter used in production.
+some email will be rejected (see the "header" method).  Edit and play.  See
+bms.py for an example milter used in production.

-[*] This is for a quick test.  Your sendmail.cf in most distros will get
-overwritten whenever sendmail.mc is updated.  To make a milter permanent,
-add something like:
-
-INPUT_MAIL_FILTER(`pythonfilter', `S=local:/home/username/pythonsock, F=T, T=C:5m;S:20s;R:5m;E:5m')
-
-to sendmail.mc instead.

 Not-so-quick Installation
 -------------------------
@@ -98,10 +90,8 @@ some options associated with it.  In this case, we have the "S" option, which
 names the socket that sendmail will use to communicate with this particular
 milter.  This milter's socket is a unix-domain socket in the filesystem.
 See libmilter/README for the definitive list of options.
-
 NB: The name is specified in two places: here, in sendmail's cf file, and
 in the milter itself.  Make sure the two match.
-
 NB: The above lines can be added in your .mc file with this line:

 INPUT_MAIL_FILTER(`pythonfilter', `S=local:/home/username/pythonsock')
@@ -1,6 +1,81 @@
-Support smfi_negotiate and auto negotiate only those callbacks for which 
-Milter.Milter methods have been overridden.  (Python should be able to
-do that.)
+Defer TEMPERROR in SPF evaluation - give precedence to security
+(only defer for PASS mechanisms).
+
+Option to add Received-SPF header, but never reject on SPF.
+
+Create null config that does nothing - except maybe add Received-SPF
+headers.  Many admins would like to turn features on one at a time.
+
+Checking in mime.py;
+/bms/cvs/milter/mime.py,v  <--  mime.py
+new revision: 1.56; previous revision: 1.55
+done
+Checking in spf.py;
+/bms/cvs/milter/spf.py,v  <--  spf.py
+new revision: 1.18; previous revision: 1.17
+done
+Checking in testmime.py;
+/bms/cvs/milter/testmime.py,v  <--  testmime.py
+new revision: 1.19; previous revision: 1.18
+
+Auto whitelist based on outgoing email - perhaps with magic subject
+or recipient prefix.
+
+Can't output messages with malformed rfc822 attachments.
+
+Example malformed SPF:
+onvunvuvvx.usafisnews.org text "v=spf1 mx ptr ip4:207.44.199.970 -all"
+
+Move milter,Milter,mime,spf modules to pymilter
+milter package will have bms.py application
+
+Support SMTP AUTH and disable SPF checks when connection is authorized.
+Web admin interface
+Check valid domains allowed by internal senders to detect PCs infected
+with spam trojans.
+Do CBV (callback verification) for mail with no published SPF record.
+message log for automated stats and blacklisting
+Skip dspam when SPF pass?
+Report 551 with rcpt on SPF fail?
+check spam keywords with character classes, e.g.
+	{a}=[a@ãä], {i}=[i1í], {e}=[eë], {o}=[o0ö]
+
+Implement RRS - a backdoor for non-SRS forwarders.  User lists non-SRS 
+forwarder accounts, and a util provides a special local alias for the
+user to give to the forwarder.  Alias only works for mail from that
+forwarder.  Milter gets forwarder domain from alias and uses it to
+SPF check forwarder.
+
+Another special dspam user, 'honeypot', can be listed in innoculations.
+All email to those addresses is treated as known spam.
+
+Framework for modular Python milter components within a single VM.
+Python milters can be already be composed through sendmail by running each in
+a separate process.  However, a significant amount of memory is wasted
+for each additional Python VM, and communication between milters
+is cumbersome (e.g., adding mail headers, writing external files).
+
+Backup copies for outgoing/incoming mail.
+
+Allow multiple wiretap groups, each with its own destination.  Perhaps 
+also copy incoming wiretap mail, even though sendmail alias works perfectly
+for the purpose, to avoid having to change two configs for a wiretap.
+
+Provide a way to reload milter.cfg without stopping/restarting milter.
+
+Allow selected Windows extensions for specific domains via milter.cfg
+
+Fix setup.py so that _FFR_QUARANTINE is automatically defined when
+available in libmilter.
+
+Keep separate ismodified flag for headers and body.  This is important
+when rejecting outgoing mail with viruses removed (so as not to
+embarrass yourself), and also removing Received headers with hidepath.
+
+Wrap smfi_setbacklog(int) - but it is only available in sendmail >= 8.12.3,
+  so how can we detect whether to wrap it?
+
+Need a test module to feed sample messages to a milter though a live 
+sendmail and SMTP.  The mockup currently used is probably not very accurate,
+and doesn't test the threading code.

-Lookup exact RFC syntax of real name / email and make 
-Milter.utils.parse_addr() pass all unit tests.
@@ -0,0 +1,153 @@
+#!/usr/bin/python2.3
+
+# Convert a MS Caller-ID entry (XML) to a SPF entry
+#
+# (c) 2004 by Ernesto Baschny
+# (c) 2004 Python version by Stuart Gathman
+#
+# Date: 2004-02-25
+# Version: 1.0
+#
+# Usage:
+#  ./cid2spf.pl "<ep xmlns='http://ms.net/1'>...</ep>"
+#
+# Note that the 'include' directives will also have to be checked and
+# "translated". Future versions of this script might be able to get a
+# domain name as an argument and "crawl" the DNS for the necessary
+# information.
+#
+# A complete reverse translation (SPF -> CID) might be impossible, since
+# there are no way to handle:
+# - PTR and EXISTS mechanism 
+# - MX mechanism with an different domain as argument
+# - macros
+# 
+# References:
+# http://www.microsoft.com/mscorp/twc/privacy/spam_callerid.mspx
+# http://spf.pobox.com/
+#
+# Known bugs:
+# - Currently it won't handle the exclusions provided in the A and R
+#   tags (prefix '!'). They will show up "as-is" in the SPF record
+# - I really haven't read the MS-CID specs in-depth, so there are probably
+#   other bugs too :)
+#
+# Ernesto Baschny <ernst@baschny.de>
+#
+
+import xml.sax
+import spf
+
+# -------------------------------------------------------------------------
+class CIDParser(xml.sax.ContentHandler):
+  "Convert a MS Caller-ID entry (XML) to a SPF entry"
+
+  def __init__(self,q=None):
+    self.spf = []
+    self.action = '-all'
+    self.has_servers = None
+    self.spf_entry = None
+    if q:
+      self.spf_query = q
+    else:
+      self.spf_query = spf.query(i='127.0.0.1', s='localhost', h='unknown')
+
+  def startElement(self,tag,attr):
+      if tag == 'm':
+	if self.has_servers != None and not self.has_servers:
+	  raise ValueError(
+    "Declared <noMailServers\> and later <m>, this CID entry is not valid."
+	  )
+	self.has_servers = True
+      elif tag == 'noMailServers':
+	if self.has_servers:
+	  raise ValueError(
+    "Declared <m> and later <noMailServers\>, this CID entry is not valid."
+	  )
+	self.has_servers = False
+      elif tag == 'ep':
+	if attr.has_key('testing') and attr.getValue('testing') == 'true':
+	  # A CID with 'testing' found:
+	  # From the MS-specs:
+	  #  "Documents in which such attribute is present with a true
+	  #  value SHOULD be entirely ignored (one should act as if the
+	  #  document were absent)"
+	  # From the SPF-specs:
+	  #  "Neutral (?): The SPF client MUST proceed as if a domain did
+	  #  not publish SPF data."
+	  # So we set SPF action to "neutral":
+	  self.action = '?all'
+      elif tag == 'mx':
+	  # The empty MX-tag, same as SPF's MX-mechanism
+	  self.spf.append('mx')
+      self.tag = tag
+
+  def characters(self,text):
+	tag = self.tag
+	# Remove starting and trailing spaces from text:
+	text = text.strip()
+
+	if tag == 'a' or tag == 'r':
+	    # The A and R tags from MS-CID are both handled by the 
+	    # ipv4/6-mechanisms from SPF:
+	    if text.find(':') < 0:
+	      mechanism = 'ip4'
+	    else:
+	      mechanism = 'ip6'
+	    self.spf.append(mechanism + ':' + text)
+	elif tag == 'indirect':
+	    # MS-CID's indirect is "sort of" the include from SPF:
+	    # Not really true, because the <indirect> tag from MS-CID also 
+	    # provides a fallback in case the included domain doesn't provide
+	    # _ep-records: The inbound MX-servers of the included domains
+	    # are added to the list of allowed outgoing mailservers for the
+	    # domain that declared the _ep-record with the <indirect> tag.
+	    # In SPF you would use the 'mx:domain' to handle this, but this
+	    # wouldn't depend on referred domain having or not SPF-records.
+	    cid_xml = self.cid_txt(text)
+	    if cid_xml:
+	      p = CIDParser()
+	      xml.sax.parseString(cid_xml,p)
+	      if p.has_servers != False:
+		self.spf += p.spf
+	    else:
+	      self.spf.append('mx:' + text)
+
+  def cid_txt(self,domain):
+    q = self.spf_query
+    domain='_ep.' + domain
+    a = q.dns_txt(domain)
+    if not a: return None
+    if a[0].lower().startswith('<ep ') and a[-1].lower().endswith('</ep>'):
+      return ''.join(a)
+    return None
+
+  def endElement(self,tag):
+      if tag == 'ep':
+	# This is the end... assemble what we've got
+	spf_entry = ['v=spf1']
+	if self.has_servers != False:
+	  spf_entry += self.spf
+	spf_entry.append(self.action)
+	self.spf_entry = ' '.join(spf_entry)
+
+  def spf_txt(self,cid_xml):
+    if not cid_xml.startswith('<'):
+      cid_xml = self.cid_txt(cid_xml)
+      if not cid_xml: return None
+    # Parse the beast. Any XML-problem will be reported by xlm.sax
+    self.spf_entry = None
+    xml.sax.parseString(cid_xml,self)
+    return self.spf_entry
+
+if __name__ == '__main__':
+  import sys
+  if len(sys.argv) < 2:
+    print >>sys.stderr, \
+      """Usage: %s "<ep xmlns='http://ms.net/1'>...</ep>" """ % sys.argv[0]
+    sys.exit(1)
+
+  cid_xml = sys.argv[1]
+
+  p = CIDParser()
+  print p.spf_txt(cid_xml)
@@ -0,0 +1,159 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<html>
+<head>
+<title>Python Milter FAQ</title>
+</head><body>
+
+<h1> Python Milter <a name=faq>FAQ</a> </h1>
+
+<ol>
+<h3> Compiling Python Milter </h3>
+<li> Q. I have installed sendmail from source, but Python milter won't
+compile.
+<p>  A. Even though libmilter is officially supported in sendmail-8.12, 
+you need to build and install it in separate steps.  Take a look
+at the <a href="/aix/sendmail12.spec">RPM spec file</a> for sendmail-8.12.  
+The %prep section shows you how to create
+a site.config.m4 that enables MILTER.  The %build section shows you how
+to build libmilter in a separate invocation of make.  The %install section
+shows you how to install libmilter with a separate invocation of make.
+<p>
+
+<li> Q. Why is mfapi.h not found when I try to compile Python milter on
+RedHat 7.2?
+<p>  A. RedHat forgot to include the header in the RPM.  See the
+<a href="milter.html#rh72">RedHat 7.2 requirements</a>.
+<p>
+
+<h3> Running Python Milter </h3>
+
+<li> Q. The sample.py milter prints a message, then just sits there.
+<pre>
+To use this with sendmail, add the following to sendmail.cf:
+
+O InputMailFilters=pythonfilter
+Xpythonfilter,        S=local:inet:1030@localhost
+
+See the sendmail README for libmilter.
+sample  milter startup
+</pre>
+<p>  A. You need to tell sendmail to connect to your milter.  The
+sample milter tells you what to add to your sendmail.cf to tell
+sendmail to use the milter.  You can also add an INPUT_MAIL_FILTER
+macro to your sendmail.mc file and rebuild sendmail.cf - see the sendmail
+README for milters.
+<p>
+
+<li> Q. I've configured sendmail properly, but still nothing happens
+when I send myself mail!
+<p>  A. Sendmail only milters SMTP mail.  Local mail is not miltered.
+You can pipe a raw message through sendmail to test your milter:
+<pre>
+$ cat rawtextmsg | sendmail myname@my.full.domain
+</pre>
+Now check your milter log.
+<p>
+
+<li> Q. Why do I get this ImportError exception?
+<pre>
+File "mime.py", line 370, in ?
+    from sgmllib import declstringlit, declname
+    ImportError: cannot import name declstringlit
+</pre>
+<p>  A. <code>declstringlit</code> is not provided by sgmllib in all versions
+of python.  For instance, python-2.2 does not have it.  Upgrade to
+milter-0.4.5 or later to remove this dependency.
+<p>
+
+<li> Q. Why do I get <code>milter.error: cannot add recipient</code>?
+<pre>
+</pre>
+<p>  A. You must tell libmilter how you might mutate the message with
+<code>set_flags()</code> before calling <code>runmilter()</code>.  For
+instance, <code>Milter.set_flags(Milter.ADDRCPT)</code>.  You must add together
+all of <code>ADDHDRS, CHGBODY, ADDRCPT, DELRCPT, CHGHDRS</code> that apply.
+<p>
+
+<li> Q. Why does sendmail sometimes print something like:
+"...write(D) returned -1, expected 5: Broken pipe"
+in the sendmail log?
+<p>  A. Libmilter expects "rcpt to" shortly after getting "mail from".
+"Shortly" is defined by the timeout parameter you passed to
+<code>Milter.runmilter()
+</code> or <code>milter.settimeout()</code>.  If the timeout is 10 seconds,
+and looking up the first recipient in DNS takes more than
+10 seconds, libmilter will give up and break the connection.  
+<code>Milter.runmilter()</code> defaulted to 10 seconds in 0.3.4.  In 0.3.5
+it will keep the libmilter default of 2 hours.
+<p>
+
+<li> Q. Why does milter block messages with big5 encoding?  What if I
+want to receive them?
+<p>  A. sample.py is a sample.  It is supposed to be easily modified
+for your specific needs.  We will of course continue to move generic
+code out of the sample as the project evolves.  Think of sample.py as
+an active config file.
+<p>
+
+<li> Q. Why does sendmail coredump with milters on OpenBSD?
+<p>  A. Sendmail has a problem with unix sockets on OpenBSD.  Use
+an internet domain socket instead.  For example, in <code>sendmail.cf</code> use
+<pre>
+Xpythonfilter, S=inet:1234@localhost
+</pre>
+and change sample.py accordingly.
+<p>
+
+<li> Q. How can I change the bounce message for an invalid recipient?
+I can only change the recipient in the eom callback, but the eom callback
+is never called when the recipient is invalid!
+<p>  A. Configure sendmail to use virtusertable, and send all unknown
+addresses to /dev/null.  For example,
+<h4>/etc/mail/virtusertable</h4>
+<pre>
+@mycorp.com	dev-null
+dan@mycorp.com	dan
+sally@mycorp.com	sally
+</pre>
+<h4>/etc/aliases</h4>
+<pre>
+dev-null:	/dev/null
+</pre>
+Now your milter will get to the eom callback, and can change the
+envelope recipient at will.  Thanks to Dredd at 
+<a href=http://www.milter.org/>milter.org</a> for this solution.
+<p>
+
+<li> Q. I am having trouble with the setreply method.  It always outputs
+	"milter.error: cannot set reply".
+<p>  A. Check the sendmail log for errors.  If sendmail is getting
+milter timeouts, then your milter is taking too long and sendmail gave
+up waiting.  You can adjust the timeouts in your sendmail config.  Here
+is a milter declaration for sendmail.cf with all timeouts specified:
+<pre>
+Xpythonfilter, S=local:/var/log/milter/pythonsock, F=T, T=C:5m;S:20s;R:60s;E:5m
+</pre>
+
+<a name="spf">
+<li> Q. So how do I use the SPF support?  The sample.py milter doesn't seem
+        to use it.
+<p>  A. The bms.py milter supports spf.  The RedHat RPMs will set almost
+everything up for you.  For other systems:
+<ol type=i>
+<li> Arrange to run bms.py in the background (as a service perhaps) and
+     redirect output and errors to a logfile.  For instance, on AIX you'll want
+     to use SRC (System Resource Controller).  
+<li> Copy milter.cfg to the directory you run bms.py in, and edit it.  The
+     comments should explain the options. 
+<li> Start bms.py in the background as arranged.
+<li> Add Xpythonfilter to sendmail.cf or add an INPUT_MAIL_FILTER to
+     sendmail.mc.  Regen sendmail.cf if you use sendmail.mc and restart 
+     sendmail.
+<li> Arrange to rotate log files and remove old defang files in 
+     <code>tempdir</code>.  The RedHat RPM uses <code>logrotate</code> for
+     logfiles and a simple cron script using <code>find</code> to clean
+     <code>tempdir</code>.
+</ol>
+
+</ol>
+</html>
@@ -1,138 +0,0 @@
-## To roll your own milter, create a class that extends Milter.  
-#  See the pymilter project at http://bmsi.com/python/milter.html
-#  based on Sendmail's milter API http://www.milter.org/milter_api/api.html
-#  This code is open-source on the same terms as Python.
-
-## Milter calls methods of your class at milter events.
-## Return REJECT,TEMPFAIL,ACCEPT to short circuit processing for a message.
-## You can also add/del recipients, replacebody, add/del headers, etc.
-
-import Milter
-import StringIO
-import time
-import email
-from socket import AF_INET, AF_INET6
-from Milter import parse_addr
-
-
-class myMilter(Milter.Milter):
-
-  def __init__(self):  # A new instance with each new connection.
-    self.id = Milter.uniqueID()  # Integer incremented with each call.
-
-  # each connection runs in its own thread and has its own myMilter
-  # instance.  Python code must be thread safe.  This is trivial if only stuff
-  # in myMilter instances is referenced.
-  def connect(self, IPname, family, hostaddr):
-    # (self, 'ip068.subnet71.example.com', AF_INET, ('215.183.71.68', 4720) )
-    # (self, 'ip6.mxout.example.com', AF_INET6,
-    #	('3ffe:80e8:d8::1', 4720, 1, 0) )
-    self.IP = hostaddr[0]
-    self.port = hostaddr[1]
-    if family == AF_INET6:
-      self.flow = hostaddr[2]
-      self.scope = hostaddr[3]
-    else:
-      self.flow = None
-      self.scope = None
-    self.IPname = IPname  # Name from a reverse IP lookup
-    self.H = None
-    self.fp = None
-    self.receiver = self.getsymval('j')
-    self.log("connect from %s at %s" % (IPname, hostaddr) )
-    
-    return Milter.CONTINUE
-
-
-  ##  def hello(self,hostname):
-  def hello(self, heloname):
-    # (self, 'mailout17.dallas.texas.example.com')
-    self.H = heloname
-    self.log("HELO %s" % heloname)
-    if heloname.find('.') < 0:	# illegal helo name
-      # NOTE: example only - too many real braindead clients to reject on this
-      self.setreply('550','5.7.1','Sheesh people!  Use a proper helo name!')
-      return Milter.REJECT
-      
-    return Milter.CONTINUE
-
-  ##  def envfrom(self,f,*str):
-  def envfrom(self, mailfrom, *str):
-    self.F = mailfrom
-    self.R = []  # list of recipients
-    self.fromparms = Milter.dictfromlist(str)	# ESMTP parms
-    self.user = self.getsymval('{auth_authen}')	# authenticated user
-    self.log("mail from:", mailfrom, *str)
-    self.fp = StringIO.StringIO()
-    self.canon_from = '@'.join(parse_addr(mailfrom))
-    self.fp.write('From %s %s\n' % (self.canon_from,time.ctime()))
-    return Milter.CONTINUE
-
-
-  ##  def envrcpt(self, to, *str):
-  def envrcpt(self, recipient, *str):
-    rcptinfo = to,Milter.dictfromlist(str)
-    self.R.append(rcptinfo)
-    
-    return Milter.CONTINUE
-
-
-  def header(self, name, hval):
-    self.fp.write("%s: %s\n" % (name,hval))	# add header to buffer
-    return Milter.CONTINUE
-
-
-  def eoh(self):
-    self.fp.write("\n")				# terminate headers
-    return Milter.CONTINUE
-
-
-  def body(self, chunk):
-    self.fp.write(chunk)
-    return Milter.CONTINUE
-
-
-  def eom(self):
-    self.fp.seek(0)
-    msg = email.message_from_file(self.fp)
-    self.setreply('250','2.5.1','Grokked by pymilter')
-    # many milter functions can only be called from eom()
-    # example of adding a Bcc:
-    self.addrcpt('<%s>' % 'spy@example.com')
-    return Milter.ACCEPT
-
-
-  def close(self):
-    # always called, even when abort is called.  Clean up
-    # any external resources here.
-    return Milter.CONTINUE
-
-  def abort(self):
-    # client disconnected prematurely
-    return Milter.CONTINUE
-
-  ## === Support Functions ===
-
-  def log(self,*msg):
-    print "%s [%d]" % (time.strftime('%Y%b%d %H:%M:%S'),self.id),
-    # 2005Oct13 02:34:11 [1] msg1 msg2 msg3 ...
-    for i in msg: print i,
-    print
-
-
-## ===
-    
-def main():
-  # Register to have the Milter factory create instances of your class:
-  Milter.factory = myMilter
-  flags = Milter.CHGBODY + Milter.CHGHDRS + Milter.ADDHDRS
-  flags += Milter.ADDRCPT
-  flags += Milter.DELRCPT
-  Milter.set_flags(flags)       # tell Sendmail which features we use
-  print "%s milter startup" % time.strftime('%Y%b%d %H:%M:%S')
-  sys.stdout.flush()
-  Milter.runmilter("pythonfilter",socketname,timeout)
-  print "%s bms milter shutdown" % time.strftime('%Y%b%d %H:%M:%S')
-
-if __name__ == "__main__":
-  main()
@@ -0,0 +1,155 @@
+[milter]
+# the socket used to communicate with sendmail.  Must match sendmail.cf
+;socket=/var/run/milter/pythonsock
+# where to save original copies of defanged and failed messages
+tempdir = /var/log/milter/save
+# how long to wait for a response from sendmail before giving up 
+;timeout=600
+log_headers = 0
+# connection ips and hostnames are matched against this glob style list
+# to recognize internal senders
+;internal_connect = 192.168.*.*
+
+# mail that is not an internal_connect and claims to be from an
+# internal domain is rejected.  You should enable SPF instead if you can.
+# SPF is much more comprehensive and flexible.
+;internal_domains = mycorp.com
+
+# connections from a trusted relay can trust the first Received header
+# SPF checks are bypassed for internal connections and trusted relays.
+;trusted_relay = 1.2.3.4, 66.12.34.56
+
+# reject external senders with hello names no legit external sender would use
+# SPF will do this also, but listing your own domain and mailserver here
+# will save some DNS lookups when rejecting certain viruses.
+;hello_blacklist = mycorp.com, 66.12.34.56
+
+# Reject mail for domains mentioned unless user is mentioned here also
+;check_user = joe@mycorp.com, mary@mycorp.com, file:bigcorp.com
+
+# features intended to filter or block incoming mail
+[defang]
+
+# do virus scanning on attached messages also
+scan_rfc822 = 1
+# do virus scanning on attached zipfiles also
+scan_zip = 0
+# Comment out scripts in HTML attachments.  Can be CPU intensive.
+scan_html = 0
+# reject messages with asian fonts because we can't read them
+block_chinese = 1
+# list users who hate forwarded mail
+;block_forward = egghead@mycorp.com, busybee@mycorp.com
+# reject mail with these case insensitive strings in the subject
+porn_words = penis, breast, pussy, horse cock, porn, xenical, diet pill, d1ck,
+	vi*gra, vi-a-gra, viag, tits, p0rn, hunza, horny, sexy, c0ck, xanaax,
+	p-e-n-i-s, hydrocodone, vicodin, xanax, vicod1n, x@nax, diazepam,
+	v1@gra, xan@x, cialis, ci@lis, frëe, xãnax, valíum, vãlium, via-gra,
+	x@n3x, vicod3n, penís, c0d1n, phentermine, en1arge, dip1oma, v1codin,
+	valium, rolex, sexual
+# reject mail with these case sensitive strings in the subject
+spam_words = $$$, !!!, XXX, FREE, HGH
+# attachments with these extensions will be replaced with a warning
+# message.  A copy of the original will be saved. 
+banned_exts = ade,adp,asd,asx,asp,bas,bat,chm,cmd,com,cpl,crt,dll,exe,hlp,hta,
+	inf,ins,isp,js,jse,lnk,mdb,mde,msc,msi,msp,mst,ocx,pcd,pif,reg,scr,sct,
+	shs,url,vb,vbe,vbs,wsc,wsf,wsh 
+
+# See http://bmsi.com/python/pysrs.html for details
+[srs]
+config=/etc/mail/pysrs.cfg
+# SRS options can be set here also, but must match the sendmail plugin
+;secret="shhhh!"
+;maxage=21
+;hashlength=4
+;database=/var/log/milter/srsdata
+;fwdomain = mydomain.com
+# turn this on after a grace period to reject spoofed DSNs
+reject_spoofed = 0
+
+# See http://spf.pobox.com for more info on SPF.
+[spf]
+# namespace where SPF records can be supplied for domains without one
+# records are searched for under _spf.domain.com
+;delegate = domain.com
+# domains where a neutral SPF result should cause mail to be rejected
+;reject_neutral = aol.com
+# use a default (v=spf1 a/24 mx/24 ptr) when no SPF records are published
+;best_guess = 0
+# reject senders that have neither PTR nor SPF records, or DSN if false
+;reject_noptr = 0
+# always accept softfail from these domains, or DSN otherwise
+;accept_softfail = bounces.amazon.com
+
+# features intended to clean up outgoing mail
+[scrub]
+# domains that block visible private nodes
+;hide_path = jcpenney.com	
+# reject, don't just replace with warning, viruses from these domains
+;reject_virus_from = mycorp.com
+
+# features intended for spying on users and coworkers
+[wiretap]
+blind = 1
+#
+# wiretap lets you surreptitiously monitor a users outgoing email
+# (sendmail aliases let you monitor incoming mail)
+#
+;users = disloyal@bigcorp.com, bigmouth@bigcorp.com
+;dest = spy@bigcorp.com
+# discard outgoing mail without alerting sender
+# can be used in conjunction with wiretap to censor outgoing mail
+;discard_users = canned@bigcorp.com
+#
+# smart aliases trigger on both sender and recipient
+#
+;smart_alias = copycust,walter
+# mail from client@clientcorp.com to sue@bigcorp.com is redirected to 
+# local alias copycust
+;copycust = client@clientcorp.com,sue@bigcorp.com
+# mail from cust@othercorp.com to walter@bigcorp.com is redirected to
+# boss@bigcorp.com
+;walter = cust@othercorp.com,walter@bigcorp.com,boss@bigcorp.com
+# additional copies can be added
+;walter1 = cust@othercorp.com,walter@bigcorp.com,boss@bigcorp.com,
+;	walter@bigcorp.com
+;bulk = soruce@telex.com,bob@jsconnor.com
+;bulk = soruce@telex.com,larry@jsconnor.com
+
+# See http://bmsi.com/python/dspam.html
+[dspam]
+# Select a well moderated dspam dictionary to reject spammy headers.
+# To filter on the entire message, use the full setup below.
+# only EXTERNAL messages are dspam filtered
+;dspam_dict=/var/lib/dspam/moderator.dict
+
+# Opt-opt recipients from dspam screening and header triage
+;dspam_exempt=getitall@mycorp.com
+# Do not scan mail (ostensibly) from these senders
+;dspam_whitelist=getitall@sender.com
+# Reject spam to these domains instead of quarantining it.
+;dspam_reject=othercorp.com
+# Scan internal mail - often a good source of stats on legit mail.
+;dspam_internal=1
+
+# directory for dspam user quarantine, signature db, and dictionaries
+# defining this activates the dspam application
+# dspam and dspam-python must be installed
+;dspam_userdir=/var/lib/dspam
+# do not dspam messages larger than this
+;dspam_sizelimit=180000
+
+# Map email addresses and aliases to dspam users
+;dspam_users=david,goliath,spam,falsepositive
+;david=david@foocorp.com,david.yelnetz@foocorp.com,david@bar.foocorp.com
+;goliath=giant@foocorp.com,goliath.philistine@foocorp.com
+# address to forward spam to.  milter will process these and not deliver
+;spam=spam@foocorp.com
+# address to forward false positives to.  milter will process and not deliver
+;falsepositive=ham@foocorp.com
+# the dspam_screener is a list of dspam users who screen mail for all
+# recipients who are not dspam_users.  Spam goes to the screeners quarantine,
+# and the original recipients are saved so that false positives can be properly
+# delivered.
+;dspam_screener=david,goliath
+# The dspam CGI can also be used: logins must match dspam users
@@ -0,0 +1,491 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>Python Milters</title>
+</head><body>
+
+<P ALIGN="CENTER"><A HREF="http://www.anybrowser.org/campaign/">
+<IMG SRC="/art/brain1.gif"
+ALT="Viewable With Any Browser" BORDER="0"></A>
+
+<img src="/art/banner_4.gif" width="468" height="60" border="0"
+	usemap="#banner_4" alt="Your vote?">
+<map name="banner_4">
+  <area shape="rect" coords="330,25,426,59"
+  	href="http://education-survey.org/" alt="I Disagree">
+  <area shape="rect" coords="234,28,304,57" href="http://www.honestEd.com/" alt="I Agree">
+</map>
+
+</P>
+<h1 align=center>Sendmail Milters in Python</h1>
+<h4 align=center>by <a href="mailto:%75%72%6D%61%6E%65%40%6E%65%75%72%61l%61%63%63%65%73%73%2E%63%6F%6D">Jim Niemira</a>
+  and <a href="mailto:%73%74%75%61%72%74%40%62%6D%73%69%2E%63%6F%6D">
+  Stuart D. Gathman</a><br>
+This web page is written by Stuart D. Gathman<br>and<br>sponsored by
+<a href="http://www.bmsi.com">Business Management Systems, Inc.</a> <br>
+Last updated May 31, 2005</h4>
+
+See the <a href="faq.html">FAQ</a> | <a href="http://sourceforge.net/project/showfiles.php?group_id=139894">Download now</a> |
+<a href="/mailman/listinfo/pymilter">Subscribe to mailing list</a> |
+<a href="#overview">Overview</a>
+<p>
+<a href="//www.python.org">
+<img src="python55.gif" align=left alt="A Python"></a>
+<a href="//www.sendmail.org/">Sendmail</a> introduced a
+<a href="http://www.milter.org/milter_api/api.html"> new API</a> beginning with version 8.10 -
+libmilter.  The milter module for <a href="//www.python.org">Python</a>
+provides a python interface to libmilter that exploits all its features.
+<p>
+Sendmail 8.12 officially releases libmilter.  
+Version 8.12 seems to be more robust, and includes new privilege
+separation features to enhance security.
+I recommend upgrading.
+
+<h2> Recent Changes </h2>
+
+Python milter is being moved to
+<a href="http://sourceforge.net/projects/pymilter/">Sourceforge</a> for
+development.
+<p>
+Release 0.7.2 tightens the authentication screws with a "3 strikes and
+your out" policy.  A sender must have a valid PTR, HELO, or SPF record
+to send email.  Specific senders can be whitelisted using the
+"delegate" option in the spf configuration section by adding a
+default SPF record for them.  The PTR and HELO are required
+by RFC anyway, so this is not an unreasonable requirement.
+There is now a coherent policy for an SPF softfail result.  A softfail
+is accepted if there is a valid PTR or HELO, or if the domain
+is listed in the "accept_softfail" option of the spf configuration section.
+A neutral result is accepted by default if there is a valid PTR or
+HELO, (and the SPF record was not guessed), unless the domain is listed in the
+"reject_neutral" option.  Common forms of PTR records for dynamic IPs are
+recognized, and do not count as a valid PTR.  This does not prevent anyone
+from sending mail from a dynamic IP - they just need to configure a
+valid HELO name or publish an SPF record.
+<p>
+As SPF adoption continues to rise, forged spam is not getting through.  So
+spammers are publishing their SPF records as predicted.  The 0.7.2 RPM
+now provides the <code>rhsbl</code> sendmail hack so that spammer domains
+can be blacklisted.  With the RPM installed, add a line like the following
+to your <code>sendmail.mc</code>.
+<pre>
+HACK(rhsbl,`blackholes.example.com',"550 Rejected: " $&{RHS} " has been spamming our customers.")dnl
+</pre>
+<p>
+Of course, spammers are now starting to register
+throwaway domains.  The next thing we need is a custom DNS server,
+in Python, that
+can recognize patterns.  For instance, one spammer registers ded304.com,
+ded305.com, ded306.com, etc.  We also need the custom DNS server to
+let SPF classic clients check SES (which will be part of pysrs).  
+The <a href="http://twistedmatrix.com/products/twisted">Twisted Python</a>
+framework provides a custom DNS server - but I
+would like a smaller implementation for our use.
+<p>
+The RPM for release 0.7.0 moves the config file and socket locations to
+/etc/mail and /var/run/milter respectively.  We now parse Microsoft CID records
+- but only hotmail.com uses them.  They seem to have applied for a patent on
+the brilliant idea of examining the mail headers to see who the message is
+from.  We aren't doing that here, so not to worry - but I am not a lawyer, so
+if you are worried, change spf.py around line 626 to return None instead of
+calling CIDParser().  There is a new option to reject mail with no PTR
+and no SPF.
+<p>
+Microsoft is pushing an anti-opensource license for their pending patent
+along with their sender-ID proposal before the IETF.
+It is royalty free - but requires anyone distributing a binary they've
+compiled from source to sign a license agreement.  The Apache Software
+Foundation <a
+href="http://www.apache.org/foundation/docs/sender-id-position.html"> explains
+the problem with sender-ID</a>, and Debian <a
+href="http://www.debian.org/News/2004/20040904">concurs</a>.  Since 
+the <a href="http://download.microsoft.com/download/4/3/9/439b024b-09fd-44ee-8ff0-10e834004c36/senderid_FAQ.PDF">Microsoft license</a> is
+<a href="http://www.circleid.com/article/732_0_1_0_C/">incompatible with free
+software in general</a> and the <a
+href="http://www.imc.org/ietf-mxcomp/mail-archive/msg03678.html">GPL in
+particular</a>, Python milter will not be able to implement sender-ID in its
+current form.  This was, no doubt, Microsoft's intent all along.
+<p>
+Sender-ID attempts to do for RFC2822 headers what SPF does for RFC2821 headers.
+Unlike SPF, it has never been tried, and is encumbered by a stupid patent.  I
+recommend ignoring it and continuing to implement and improve SPF until a
+working and unencumbered proposal for RFC2822 headers surfaces.
+
+<p>
+<a href="http://spf.pobox.com">
+<img src="SPF.gif" align=left alt="SPF logo"></a>
+Release 0.6.6 adds support for <a href="http://spf.pobox.com/">SPF</a>,
+a protocol to prevent forging of the envelope from address.  
+SPF support requires <a href="http://pydns.sourceforge.net/">pydns</a>.
+The included spf.py module is an updated version of the original 1.6
+version at <a href="http://www.wayforward.net/spf/">wayforward.net</a>.
+The updated version tracks the draft RFC and test suite.
+<p>
+The FAQ addresses <a href="faq.html#spf">how to get started with SPF</a>.
+<p>
+Release 0.6.1 adds a full milter based dspam application.
+<p>
+I have selected the <a href="http://www.nuclearelephant.com/projects/dspam/">
+dspam bayes filter project</a> and <a href="dspam.html">
+packaged it for python</a>.
+Release 0.6.0 offers a simple application of dspam I call "header triage",
+which rejects messages with spammy headers.  
+To use header triage, you must have <a href="dspam.html">DSPAM</a> installed,
+and select a dictionary that is well moderated by someone who gets
+lots of spam.  That dictionary can be used to block spam that is 
+obvious from the headers (e.g. X-Mailer and Subject) before it ties
+up any more resources.  I have yet to see any false positives from this
+approach (check the milter log), but if there are, the sender will
+get a REJECT with the message "Your message looks spammy."
+
+<h2> Enough Already! </h2>
+
+Nearly a dozen people have emailed me begging for a feature to copy
+outgoing and/or incoming mail to a backup directory by user.  Ok, it
+looks like this is a most requested feature for 0.5.6.  In the meantime,
+here are some things to consider:
+<ul>
+<li> If you want to equivalent of a Bcc added to each message, this
+is very easy to do in the python code for bms.py.   See below.
+<li> If you want to copy to a file in a directory (thus avoiding having to
+set up aliases), this is slightly more involved.  The bms.py milter already
+copies the message to a temporary file for use in replacing the message body
+when banned attachments are found.  You have to open a file, and copy the
+Mesage object to it in eom().
+<li> Finally, you are probably aware that most email clients already
+keep a copy of outgoing mail?  Presumably there is a good reason for
+keeping another copy on the server.
+</ul>
+<p>
+To Bcc a message, call <code>self.add_recipient(rcpt)</code> in envfrom after
+determining whether you want to copy (e.g. whether the sender is local).  For
+example,
+<pre>
+  def envfrom(...
+    ...
+    if len(t) == 2:
+      self.rejectvirus = t[1] in reject_virus_from
+      if t[0] in wiretap_users.get(t[1],()):
+	self.add_recipient(wiretap_dest)
+      if t[1] == 'mydomain.com':
+        self.add_recipient('&lt;copy-%s&gt;' % t[0])
+      ...
+</pre>
+<p>
+To make this a generic feature requires thinking about how the configuration
+would look.  Feel free to make specific suggestions about config file
+entries.  Be sure to handle both Bcc and file copies, and designating what
+mail should be copied.  How should "outgoing" be defined?  Implementing it is
+easy once the configuration is designed.
+
+<h3><a name=overview>Overview</a></h3>
+
+This package provides a robust toolkit for Python <a
+href="#milter">milters</a>, and the beginnings of a general purpose mail
+filtering system written in Python.
+<p>
+At the lowest level, the 'milter' module provides a thin wrapper around the
+<a href="http://www.milter.org/milter_api/api.html">
+sendmail libmilter API</a>.  This API lets you register callbacks for 
+a number of events in the
+<a href="http://www.cs.concordia.ca/~group/fig/public/email/relay/milter+ruleset-checks.html">process of sendmail receiving a message via SMTP</a>.  
+These events include the initial connection from a MTA,
+the envelope sender and recipients, the top level mail headers, and
+the message body.  There are options to mangle all of these components
+of the message as it passes through the milter.
+<p>
+At the next level, the 'Milter' module (note the case difference) provides a
+Python friendly object oriented wrapper for the low level API.  To use the
+Milter module, an application registers a 'factory' to create an object
+for each connection from a MTA to sendmail.  These connection objects
+must provide methods corresponding to the libmilter callback events.
+<p>
+Each event method returns a code to tell sendmail whether to proceed
+with processing the message.  This is a big advantage of milters over
+other mail filtering systems.  Unwanted mail can be stopped in its
+tracks at the earliest possible point.
+<p>
+The Milter.Milter class provides default implementations for event
+methods that
+do nothing, and also provides wrappers for the libmilter methods to mutate
+the message.
+<p>
+The 'spf' module provides an implementation of <a href="http://spf.pobox.com">
+SPF</a> useful for detecting email forgery.
+<p>
+The 'mime' module provides a wrapper for the Python email package that
+fixes some bugs, and simplifies modifying selected parts of a MIME message.
+<p>
+Finally, the bms.py application is both a sample of how to use the
+Milter and spf modules, and the beginnings of a general purpose SPAM filtering,
+wiretapping, SPF checking, and Win32 virus protecting milter.  It can
+make use of the <a href="pysrs.html">pysrs</a> package when available for
+SRS/SES checking and the <a href="dspam.html">pydspam</a> package for Bayesian
+content filtering.  SPF checking
+requires <a href="http://pydns.sourceforge.net/">
+pydns</a>.  Configuration documentation is currently included as comments
+in the <a href="milter.cfg">sample config file</a> for the bms.py milter.
+<p>
+Python milter is under GPL.  The authors can probably be convinced to
+change this to LGPL if needed.
+
+<h3>What is a <a name="milter">milter</a>?</h3>
+
+Milters can run on the same machine as sendmail, or another machine.  The
+milter can even run with a different operating system or processor than
+sendmail.
+Sendmail talks to the milter via a local or internet socket.
+Sendmail keeps the
+milter informed of events as it processes a mail connection.  At any 
+point, the milter can cut the conversation short by telling sendmail
+to ACCEPT, REJECT, or DISCARD the message.  After receiving a complete
+message from sendmail, the milter can again REJECT or DISCARD it, but it
+can also ACCEPT it with changes to the headers or body.
+
+<h3> What can you do with a milter? </h3>
+
+<menu>
+<li> A milter can DISCARD or REJECT spam based based on algorithms scripted
+in python rather than sendmail's cryptic "cf" language.
+<li> A milter can alter or remove attachments from mail that are poisonous to
+Windows.
+<li> A milter can scan for viruses and clean them when detected.
+<li> A milter scans outgoing as well as incoming mail.
+<li> A milter can add and delete recipients to forward or secretly
+copy mail.
+<li> For more ideas, check the <a href="//www.milter.org">Milter Web Page</a>.
+</menu>
+
+<a href="http://www.milter.org/milter_api/api.html">
+Documentation</a> for the C API is provided with sendmail.  Miltermodule
+provides a thin python wrapper for the C API.  Milter.py provides a simple
+OO wrapper on top of that.
+<p>
+The Python milter package includes a sample milter that replaces dangerous 
+attachments with a warning message, discards mail addressed to
+MAILER-DAEMON, and demonstrates several SPAM abatement strategies.  
+The MimeMessage class to do this used to be based on the
+<code>mimetools</code> and <code>multifile</code> standard python packages.  
+As of milter version 0.6.0, it is based on the email standard
+python packages, which were derived from the 
+<a href="http://sourceforge.net/projects/mimelib">mimelib</a> project.
+The MimeMessage class patches several bugs in the email package,
+and provides some backward compatibility.
+
+<p>
+The "defang" function of the sample milter was inspired by
+<a href="http://www.roaringpenguin.com/mimedefang/">MIMEDefang</a>,
+a Perl milter with flexible attachment processing options.  The latest
+version of MIMEDefang uses an apache style process pool to avoid reloading
+the Perl interpreter for each message.  This makes it fast enough for
+production without using Perl threading.
+<p>
+<a href="http://sourceforge.net/projects/mailchecker">mailchecker</a> is
+a Python project to provide flexible attachment processing for mail.  I
+will be looking at plugging mailchecker into a milter.
+<p>
+<a href="http://software.libertine.org/tmda/">TMDA</a> is a Python project
+to require confirmation the first time someone tries to send to your
+mailbox.  This would be a nice feature to have in a milter.
+<p>
+There is also a <a href="http://www.milter.org/">Milter community website</a>
+where milter software and gory details of the API are discussed.
+
+<h3> Is a milter written in python efficient? </h3>
+
+The python milter process is multi-threaded and startup cost is incurred
+only once.  This is much more efficient than some implementations that
+start a new interpreter for each connection.  Testing in a production
+environment did not use a significant percentage of the CPU.  Furthermore,
+python is easily extended in C for any step requiring expensive CPU
+processing.
+<p>
+For example, the HTML parsing feature to remove scripts from HTML attachments
+is rather CPU intensive in pure python.  Using the C replacement for sgmllib
+greatly speeds things up.
+
+<h3> Goals </h3>
+
+<menu>
+<li> Implement RRS - a backdoor for non-SRS forwarders.  User lists non-SRS 
+     forwarder accounts (perhaps in <code>~/.forwarders</code>), and a util
+     provides a special local alias for the user to give to the forwarder.
+     Alias only works for mail from that forwarder.  Milter gets forwarder
+     domain from alias and uses it to SPF check forwarder.  Requires
+     milter to have read access to <code>~/.forwarders</code> or else
+     a way for user to submit entries to milter database.
+<li> The bms.py milter has too many features.  Create a framework where
+     numerous small feature modules can be plugged together in the
+     configuration.
+<li> Create a pure python substitute for miltermodule and libmilter that
+     implements the <a
+href="http://www.duh.org/cvsweb.cgi/~checkout~/pmilter/doc/milter-protocol.txt?rev=1">
+     libmilter protocol</a> in python. 
+<li> Find or write a faster implementation of sgmllib.  The 
+     <a href="http://www.effbot.org/zone/sgmlop-index.htm">sgmlop package</a>
+     is not very compatible with 
+     <a href="http://www.python.org/doc/2.1.3/lib/module-sgmllib.html">
+     Python-2.1 sgmllib</a>, but it is a start, and is supported in
+     milter-0.4.5 or later.
+<li> Implement all or most of the features of 
+     <a href="http://www.roaringpenguin.com/mimedefang/">MIMEDefang</a>.
+<li> Follow the official <a href="http://www.python.org/peps/pep-0008.html">
+     Python coding standards</a> more closely.
+<li> Make unit test code more like other python modules.
+</menu>
+
+<h3> Confirmed Installations </h3>
+
+Please <a href="mailto:%73%74%75%61%72%74%40%62%6D%73%69%2E%63%6F%6D">email</a>
+me if you successfully install milter on a system not mentioned below.
+<p>
+<table>
+<tr>
+<th>Operating System</th> <th>Compiler</th> <th>Python</th> <th>Sendmail</th>
+<th>milter</th>
+<tr>
+<td>Mandrake 8.0</td><td>gcc-3.0.1</td><td>2.1.1</td><td>8.12.0</td>
+<td>0.3.3</td><tr>
+<td>Mandrake 8.0</td><td>gcc-2.96</td><td>2.0</td><td>8.11.2</td>
+<td>0.3.6</td><tr>
+<td>RedHat 6.2</td><td>egcs-1.1.2</td><td>2.2.2</td><td>8.11.6</td>
+<td>0.5.4</td><tr>
+<td>RedHat 7.1</td><td>gcc-2.96</td><td>?</td><td>8.12.1</td>
+<td>0.3.5</td><tr>
+<td>RedHat 7.3</td><td>gcc-2.96</td><td>2.2.2</td><td>8.11.6</td>
+<td>0.5.5</td><tr>
+<td>RedHat 7.3</td><td>gcc-2.96</td><td>2.3.3</td><td>8.13.1</td>
+<td>0.7.2</td><tr>
+<td>RedHat 8.0</td><td>gcc-3.2</td><td>2.2.1</td><td>8.12.6</td>
+<td>0.5.2</td><tr>
+<td>Debian Linux</td><td>gcc-2.95.2</td><td>2.1.1</td><td>8.12.0</td>
+<td>0.3.7</td><tr>
+<td>Debian Linux</td><td>gcc-3.2.2</td><td>2.2.2</td><td>8.12.7</td>
+<td>0.5.4</td><tr>
+<td>AIX-4.1.5</td><td>gcc-2.95.2</td><td>2.1.1</td><td>8.11.5</td>
+<td>0.3.3</td><tr>
+<td>AIX-4.1.5</td><td>gcc-2.95.2</td><td>2.1.1</td><td>8.12.1</td>
+<td>0.3.4</td><tr>
+<td>AIX-4.1.5</td><td>gcc-2.95.2</td><td>2.1.3</td><td>8.12.3</td>
+<td>0.4.2</td><tr>
+<td>AIX-4.1.5</td><td>gcc-2.95.2</td><td>2.2.3</td><td>8.13.1</td>
+<td>0.7.1</td><tr>
+<td>Slackware 7.1</td><td>?</td><td>?</td><td>8.12.1</td>
+<td>0.3.8</td><tr>
+<td>Slackware 9.0</td><td>gcc-3.2.2</td><td>2.2.3</td><td>8.12.9</td>
+<td>0.5.4</td><tr>
+<td>OpenBSD</td><td>?</td><td>2.3.3?</td><td>8.13.1?</td>
+<td>0.7.2</td><tr>
+<td>SuSE 7.3</td><td>gcc-2.95.3</td><td>2.1.1</td><td>8.12.2</td>
+<td>0.3.9</td><tr>
+<td>FreeBSD</td><td>gcc-2.95.3</td><td>2.2.1</td><td>8.12.3</td>
+<td>0.4.0</td><tr>
+<td>FreeBSD</td><td>gcc-2.95.3</td><td>2.2.2</td><td>?</td>
+<td>0.5.5</td><tr>
+<td>FreeBSD 4.4</td><td>gcc-2.95.3</td><td>?</td><td>8.12.10</td>
+<td>0.6.6</td><tr>
+
+</table>
+
+<h3> Requirements </h3>
+
+<menu>
+<li> While the miltermodule will work with python 1.5, you probably
+want to use python 2.0 or better.  The python code uses a number of
+python 2 features.
+<li> Python must be configured with thread support.  This is because
+sendmail's libmilter requires thread support.
+<li> You must compile sendmail with libmilter enabled.  In versions of
+sendmail prior to 8.12 libmilter is marked FFR (For Future Release) and
+is not installed by default.  
+Sendmail 8.12 still does not enable libmilter by default.  You must 
+explicitly select the "MILTER" option when compiling.  
+<li> Python milter has been tested against sendmail-8.11 and sendmail-8.12.
+<li> Python milter must be compiled for the specific version of sendmail
+it will run with.  (Since the result is dynamically loaded, there could 
+conceivably be multiple versions available and selected at startup - but
+that will have to wait.)  This situation may only exist for sendmail
+versions prior to 8.12.  The protocol seems designed for backward 
+compatibility - and 8.12 is the first official milter release.
+<li> Mea Culpa!  After reading the Python Style guide, I realize that
+my Python code is not up to snuff.  Apparently mixed tabs and spaces
+are anathema to those using Windows editors, where tabs can be expanded using
+any arbitrary algorithm.  Other than that, my
+intuition matched Guido's pretty well - although I like to indent by 2
+rather than 4.  I will arrange to have tabs expanded to spaces when
+exporting new versions.  Until then, beware!
+</menu>
+
+<h3> <a name="aix4"> AIX 4.1.5 Requirements </a> </h3>
+To create sendmail RPMs for AIX, you can download my AIX 4.1.5 spec files 
+for <a href="/aix/sendmail.spec">sendmail-8.11.5</a> 
+or <a href="/aix/sendmail12.spec">sendmail-8.12.3</a>.  If you have
+not already set it up, I use a <a href="/aix/aix.spec">dummy RPM package</a>
+to represent the stuff that comes with AIX.  You might also want
+my <a href="/aix/python.spec">python-2.1.1</a> spec file for AIX.  It
+does not include Tk or curses modules, sorry.  If y'all trust me, you can
+download rpms for AIX 4.x from my <a href="/aix">AIX RPM directory</a>.
+<p>
+Sendmail-8.12 renames 
+libsmutil.a to libsm.a.  Unfortunately, libsm.a is an important AIX system
+shared library.  Therefore, I rename libsm.a back to libsmutil.a for
+AIX.  This presents a problem for setup.py.
+
+<h3> <a name="rh72"> RedHat 7.2 Requirements </a> </h3>
+
+If you are running Redhat 7.2, the distributed version of sendmail
+now enables libmilter by default.  RedHat 7.2 bundles
+the development libraries with the main sendmail package, so
+there is no sendmail-devel package.  However, they forgot to include the
+headers!  So you'll have to get the SRPM and modify it.  I suggest
+moving the static libs to a devel package and adding the headers.  If
+this is too much trouble, you can get the <a href="mfapi.h">mfapi.h</a>
+header for sendmail-8.6.11 from here and manually install it as
+<code>/usr/include/libmilter/mfapi.h</code>.
+<p>
+If you do modify the SRPM, I suggest renaming libsmutil.a
+to libsm.a - just like sendmail-8.12 will.  If you manually install
+mfapi.h or don't rename libsmutil.a, you'll
+need to force <code>libs = ["milter", "smutil"]</code> in setup.py.
+<p>
+If you have installed python2, and want
+python-milter to use python2, add <code>python=python2</code> to setup.cfg
+and build with <code>python2 setup.py bdist_rpm</code>.   
+
+<h3> <a name="rh62"> Redhat 6.2 Requirements </a> </h3>
+
+If you are running Redhat 6.2, the distributed version of sendmail
+does not enable libmilter.  You can download the Redhat 7.2 sendmail.spec
+modified to compile on RedHat 6.2:
+<a href="http://www.bmsi.com/linux/rh62/sendmail-rhmilter.spec">
+sendmail-rhmilter.spec</a>.  The <a
+href="ftp://updates.redhat.com/7.0/en/os/SRPMS/sendmail-8.11.6-1.7.0.src.rpm">
+SRPM for sendmail-8.11.6</a> is available from
+<a href="http://www.redhat.com">Redhat</a> under 
+<a href="http://www.redhat.com/support/errata/RHSA-2001-106.html">
+Errata for RH6.2</a>.  But that doesn't include the latest security
+patches since RH6.2 is no longer supported.
+<p>
+If y'all trust me, you can pick up source and binary sendmail RPMs for RH6.2
+from my <a href="http://www.bmsi.com/linux/rh62">linux downloads</a> directory.
+The lastest RPMs were built by taking a RH7.2 SRPMS and removing some
+RPM features from the spec file that RH6.2 doesn't support, then
+recompiling on RH6.2.  You can check this by installing the RH7.2 SRPM,
+then diffing my sendmail.spec with theirs.  Then run
+"rpm -bb sendmail-rhmilter.spec" when you are satisfied.
+<p>
+If you have installed python2, and want
+python-milter to use python2, add <code>python=python2</code> to setup.cfg
+and build with <code>python2 setup.py bdist_rpm</code>.
+You'll need to install the sendmail-devel package to compile milter.
+
+<hr>
+<p>
+<a href="http://validator.w3.org/check/referer">
+<img border=0 src="/vh32.png" alt=" [ Valid HTML 3.2! ] " height=31 width=88></a>
+<a href="http://www.redhat.com">
+<img src="/art/powered_by.gif" width="88" height="31" alt=" [ Powered By Red Hat Linux ] " border="0"></a>
+</p>
+
+</body></html>
@@ -0,0 +1,81 @@
+#!/bin/bash
+#
+# milter	This shell script takes care of starting and stopping milter.
+#
+# chkconfig: 2345 80 30
+# description: Milter is a process that filters messages sent through sendmail.
+# processname: milter
+# config: /var/log/milter/bms.py
+# pidfile: /var/run/milter/milter.pid
+
+python="python2.3"
+
+pidof() {
+	set - ""
+	if set - `ps -e -o pid,cmd | grep "${python} bms.py"` &&
+	  [ "$2" != "grep" ]; then
+	  echo $1
+	  return 0
+	fi
+	return 1
+}
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+[ -x /var/log/milter/start.sh ] || exit 0
+
+RETVAL=0
+prog="milter"
+
+start() {
+	# Start daemons.
+
+	echo -n "Starting $prog: "
+	daemon --check milter --user mail /var/log/milter/start.sh
+	RETVAL=$?
+	echo
+	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/milter
+	return $RETVAL
+}
+
+stop() {
+	# Stop daemons.
+	echo -n "Shutting down $prog: "
+	killproc milter
+	RETVAL=$?
+	echo
+	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/milter
+	return $RETVAL
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart|reload)
+	stop
+	start
+	RETVAL=$?
+	;;
+  condrestart)
+	if [ -f /var/lock/subsys/milter ]; then
+	    stop
+	    start
+	    RETVAL=$?
+	fi
+	;;
+  status)
+	status milter
+	RETVAL=$?
+	;;
+  *)
+	echo "Usage: $0 {start|stop|restart|condrestart|status}"
+	exit 1
+esac
+
+exit $RETVAL
@@ -0,0 +1,81 @@
+#!/bin/bash
+#
+# milter	This shell script takes care of starting and stopping milter.
+#
+# chkconfig: 2345 80 30
+# description: Milter is a process that filters messages sent through sendmail.
+# processname: milter
+# config: /var/log/milter/bms.py
+# pidfile: /var/run/milter/milter.pid
+
+python="python2.3"
+
+pidof() {
+	set - ""
+	if set - `ps -e -o pid,wchan,cmd | grep "rt_sig ${python} bms.py"` &&
+	  [ "$3" != "grep" ]; then
+	  echo $1
+	  return 0
+	fi
+	return 1
+}
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+[ -x /var/log/milter/start.sh ] || exit 0
+
+RETVAL=0
+prog="milter"
+
+start() {
+	# Start daemons.
+
+	echo -n "Starting $prog: "
+	daemon --check milter --user mail /var/log/milter/start.sh
+	RETVAL=$?
+	echo
+	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/milter
+	return $RETVAL
+}
+
+stop() {
+	# Stop daemons.
+	echo -n "Shutting down $prog: "
+	killproc milter
+	RETVAL=$?
+	echo
+	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/milter
+	return $RETVAL
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart|reload)
+	stop
+	start
+	RETVAL=$?
+	;;
+  condrestart)
+	if [ -f /var/lock/subsys/milter ]; then
+	    stop
+	    start
+	    RETVAL=$?
+	fi
+	;;
+  status)
+	status milter
+	RETVAL=$?
+	;;
+  *)
+	echo "Usage: $0 {start|stop|restart|condrestart|status}"
+	exit 1
+esac
+
+exit $RETVAL
@@ -0,0 +1,251 @@
+%define name milter
+%define version 0.8.0
+%define release 3.RH7
+# what version of RH are we building for?
+%define redhat9 0
+%define redhat7 1
+%define redhat6 0
+
+# Options for Redhat version 6.x:
+# rpm -ba|--rebuild --define "rh6 1"
+%{?rh6:%define redhat7 0}
+%{?rh6:%define redhat6 1}
+
+# some systems dont have initrddir defined
+%{?_initrddir:%define _initrddir /etc/rc.d/init.d}
+
+%if %{redhat9}
+%define sysvinit milter.rc
+%else	# Redhat 7.x and earlier (multiple ps lines per thread)
+%define sysvinit milter.rc7
+%endif
+# RH9, other systems (single ps line per process)
+%ifos Linux
+%define python python2.4
+%else
+%define python python
+%endif
+
+Summary: Python interface to sendmail milter API
+Name: %{name}
+Version: %{version}
+Release: %{release}
+Source: %{name}-%{version}.tar.gz
+#Patch: %{name}-%{version}.patch
+Copyright: GPL
+Group: Development/Libraries
+BuildRoot: %{_tmppath}/%{name}-buildroot
+Prefix: %{_prefix}
+Vendor: Stuart D. Gathman <stuart@bmsi.com>
+Packager: Stuart D. Gathman <stuart@bmsi.com>
+Url: http://www.bmsi.com/python/milter.html
+Requires: %{python} >= 2.4, sendmail >= 8.12.10
+%ifos Linux
+Requires: chkconfig
+%endif
+BuildRequires: %{python}-devel , sendmail-devel >= 8.12.10
+
+%description
+This is a python extension module to enable python scripts to
+attach to sendmail's libmilter functionality.  Additional python
+modules provide for navigating and modifying MIME parts.
+
+%prep
+%setup
+#%patch -p1
+
+%build
+env CFLAGS="$RPM_OPT_FLAGS" %{python} setup.py build
+
+%install
+rm -rf $RPM_BUILD_ROOT
+%{python} setup.py install --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES
+mkdir -p $RPM_BUILD_ROOT/var/log/milter
+mkdir -p $RPM_BUILD_ROOT/etc/mail
+mkdir $RPM_BUILD_ROOT/var/log/milter/save
+cp bms.py strike3.txt softfail.txt $RPM_BUILD_ROOT/var/log/milter
+cp milter.cfg $RPM_BUILD_ROOT/etc/mail/pymilter.cfg
+
+# logfile rotation
+mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
+cat >$RPM_BUILD_ROOT/etc/logrotate.d/milter <<'EOF'
+/var/log/milter/milter.log {
+  copytruncate
+  compress
+}
+EOF
+
+# purge saved defanged message copies
+mkdir -p $RPM_BUILD_ROOT/etc/cron.daily
+%ifos aix4.1
+R=
+%else
+R='-r'
+%endif
+cat >$RPM_BUILD_ROOT/etc/cron.daily/milter <<'EOF'
+#!/bin/sh
+
+find /var/log/milter/save -mtime +7 | xargs $R rm
+EOF
+chmod a+x $RPM_BUILD_ROOT/etc/cron.daily/milter
+
+%ifos aix4.1
+cat >$RPM_BUILD_ROOT/var/log/milter/start.sh <<'EOF'
+#!/bin/sh
+cd /var/log/milter
+# uncomment to enable sgmlop if installed
+#export PYTHONPATH=/usr/local/lib/python2.1/site-packages
+exec /usr/local/bin/python bms.py >>milter.log 2>&1
+EOF
+%else
+cat >$RPM_BUILD_ROOT/var/log/milter/start.sh <<'EOF'
+#!/bin/sh
+cd /var/log/milter
+exec >>milter.log 2>&1
+%{python} bms.py &
+echo $! >/var/run/milter/milter.pid
+EOF
+mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
+cp %{sysvinit} $RPM_BUILD_ROOT/etc/rc.d/init.d/milter
+ed $RPM_BUILD_ROOT/etc/rc.d/init.d/milter <<'EOF'
+/^python=/
+c
+python="%{python}"
+.
+w
+q
+EOF
+%endif
+chmod a+x $RPM_BUILD_ROOT/var/log/milter/start.sh
+
+mkdir -p $RPM_BUILD_ROOT/var/run/milter
+mkdir -p $RPM_BUILD_ROOT/usr/share/sendmail-cf/hack
+cp -p rhsbl.m4 $RPM_BUILD_ROOT/usr/share/sendmail-cf/hack
+
+%ifos aix4.1
+%post
+mkssys -s milter -p /var/log/milter/start.sh -u 25 -S -n 15 -f 9 -G mail || :
+
+%preun
+if [ $1 = 0 ]; then
+  rmssys -s milter || :
+fi
+%else
+%post
+#echo "pythonsock has moved to /var/run/milter, update /etc/mail/sendmail.cf"
+/sbin/chkconfig --add milter
+
+%preun
+if [ $1 = 0 ]; then
+  /sbin/chkconfig --del milter
+fi
+%endif
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files -f INSTALLED_FILES
+%defattr(-,root,root)
+%doc README NEWS TODO CREDITS sample.py
+/etc/logrotate.d/milter
+/etc/cron.daily/milter
+%ifos aix4.1
+%defattr(-,smmsp,mail)
+%else
+/etc/rc.d/init.d/milter
+%defattr(-,mail,mail)
+%endif
+%dir /var/log/milter
+%dir /var/run/milter
+%dir /var/log/milter/save
+%config /var/log/milter/start.sh
+%config /var/log/milter/bms.py
+%config /var/log/milter/strike3.txt
+%config /var/log/milter/softfail.txt
+%config(noreplace) /etc/mail/pymilter.cfg
+/usr/share/sendmail-cf/hack/rhsbl.m4
+
+%changelog
+* Sat Jun 04 2005 Stuart Gathman <stuart@bmsi.com> 0.8.0-2
+- Include default softfail, strike3 templates
+* Wed May 25 2005 Stuart Gathman <stuart@bmsi.com> 0.8.0-1
+- Move Milter module to subpackage.
+- DSN support for Three strikes rule and SPF SOFTFAIL
+- Move /*mime*/ and dynip to Milter subpackage
+- Fix SPF unknown mechanism list not cleared
+- Make banned extensions configurable.
+- Option to scan zipfiles for bad extensions.
+* Tue Feb 08 2005 Stuart Gathman <stuart@bmsi.com> 0.7.3-1.EL3
+- Support EL3 and Python2.4 (some scanning/defang support broken)
+* Mon Aug 30 2004 Stuart Gathman <stuart@bmsi.com> 0.7.2-1
+- Fix various SPF bugs
+- Recognize dynamic PTR names, and don't count them as authentication.
+- Three strikes and yer out rule.
+- Block softfail by default unless valid PTR or HELO
+- Return unknown for null mechanism
+- Return unknown for invalid ip address in mechanism
+- Try best guess on HELO also
+- Expand setreply for common errors
+- make rhsbl.m4 hack available for sendmail.mc
+* Sun Aug 22 2004 Stuart Gathman <stuart@bmsi.com> 0.7.1-1
+- Handle modifying mislabeled multipart messages without an exception
+- Support setbacklog, setmlreply
+- allow multi-recipient CBV
+- return TEMPFAIL for SPF softfail
+* Fri Jul 23 2004 Stuart Gathman <stuart@bmsi.com> 0.7.0-1
+- SPF check hello name
+- Move pythonsock to /var/run/milter
+- Move milter.cfg to /etc/mail/pymilter.cfg
+- Check M$ style XML CID records by converting to SPF
+- Recognize, but never match ip6 until we properly support it.
+- Option to reject when no PTR and no SPF
+* Fri Apr 09 2004 Stuart Gathman <stuart@bmsi.com> 0.6.9-1
+- Validate spf.py against test suite, and add Received-SPF support to spf.py
+- Support best_guess for SPF
+- Reject numeric hello names
+- Preserve case of local part in sender
+- Make libmilter timeout a config option
+- Fix setup.py to work with python < 2.2.3
+* Tue Apr 06 2004 Stuart Gathman <stuart@bmsi.com> 0.6.8-3
+- Reject invalid SRS immediately for benefit of callback verifiers
+- Fix include bug in spf.py
+* Tue Apr 06 2004 Stuart Gathman <stuart@bmsi.com> 0.6.8-2
+- Bug in check_header
+* Mon Apr 05 2004 Stuart Gathman <stuart@bmsi.com> 0.6.8-1
+- Don't report spoofed unless rcpt looks like SRS
+- Check for bounce with multiple rcpts
+- Make dspam see Received-SPF headers
+- Make sysv init work with RH9
+* Thu Mar 25 2004 Stuart Gathman <stuart@bmsi.com> 0.6.7-3
+- Forgot to make spf_reject_neutral global in bms.py
+* Wed Mar 24 2004 Stuart Gathman <stuart@bmsi.com> 0.6.7-2
+- Defang message/rfc822 content_type with boundary 
+- Support SPF delegation
+- Reject neutral SPF result for selected domains
+* Tue Mar 23 2004 Stuart Gathman <stuart@bmsi.com> 0.6.7-1
+- SRS forgery check.  Detect thread resource starvation.
+- Properly remove local socket with explicit type.
+- Decode obfuscated subject headers.
+* Wed Mar 11 2004 Stuart Gathman <stuart@bmsi.com> 0.6.6-2
+- init script bug with python2.3
+* Wed Mar 10 2004 Stuart Gathman <stuart@bmsi.com> 0.6.6-1
+- SPF checking, hello blacklist
+* Mon Mar 08 2004 Stuart Gathman <stuart@bmsi.com> 0.6.5-2
+- memory leak in envfrom and envrcpt
+* Mon Mar 01 2004 Stuart Gathman <stuart@bmsi.com> 0.6.5-1
+- progress notification
+- memory leak in connect
+- trusted relay
+* Thu Feb 19 2004 Stuart Gathman <stuart@bmsi.com> 0.6.4-2
+- smart alias wildcard patch, compile for sendmail-8.12
+* Thu Dec 04 2003 Stuart Gathman <stuart@bmsi.com> 0.6.4-1
+- many fixes for dspam support
+* Wed Oct 22 2003 Stuart Gathman <stuart@bmsi.com> 0.6.3
+- dspam SCREEN feature
+- streamline dspam false positive handling
+* Mon Sep 01 2003 Stuart Gathman <stuart@bmsi.com> 0.6.1
+- Full dspam support added
+* Mon Aug 26 2003 Stuart Gathman <stuart@bmsi.com>
+- Use New email module
+* Fri Jun 27 2003 Stuart Gathman <stuart@bmsi.com>
+- Add dspam module
@@ -1,20 +1,19 @@
 /* Copyright (C) 2001  James Niemira (niemira@colltech.com, urmane@urmane.org)
- * Portions Copyright (C) 2001,2002,2003,2004,2005,2006,2007
- *   Stuart Gathman (stuart@bmsi.com)
+ * Portions Copyright (C) 2001,2002,2003,2004  Stuart Gathman (stuart@bmsi.com)
 * 
- * This program is free software: you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation, either version 2 of the License, or (at your
- * option) any later version.
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
 * 
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * General Public License for more details.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
 * 
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 *
 * milterContext object and thread interface contributed by
 * 	Stuart D. Gathman <stuart@bmsi.com>
@@ -35,45 +34,6 @@ $ python setup.py help
     libraries=["milter","smutil","resolv"]

 * $Log$
- * Revision 1.14  2008/12/04 19:43:00  customdesigned
- * Doc updates.
- *
- * Revision 1.13  2008/11/23 03:06:47  customdesigned
- * Milter support for chgfrom.
- *
- * Revision 1.12  2008/11/21 20:42:52  customdesigned
- * Support smfi_chgfrom and smfi_addrcpt_par.
- *
- * Revision 1.11  2007/09/25 02:26:29  customdesigned
- * Update license.
- *
- * Revision 1.10  2006/02/12 02:00:42  customdesigned
- * Resolve FIXME for wrap_close.
- *
- * Revision 1.9  2005/12/23 21:46:36  customdesigned
- * Compile on sendmail-8.12 (ifdef SMFIR_INSHEADER)
- *
- * Revision 1.8  2005/10/20 23:23:36  customdesigned
- * Include smfi_progress is SMFIR_PROGRESS defined
- *
- * Revision 1.7  2005/10/20 23:04:46  customdesigned
- * Add optional idx for position of added header.
- *
- * Revision 1.6  2005/07/15 22:18:17  customdesigned
- * Support callback exception policy
- *
- * Revision 1.5  2005/06/24 04:20:07  customdesigned
- * Report context allocation error.
- *
- * Revision 1.4  2005/06/24 04:12:43  customdesigned
- * Remove unused name argument to generic wrappers.
- *
- * Revision 1.3  2005/06/24 03:57:35  customdesigned
- * Handle close called before connect.
- *
- * Revision 1.2  2005/06/02 04:18:55  customdesigned
- * Update copyright notices after reading article on /.
- *
 * Revision 1.1.1.2  2005/05/31 18:09:06  customdesigned
 * Release 0.7.1
 *
@@ -191,10 +151,10 @@ $ python setup.py help
 #endif
 #define _FFR_MULTILINE (MAX_ML_REPLY > 1)

-//#include <pthread.h>	// shouldn't be needed - use Python API
-#include <Python.h>		// Python C API
-#include <libmilter/mfapi.h>	// libmilter API
-#include <netinet/in.h>		// socket API
+#include <pthread.h>
+#include <netinet/in.h>
+#include <Python.h>
+#include <libmilter/mfapi.h>


 /* See if we have IPv4 and/or IPv6 support in this OS and in
@@ -234,7 +194,7 @@ $ python setup.py help


 /* Yes, these are static.  If you need multiple different callbacks, */
-/* it's cleaner to use multiple filters, or convert to OO method calls. */
+/* it's cleaner to use multiple filters. */
 static PyObject *connect_callback = NULL;
 static PyObject *helo_callback    = NULL;
 static PyObject *envfrom_callback = NULL;
@@ -261,10 +221,10 @@ typedef struct {
  PyThreadState *t;	/* python thread state */
 } milter_ContextObject;

-/* Return a borrowed reference to the python Context.  Called by callbacks
-   invoked by libmilter.  Create a new Context if needed.  The new
-   Python Context is owned by the SMFICTX. The python interpreter is locked on
-   successful return, otherwise not. */
+/* Return a borrowed reference to the python Context.  Create a
+   new Context if needed.  The new Python Context is owned by
+   the SMFICTX. The python interpreter is locked on successful
+   return, otherwise not. */
 static milter_ContextObject *
 _get_context(SMFICTX *ctx) {
  milter_ContextObject *self = smfi_getpriv(ctx);
@@ -279,11 +239,8 @@ _get_context(SMFICTX *ctx) {
    PyEval_AcquireThread(t);	/* lock interp */
    self = PyObject_New(milter_ContextObject,&milter_ContextType);
    if (!self) {
-      /* Report and clear exception since we are called from libmilter */
-      if (PyErr_Occurred()) {
-	PyErr_Print();
+      /* Can't pass on exception since we are called from libmilter */
      PyErr_Clear();
-      }
      PyThreadState_Clear(t);
      PyEval_ReleaseThread(t);
      PyThreadState_Delete(t);
@@ -298,15 +255,14 @@ _get_context(SMFICTX *ctx) {
  return self;
 }

-/* Find the SMFICTX from a Python Context.  Called by context methods invoked
-   from python.  The interpreter must be locked. */ 
+/* Find the SMFICTX from a Python Context. The interpreter must be locked. */
 static SMFICTX *
 _find_context(PyObject *c) {
  SMFICTX *ctx = NULL;
  if (c->ob_type == &milter_ContextType) {
    milter_ContextObject *self = (milter_ContextObject *)c;
    ctx = self->ctx;
-    if (ctx != NULL && smfi_getpriv(ctx) != self)
+    if (smfi_getpriv(ctx) != self)
      ctx = NULL;
  }
  if (ctx == NULL)
@@ -314,6 +270,23 @@ _find_context(PyObject *c) {
  return ctx;
 }

+/* Release the Python Context for a SMFICTX.  */
+static void
+_clear_context(SMFICTX *ctx) {
+  milter_ContextObject *self = smfi_getpriv(ctx);
+  if (self) {
+    PyThreadState *t = self->t;
+    PyEval_AcquireThread(t);
+    self->t = 0;
+    self->ctx = 0;
+    smfi_setpriv(ctx,0);
+    Py_DECREF(self);
+    PyThreadState_Clear(t);
+    PyEval_ReleaseThread(t);
+    PyThreadState_Delete(t);
+  }
+}
+
 static void
 milter_Context_dealloc(PyObject *s) {
  milter_ContextObject *self = (milter_ContextObject *)s;
@@ -352,15 +325,13 @@ static char milter_set_flags__doc__[] =
 Set flags for filter capabilities; OR of one or more of:\n\
 ADDHDRS - filter may add headers\n\
 CHGBODY - filter may replace body\n\
-CHGFROM - filter may replace body\n\
 ADDRCPT - filter may add recipients\n\
 DELRCPT - filter may delete recipients\n\
 CHGHDRS - filter may change/delete headers";

 static PyObject *
 milter_set_flags(PyObject *self, PyObject *args) {
-  if (!PyArg_ParseTuple(args, "i:set_flags", &description.xxfi_flags))
-    return NULL;
+  if (!PyArg_ParseTuple(args, "i", &description.xxfi_flags)) return NULL;
  Py_INCREF(Py_None);
  return Py_None;
 }
@@ -526,52 +497,17 @@ milter_set_close_callback(PyObject *self, PyObject *args) {
  return generic_set_callback(args, "O:set_close_callback", &close_callback);
 }

-static int exception_policy = SMFIS_TEMPFAIL;
-
-static char milter_set_exception_policy__doc__[] =
-"set_exception_policy(i) -> None\n\
-Sets the policy for untrapped Python exceptions during a callback.\n\
-Must be one of TEMPFAIL,REJECT,CONTINUE";
-
-static PyObject *
-milter_set_exception_policy(PyObject *self, PyObject *args) {
-  int i;
-  if (!PyArg_ParseTuple(args, "i:set_exception_policy", &i))
-    return NULL;
-  switch (i) {
-  case SMFIS_REJECT: case SMFIS_TEMPFAIL: case SMFIS_CONTINUE:
-    exception_policy = i;
-    Py_INCREF(Py_None);
-    return Py_None;
-  }
-  PyErr_SetString(MilterError,"invalid exception policy");
-  return NULL;
-}
-
-static void
-_release_thread(PyThreadState *t) {
-  if (t != NULL)
-    PyEval_ReleaseThread(t);
-}
-
 /** Report and clear any python exception before returning to libmilter. 
  The interpreter is locked when we are called, and we unlock it.  */
 static int _report_exception(milter_ContextObject *self) {
  if (PyErr_Occurred()) {
    PyErr_Print();
    PyErr_Clear();	/* must clear since not returning to python */
-    _release_thread(self->t);
-    switch (exception_policy) {
-      case SMFIS_REJECT:
-	smfi_setreply(self->ctx, "554", "5.3.0", "Filter failure");
-	return SMFIS_REJECT;
-      case SMFIS_TEMPFAIL:
+    PyEval_ReleaseThread(self->t);
    smfi_setreply(self->ctx, "451", "4.3.0", "Filter failure");
    return SMFIS_TEMPFAIL;
  }
-    return SMFIS_CONTINUE;
-  }
-  _release_thread(self->t);
+  PyEval_ReleaseThread(self->t);
  return SMFIS_CONTINUE;
 }

@@ -590,7 +526,7 @@ _generic_wrapper(milter_ContextObject *self, PyObject *cb, PyObject *arglist) {
  retval = PyInt_AsLong(result);
  Py_DECREF(result);
  if (PyErr_Occurred()) return _report_exception(self);
-  _release_thread(self->t);
+  PyEval_ReleaseThread(self->t);
  return retval;
 }

@@ -680,7 +616,7 @@ milter_wrap_helo(SMFICTX *ctx, char *helohost) {
 }

 static int
-generic_env_wrapper(SMFICTX *ctx, PyObject*cb, char **argv) {
+generic_env_wrapper(SMFICTX *ctx, PyObject*cb, char **argv, const char *name) {
   PyObject *arglist;
   milter_ContextObject *self;
   int count = 0;
@@ -717,12 +653,12 @@ generic_env_wrapper(SMFICTX *ctx, PyObject*cb, char **argv) {

 static int
 milter_wrap_envfrom(SMFICTX *ctx, char **argv) {
-  return generic_env_wrapper(ctx,envfrom_callback,argv);
+  return generic_env_wrapper(ctx,envfrom_callback,argv,"milter_wrap_envfrom");
 }

 static int
 milter_wrap_envrcpt(SMFICTX *ctx, char **argv) {
-  return generic_env_wrapper(ctx,envrcpt_callback,argv);
+  return generic_env_wrapper(ctx,envrcpt_callback,argv,"milter_wrap_envrcpt");
 }    
  
 static int
@@ -738,7 +674,7 @@ milter_wrap_header(SMFICTX *ctx, char *headerf, char *headerv) {
 }

 static int
-generic_noarg_wrapper(SMFICTX *ctx,PyObject *cb) {
+generic_noarg_wrapper(SMFICTX *ctx,PyObject *cb,const char *name) {
   PyObject *arglist;
   milter_ContextObject *c;
   if (cb == NULL) return SMFIS_CONTINUE;
@@ -750,7 +686,7 @@ generic_noarg_wrapper(SMFICTX *ctx,PyObject *cb) {

 static int
 milter_wrap_eoh(SMFICTX *ctx) {
-  return generic_noarg_wrapper(ctx,eoh_callback);
+  return generic_noarg_wrapper(ctx,eoh_callback,"milter_wrap_eoh");
 }   

 static int
@@ -768,42 +704,23 @@ milter_wrap_body(SMFICTX *ctx, u_char *bodyp, size_t bodylen) {

 static int
 milter_wrap_eom(SMFICTX *ctx) {
-  return generic_noarg_wrapper(ctx,eom_callback);
+  return generic_noarg_wrapper(ctx,eom_callback,"milter_wrap_eom");
 }

 static int
 milter_wrap_abort(SMFICTX *ctx) {
  /* libmilter still calls close after abort */
-  return generic_noarg_wrapper(ctx,abort_callback);
+  return generic_noarg_wrapper(ctx,abort_callback,"milter_wrap_abort");
 }

 static int
 milter_wrap_close(SMFICTX *ctx) {
-  /* xxfi_close can be called out of order - even before connect.  
-   * There may not yet be a private context pointer.  To avoid
-   * creating a ThreadContext and allocating a milter context only
-   * to destroy them, and to avoid invoking the python close_callback when
-   * connect has never been called, we don't use generic_noarg_wrapper here. */
-  PyObject *cb = close_callback;
-  milter_ContextObject *self = smfi_getpriv(ctx);
-  int r = SMFIS_CONTINUE;
-  if (self != NULL) {
-    PyThreadState *t = self->t;
-    PyEval_AcquireThread(t);
-    self->t = 0;
-    if (cb != NULL && self->ctx == ctx) {
-      PyObject *arglist = Py_BuildValue("(O)", self);
-      /* Call python close callback, but do not ReleaseThread, because
-       * self->t is NULL */
-      r = _generic_wrapper(self, cb, arglist);
-    }
-    self->ctx = 0;
-    smfi_setpriv(ctx,0);
-    Py_DECREF(self);
-    PyThreadState_Clear(t);
-    PyEval_ReleaseThread(t);
-    PyThreadState_Delete(t);
-  }
+  int r = generic_noarg_wrapper(ctx,close_callback,"milter_wrap_close");
+  /* FIXME: It is inefficient to have released the interp lock only to
+     acquire it again in _clear_context.  We can tell _generic_return and
+     friends not to release the lock by, for instance, setting self->t to NULL.
+     However, first we make it work. */
+  _clear_context(ctx);
  return r;
 }

@@ -992,65 +909,30 @@ milter_setreply(PyObject *self, PyObject *args) {
 }

 static char milter_addheader__doc__[] =
-"addheader(field, value, idx=-1) -> None\n\
+"addheader(field, value) -> None\n\
 Add a header to the message. This header is not passed to other\n\
 filters. It is not checked for standards compliance;\n\
 the mail filter must ensure that no protocols are violated\n\
 as a result of adding this header.\n\
 field - header field name\n\
 value - header field value\n\
-idx - optional position in internal header list to insert new header\n\
 Both are strings.  This function can only be called from the EOM callback.";

 static PyObject *
 milter_addheader(PyObject *self, PyObject *args) {
  char *headerf;
  char *headerv;
-  int idx = -1;
  SMFICTX *ctx;
  PyThreadState *t;

-  if (!PyArg_ParseTuple(args, "ss|i:addheader", &headerf, &headerv, &idx))
-    return NULL;
+  if (!PyArg_ParseTuple(args, "ss:addheader", &headerf, &headerv)) return NULL;
  ctx = _find_context(self);
  if (ctx == NULL) return NULL;
  t = PyEval_SaveThread();
-#ifdef SMFIR_INSHEADER
-  return _thread_return(t, (idx < 0) ? smfi_addheader(ctx, headerf, headerv) :
-      smfi_insheader(ctx, idx, headerf, headerv), "cannot add header");
-#else
-  if (idx < 0)
-    return _thread_return(t, smfi_addheader(ctx, headerf, headerv),
+  return _thread_return(t,smfi_addheader(ctx, headerf, headerv),
 			 "cannot add header");
-  PyErr_SetString(MilterError, "insheader not supported");
-  return NULL;
-#endif
 }

-#ifdef SMFIF_CHGFROM
-static char milter_chgfrom__doc__[] =
-"chgfrom(sender,params) -> None\n\
-Change the envelope sender (MAIL From) of the current message.\n\
-A filter which calls smfi_chgfrom must have set the CHGFROM flag\n\
-in set_flags() before calling register.\n\
-This function can only be called from the EOM callback.";
-static PyObject *
-milter_chgfrom(PyObject *self, PyObject *args) {
-  char *sender;
-  char *params;
-  SMFICTX *ctx;
-  PyThreadState *t;
-  
-  if (!PyArg_ParseTuple(args, "s|z:chgfrom", &sender, &params))
-    return NULL;
-  ctx = _find_context(self);
-  if (ctx == NULL) return NULL;
-  t = PyEval_SaveThread();
-  return _thread_return(t,smfi_chgfrom(ctx, sender, params),
-			 "cannot change sender");
-}
-#endif
-
 static char milter_chgheader__doc__[] =
 "chgheader(field, int, value) -> None\n\
 Change/delete a header in the message. \n\
@@ -1080,33 +962,22 @@ milter_chgheader(PyObject *self, PyObject *args) {
 }

 static char milter_addrcpt__doc__[] =
-"addrcpt(string,params=None) -> None\n\
+"addrcpt(string) -> None\n\
 Add a recipient to the envelope.  It must be in the same format\n\
 as is passed to the envrcpt callback in the first tuple element.\n\
-If params is used, you must pass ADDRCPT_PAR to set_flags().\n\
 This function can only be called from the EOM callback.";

 static PyObject *
 milter_addrcpt(PyObject *self, PyObject *args) {
  char *rcpt;
-  char *params = 0;
  SMFICTX *ctx;
  PyThreadState *t;
-  int rc;
  
-  if (!PyArg_ParseTuple(args, "s|z:addrcpt", &rcpt)) return NULL;
+  if (!PyArg_ParseTuple(args, "s:addrcpt", &rcpt)) return NULL;
  ctx = _find_context(self);
  if (ctx == NULL) return NULL;
  t = PyEval_SaveThread();
-  if (params)
-#ifdef SMFIF_ADDRCPT_PAR
-    rc = smfi_addrcpt_par(ctx,rcpt,params);
-#else
-    rc = MI_FAILURE;
-#endif
-  else
-    rc = smfi_addrcpt(ctx,rcpt);
-  return _thread_return(t,rc, "cannot add recipient");
+  return _thread_return(t,smfi_addrcpt(ctx, rcpt), "cannot add recipient");
 }

 static char milter_delrcpt__doc__[] =
@@ -1214,7 +1085,7 @@ milter_quarantine(PyObject *self, PyObject *args) {
 }
 #endif

-#ifdef SMFIR_PROGRESS
+#if _FFR_SMFI_PROGRESS
 static char milter_progress__doc__[] =
 "progress() -> None\n\
 Notify the MTA that we are working on a message so it will reset timeouts.";
@@ -1245,11 +1116,8 @@ static PyMethodDef context_methods[] = {
 #ifdef SMFIF_QUARANTINE
  { "quarantine",  milter_quarantine,  METH_VARARGS, milter_quarantine__doc__},
 #endif
-#ifdef SMFIR_PROGRESS
+#if _FFR_SMFI_PROGRESS
  { "progress",  milter_progress,  METH_VARARGS, milter_progress__doc__},
-#endif
-#ifdef SMFIF_CHGFROM
-  { "chgfrom",  milter_chgfrom,  METH_VARARGS, milter_chgfrom__doc__},
 #endif
  { NULL, NULL }
 };
@@ -1287,8 +1155,6 @@ static PyMethodDef milter_methods[] = {
   { "set_eom_callback",     milter_set_eom_callback,     METH_VARARGS, milter_set_eom_callback__doc__},
   { "set_abort_callback",   milter_set_abort_callback,   METH_VARARGS, milter_set_abort_callback__doc__},
   { "set_close_callback",   milter_set_close_callback,   METH_VARARGS, milter_set_close_callback__doc__},
-   { "set_exception_policy",   milter_set_exception_policy,METH_VARARGS, milter_set_exception_policy__doc__},
-   { "register",             milter_register,             METH_VARARGS, milter_register__doc__},
   { "register",             milter_register,             METH_VARARGS, milter_register__doc__},
   { "main",                 milter_main,                 METH_VARARGS, milter_main__doc__},
   { "setdbg",               milter_setdbg,               METH_VARARGS, milter_setdbg__doc__},
@@ -1351,9 +1217,6 @@ initmilter(void) {
   setitem(d,"CHGBODY",  SMFIF_CHGBODY);
   setitem(d,"MODBODY",  SMFIF_MODBODY);
   setitem(d,"ADDRCPT",  SMFIF_ADDRCPT);
-#ifdef SMFIF_ADDRCPT_PAR
-   setitem(d,"ADDRCPT_PAR",  SMFIF_ADDRCPT_PAR);
-#endif
   setitem(d,"DELRCPT",  SMFIF_DELRCPT);
   setitem(d,"CHGHDRS",  SMFIF_CHGHDRS);
   setitem(d,"V1_ACTS",  SMFI_V1_ACTS);
@@ -1361,9 +1224,6 @@ initmilter(void) {
   setitem(d,"CURR_ACTS",  SMFI_CURR_ACTS);
 #ifdef SMFIF_QUARANTINE
   setitem(d,"QUARANTINE",SMFIF_QUARANTINE);
-#endif
-#ifdef SMFIF_CHGFROM
-   setitem(d,"CHGFROM",SMFIF_CHGFROM);
 #endif
   setitem(d,"CONTINUE",  SMFIS_CONTINUE);
   setitem(d,"REJECT",  SMFIS_REJECT);
@@ -1,10 +1,4 @@
 # $Log$
-# Revision 1.4  2005/06/17 01:49:39  customdesigned
-# Handle zip within zip.
-#
-# Revision 1.3  2005/06/02 15:00:17  customdesigned
-# Configure banned extensions.  Scan zipfile option with test case.
-#
 # Revision 1.2  2005/06/02 04:18:55  customdesigned
 # Update copyright notices after reading article on /.
 #
@@ -93,16 +87,6 @@ from email import Errors

 from types import ListType,StringType

-def zipnames(txt):
-  fp =  StringIO.StringIO(txt)
-  zipf = zipfile.ZipFile(fp,'r')
-  names = []
-  for nm in zipf.namelist():
-    names.append(('zipname',nm))
-    if nm.lower().endswith('.zip'):
-      names += zipnames(zipf.read(nm))
-  return names
-
 class MimeGenerator(Generator):
    def _dispatch(self, msg):
        # Get the Content-Type: for the message, then try to dispatch to
@@ -193,11 +177,13 @@ class MimeMessage(Message):
      names.append((attr,val))
    names += [("filename",self.get_filename())]
    if scan_zip:
-      for key,name in tuple(names):	# copy by converting to tuple
+      for key,name in names:
 	if name and name.lower().endswith('.zip'):
 	  txt = self.get_payload(decode=True)
-	  if txt.strip():
-	    names += zipnames(txt)
+	  fp =  StringIO.StringIO(txt)
+	  zipf = zipfile.ZipFile(fp,'r')
+	  for nm in zipf.namelist():
+	    names.append(('zipname',nm))
    return names

  def ismodified(self):
@@ -308,25 +294,19 @@ See your administrator.

 def check_name(msg,savname=None,ckname=check_ext,scan_zip=False):
  "Replace attachment with a warning if its name is suspicious."
-  try:
  for key,name in msg.getnames(scan_zip):
    badname = ckname(name)
    if badname:
+      hostname = socket.gethostname()
      if key == 'zipname':
        badname = msg.get_filename()
-	break
-    else:
-      return Milter.CONTINUE
-  except zipfile.BadZipfile:
-    # a ZIP that is not a zip is very suspicious
-    badname = msg.get_filename()
-  hostname = socket.gethostname()
      msg.set_payload(virus_msg % (badname,hostname,savname))
      del msg["content-type"]
      del msg["content-disposition"]
      del msg["content-transfer-encoding"]
      name = "WARNING.TXT"
      msg["Content-Type"] = "text/plain; name="+name
+      break
  return Milter.CONTINUE

 import email.Iterators
@@ -1,100 +0,0 @@
-%define __python python2.4
-%define version 0.9.0
-%define release 1.el4
-%define libdir %{_libdir}/pymilter
-%define name pymilter
-%define redhat7 0
-
-Summary: Python interface to sendmail milter API
-Name: %{name}
-Version: %{version}
-Release: %{release}
-Source: %{name}-%{version}.tar.gz
-#Patch: %{name}-%{version}.patch
-License: GPLv2+
-Group: Development/Libraries
-BuildRoot: %{_tmppath}/%{name}-buildroot
-Vendor: Stuart D. Gathman <stuart@bmsi.com>
-Url: http://www.bmsi.com/python/milter.html
-Requires: %{__python} >= 2.4, sendmail >= 8.13
-BuildRequires: %{__python}-devel >= 2.4, sendmail-devel >= 8.13
-
-%description
-This is a python extension module to enable python scripts to
-attach to sendmail's libmilter functionality.  Additional python
-modules provide for navigating and modifying MIME parts, sending
-DSNs, and doing CBV.
-
-%prep
-%setup -q
-#patch -p0 -b .bms
-
-%build
-%if %{redhat7} 
-  LDFLAGS="-s"
-%else # Redhat builds debug packages after 7.3
-  LDFLAGS="-g"
-%endif
-env CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$LDFLAGS" %{__python} setup.py build
-
-%install
-rm -rf $RPM_BUILD_ROOT
-%{__python} setup.py install --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES
-mkdir -p $RPM_BUILD_ROOT/var/run/milter
-mkdir -p $RPM_BUILD_ROOT%{libdir}
-%ifos aix4.1
-cat >$RPM_BUILD_ROOT%{libdir}/start.sh <<'EOF'
-#!/bin/sh
-cd /var/log/milter
-exec /usr/local/bin/python bms.py >>milter.log 2>&1
-EOF
-%else # not aix4.1
-cp start.sh $RPM_BUILD_ROOT%{libdir}
-ed $RPM_BUILD_ROOT%{libdir}/start.sh <<'EOF'
-/^python=/
-c
-python="%{__python}"
-.
-w
-q
-EOF
-%endif
-chmod a+x $RPM_BUILD_ROOT%{libdir}/start.sh
-%if !%{redhat7}
-#grep '.pyc$' INSTALLED_FILES | sed -e 's/c$/o/' >>INSTALLED_FILES
-%endif
-
-# start.sh is used by spfmilter and milter, and could be used by
-# other milters running on redhat
-%files -f INSTALLED_FILES
-%defattr(-,root,root)
-%doc README ChangeLog NEWS TODO CREDITS sample.py milter-template.py
-%config %{libdir}/start.sh
-%dir %attr(0755,mail,mail) /var/run/milter
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%changelog
-* Mon Nov 24 2008 Stuart Gathman <stuart@bmsi.com> 0.9.0-1
- Split pymilter into its own CVS module
- Support chgfrom and addrcpt_par
- Support NS records in Milter.dns
-* Mon Aug 25 2008 Stuart Gathman <stuart@bmsi.com> 0.8.10-2
- /var/run/milter directory must be owned by mail
-* Mon Aug 25 2008 Stuart Gathman <stuart@bmsi.com> 0.8.10-1
- improved parsing into email and fullname (still 2 self test failures)
- implement no-DSN CBV, reduce full DSNs
-* Mon Sep 24 2007 Stuart Gathman <stuart@bmsi.com> 0.8.9-1
- Use ifarch hack to build milter and milter-spf packages as noarch
- Remove spf dependency from dsn.py, add dns.py
-* Fri Jan 05 2007 Stuart Gathman <stuart@bmsi.com> 0.8.8-1
- move AddrCache, parse_addr, iniplist to Milter package
- move parse_header to Milter.utils
- fix plock for missing source and can't change owner/group
- split out pymilter and pymilter-spf packages
- move milter apps to /usr/lib/pymilter
-* Sat Nov 04 2006 Stuart Gathman <stuart@bmsi.com> 0.8.7-1
- SPF moved to pyspf RPM
-* Tue May 23 2006 Stuart Gathman <stuart@bmsi.com> 0.8.6-2
- Support CBV timeout
@@ -0,0 +1,38 @@
+# Analyze milter log to find abusers
+
+fp = open('/var/log/milter/milter.log','r')
+subdict = {}
+ipdict = {}
+spamcnt = {}
+for line in fp:
+  a = line.split(None,4)
+  if len(a) < 4: continue
+  dt,tm,id,op = a[:4]
+  if op == 'Subject:':
+    if len(a) > 4: subdict[id] = a[4].rstrip()
+  elif op == 'connect':
+    ipdict[id] = a[4].rstrip()
+  elif op in ('eom','dspam'):
+    if id in subdict: del subdict[id]
+    if id in ipdict: del ipdict[id]
+  elif op in ('REJECT:','DSPAM:','SPAM:','abort'):
+    if id in subdict:
+      if id in ipdict:
+        ip = ipdict[id]
+	del ipdict[id]
+	f,host,raw = ip.split(None,2)
+	if host in spamcnt:
+	  spamcnt[host] += 1
+	else:
+	  spamcnt[host] = 1
+      else: ip = ''
+      print dt,tm,op,a[4].rstrip(),subdict[id]
+      del subdict[id]
+    else:
+      print line.rstrip()
+print len(subdict),'leftover entries'
+
+spamlist = filter(lambda x: x[1] > 1,spamcnt.items())
+spamlist.sort(lambda x,y: x[1] - y[1])
+for ip,cnt in spamlist:
+  print cnt,ip
@@ -0,0 +1,44 @@
+divert(-1)
+#
+# Copyright (c) 2002 Derek J. Balling
+#	All rights reserved.
+#
+# Permission to use granted for all purposes. If modifications are made
+# they are requested to be sent to <dredd@megacity.org> for inclusion in future
+# versions 
+#
+# Allows (hopefully) for checking of access.db whitelisting now. This ONLY
+# works on sendmail-8.12.x ... use on any other version may require tinkering
+# by you the downloader.
+#
+# Incorporates many changes by Sergey S. Mokryshev <mokr@mokr.net>
+#
+#
+
+divert(0)
+ifdef(`_RHSBL_R_',`dnl',`dnl
+VERSIONID(`$Id$')
+define(`_RHSBL_R_',`')
+ifdef(`_DNSBL_R_',`dnl',`dnl
+LOCAL_CONFIG
+# map for DNS based blacklist lookups based on the sender RHS
+Kdnsbl host -T<TMP>')')
+divert(-1)
+define(`_RHSBL_SRV_', `_ARG_')dnl
+define(`_RHSBL_MSG_', `ifelse(len(X`'_ARG2_),`1',`"550 Mail from " $`'&{RHS} " refused by blackhole site '_RHSBL_SRV_`"',`_ARG2_')')dnl
+define(`_RHSBL_MSG_TMP_', `ifelse(_ARG3_,`t',`"451 Temporary lookup failure of " $`'&{RHS} " at '_RHSBL_SRV_`"',`_ARG3_')')dnl
+
+MAILER_DEFINITIONS
+
+SLocal_check_mail
+# DNS based RHS spam list blackholes.bmsi.com
+R$*			$: <?> $>CanonAddr $1
+R<?> $*<@$+.>		$: <?> $1<@$2.> $| $>SearchList <+ rhs> $| <F:$1@$2> <D:$2> <>
+R<?> $* $| <$={Accept}>	$: OKSOFAR
+R<?> $*<@$+.> $| $*	$: <?> $(dnsbl $2._RHSBL_SRV_. $: OK $) $(macro {RHS} $@ $2 $)
+R<?> OK			$: OKSOFAR
+R<?> $*<@$*>		$: OKSOFAR
+ifelse(len(X`'_ARG3_),`1',
+`R<?>$+<TMP>		$: TMPOK',
+`R<?>$+<TMP>		$#error $@ 4.7.1 $: _RHSBL_MSG_TMP_')
+R<?>$+			$#error $@ 5.7.1 $: _RHSBL_MSG_
@@ -1,5 +1,5 @@
 [bdist_rpm]
-python=python2.4
+python=python2
 doc_files=README NEWS TODO
 packager=Stuart D. Gathman <stuart@bmsi.com>
-release=1
+release=2.4
@@ -3,10 +3,7 @@ import sys
 from distutils.core import setup, Extension

 # FIXME: on some versions of sendmail, smutil is renamed to sm
-# on slackware and debian, leave it out entirely.  It depends
-# on how libmilter was built by the sendmail package.
 libs = ["milter", "smutil"]
-libdirs = ["/usr/lib/libmilter"]    # needed for Debian

 # patch distutils if it can't cope with the "classifiers" or
 # "download_url" keywords
@@ -15,14 +12,13 @@ if sys.version < '2.2.3':
  DistributionMetadata.classifiers = None
  DistributionMetadata.download_url = None

-# NOTE: importing Milter to obtain version fails when milter.so not built
-setup(name = "pymilter", version = '0.9.0',
+setup(name = "milter", version = "0.8.0",
 	description="Python interface to sendmail milter API",
 	long_description="""\
 This is a python extension module to enable python scripts to
 attach to sendmail's libmilter functionality.  Additional python
 modules provide for navigating and modifying MIME parts, and
-sending DSNs or doing CBVs.
+querying SPF records.
 """,
 	author="Jim Niemira",
 	author_email="urmane@urmane.org",
@@ -30,13 +26,11 @@ sending DSNs or doing CBVs.
 	maintainer_email="stuart@bmsi.com",
 	license="GPL",
 	url="http://www.bmsi.com/python/milter.html",
-	py_modules=["mime"],
+	py_modules=["mime","spf"],
 	packages = ['Milter'],
 	ext_modules=[
 	  Extension("milter", ["miltermodule.c"],
-            library_dirs=libdirs,
 	    libraries=libs,
-	    # set MAX_ML_REPLY to 1 for sendmail < 8.13
 	    define_macros = [ ('MAX_ML_REPLY',32) ]
 	  ),
 	],
@@ -0,0 +1,23 @@
+Subject: SPF softfail (POSSIBLE FORGERY)
+
+This is an automatically generated Delivery Status Notification.
+
+THIS IS A WARNING MESSAGE ONLY.
+
+YOU DO *NOT* NEED TO RESEND YOUR MESSAGE.
+
+Delivery to the following recipients has been delayed.
+
+       %(rcpt)s
+
+Subject: %(subject)s
+Received-SPF: %(spf_result)s
+
+Your sender policy indicated that the above email was likely forged and that
+feedback was desired.
+
+If you need further assistance, please do not hesitate to contact me.
+
+Kind regards,
+
+postmaster@%(receiver)s
@@ -0,0 +1,99 @@
+#!/usr/bin/python2.3
+
+# Author: Stuart D. Gathman <stuart@bmsi.com>
+# Copyright 2004 Business Management Systems, Inc.
+# This code is under the GNU General Public License.  See COPYING for details.
+
+# $Log$
+# Revision 1.1.1.1  2005/05/31 18:07:19  customdesigned
+# Release 0.6.9
+#
+# Revision 2.3  2004/04/19 22:12:11  stuart
+# Release 0.6.9
+#
+# Revision 2.2  2004/04/18 03:29:35  stuart
+# Pass most tests except -local and -rcpt-to
+#
+# Revision 2.1  2004/04/08 18:41:15  stuart
+# Reject numeric hello names
+#
+# Driver for SPF test system
+
+import spf
+import sys
+
+from optparse import OptionParser
+
+class PerlOptionParser(OptionParser):
+    def _process_args (self, largs, rargs, values):
+        """_process_args(largs : [string],
+                         rargs : [string],
+                         values : Values)
+
+        Process command-line arguments and populate 'values', consuming
+        options and arguments from 'rargs'.  If 'allow_interspersed_args' is
+        false, stop at the first non-option argument.  If true, accumulate any
+        interspersed non-option arguments in 'largs'.
+        """
+        while rargs:
+            arg = rargs[0]
+            # We handle bare "--" explicitly, and bare "-" is handled by the
+            # standard arg handler since the short arg case ensures that the
+            # len of the opt string is greater than 1.
+            if arg == "--":
+                del rargs[0]
+                return
+            elif arg[0:2] == "--":
+                # process a single long option (possibly with value(s))
+                self._process_long_opt(rargs, values)
+            elif arg[:1] == "-" and len(arg) > 1:
+                # process a single perl style long option
+		rargs[0] = '-' + arg
+                self._process_long_opt(rargs, values)
+            elif self.allow_interspersed_args:
+                largs.append(arg)
+                del rargs[0]
+            else:
+		return
+
+def format(q):
+  res,code,txt = q.check()
+  print res
+  if res in ('pass','neutral','unknown'): print
+  else: print txt
+  print 'spfquery:',q.get_header_comment(res)
+  print 'Received-SPF:',q.get_header(res,'spfquery')
+
+def main(argv):
+  parser = PerlOptionParser()
+  parser.add_option("--file",dest="file")
+  parser.add_option("--ip",dest="ip")
+  parser.add_option("--sender",dest="sender")
+  parser.add_option("--helo",dest="hello_name")
+  parser.add_option("--local",dest="local_policy")
+  parser.add_option("--rcpt-to",dest="rcpt")
+  parser.add_option("--default-explanation",dest="explanation")
+  parser.add_option("--sanitize",type="int",dest="sanitize")
+  parser.add_option("--debug",type="int",dest="debug")
+  opts,args = parser.parse_args(argv)
+  if opts.ip:
+    q = spf.query(opts.ip,opts.sender,opts.hello_name,local=opts.local_policy)
+    if opts.explanation:
+      q.set_default_explanation(opts.explanation)
+    format(q)
+  if opts.file:
+    if opts.file == '0':
+      fp = sys.stdin
+    else:
+      fp = open(opts.file,'r')
+    for ln in fp:
+      ip,sender,helo,rcpt = ln.split(None,3)
+      q = spf.query(ip,sender,helo,local=opts.local_policy)
+      if opts.explanation:
+	q.set_default_explanation(opts.explanation)
+      format(q)
+    fp.close()
+    
+if __name__ == "__main__":
+  import sys
+  main(sys.argv[1:])
@@ -1,14 +0,0 @@
-#!/bin/sh
-appname="$1"
-script="${2:-${appname}}"
-datadir=/var/log/milter
-python="python2.4"
-exec >>${datadir}/${appname}.log 2>&1
-if test -s ${datadir}/${script}.py; then
-  cd ${datadir} # use version in log dir if it exists for debugging
-else
-  cd /usr/lib/pymilter
-fi
-
-${python} ${script}.py &
-echo $! >/var/run/milter/${appname}.pid
@@ -0,0 +1,66 @@
+Subject: Critical mail server configuration error
+
+This is an automatically generated Delivery Status Notification.
+
+THIS IS A WARNING MESSAGE ONLY.
+
+YOU DO *NOT* NEED TO RESEND YOUR MESSAGE.
+
+Delivery to the following recipients has been delayed.
+
+	%(rcpt)s
+
+Subject: %(subject)s 
+
+Someone at IP address %(connectip)s sent an email claiming
+to be from %(sender)s.  
+
+If that wasn't you, then your domain, %(sender_domain)s,
+was forged - i.e. used without your knowlege or authorization by
+someone attempting to steal your mail identity.  This is a very
+serious problem, and you need to provide authentication for your
+SMTP (email) servers to prevent criminals from forging your
+domain.  The simplest step is usually to publish an SPF record
+with your Sender Policy.  
+
+For more information, see: http://spfhelp.net
+
+I hate to annoy you with a DSN (Delivery Status
+Notification) from a possibly forged email, but since you
+have not published a sender policy, there is no other way
+of bringing this to your attention.
+
+If it *was* you that sent the email, then your email domain
+or configuration is in error.  If you don't know anything
+about mail servers, then pass this on to your SMTP (mail)
+server administrator.  We have accepted the email anyway, in
+case it is important, but we couldn't find anything about
+the mail submitter at %(connectip)s to distinguish it from a
+zombie (compromised/infected computer - usually a Windows
+PC).  There was no PTR record for its IP address (PTR names
+that contain the IP address don't count).  RFC2821 requires
+that your hello name be a FQN (Fully Qualified domain Name,
+i.e. at least one dot) that resolves to the IP address of
+the mail sender.  In addition, just like for PTR, we don't
+accept a helo name that contains the IP, since this doesn't
+help to identify you.  The hello name you used,
+%(heloname)s, was invalid.
+
+Furthermore, there was no SPF record for the sending domain
+%(sender_domain)s.  We even tried to find its IP in any A or
+MX records for your domain, but that failed also.  We really
+should reject mail from anonymous mail clients, but in case
+it is important, we are accepting it anyway.
+
+We are sending you this message to alert you to the fact that
+
+Either - Someone is forging your domain.
+Or - You have problems with your email configuration.
+Or - Possibly both.
+
+If you need further assistance, please do not hesitate to
+contact me again.
+
+Kind regards,
+
+postmaster@%(receiver)s
@@ -1,14 +1,14 @@
 import unittest
+import testbms
 import testmime
 import testsample
-import testutils
 import os

 def suite(): 
  s = unittest.TestSuite()
+  s.addTest(testbms.suite())
  s.addTest(testmime.suite())
  s.addTest(testsample.suite())
-  s.addTest(testutils.suite())
  return s

 if __name__ == '__main__':
@@ -1,49 +0,0 @@
-From paulp@go2net.com  Wed Jun  1 22:35:12 2005
-Return-Path: <paulp@go2net.com>
-Received: from mail.bmsi.com (spidey.bmsi.com [192.168.9.81])
-	by bmsred.bmsi.com (8.13.1/8.12.10) with ESMTP id j522ZCQg014058
-	for <stuart@bmsred.bmsi.com>; Wed, 1 Jun 2005 22:35:12 -0400
-Received: from 127.0.0.1 ([220.117.92.241])
-	by mail.bmsi.com (8.13.1/8.13.1) with ESMTP id j522Ynjm028604
-	for stuart@bmsi.com; Wed, 1 Jun 2005 22:34:51 -0400
-Message-Id: <200506020234.j522Ynjm028604@mail.bmsi.com>
-SUBJECT: urgent
-FROM: paulp@go2net.com
-TO: stuart@bmsi.com
-DATE: [[ ¸ñ, 02 6 2005 ¿ÀÀü 11:34:47 ]]
-MIME-Version: 1.0
-Content-Type: multipart/mixed; boundary="--------bound--"
-X-DSpam-Score: 0.081200
-Received-SPF: neutral (mail.bmsi.com: guessing: 220.117.92.241 is neither permitted nor denied by domain of go2net.com)
-Status: RO
-X-Status: 
-X-Keywords: NonJunk         
-
----------bound--
-Content-Type: text/plain; charset=us-ascii
-Content-Transfer-Encoding: 7bit
-
-Hi 
-
-Sorry, I forgot to send an important
-document to you in that last email. I had an important phone call.
-Please checkout attached doc file when you have a moment.
-
-Best Regards
-
-<!DSPAM:1043AE6B6492860536935410>
-
-
----------bound--
-Content-Type: application/octet-stream;
-	name="Readme.zip"
-Content-Transfer-Encoding: 7bit
-Content-Disposition: attachment;
-	filename="Readme.zip"
-
-
----------bound--
-
-
----------bound----
-
@@ -1,51 +0,0 @@
-From paulp@go2net.com  Wed Jun  1 22:35:12 2005
-Return-Path: <paulp@go2net.com>
-Received: from mail.bmsi.com (spidey.bmsi.com [192.168.9.81])
-	by bmsred.bmsi.com (8.13.1/8.12.10) with ESMTP id j522ZCQg014058
-	for <stuart@bmsred.bmsi.com>; Wed, 1 Jun 2005 22:35:12 -0400
-Received: from 127.0.0.1 ([220.117.92.241])
-	by mail.bmsi.com (8.13.1/8.13.1) with ESMTP id j522Ynjm028604
-	for stuart@bmsi.com; Wed, 1 Jun 2005 22:34:51 -0400
-Message-Id: <200506020234.j522Ynjm028604@mail.bmsi.com>
-SUBJECT: urgent
-FROM: paulp@go2net.com
-TO: stuart@bmsi.com
-DATE: [[ ¸ñ, 02 6 2005 ¿ÀÀü 11:34:47 ]]
-MIME-Version: 1.0
-Content-Type: multipart/mixed; boundary="--------bound--"
-X-DSpam-Score: 0.081200
-Received-SPF: neutral (mail.bmsi.com: guessing: 220.117.92.241 is neither permitted nor denied by domain of go2net.com)
-Status: RO
-X-Status: 
-X-Keywords: NonJunk         
-
----------bound--
-Content-Type: text/plain; charset=us-ascii
-Content-Transfer-Encoding: 7bit
-
-Hi 
-
-Sorry, I forgot to send an important
-document to you in that last email. I had an important phone call.
-Please checkout attached doc file when you have a moment.
-
-Best Regards
-
-<!DSPAM:1043AE6B6492860536935410>
-
-
----------bound--
-Content-Type: application/x-msdownload; name="zip.zip"
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment; filename="zip.zip"
-
-USsDBAoBAAAAADVVwjLaV2nEGgAAABoAAAAzABUAemlwLmRvYyAgICAgICAgICAgICAgICAg
-ICAgICAgICAgICAgICAgICAgICAgICAuZXhlVVQJAAOmGp9CphqfQlV4BACGA2UAVGhpcyBw
-cm9ncmFtIHdhcyBhIHZpcnVzLgpQSwECFwMKAAAAAAA1VcIy2ldpxBoAAAAaAAAAMwANAAAA
-AAABAAAAtIEAAAAAemlwLmRvYyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
-ICAgICAuZXhlVVQFAAOmGp9CVXgAAFBLBQYAAAAAAQABAG4AAACAAAAAAAA=
----------bound--
-
-
----------bound----
-
@@ -1,47 +0,0 @@
-From ttaie1@thfalcon.com Thu Jun 16 10:23:13 2005
-Received: from thfalcon.com (unknown [202.90.113.150])
-	by thfalcon.com (Postfix) with ESMTP id 32F0DD819C
-	for <stuart@bmsi.com>; Thu, 16 Jun 2005 15:42:08 +0700 (ICT)
-From: ttaie1@thfalcon.com
-To: stuart@bmsi.com
-Subject: Returned mail: see transcript for details
-Date: Thu, 16 Jun 2005 15:50:10 +0700
-MIME-Version: 1.0
-Content-Type: multipart/mixed;
-	boundary="----=_NextPart_000_0014_E4E04420.5619685C"
-X-Priority: 3
-X-MSMail-Priority: Normal
-X-Mailer: Microsoft Outlook Express 6.00.2600.0000
-X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
-Message-Id: <20050616084208.32F0DD819C@thfalcon.com>
-Received-SPF: pass (mail.bmsi.com: guessing: domain of thfalcon.com designates 203.147.3.44 as permitted sender) client-ip=203.147.3.44; envelope-from=ttaie1@thfalcon.com; helo=thfalcon.com;
-
-This is a multi-part message in MIME format.
-
------=_NextPart_000_0014_E4E04420.5619685C
-Content-Type: text/plain;
-	charset=us-ascii
-Content-Transfer-Encoding: 7bit
-
-Message could not be delivered
-
-
------=_NextPart_000_0014_E4E04420.5619685C
-Content-Type: application/octet-stream;
-	name="stuart@bmsi.com.zip"
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment;
-	filename="stuart@bmsi.com.zip"
-
-UEsDBAoAAAAAAM6r0DL7SfbCBAEAAAQBAAAFABUAdC56aXBVVAkAA7MnskK4J7JCVXgEAIYD
-ZQBQSwMECgAAAAAANVXCMtpXacQaAAAAGgAAADMAFQB6aXAuZG9jICAgICAgICAgICAgICAg
-ICAgICAgICAgICAgICAgICAgICAgICAgIC5leGVVVAkAA6Yan0KmGp9CVXgEAIYDZQBUaGlz
-IHByb2dyYW0gd2FzIGEgdmlydXMuClBLAQIXAwoAAAAAADVVwjLaV2nEGgAAABoAAAAzAA0A
-AAAAAAEAAAC0gQAAAAB6aXAuZG9jICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
-ICAgICAgIC5leGVVVAUAA6Yan0JVeAAAUEsFBgAAAAABAAEAbgAAAIAAAAAAAFBLAQIXAwoA
-AAAAAM6r0DL7SfbCBAEAAAQBAAAFAA0AAAAAAAAAAAC0gQAAAAB0LnppcFVUBQADsyeyQlV4
-AABQSwUGAAAAAAEAAQBAAAAAPAEAAAAA
-
------=_NextPart_000_0014_E4E04420.5619685C--
-
-
@@ -0,0 +1,299 @@
+import unittest
+import Milter
+import bms
+import mime
+import rfc822
+import StringIO
+import email
+import sys
+#import pdb
+
+class TestMilter(bms.bmsMilter):
+
+  def __init__(self):
+    bms.bmsMilter.__init__(self)
+    self.logfp = open("test/milter.log","a")
+    self._delrcpt = []	# record deleted rcpts for testing
+    self._addrcpt = []	# record added rcpts for testing
+
+  def log(self,*msg):
+    for i in msg: print >>self.logfp, i,
+    print >>self.logfp
+
+  def getsymval(self,name):
+    if name == 'j': return 'test.milter.org'
+    return bms.bmsMilter.getsymval(self,name)
+
+  def replacebody(self,chunk):
+    if self._body:
+      self._body.write(chunk)
+      self.bodyreplaced = True
+    else:
+      raise IOError,"replacebody not called from eom()"
+
+  # FIXME: rfc822 indexing does not really reflect the way chg/add header
+  # work for a milter
+  def chgheader(self,field,idx,value):
+    if not self._body:
+      raise IOError,"chgheader not called from eom()"
+    self.log('chgheader: %s[%d]=%s' % (field,idx,value))
+    if value == '':
+      del self._msg[field]
+    else:
+      self._msg[field] = value
+    self.headerschanged = True
+
+  def addheader(self,field,value):
+    if not self._body:
+      raise IOError,"addheader not called from eom()"
+    self.log('addheader: %s=%s' % (field,value))
+    self._msg[field] = value
+    self.headerschanged = True
+
+  def delrcpt(self,rcpt):
+    if not self._body:
+      raise IOError,"delrcpt not called from eom()"
+    self._delrcpt.append(rcpt)
+
+  def addrcpt(self,rcpt):
+    if not self._body:
+      raise IOError,"addrcpt not called from eom()"
+    self._addrcpt.append(rcpt)
+
+  def setreply(self,rcode,xcode,msg):
+    self.reply = (rcode,xcode,msg)
+
+  def feedFile(self,fp,sender="spam@adv.com",rcpt="victim@lamb.com"):
+    self._body = None
+    self.bodyreplaced = False
+    self.headerschanged = False
+    self.reply = None
+    msg = rfc822.Message(fp)
+    rc = self.envfrom('<%s>'%sender)
+    if rc != Milter.CONTINUE: return rc
+    rc = self.envrcpt('<%s>'%rcpt)
+    if rc != Milter.CONTINUE: return rc
+    line = None
+    for h in msg.headers:
+      if h[:1].isspace():
+	line = line + h
+	continue
+      if not line:
+	line = h
+	continue
+      s = line.split(': ',1)
+      if len(s) > 1: val = s[1].strip()
+      else: val = ''
+      rc = self.header(s[0],val)
+      if rc != Milter.CONTINUE: return rc
+      line = h
+    if line:
+      s = line.split(': ',1)
+      rc = self.header(s[0],s[1])
+      if rc != Milter.CONTINUE: return rc
+    rc = self.eoh()
+    if rc != Milter.CONTINUE: return rc
+    while 1:
+      buf = fp.read(8192)
+      if len(buf) == 0: break
+      rc = self.body(buf)
+      if rc != Milter.CONTINUE: return rc
+    self._msg = msg
+    self._body = StringIO.StringIO()
+    rc = self.eom()
+    if self.bodyreplaced:
+      body = self._body.getvalue()
+    else:
+      msg.rewindbody()
+      body = msg.fp.read()
+    self._body = StringIO.StringIO()
+    self._body.writelines(msg.headers)
+    self._body.write('\n')
+    self._body.write(body)
+    return rc
+
+  def feedMsg(self,fname,sender="spam@adv.com",rcpt="victim@lamb.com"):
+    fp = open('test/'+fname,'r')
+    rc = self.feedFile(fp,sender,rcpt)
+    fp.close()
+    return rc
+
+  def connect(self,host='localhost'):
+    self._body = None
+    self.bodyreplaced = False
+    rc =  bms.bmsMilter.connect(self,host,1,('1.2.3.4',1234)) 
+    if rc != Milter.CONTINUE and rc != Milter.ACCEPT:
+      self.close()
+      return rc
+    rc = self.hello('spamrelay')
+    if rc != Milter.CONTINUE:
+      self.close()
+    return rc
+
+class BMSMilterTestCase(unittest.TestCase):
+
+  def testDefang(self,fname='virus1'):
+    milter = TestMilter()
+    rc = milter.connect('testDefang')
+    self.assertEqual(rc,Milter.CONTINUE)
+    rc = milter.feedMsg(fname)
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failUnless(milter.bodyreplaced,"Message body not replaced")
+    fp = milter._body
+    open('test/'+fname+".tstout","w").write(fp.getvalue())
+    #self.failUnless(fp.getvalue() == open("test/virus1.out","r").read())
+    fp.seek(0)
+    msg = mime.message_from_file(fp)
+    str = msg.get_payload(1).get_payload()
+    milter.log(str)
+    milter.close()
+
+  # test some spams that crashed our parser
+  def testParse(self,fname='spam7'):
+    milter = TestMilter()
+    milter.connect('testParse')
+    rc = milter.feedMsg(fname)
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failIf(milter.bodyreplaced,"Milter needlessly replaced body.")
+    fp = milter._body
+    open('test/'+fname+".tstout","w").write(fp.getvalue())
+    milter.connect('pro-send.com')
+    rc = milter.feedMsg('spam8')
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failIf(milter.bodyreplaced,"Milter needlessly replaced body.")
+    rc = milter.feedMsg('bounce')
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failIf(milter.bodyreplaced,"Milter needlessly replaced body.")
+    rc = milter.feedMsg('bounce1')
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failIf(milter.bodyreplaced,"Milter needlessly replaced body.")
+    milter.close()
+
+  def testDefang2(self):
+    milter = TestMilter()
+    milter.connect('testDefang2')
+    rc = milter.feedMsg('samp1')
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failIf(milter.bodyreplaced,"Milter needlessly replaced body.")
+    rc = milter.feedMsg("virus3")
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failUnless(milter.bodyreplaced,"Message body not replaced")
+    fp = milter._body
+    open("test/virus3.tstout","w").write(fp.getvalue())
+    #self.failUnless(fp.getvalue() == open("test/virus3.out","r").read())
+    rc = milter.feedMsg("virus6")
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failUnless(milter.bodyreplaced,"Message body not replaced")
+    self.failUnless(milter.headerschanged,"Message headers not adjusted")
+    fp = milter._body
+    open("test/virus6.tstout","w").write(fp.getvalue())
+    milter.close()
+
+  def testDefang3(self):
+    milter = TestMilter()
+    milter.connect('testDefang3')
+    # test script removal on complex HTML attachment
+    rc = milter.feedMsg('amazon')
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failUnless(milter.bodyreplaced,"Message body not replaced")
+    fp = milter._body
+    open("test/amazon.tstout","w").write(fp.getvalue())
+    # test defanging Klez virus
+    rc = milter.feedMsg("virus13")
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failUnless(milter.bodyreplaced,"Message body not replaced")
+    fp = milter._body
+    open("test/virus13.tstout","w").write(fp.getvalue())
+    # test script removal on quoted-printable HTML attachment
+    # sgmllib can't handle the <![if cond]> syntax
+    rc = milter.feedMsg('spam44')
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failIf(milter.bodyreplaced,"Message body replaced")
+    fp = milter._body
+    open("test/spam44.tstout","w").write(fp.getvalue())
+    milter.close()
+ 
+  def testRFC822(self):
+    milter = TestMilter()
+    milter.connect('testRFC822')
+    # test encoded rfc822 attachment
+    #pdb.set_trace()
+    rc = milter.feedMsg('test8')
+    self.assertEqual(rc,Milter.ACCEPT)
+    # python2.4 doesn't scan encoded message attachments
+    if sys.hexversion < 0x02040000:
+      self.failUnless(milter.bodyreplaced,"Message body not replaced")
+    #self.failIf(milter.bodyreplaced,"Message body replaced")
+    fp = milter._body
+    open("test/test8.tstout","w").write(fp.getvalue())
+    rc = milter.feedMsg('virus7')
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failUnless(milter.bodyreplaced,"Message body not replaced")
+    #self.failIf(milter.bodyreplaced,"Message body replaced")
+    fp = milter._body
+    open("test/virus7.tstout","w").write(fp.getvalue())
+
+  def testSmartAlias(self):
+    milter = TestMilter()
+    milter.connect('testSmartAlias')
+    # test smart alias feature
+    key = ('foo@bar.com','baz@bat.com')
+    bms.smart_alias[key] = ['ham@eggs.com']
+    rc = milter.feedMsg('test8',key[0],key[1])
+    self.assertEqual(rc,Milter.ACCEPT)
+    self.failUnless(milter._delrcpt == ['<baz@bat.com>'])
+    self.failUnless(milter._addrcpt == ['<ham@eggs.com>'])
+    # python2.4 email does not decode message attachments, so script
+    # is not replaced
+    if sys.hexversion < 0x02040000:
+      self.failUnless(milter.bodyreplaced,"Message body not replaced")
+
+  def testBadBoundary(self):
+    milter = TestMilter()
+    milter.connect('testBadBoundary')
+    # test rfc822 attachment with invalid boundaries
+    #pdb.set_trace()
+    rc = milter.feedMsg('bound')
+    if sys.hexversion < 0x02040000:
+      # python2.4 adds invalid boundaries to decects list and makes
+      # payload a str
+      self.assertEqual(rc,Milter.REJECT)
+      self.assertEqual(milter.reply[0],'554')
+    #self.failUnless(milter.bodyreplaced,"Message body not replaced")
+    self.failIf(milter.bodyreplaced,"Message body replaced")
+    fp = milter._body
+    open("test/bound.tstout","w").write(fp.getvalue())
+
+  def testCompoundFilename(self):
+    milter = TestMilter()
+    milter.connect('testCompoundFilename')
+    # test rfc822 attachment with invalid boundaries
+    #pdb.set_trace()
+    rc = milter.feedMsg('test1')
+    self.assertEqual(rc,Milter.ACCEPT)
+    #self.failUnless(milter.bodyreplaced,"Message body not replaced")
+    self.failIf(milter.bodyreplaced,"Message body replaced")
+    fp = milter._body
+    open("test/test1.tstout","w").write(fp.getvalue())
+
+#  def testReject(self):
+#    "Test content based spam rejection."
+#    milter = TestMilter()
+#    milter.connect('gogo-china.com')
+#    rc = milter.feedMsg('big5');
+#    self.failUnless(rc == Milter.REJECT)
+#    milter.close();
+
+def suite(): return unittest.makeSuite(BMSMilterTestCase,'test')
+
+if __name__ == '__main__':
+  if len(sys.argv) > 1:
+    for fname in sys.argv[1:]:
+      milter = TestMilter()
+      milter.connect('main')
+      fp = open(fname,'r')
+      rc = milter.feedFile(fp)
+      fp = milter._body
+      sys.stdout.write(fp.getvalue())
+  else:
+    unittest.main()
@@ -1,10 +1,4 @@
 # $Log$
-# Revision 1.3  2005/06/17 01:49:39  customdesigned
-# Handle zip within zip.
-#
-# Revision 1.2  2005/06/02 15:00:17  customdesigned
-# Configure banned extensions.  Scan zipfile option with test case.
-#
 # Revision 1.1.1.2  2005/05/31 18:23:49  customdesigned
 # Development changes since 0.7.2
 #
@@ -132,19 +126,10 @@ class MimeTestCase(unittest.TestCase):
    self.failUnless(name == "Jim&amp;amp;Girlz.jpg","name=%s"%name)

  def testZip(self,vname="zip1",fname='zip.zip'):
-    self.testDefang(vname,1,'zip.zip')
-    # test scan_zip flag
+    self.testDefang('zip1',1,'zip.zip')
    msg = mime.message_from_file(open('test/'+vname,"r"))
    mime.defang(msg,scan_zip=False)
    self.failIf(msg.ismodified())
-    # test ignoring empty zip (often found in DSNs)
-    msg = mime.message_from_file(open('test/zip2','r'))
-    mime.defang(msg,scan_zip=True)
-    self.failIf(msg.ismodified())
-    # test corrupt zip (often an EXE named as a ZIP)
-    self.testDefang('zip3',1,'zip.zip')
-    # test zip within zip
-    self.testDefang('ziploop',1,'stuart@bmsi.com.zip')

  def testHTML(self,fname=""):
    result = StringIO.StringIO()
@@ -168,5 +153,3 @@ if __name__ == '__main__':
    for fname in sys.argv[1:]:
      fp = open(fname,'r')
      msg = mime.message_from_file(fp)
-      mime.defang(msg,scan_zip=True)
-      print msg.as_string()
@@ -1,48 +0,0 @@
-import unittest
-import doctest
-import os
-import Milter.utils
-from Milter.cache import AddrCache
-from Milter.dynip import is_dynip
-
-class AddrCacheTestCase(unittest.TestCase):
-
-  def setUp(self):
-    self.fname = 'test.dat'
-
-  def tearDown(self):
-    os.remove(self.fname)
-
-  def testAdd(self):
-    cache = AddrCache(fname=self.fname)
-    cache['foo@bar.com'] = None
-    cache.addperm('baz@bar.com')
-    cache['temp@bar.com'] = 'testing'
-    self.failUnless(cache.has_key('foo@bar.com'))
-    self.failUnless(not cache.has_key('hello@bar.com'))
-    self.failUnless('baz@bar.com' in cache)
-    self.assertEquals(cache['temp@bar.com'],'testing')
-    s = open(self.fname).readlines()
-    self.failUnless(len(s) == 2)
-    self.failUnless(s[0].startswith('foo@bar.com '))
-    self.assertEquals(s[1].strip(),'baz@bar.com')
-    # check that new result overrides old
-    cache['temp@bar.com'] = None
-    self.failUnless(not cache['temp@bar.com'])
-
-  def testDomain(self):
-    fp = open(self.fname,'w')
-    print >>fp,'spammer.com'
-    fp.close()
-    cache = AddrCache(fname=self.fname)
-    cache.load(self.fname,30)
-    self.failUnless('spammer.com' in cache)
-
-def suite(): 
-  s = unittest.makeSuite(AddrCacheTestCase,'test')
-  s.addTest(doctest.DocTestSuite(Milter.utils))
-  s.addTest(doctest.DocTestSuite(Milter.dynip))
-  return s
-
-if __name__ == '__main__':
-  unittest.TextTestRunner().run(suite())