DONE When bms.py can't find templates, it passes None to dsn.create_msg(), which uses local variable as backup, which no longer exist. Do plain CBV in that case instead. Find and use X-GOSSiP: header for SPAM: and FP: submissions. Would need to keep tags longer. Generate DSNs according to RFC 3464 Parse incoming 3464 DSNs for "Action: failed" to recognize delayed failures. This works regardless of Subject. Get temperror policy from access file. When training with spam, REJECT after data so that mistakenly blacklisted senders at least get an error. Reporting explanation for failure should show source if sender provided explanation. Reports PROBATION even when rejecting message (works, but confusing in log). Bug in Auto-whitelist. Recent Auto-whitelist doesn't override expired entry. DONE Delayed_failure detection needs to handle multi-line header fields. Also, delayed_failure should be recognized when addressed to postmaster@helodomain Need to use wildcards in blacklist.log: *.madcowsrecord.net Need to exclude emails like !*-admin@example.com in whitelist_sender. SPF permerror diagnostics should include corrected mechanism. Delay SPF check until RCPT TO. Cache result to avoid repeating for multiple RCPT. This avoids overhead for invalid RCPT, and allows for per RCPT local policy. Add auto-blacklisted senders to blacklist.log with timestamp. Received-SPF header field should show identity that was checked. Check SPF for outgoing mail (including local policy for internal addresses). This could also solve the second part of the mail from relay problem below. Whitelisted sender from trusted relay get PROBATION. Need to extracted SPF result from headers - and in the case of mail internal to relay (e.g. bmsi.com), supply 'pass' result. FIXME: DSN for Permerror shows 'None' for error under some condition. Another metaDSN format: Subject: Delivery Report ... Original-Envelope-ID: SRS0...@... For selected domains, check rcpts via CBV before accepting mail. Cache results. This will kick out dictonary attacks against a mail domain behind a gateway sooner. Allow blacklisted emails as well as domains in blacklist.log. Use same data structure as autowhitelist.log. Add emails blacklisted via CBV so that they are remembered across milter restarts. Make all dictionaries work like honeypot. Do not train as ham unless whitelisted. Train on blacklisted messages, or spam feedback. This can be called Train On Error. Should be possible to startup with training on everything to get dictionary built fast, then switch to train on error to minimize labor. Allow unsigned DSNs from selected domains (that don't accept signed MFROM, e.g. verizon.net). Added Message-ID header to DSN with SRS signed sender. When seen on incoming rfc ignorant failure message, blacklist sender. Allow verified hostnames for trusted_relay. E.g. HELO name that passes SPF. Table of sendmail macros for documentation. When do we get two hello calls? STARTTLS is one reason. Option: accept mail from auto-whitelisted senders even with spf-fail, but do not update dspam. This can be done for individual senders or domains using the access file. pysrs: SRS doesn't get applied to proper recipients when there are multiple recipients. This requires debugging cf scripts - yuk. auto_whitelist false_positives from quarantine - perhaps only when user selects special button (use special header to communicate that from dspamcgi.py to milter.) Use send_dsn.log for blacklist also. AddrCache needs localpart wildcard (e.g. empty localpart). Quarantined mail is missing headers modified/added by milter after checking dspam. Require signed MFROM for all incoming bounces when signing all outgoing mail - except from trusted relays. Send DSN for permerror before processing extended result. An additional DSN may be sent based on extended result. Rescind whitelist for banned extensions, in case sender is infected. Train honeypot on error only. Find rfc2822 policy for MFROM quoting. Support explicit errors for SPF policy in access file: SPF-Neutral:aol.com ERROR:"550 AOL mail must get SPF PASS" Defer TEMPERROR in SPF evaluation - give precedence to security (only defer for PASS mechanisms). Option to add Received-SPF header, but never reject on SPF. I think the above will handle this. Create null config that does nothing - except maybe add Received-SPF headers. Many admins would like to turn features on one at a time. Can't output messages with malformed rfc822 attachments. Move milter,Milter,mime,spf modules to pymilter milter package will have bms.py application Web admin interface message log for automated stats and blacklisting Skip dspam when SPF pass? NO Report 551 with rcpt on SPF fail? check spam keywords with character classes, e.g. {a}=[a@ãä], {i}=[i1í], {e}=[eë], {o}=[o0ö] Implement RRS - a backdoor for non-SRS forwarders. User lists non-SRS forwarder accounts, and a util provides a special local alias for the user to give to the forwarder. (Or user just adds arbitrary alias unique to that forwarder to a database.) Alias only works for mail from that forwarder. Milter gets forwarder domain from alias and uses it to SPF check forwarder. Framework for modular Python milter components within a single VM. Python milters can be already be composed through sendmail by running each in a separate process. However, a significant amount of memory is wasted for each additional Python VM, and communication between milters is cumbersome (e.g., adding mail headers, writing external files). Backup copies for outgoing/incoming mail. Copy incoming wiretap mail, even though sendmail alias works perfectly for the purpose, to avoid having to change two configs for a wiretap. Provide a way to reload milter.cfg without stopping/restarting milter. Allow selected Windows extensions for specific domains via milter.cfg Fix setup.py so that _FFR_QUARANTINE is automatically defined when available in libmilter. Keep separate ismodified flag for headers and body. This is important when rejecting outgoing mail with viruses removed (so as not to embarrass yourself), and also removing Received headers with hidepath. Need a test module to feed sample messages to a milter though a live sendmail and SMTP. The mockup currently used is probably not very accurate, and doesn't test the threading code.