diff --git a/MANIFEST.in b/MANIFEST.in index a7faa283c48c67e13a55a64eed6462baeb8ae3b9..ec107b26fd604b3b1c02c228ca4d87279234c957 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -15,6 +15,7 @@ include spfquery.py include test.py include sample.py include test/* +include Milter/*.py include *.spec include start.sh include milter.rc diff --git a/milter.html b/milter.html index 11d035367f24bb9771df825d9097f7f4eeabcfb6..0e2aa7618688b47b69af3c6ca9b01d1efa312d71 100644 --- a/milter.html +++ b/milter.html @@ -24,9 +24,9 @@ ALT="Viewable With Any Browser" BORDER="0"></A> Stuart D. Gathman</a><br> This web page is written by Stuart D. Gathman<br>and<br>sponsored by <a href="http://www.bmsi.com">Business Management Systems, Inc.</a> <br> -Last updated Jan 05, 2005</h4> +Last updated May 31, 2005</h4> -See the <a href="faq.html">FAQ</a> | <a href="#download">Download now</a> | +See the <a href="faq.html">FAQ</a> | <a href="http://sourceforge.net/project/showfiles.php?group_id=139894">Download now</a> | <a href="/mailman/listinfo/pymilter">Subscribe to mailing list</a> | <a href="#overview">Overview</a> <p> @@ -44,6 +44,10 @@ I recommend upgrading. <h2> Recent Changes </h2> +Python milter is being moved to +<a href="http://sourceforge.net/projects/pymilter/">Sourceforge</a> for +development. +<p> Release 0.7.2 tightens the authentication screws with a "3 strikes and your out" policy. A sender must have a valid PTR, HELO, or SPF record to send email. Specific senders can be whitelisted using the @@ -222,300 +226,9 @@ content filtering. SPF checking requires <a href="http://pydns.sourceforge.net/"> pydns</a>. Configuration documentation is currently included as comments in the <a href="milter.cfg">sample config file</a> for the bms.py milter. - -<h3><a name=download>Downloading</a></h3> - -The latest stable release is <a href="#stable">0.7.2</a>. A stable -release is one which has been installed (and working correctly) on -production systems long enough to convince me that it is stable. As -the package gains more features and complexity, stable will mean no -bug reports from outside users either. -<p> -The latest version is 0.7.2-2. See the <a href=NEWS>Change Log</a>. -PLEASE NOTE - if you are using the modules, but not the bms milter application, -then ignore the RPMs and milter.spec. Use 'python setup.py bdist_rpm' to -build source and binary rpms that do not include the milter application. -<p> -I want to split the bms milter application to a new project once I figure -out the renaming. The current plan is to rename 'milter' to 'pymilter', which -will have the Python modules. The bms milter application will still be named -'milter' and depend on pymilter (so that my installs won't notice anything). -<p> -<a name="stable"><b>Stable</b></a> -<a href="http://bmsi.com/python/milter-0.7.2.tar.gz"> -milter-0.7.2.tar.gz</a> Three strikes and your out policy. Some SPF fixes. -Recognizes PTR records for dynamic IPs. -<br> -<a href="http://bmsi.com/linux/rh72/milter-0.7.2-2.i386.rpm"> -milter-0.7.2-2.i386.rpm</a> Binary RPM for Redhat 7.x, now requires - sendmail-8.12 and <a href="http://www.python.org/2.3.3/rpms.html"> - python2.3</a>. -<br> -<a href="http://bmsi.com/linux/rh9/milter-0.7.2-2rh9.i386.rpm"> -milter-0.7.2-2rh9.i386.rpm</a> Binary RPM for Redhat 9, now requires - sendmail-8.12 and <a href="http://www.python.org/2.3.3/rpms.html"> - python2.3</a>. -<br> -<a href="http://bmsi.com/linux/rh9/milter-0.7.2-2.src.rpm"> -milter-0.7.2-2.src.rpm</a> Source RPM for Redhat 9,7.x. -<p> -<a href="http://bmsi.com/python/milter-0.7.1.tar.gz"> -milter-0.7.1.tar.gz</a> Support setmlreply, handle some more exceptions -for malformed spam. Compiling pymilter with sendmail-8.12.10, requires -sendmail-devel with _FFR_MULTILINE set. The binary will work with older -sendmails. The _FFR_MULTILINE option only affects libmilter.a. -<br> -<a href="http://bmsi.com/linux/rh72/milter-0.7.1-1.i386.rpm"> -milter-0.7.1-1.i386.rpm</a> Binary RPM for Redhat 7.x, now requires - sendmail-8.12 and <a href="http://www.python.org/2.3.3/rpms.html"> - python2.3</a>. -<br> -<a href="http://bmsi.com/linux/rh9/milter-0.7.1-1.src.rpm"> -milter-0.7.1-1.src.rpm</a> Source RPM for Redhat 9,7.x. -<p> -<a href="http://bmsi.com/python/milter-0.7.0.tar.gz"> -milter-0.7.0.tar.gz</a> Move config file and default socket location. -Parse M$ CID records. -<br> -<a href="http://bmsi.com/linux/rh72/milter-0.7.0-1.i386.rpm"> -milter-0.7.0-1.i386.rpm</a> Binary RPM for Redhat 7.x, now requires - sendmail-8.12 and <a href="http://www.python.org/2.3.3/rpms.html"> - python2.3</a>. -<br> -<a href="http://bmsi.com/linux/rh9/milter-0.7.0-1rh9.i386.rpm"> -milter-0.7.0-1rh9.i386.rpm</a> Binary RPM for Redhat 9, requires - sendmail-8.12 and <a href="http://www.python.org/2.3.3/rpms.html"> - python2.3</a>. -<br> -<a href="http://bmsi.com/aix/milter-0.7.0-1.ppc.rpm"> -milter-0.7.0-1.ppc.rpm</a> Binary RPM for AIX, requires sendmail-8.13.1. -<br> -<a href="http://bmsi.com/linux/rh9/milter-0.7.0-1.src.rpm"> -milter-0.7.0-1.src.rpm</a> Source RPM for Redhat 9,7.x. -<p> -<a href="http://bmsi.com/python/milter-0.6.9.tar.gz"> -milter-0.6.9.tar.gz</a> Add SPF test suite driver, and validate -spf.py against test suite. Add best_guess and get_header to spf.py. -Libmilter timeout option in config. -<br> -<a href="http://bmsi.com/linux/rh72/milter-0.6.9-1.i386.rpm"> -milter-0.6.9-1.i386.rpm</a> Binary RPM for Redhat 7.x, now requires - sendmail-8.12 and <a href="http://www.python.org/2.3.3/rpms.html"> - python2.3</a>. -<br> -<a href="http://bmsi.com/linux/rh9/milter-0.6.9-1.src.rpm"> -milter-0.6.9-1.src.rpm</a> Source RPM for Redhat 9,7.x. -<p> -<a href="http://bmsi.com/python/milter-0.6.8.tar.gz"> -milter-0.6.8.tar.gz</a> Include Received-SPF headers in Dspam analysis. -Fix sysv init for Redhat 9 and later. Reject bounces with multiple -recipients. -<br> -<a href="http://bmsi.com/python/milter-0.6.8.patch">milter-0.6.8.patch</a> -Last minutes fixes from production testing. -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.8-3.i386.rpm"> -milter-0.6.8-3.i386.rpm</a> Binary RPM for Redhat 7.x, now requires - sendmail-8.12 and <a href="http://www.python.org/2.3.3/rpms.html"> - python2.3</a>. -<br> -<a href="http://bmsi.com/linux/rh9/milter-0.6.8-3.src.rpm"> -milter-0.6.8-3.src.rpm</a> Source RPM for Redhat 9,7.x. -<p> -<a href="http://bmsi.com/python/milter-0.6.7.tar.gz"> -milter-0.6.7.tar.gz</a> Explicit local socket bug, -<a href="http://spf.pobox.com/srs.html">SRS</a> forgery detection, -thread resource starvation detection. -SRS support requires <a href="http://bmsi.com/python/pysrs.html">pysrs</a>. -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.7-3.i386.rpm"> -milter-0.6.7-3.i386.rpm</a> Binary RPM for Redhat 7.x, now requires - sendmail-8.12 and <a href="http://www.python.org/2.3.3/rpms.html"> - python2.3</a>. -<br> -<a href="http://bmsi.com/linux/rh72/milter-0.6.7-3.src.rpm"> -milter-0.6.7-3.src.rpm</a> Source RPM for Redhat 7.x. -Release 0.6.7-3 patches: -<ul> -<li> Defang message/rfc822 content_type with boundary -<li> Support SPF delegation -<li> Reject neutral SPF result for selected domains -</ul> -<p> -<a href="http://bmsi.com/python/milter-0.6.6.tar.gz"> -milter-0.6.6.tar.gz</a> Plug another memory leak, -<a href="http://spf.pobox.com/">SPF</a> support, hello blacklist. -SPF support requires <a href="http://pydns.sourceforge.net/">pydns</a>. -NOTE - the spf.py module included is modified from the official 1.6 -version at <a href="http://www.wayforward.net/spf/">wayforward.net</a>. -I neglected to add the CVS log. The changes are expanded result codes -and tolerating common method misspellings in SPF records. I have notified the -author, but haven't heard back. At some point, the RPM will -include the official pyspf tarball and apply patches. -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.6-2.i386.rpm"> -milter-0.6.6-2.i386.rpm</a> Binary RPM for Redhat 7.x, now requires - sendmail-8.12 and <a href="http://www.python.org/2.3.3/rpms.html"> - python2.3</a>. Release 2 fixes sysv init script bug for python2.3. -<br> -<a href="http://bmsi.com/linux/rh72/milter-0.6.6-2.src.rpm"> -milter-0.6.6-2.src.rpm</a> Source RPM for Redhat 7.x -<p> -<a href="http://bmsi.com/python/milter-0.6.5.tar.gz"> -milter-0.6.5.tar.gz</a> Plug memory leak, progress reporting, trusted relay. -Redhat RPM now requires sendmail-8.12. -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.5-2.i386.rpm"> -milter-0.6.5-2.i386.rpm</a> Binary RPM for Redhat 7.x -<br> -<a href="http://bmsi.com/linux/rh72/milter-0.6.5-2.src.rpm"> -milter-0.6.5-2.src.rpm</a> Source RPM for Redhat 7.x -<p> -<a href="http://bmsi.com/python/milter-0.6.4.tar.gz"> -milter-0.6.4.tar.gz</a> Numerous Dspam fixes. Requires -<a href="dspam.html">pydspam-1.1.5</a> and -<a href="/libdspam/dspam.html">dspam-2.6.5.2</a> -for Dspam features. The dspam-python RPM has been replaced by pydspam. -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.4-1.i386.rpm"> -milter-0.6.4-1.i386.rpm</a> Binary RPM for Redhat 7.x -<p> -<a href="http://bmsi.com/python/milter-0.6.3.1.tar.gz"> -milter-0.6.3.1.tar.gz</a> New dspam SCREENER feature with pydspam-1.1.4. -Don't save a defang copy of false positives. Fixed an oops from last fix, -rejecting false positives. BUG: sendmail-8.11 doesn't invoke milter -when sending mail via sendmail from command line (8.12 works). Therefore, -the supplied falsepositive script for milter based dspam doesn't work -with stock RedHat 7.x. I am writing a HOWTO for configuring milter -based dspam that will address this (and a fix in the next version). -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.3-1.i386.rpm"> -milter-0.6.3-1.i386.rpm</a> Binary RPM for Redhat 7.x -<p> -<a href="http://bmsi.com/python/milter-0.6.2.tar.gz"> -milter-0.6.2.tar.gz</a> work around email.Message.get_filename bug, -dspam_exempt list, REJECT messages with missing MIME boundaries (which -are almost always spam), -DISCARD messages which any dspam user flags as spam, -start.sh was calling python instead of python2 on Linux. -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.2-1.src.rpm"> -milter-0.6.2-1.src.rpm</a> Source RPM for Redhat 7.x (and likely -higher versions) -<p> -<a href="http://bmsi.com/python/milter-0.6.1.tar.gz"> -milter-0.6.1.tar.gz</a> dspam milter application, python-2.2.3 support. -<p> -You must have <a href=dspam.html>dspam and dspam-python</a> loaded for -the dspam feature to work. Brief instructions for configuring are -in the default config file. This is working at a customer, but I'm -sure a few more iterations will be required to make setup as smooth -as possible. -<p> -NOTE: Outlook destroys dspam tags when forwarding mail (while converting -HTML to text). Perhaps some config option will turn this abominable -"feature" off. Working around this by making dspam tags visble on -HTML mail is ugly. My suggestion is to not use Outlook, for this and -many other reasons - especially security. Any other suggestions for -those married to Microsoft are welcome. The DSPAM LDA works around this -by making the tags visible in HTML attachments. This is ugly, and -occasionally corrupts attachments. -<p> -We have to supply workarounds for bugs in the email module (reported -to sourceforge). The workarounds reference some internal variables -which change with python versions. -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.1-1.i386.rpm"> -milter-0.6.1-1.i386.rpm</a> Binary RPM for Redhat 7.x -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.1-1.src.rpm"> -milter-0.6.1-1.src.rpm</a> Source RPM for Redhat 7.x (and likely -higher versions) -<p> -<a href="http://bmsi.com/python/milter-0.6.0.tar.gz"> -milter-0.6.0.tar.gz</a> simple dspam pre-filtering, use email module, -requires python >= 2.2.2. -<ul> -<li> The milter.so module from 0.5.4 -is needed to run this release on AIX. Haven't tracked this down yet. -<li> The patches to fix the email packages in mime.py don't work -on python-2.2.3. The email package is still broken in 2.3, and patches -required for that will likely be different still. -</ul> - -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.0-1.i386.rpm"> -milter-0.6.0-1.i386.rpm</a> Binary RPM for Redhat 7.x -<p> -<a href="http://bmsi.com/linux/rh72/milter-0.6.0-1.src.rpm"> -milter-0.6.0-1.src.rpm</a> Source RPM for Redhat 7.x (and likely -higher versions) -<p> -<a href="http://www.bmsi.com/python/milter-0.5.5.tar.gz"> -milter-0.5.5.tar.gz</a> IPV6 support, passing None to set_XXX_callback, -set_reply, chg_header, detect internal connections. Note, this release -did not work on AIX4.1.5, probably due to IPV6 support breaking something. -The milter.so module from 0.5.4 can be installed to use this release -with AIX. -<p> -<a href="http://www.bmsi.com/python/milter-0.5.4.tar.gz"> -milter-0.5.4.tar.gz</a> wiretap, smart alias features, quarantine support. -<p> -The name of the production "sample" milter "bms.py" now -stands for "Basic Milter System" until someone suggests a better name. -The test coverage is rather - sparse at present. - Please <a href="mailto:%73%74%75%61%72%74%40%62%6D%73%69%2E%63%6F%6D">email</a> with proposals for what - to name the milter application. -<h4>NOTES</h4> -<ul> -<li> - Quarantine support requires that you define _FFR_QUARANTINE - when compiling miltermodule.c. I am not sure how to make setup.py - do that for you iff sendmail was actually compiled with _FFR_QUARANTINE. -<li> - While 0.6.0 will use the new email package in Python-2.2, that - package seems to be buggy in Python-2.2.1. The list example in the docs - doesn't find all MIME parts. Update: Python-2.2.2 has fixed the email - package. It can now parse my test cases. -<li> - Preliminary testing with python-2.2 shows that most things work after - adding <code>self.readahead = ""</code> to <code>mimepart.seek</code>. - Python-2.2 <code>multifile</code> reads one less newline per section than - 2.1. I'm not not sure which is correct. After adding some calls to - <code>rstrip()</code> in testmime.py, all milter modules pass unit testing - with python-2.2. Python-2.2 patches have been released since 0.5.3. -<li> - sgmlop-1.1a3 has a memory leak (at least Python milter has a - memory leak when using sgmlop instead of sgmllib). Do not make Python - milter use sgmlop-1.1a2 or a3 in a production - system unless you can restart your milter periodically. The amount - of memory leaked seems roughly proportional to the amount of HTML - parsed. -<li> - There are a number of ways that malformed MIME attachments - can cause a python traceback. Uncaught exceptions cause a 415 - error to be returned to sendmail. So far, all the malformed messages - I've investigated have been SPAM - so good riddance. I would prefer, - however, that the mime handling libraries were more precise. Beginning - with 0.5.1, bms.py will save messages that cause a traceback during - scanning in the tempfile directory with a ".fail" extension. This - makes it easier to get samples of mail that causes parsing problems - for incorporation into the unit tests. -</ul> -<p> -<a href="http://www.bmsi.com/python/milter-0.5.2.tar.gz"> -milter-0.5.2.tar.gz</a> Fix and unittest another HTML parsing bug.<br> -<a href="http://www.bmsi.com/python/milter-0.5.1.tar.gz"> -milter-0.5.1.tar.gz</a> Handle encoded rfc822 attachments.<br> -<a href="http://www.bmsi.com/python/milter-0.5.0.tar.gz"> -milter-0.5.0.tar.gz</a> Use a config file so users don't have to -keep syncing with bms.py. <br> -<a href="http://www.bmsi.com/python/milter-0.4.5.tar.gz"> -milter-0.4.5.tar.gz</a> Work with sgmlop. Reduce local hacks to config variables. <p> Python milter is under GPL. The authors can probably be convinced to -change this to LGPL. +change this to LGPL if needed. <h3>What is a <a name="milter">milter</a>?</h3> diff --git a/setup.py b/setup.py index 775cee78417ad8417fad45bd1f47b88d9ddee0f3..2d80f2f02c705261a995f08b29736ebce5840439 100644 --- a/setup.py +++ b/setup.py @@ -26,7 +26,8 @@ querying SPF records. maintainer_email="stuart@bmsi.com", license="GPL", url="http://www.bmsi.com/python/milter.html", - py_modules=["Milter","mime","spf"], + py_modules=["mime","spf"], + packages = ['Milter'], ext_modules=[ Extension("milter", ["miltermodule.c"], libraries=libs, @@ -42,6 +43,7 @@ querying SPF records. 'Natural Language :: English', 'Operating System :: POSIX', 'Programming Language :: Python', - 'Topic :: Communications :: Email :: Mail Transport Agents' + 'Topic :: Communications :: Email :: Mail Transport Agents', + 'Topic :: Communications :: Email :: Filters' ] ) diff --git a/spf.py b/spf.py index 450f149945b3ae72288a07926b254527a7919e0a..2d216725b5941ffe2813adae5d9bd6955692c813 100755 --- a/spf.py +++ b/spf.py @@ -401,6 +401,7 @@ class query(object): Returns (result, mta-status-code, explanation) where result in ['fail', 'softfail', 'neutral' 'unknown', 'pass', 'error'] """ + self.mech = [] # unknown mechanisms if self.i.startswith('127.'): return ('pass', 250, 'local connections always pass') @@ -456,7 +457,6 @@ class query(object): # overridden with 'default=' modifier # default = 'neutral' - self.mech = [] # unknown mechanisms # Look for modifiers #