diff --git a/Milter/__init__.py b/Milter/__init__.py index 834359e6a2ec21f49ea1c425777e2c7b51e8dd95..b56a90cc9ab6e16e11f9a33fc68b31dca81a8f66 100755 --- a/Milter/__init__.py +++ b/Milter/__init__.py @@ -16,6 +16,8 @@ from milter import ACCEPT,CONTINUE,REJECT,DISCARD,TEMPFAIL, \ try: from milter import QUARANTINE except: pass +__version__ = '0.8.3' + _seq_lock = thread.allocate_lock() _seq = 0 @@ -215,6 +217,6 @@ def runmilter(name,socketname,timeout = 0): raise milter.error("out of thread resources") __all__ = globals().copy() -for priv in ('os','milter','thread','factory','_seq','_seq_lock'): +for priv in ('os','milter','thread','factory','_seq','_seq_lock','__version__'): del __all__[priv] __all__ = __all__.keys() diff --git a/Milter/dsn.py b/Milter/dsn.py index 4cda6c49ca490543cf7909749ecaca753986b88f..b92c48074c86a09dda68cf4ed02a82deb23c9cd9 100644 --- a/Milter/dsn.py +++ b/Milter/dsn.py @@ -9,6 +9,7 @@ import smtplib import spf import socket from email.Message import Message +import Milter nospf_msg = """Subject: Critical mail server configuration error @@ -168,6 +169,7 @@ def create_msg(q,rcptlist,origmsg=None,template=None): msg.add_header('To',sender) msg.add_header('From','postmaster@%s'%receiver) msg.add_header('Auto-Submitted','auto-generated (configuration error)') + msg.add_header('X-Mailer','PyMilter-'+Milter.__version__) msg.set_type('text/plain') if not template: diff --git a/NEWS b/NEWS index b201aa6451649fe85e839dafa335bacb03d4ca92..2647f7398558caac6803882d62727d0c9c42c9b5 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,11 @@ Here is a history of user visible changes to Python milter. +0.8.3 Keep screened honeypot mail, but optionally discard honeypot only mail. + spf_accept_fail option for braindead SPF senders + (treats fail like softfail) + Consider SMTP AUTH connections internal. + Send DSN for SPF errors corrected by extended processing. + Send DSN before SCREENED mail is quarantined 0.8.2 Strict processing limits per SPF RFC Fixed several parsing bugs under RFC Support official IANA SPF record (type99) diff --git a/TODO b/TODO index 55d0edc953ecb0189d7648dcfb499e8cc0e689ec..27e7b3215898a68158687e3d5044a540f9d4c93d 100644 --- a/TODO +++ b/TODO @@ -6,36 +6,17 @@ Option to add Received-SPF header, but never reject on SPF. Create null config that does nothing - except maybe add Received-SPF headers. Many admins would like to turn features on one at a time. -Checking in mime.py; -/bms/cvs/milter/mime.py,v <-- mime.py -new revision: 1.56; previous revision: 1.55 -done -Checking in spf.py; -/bms/cvs/milter/spf.py,v <-- spf.py -new revision: 1.18; previous revision: 1.17 -done -Checking in testmime.py; -/bms/cvs/milter/testmime.py,v <-- testmime.py -new revision: 1.19; previous revision: 1.18 - Auto whitelist based on outgoing email - perhaps with magic subject or recipient prefix. Can't output messages with malformed rfc822 attachments. -Example malformed SPF: -onvunvuvvx.usafisnews.org text "v=spf1 mx ptr ip4:207.44.199.970 -all" - Move milter,Milter,mime,spf modules to pymilter milter package will have bms.py application -Support SMTP AUTH and disable SPF checks when connection is authorized. Web admin interface -Check valid domains allowed by internal senders to detect PCs infected -with spam trojans. -Do CBV (callback verification) for mail with no published SPF record. message log for automated stats and blacklisting -Skip dspam when SPF pass? +Skip dspam when SPF pass? NO Report 551 with rcpt on SPF fail? check spam keywords with character classes, e.g. {a}=[a@��], {i}=[i1�], {e}=[e�], {o}=[o0�] @@ -46,9 +27,6 @@ user to give to the forwarder. Alias only works for mail from that forwarder. Milter gets forwarder domain from alias and uses it to SPF check forwarder. -Another special dspam user, 'honeypot', can be listed in innoculations. -All email to those addresses is treated as known spam. - Framework for modular Python milter components within a single VM. Python milters can be already be composed through sendmail by running each in a separate process. However, a significant amount of memory is wasted @@ -57,8 +35,7 @@ is cumbersome (e.g., adding mail headers, writing external files). Backup copies for outgoing/incoming mail. -Allow multiple wiretap groups, each with its own destination. Perhaps -also copy incoming wiretap mail, even though sendmail alias works perfectly +Copy incoming wiretap mail, even though sendmail alias works perfectly for the purpose, to avoid having to change two configs for a wiretap. Provide a way to reload milter.cfg without stopping/restarting milter. @@ -72,10 +49,6 @@ Keep separate ismodified flag for headers and body. This is important when rejecting outgoing mail with viruses removed (so as not to embarrass yourself), and also removing Received headers with hidepath. -Wrap smfi_setbacklog(int) - but it is only available in sendmail >= 8.12.3, - so how can we detect whether to wrap it? - Need a test module to feed sample messages to a milter though a live sendmail and SMTP. The mockup currently used is probably not very accurate, and doesn't test the threading code. - diff --git a/setup.py b/setup.py index a45932581ce77a678659e2a83d3eae731199ea6f..09f92e6e8c70004dedb21ce964ab93bef24b5071 100644 --- a/setup.py +++ b/setup.py @@ -1,6 +1,7 @@ import os import sys from distutils.core import setup, Extension +import Milter # FIXME: on some versions of sendmail, smutil is renamed to sm libs = ["milter", "smutil"] @@ -12,7 +13,7 @@ if sys.version < '2.2.3': DistributionMetadata.classifiers = None DistributionMetadata.download_url = None -setup(name = "milter", version = "0.8.2", +setup(name = "milter", version = Milter.__version__, description="Python interface to sendmail milter API", long_description="""\ This is a python extension module to enable python scripts to diff --git a/softfail.txt b/softfail.txt index f4c740abea34d0a247c46c091f74ca893a22ca5c..dbccf41a1513fd2b39e0392e3a1df1620c7708a9 100644 --- a/softfail.txt +++ b/softfail.txt @@ -14,7 +14,9 @@ Subject: %(subject)s Received-SPF: %(spf_result)s Your sender policy indicated that the above email was likely forged and that -feedback was desired. +feedback was desired. If you are sending from a foreign ISP, +then you may need to follow your home ISPs instructions for configuring +your outgoing mail server. If you need further assistance, please do not hesitate to contact me.