table of contents
Mail::MtPolicyd::Plugin::SMTPVerify(3pm) | User Contributed Perl Documentation | Mail::MtPolicyd::Plugin::SMTPVerify(3pm) |
NAME¶
Mail::MtPolicyd::Plugin::SMTPVerify - mtpolicyd plugin for remote SMTP address checksVERSION¶
version 2.02DESCRIPTION¶
This plugin can be used to do remote SMTP verification of addresses.Example¶
To check if the recipient exists on a internal relay and mailbox is able to recieve a message of this size:<Plugin smtp-rcpt-check> module = "SMTPVerify" host = "mail.company.internal" sender_field = "sender" recipient_field = "recipient" # send SIZE to check quota size_field = "size" temp_fail_action = "defer %MSG%" perm_fail_action = "reject %MSG%" </Plugin>
Do some very strict checks on sender address:
<Plugin sender-sender-check> module = "SMTPVerify" # use a verifiable address in MAIL FROM: sender = "horst@mydomain.tld" recipient_field = "sender" no_starttls_action = "reject sender address does not support STARTTLS" temp_fail_action = "defer sender address failed verification: %MSG%" perm_fail_action = "reject sender address does not accept mail: %MSG%" </Plugin>
Or do advanced checking of sender address and apply a score:
<Plugin sender-sender-check> module = "SMTPVerify" # use a verifiable address in MAIL FROM: sender = "horst@mydomain.tld" recipient_field = "sender" check_tlsa = "on" check_openpgp = "on" temp_fail_score = "1" perm_fail_score = "3" has_starttls_score = "-1" no_starttls_score = "5" has_tlsa_score = "-3" has_openpgp_score = "-3" </Plugin>
Based on the score you can later apply greylisting or other actions.
Configuration¶
Parameters¶
The module takes the following parameters:- (uc_)enabled (default: on)
- Enable/disable this check.
- host (default: empty)
- If defined this host will be used for checks instead of a MX.
- port (default: 25)
- Port to use for connection.
- check_tlsa (default: off)
- Set to 'on' to enable check if an TLSA record for the MX exists.
This requires that your DNS resolver returnes the AD flag for DNSSEC secured records.
- check_openpgp (default: off)
- Set to 'on' to enable check if an OPENPGPKEY records for the recipients exists.
- sender_field (default: recipient)
- Field to take the MAIL FROM address from.
- sender (default: empty)
- If set use this fixed sender in MAIL FROM instead of sender_field.
- recipient_field (default: sender)
- Field to take the RCPT TO address from.
- size_field (default: size)
- Field to take the message SIZE from.
- perm_fail_action (default: empty)
- Action to return if the remote server returned an permanent error for this
recipient.
The string "%MSG%" will be replaced by the smtp message:
perm_fail_action = "reject %MSG%"
- temp_fail_action (default: empty)
- Like perm_fail_action but this message is returned when an temporary error
is returned by the remote smtp server.
temp_fail_action = "defer %MSG%"
- perm_fail_score (default: empty)
- Score to apply when a permanent error is returned for this recipient.
- temp_fail_score (default: empty)
- Score to apply when a temporary error is returned for this recipient.
- has_starttls_score (default: emtpy)
- no_starttls_score (default: emtpy)
- Score to apply when the smtp server of the recipient announces support for STARTTLS extension.
- has_tlsa_score (default: empty)
- no_tlsa_score (default: empty)
- Score to apply when there is a TLSA or no TLSA record for the remote SMTP server.
- has_openpgp_score (default: empty)
- no_openpgp_score (default: empty)
- Score to apply when a OPENPGPKEY record for the recpient exists or not exists.
AUTHOR¶
Markus Benning <ich@markusbenning.de>COPYRIGHT AND LICENSE¶
This software is Copyright (c) 2014 by Markus Benning <ich@markusbenning.de>.This is free software, licensed under:
The GNU General Public License, Version 2, June 1991
2017-01-13 | perl v5.24.1 |