Home page
ENGLISH
JAPANESE
Counter
Last update : 2022/04/24

milter-blockdomain

  1.  Introduction
  2.  Copyright, License
  3.  Download
  4.  Install
  5.  Prepare block domain list
  6.  Start milter-blockdomain
1. Introduction

The milter-blockdomain is a simple milter written in C to maintain thousands of block domains in simple plain expression.

It is a practical use that making use of both the milter-blockdomain and the milter-greylist.
The milter-greylist works for unsolved IP address, malformed HELO/EHLO, GeoIP, widely applied rule by regular expression, and/or S25R.
It is good that the milter-blockdomain handle undesirable domain which is allowed by auto-whitelist of the milter-greylist.
The milter-regex is also useful.

Equivalent block list expression
milter-blockdomain 
example.com
milter-greylist 
racl blacklist domain example.com
racl blacklist helo /^(.+\.)?example\.com$/
racl blacklist from /@(.+\.)?example\.com>$/
milter-regex 
connect /^(.+\.)?example\.com$/ie // and envrcpt /^<.*>$/
helo    /^(.+\.)?example\.com$/ie    and envrcpt /^<.*>$/
envfrom /@(.+\.)?example\.com>$/ie   and envrcpt /^<.*>$/
2. Copyright, License

The "milter-blockdomain" is copyright 2016 by Takao Abe. All rights reserved.
This software is free software, you can use and redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software Foundation,
either version 3 of the License, or any later version.

3. Download

GitHub   https://github.com/t2750xurb/milter-blockdomain

4. Install

Determine path. You may change them as you like.

File or DirPathRelated files which specifies this path.
Exec file/usr/local/sbin/milter-blockdomainStart script ( ex. /etc/rc.d/rc.milter-blockdomain )
Config file/etc/mail/milter-blockdomain.confStart script ( ex. /etc/rc.d/rc.milter-blockdomain )
Socket file/var/spool/milter/milter-blockdomain.sockConfig file ( Keyword: socket )
sendmail.mc ( Keyword: INPUT_MAIL_FILTER )
PID file/var/run/milter-blockdomain.pidConfig file ( Keyword: pidFile )
Domain list files/var/lib/milter-blockdomain/*Config file ( Keyword: whitelist, blacklist, greylist )

Build and create directory

$ cd /tmp

$ tar jxf milter-blockdomain-M.NN.tar.bz2

$ cd milter-blockdomain-M.NN

$ ./configure --sysconfdir=/etc/mail

$ make

$ su
Password: **********

# make install

# mkdir /var/lib/milter-blockdomain

# mkdir /var/spool/milter

# chown smmsp:smmsp /var/spool/milter

# chmod o-rwx /var/spool/milter

Add "INPUT_MAIL_FILTER" to sendmail.mc

INPUT_MAIL_FILTER(`milter-blockdomain',`S=local:/var/spool/milter/milter-blockdomain.sock, F=, T=S:1m;R:1m')dnl

Generate sendmail.cf from sendmail.mc

Save current sendmail.cf as a backup.
# cp -p /etc/mail/sendmail.cf /etc/mail/sendmail.cf-yyyymmdd-hhmm

Change working directory
# cd /usr/share/sendmail/cf/cf

Generate sendmail.cf from sendmail.mc
# m4 /etc/mail/sendmail.mc | cat -s > /etc/mail/sendmail.cf
5. Prepare block domain list

If you don't have any block domain list at this time, just create empty file.

$ touch /var/lib/milter-blockdomain/xxxxxxxxxx.txt
6. Start milter-blockdomain

milter-blockdomain [-c config-file-path] [-d] [-s] [-t Interval] [-v]

-c
Specify the config file path, if the config file is other than /etc/mail/milter-blockdomain.conf.
-d
Debug mode, Non-daemon.
-s
Output Statistics count to syslog hourly. Default: Daily.
-t
Minimum domain list file update check interval. ( Seconds )
-v
Display version number.
# /usr/local/sbin/milter-blockdomain

If the config file is other than /etc/mail/milter-blockdomain.conf
# /usr/local/sbin/milter-blockdomain -c config-file-path
Contact, Bug report

email   or   email
Config file sample
# milter-blockdomain.conf

########################################
# user
# Mandatory, No default

user    smmsp

########################################
# socket
# Mandatory, No default
# Correspond with INPUT_MAIL_FILTER of sendmail.mc

socket  /var/spool/milter/milter-blockdomain.sock

########################################
# pidFile
# Mandatory, No default

pidFile /var/run/milter-blockdomain.pid

########################################
# checkConnect, checkHelo, checkEnvFrom, checkEnvRcpt
# 0 : Not checked
# 1 : Checked  ( Default )

checkConnect = 1
checkMacro_  = 1
checkHelo    = 1
checkEnvFrom = 1
checkEnvRcpt = 0

########################################
# checkOnAndAfter
# 0 : Check on and after connect
# 1 : Check on and after helo
# 2 : Check on and after envfrom
# 3 : Check on and after envrcpt ( Default )
# 4 : Check on and after header

checkOnAndAfter = 3

########################################
# Message

messageTempfail "Refused connection temporarily. Be patient."
messageReject   "Refused connection by site policy."

########################################
# Syslog facility name
# daemon, mail, user, local0 to local7

syslogFacility  = mail

########################################
# Syslog priority debug
# 0 : Do not write syslog priority=debug ( Default )
# 1 : Write syslog priority=debug

syslogDebug  = 0

########################################
# Subdomain
# 0 : Exact domain matching
# 1 : Subdomain matching ( Domain boundary )  ( Default )

Subdomain = 1

########################################
# whitelist, blacklist, greylist
# Max 8 files
# First match determine the result, accpet/reject/tempfail.
# Insensitive lower/upper case letter.

whitelist /var/lib/milter-blockdomain/whitelist.txt
blacklist /var/lib/milter-blockdomain/blacklist.txt
greylist  /var/lib/milter-blockdomain/greylist.txt

########################################
# DO NOT USE THIS PARAMETER
# testMode
# 0 : Check ( Default )
# 1 : Logging only ( Alway "Not listed" result )

#testMode = 0

########################################
# DO NOT USE THESE PARAMETERS
# debugConfigFunction, debugCheckFunction
# 0 : Disable debug log ( Default )
# 1 : Enable debug log

#debugConfigFunction = 0
#debugCheckFunction  = 0
Useful website
milter-greylist
http://hcpnet.free.fr/milter-greylist/
milter-regex
http://www.benzedrine.cx/milter-regex.html
milter-geoip
http://flatray.com/geoip/sendmail-milter.html
S25R Anti-spam technology ( Selective SMTP Rejection )
http://www.gabacho-net.jp/en/anti-spam/
http://www.fitserv.co.jp/ http://www.fitserv.jp/blockdomain/
Copyright (C) 2016, Takao Abe. All rights reserved.

Another HTML-lint     W3C HTML Validator     W3C CSS Validator

ChangeLog
2022/04/241.05 GitHub https://github.com/t2750xurb/milter-blockdomain
[Enhancement] Command line option -t
Minimum interval of checking domain list file update.
[Enhancement] Statistics information to syslog daily.
Command line option -s for hourly statistics info.
[Add] README.md
2018/01/201.04 [Change] Return previous TEMPFAIL or REJECT check result in the SMTP session preferentially.
Add debug log when the mlfi_xxxx's return.
milter-blockdomain.c
[Change] Change leaf node anchors have every two characters of the beginning of the domain node name, from they have every one character of the beginning of the domain node name.
milter-blockdomain.h blkdom_check.c blkdom_config.c
[Change] Add following statistics information, Node/Leaf count, Node/Leaf average chain length.
milter-blockdomain.h - domainListType
blkdom_config.c - statDomainList, LoadDomainList
2017/12/231.03 [Bug fix] Avoid multiple reloading domain lists in race conditions.
2016/11/031.02 [Bug fix] Lost the first entry of unsorted domain list.
2016/07/021.01 Support GNU build procedure, ./configure, make, and make intall.
Conf file new keyword 'syslogDebug'. Optional writing syslog priority=debug.
Conf file new keyword 'checkMacro_'. Check value of the sendmail macro '_'.
Return SMFIS_CONTINUE when smfi_getpriv returns NULL for the private data pointer.
2016/06/051.00 Published