flame.org's qmail mods: Index
Here are the modifications I have made to qmail. The patches are currently
against qmail-1.03.
flame-patches-1.03-1.6.2.diff
I won't explain how to apply these patches. I assume you know what you're
doing.
To use these patches, make a file in /var/qmail/control/badheaderthresh that
contains a single integer, say 1000. Then add a file like
/var/qmail/control/badheaders. Here's
what I use, which might be out of date but is
probably pretty close.
What this gives you:
- Incoming MAIL FROM: addresses are verified to be returnable by
requiring an MX or A record for the host given.
- Headers are checked agianst "badheaders" and if the rank exceeds
"badheaderthresh" it is dumped.
- If the environment variable BADHEADERTHRESH is set, that value is
used rather than the contents of the badheaders file. This allows
you to limit differently based on source. (For instance,
*.aol.com IP addresses can have a lower threshold, whatever you
want.)
- If the envar BOUNCEMAIL is set, it is used as the rejection
message and the mail is rejected. This lets you reject mail from
a specific IP address by having inetd, tcpd, or whatever set this
variable.
- WARNMAIL0 through WARNMAIL9 can be set. Each of these goes into
the accepted message as X-Spam-Warning: lines.
- X-Spam-Rating: lines are added. The current format is
"X-Spam-Rating: hostname 1.6.2 headerthresh/badheaderthresh/mode"
where "mode" is A for "always accept" R for "always reject" (which
you'll never see in a log) and N for "normal threshold
calculation."
- Incoming IP addresses are checked against the
MAPS RBL and rejected if
listed. The addresses are also checked against the
MAPS DUL and a
X-Spam-Warning: header is added if the IP is listed there.
![[Powered by NetBSD]](/img/driven-netbsd-small.gif)
![[Powered by Apache]](/img/apache_pb.gif)