SMC milter
From AutoSPF
SMC milter project has been developed since 2003. By default the filter uses Greylisting technology to block junk e-mail, and a suit of automatic "white lists" working with original algorithms to determine legal e-mail which would be delivered without delay. SMTP authorising and blocking all Failed e-mail are supported. Since 2.0 version of the milter there is added Postfix and ClamAV (clamcheck configuration file parameter) support. The policy of e-mail "legality" determining (message sender verification) by default uses AutoSPF and SPF algorithms.
Filter working algorithms
In our opinion, mail server should receive e-mail only from the users who use their mail servers accounts legally, but SMTP protocol realisation being in use today does not forbid sending e-mail from the servers unrelated to the indicated mail domain. In SMC filter unverified e-mail may be rejected or sent to processing by the filter blocking algorithm. As mentioned above, by default junk e-mail blocking is accomplished by using Greylisting algorithm. The algorithm is based on checking server's execution of deferred delivery function when receiving server "temporary error". If the recipient mail server refuses to accept the letter ind informs about "temporary error", the sender mail server has to retry later. Bulk mailing software in that case usually does not try to do it. Successful check result is saved for the period determined by Lifetime parameter of configuration file. All subsequen letters from the same sender to the same recipient sent through the same server will be accepted without delay during this period. Algorithm functioning is adjusted by Maxdelay and Maxcount configuration file parameters. Maxdelay parameter determines maximum period of filter's waiting for repeat server call. If repeat call is registered within this period, the counter of successful attempts will augment 1, otherwise it will be nulled. Maxcount parameter determines total amount of such attempts after which a letter is accepted. Theoretically, this algorithm blocks only junk e-mail, but actually in practice this is not the case. Registration bots messages, news sites mailings etc. may be screened by mistake, if they use non-standard mail sending methods. Message delivery delays may be unacceptable in case of urgent mail. The filter contains a suit of automatic "white lists" enabling to avoid such delay or mistake. AutoSPF algorithm is a basic one among the filter's "white lists".
Anoter white list is implemented by the filter's AutoSWL (Auto Sender White List) algorithm. The algrithm is very simple. In the mail contact - "sender-recipient" pair - the sender is considered authenticated (included in the recipient's "white list") if both outgoing message (request) and incoming message (reply) of the contact. Information about successful contact is saved for the period determined by Lifetime parameter of configuration file. The messages of the authenticated senders will not be blocked by the previous algorithm even if there was no successful sender verification. Thus, the filter learns during performance not to react upon active contacts, i.e. if you exchange messages with somebody, the incoming messages will be gated by the filter without additional check.
The filter by default gates e-mail from local reserved addresses (127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 etc.). Other addresses e-mail from which should be received without additional checks may be indicated in smc-milter.hosts configuration file. This file is a static "white list" of the filter. Below is the file content example:
# # SMC-milter hosts file # # Pass through the mail from the indicated IP addresses # or networks without any checks. # # lines preceded by a '#' are comments #---------------------------------------------------------------------- 12.107.209.244/32 # kernel.org 12.107.209.250/32 # sourceware.org 64.125.132.254/32 # collab.net 204.107.120.10/32 # Ameritrade 205.206.231.0/24 # securityfocus.com 209.132.176.174/32 # sourceware.org 213.136.52.31/32 # mysql.com
E-mail headers
SMC filter marks incoming messages with the following range of commonly used headers:
| Header | Description |
|---|---|
| X-Spam-Flag: | [YES/NO/WARN/PASS] |
| X-Spam-Report: | System message describing the reason of one or another Spam-Flag header value binding. |
| X-Spam-Checker-Version: | SMC-milter [software version] |
| X-Virus-Scanned: | Anti-virus software name (if used) |
For example:
X-Spam-Flag: NO X-Spam-Report: Host 195.206.40.177 is related to lust.icc.ru. X-Spam-Checker-Version: SMC-milter 2.0 X-Virus-Scanned: ClamAV using SMC-milter
Extra information
- http://milter.sourceforge.net/ SMC filter (official progect site);
- http://sourceforge.net/projects/milter/ SMC filter, the progect on SourceForge.