Free smtpd software for linux

qmail-smtpd-auth is a patch for qmail that enables it to support SMTP AUTH protocol with the following auth types: LOGIN, PLAIN and CRAM-MD5. Its based on a previous patch by Mrs.Brisby that implemented LOGIN type. This version has some enhancements and allows easy adding of new auth methods.
If you want to learn more about SMTP AUTH itself, then visit my SMTP AUTH page.
This patch adds the ESMTP AUTH option to qmail-1.03, allowing the LOGIN, PLAIN, and CRAM-MD5 AUTH types. An appropriate checkpassword tool is necessary to support the authentication. See http://cr.yp.to/checkpwd.html for more information on the interface. Note that the checkpassword tool should support all of the AUTH types
advertised by qmail-smtpd.
As reflected in the modified qmail-smtpd(8) man page, qmail-smtpd must be invoked with three arguments: hostname, checkprogram, and subprogram. If these arguments are missing, qmail-smtpd will still advertise availability of AUTH, but will fail with a permanent error when AUTH is used.
hostname is simply used to form the CRAM-MD5 challenge. qmail-smtpd invokes checkprogram, feeding it the username and password, in the case of LOGIN or PLAIN, or the username, challenge, and response, in the case of CRAM-MD5. If the user is permitted, checkprogram invokes subprogram, which just has to exit with a status of 0 for the user to be authenticated. Otherwise, checkprogram exits with a non-zero
status. subprogram can usually be /usr/bin/true (or /bin/true, depending on your flavor of OS).
If the user is successfully authenticated, the RELAYCLIENT environment variable is effectively set for the SMTP session, and the TCPREMOTEINFO environment variable is set to the authenticated username, overriding any value that tcpserver may have set. The
value of TCPREMOTEINFO is reflected in a Received header.
Enhancements:
- bug: AUTH PLAIN 334 response not RFC compliant. Reported by Mark Crispin
- .
- change: Set TCPREMOTEINFO environment variable to authenticated username. (Previously only set locally to qmail-smtpd.)

smtptools is a collection of tools to send or receive mails with the simple mail transfer protocol.
maildirblast
may be used to send some or all messages from a maildir to a preconfigured relay host or the official mail exchanger hosts of the recipient addresses. maildirblasts functions partially overlap with those of maildirsmtp from Daniel Bernsteins serialmail package.
smtpblast
sends a single message with SMTP to a configured relay host or to a MX host. It uses the qmail return codes and may be used to bypass a broken mail system or, with for example ssh port forwarding, even some firewalls.
tomaildir
is a simple tool to write a message into a maildir. It uses the qmail return codes (see the dot-qmail manual page for more information). (yes, this has nothing todo with SMTP. But i find it useful anyway)
Main features:
- logging (qmail-smtpd basically has no logging)
- more finegrained relay control, its possibly to allow relaying for *.domain.example, but not for bad.domain.example. Its possible to deny delivery to certain addresses.
- built in RBL support
- check for existence of envelope sender domain.

No-relay SMTP daemon is a lightweight mail server whose sole purpose is to receive incoming messages and deliver them to local users. Its main "feature" (or non-feature, really) is to be completely unable to relay messages to adjacent servers: if an incoming message is not addressed to a local mailbox, smtpd will reject it.

Another convenient feature is its automatic grey-listing of clients that allows you to efficiently reject spammers based on their behaviour. No-relay SMTP daemon can handle incoming email traffic for an unlimited number of domains (i.e. act as a MX for these domains) without the need for any configuration (other than creation of users mailboxes).

Net::Server::Mail::ESMTP::XFORWARD is a Perl module to add support to the XFORWARD command in Net::Server::Mail::ESMTP.

SYNOPSIS

use Net::Server::Mail::ESMTP;

my @local_domains = qw(example.com example.org);
my $server = new IO::Socket::INET Listen => 1, LocalPort => 25;

my $conn;
while($conn = $server->accept)
{
my $esmtp = new Net::Server::Mail::ESMTP socket => $conn;
# activate some extensions
$esmtp->register(Net::Server::Mail::ESMTP::XFORWARD);
# adding some handlers
$esmtp->set_callback(RCPT => &validate_recipient);
$esmtp->process();
$conn->close()
}

sub validate_recipient
{
my($session, $recipient) = @_;

my $domain;
if($recipient =~ /@(.*)>s*$/)
{
$domain = $1;
}

if(not defined $domain)
{
return(0, 513, Syntax error.);
}
elsif(not(grep $domain eq $_, @local_domains) && $session->get_forwarded_addr != "10.1.1.1")
{
return(0, 554, "$recipient: Recipient address rejected: Relay access denied");
}

return(1);
}

When using a Net::Server::Mail::ESMTP script inside a MTA and not in front of Internet, values like client IP address are not accessible to the script and when the script returns mail to an other instance of smtpd daemon, it logs "localhost" as incoming address. To solve this problem, some administrators use the XFORWARD command. This module gives the ability to read and store XFORWARD informations.

qgreylistrbl is an add-on for qmail.

Now there are a lot of methods against spam, I have combined two of them: greylisting only for dialin nodes and nodes listed on a RBL. NDNs with more than one recipient will be rejected with permanent error messages and without a greylist entry. A test for EHLO/HELO spoofing was added: if a string is obviously spoofed, the connection will be rejected with a permanent error message, without a greylist entry, and advice to RFC2821. You can define a maximum number of recipients per email.

Greylisting returns a temporary SMTP error at the first delivery attempt. Most spam is sent from bulk mailers that dont retry, so these attempts are blocked. Real mail servers will retry later after a temporary error, allowing the message to go through.

Of course cannot all mail be delayed half an hour or longer to our customers. Thats why I have decided to modify the program qgreylist from Jon Atkins. I have added a RBL request to accept emails from not RBL listed nodes and to delay only dialin lines and RBL listed nodes. The script tests the PTR record of each connecting host for a regular expression to detect dialin nodes.

qgreylist from Jon Atkins puts all files in one base dir. qgreylistrbl creates here a directory structure because of performance reasons. The cleanup is now done by a separate cronjob script and not by qgreylistrbl itself, because when there were some ten thousand files inside the mail server nearly stands still.

Most bulk mailers and zombies,too, do not have queue management. They blast that much emails out into the net, they would be swamped with it. An Example: We use a UW-160 Raid 10 for the queue, but the usual zombie out there has only one IDE disc. Beside even a layman would ask why his hard drive was running all the time.

Effect

80% less spam. Yes, truly. No false positives, NO email gets lost.

Usage

qgreylistrbl is a replacement for rblsmtpd by D.J. Bernstein. Simply put qgreylistrbl instead of rblsmtpd in the command line for starting qmail-smtpd.

Performance

qgreylistrbl is a Perl script. Expect some CPU usage. If you run a QMAILQUEUE-patched version of qmail-smtpd and spamassassin, the load will decrease extensive, because most connection attempts do not cause a mail delivery. With perl > 5.6.1 you can precompile the source code with perlcc.

Installation:

Just copy the perl script wherever you want and edit the start script for qmail-smtpd. qgreylistrbl is a simple replacement for rblsmtpd from D.J. Bernstein and can be used the same way.

Create the greylist IP folder:

# mkdir /var/qmail/qgreylistrbl
# chown qmaild /var/qmail/qgreylistrbl

Adjust User

If you need to install the perl module Mail:RBL, just do the following:
From the root prompt on your server, invoke the CPAN shell:

# perl -MCPAN -e shell

Once the Perl interpreter has loaded (and been configured), you can install modules by issuing the command install MODULENAME.

The first thing you should do is upgrade your CPAN:

cpan> install Bundle::CPAN

Once its done (it will take a while, just enter all questions), type:

cpan> reload cpan

Now, enter the following command to retrieve all of the required modules:

cpan> install Mail::RBL

Then you can be shure everything is installed to correct locations.

Configuration:

At the beginnung of the script you have to adjust a few variables. See script for more details. Important are hostname, working directory, some paths and RBL services. You have to add a crontab entry as follows:

*/20 * * * * vpopmail /var/qmail/bin/qgreylist_cleanup.pl

Adjust user, path and time before.
Dont forget so set up logging facility in /etc/syslog.conf

QmailToaster project is an RPM-based Qmail distribution for CentOS, Fedora, SuSE, and Mandriva. This system is designed for ease of deployment and includes strong anti-spam systems. This includes support for SRS, SPF, DomainKeys, and virtual hosting on the SMTP side. On the user side, this has a Web-based administration interface and supports POP3, POP3 over SSL, IMAP, and IMAP over SSL
Main features:
- Source RPM packages ready for RPM based distributions
- SMTP with SMTP-AUTH, TLS, REMOTE-AUTH
- DomainKeys, SPF "Sender Policy Framework" and SRS "Sender Rewriting Scheme"
- Integrated SpamAssassin, ClamAV and Simscan
- Warlord virus and worm loader realtime scanning
- CHKUSER 2.0 functions for qmail-smtpd
- Qmail-Tap provides email archive capability
- Virtual Domains (MySQL), Virtual Users (MySQL)
- Autoresponder, Mailing List
- Web-based email system, Web-based administration tools
- POP3, POP3-SSL, IMAP and IMAP-SSL
Enhancements:
- CentOS 5.x support was added.

mhrw is a tool for mailheader manipulation. mhrw can be useful in complex MTA setups. In general, headers shouldnt be rewritten, but i found myself configuring an MTA with special delivery methods, where delivery took place depending on spamassassins spam-level and various other things.

In this setup, smtpd and delivery were completely different tasks without any communication possible between them. So, i decided to use the mail-headers loading some additional neccessary information. To get rid of lots of slow scripts, mhrw was born.

How it works:

mhrw reads mails from < stdin > or (if argument is given) from < file >. It supports two operating modes,

a) replace some part of the header, matched by a regular expression,
b) add some part to the header below the former last headerline.

In no way the body of a message is touched. Anything below the header is passed through. Also, the message will always pass until EOF.

Examples:

To show some example, on how to use mhrw, ill define the following (not
really standard, but very simple) mail as origin:

Received: somehost (somehost.somewhere) by uid 1007 with esmtp
X-Authenticated-SMTP: username
Received: anyhost; date
Subject: some test

body
...

If this mailalike header is getting used by following command:

mhrw ^X-Authenticated-SMTP: .*$

this will result in:

Received: somehost (somehost.somewhere) by uid 1007 with esmtp
Received: anyhost; date
Subject: some test

body
...

Youre able to use any regular expression you like, limited (by default) upto 4 subqueries.

The second argument (the replacement string) interprets written n and r sequences.

Installation:

mhrw dosnt relay on libraries and is written with a very basic set of commands, so:

./configure
make
make install

should build the binary on most platforms.

vislog is a set of perlscripts written to bring virus and spamdetection to a mailserver running postfix for smtpd and cyrus-imap for local delivery.

It accepts mail from postfix sends them to clamav-virusscanner und spamassassin and afterwards give the tagged and scanned mail to cyrus-imap for local delivery.

It has a small perlscript to examine its own logfile about the found viruses and generate a html overview about it.