1MILTER-REGEX(8) BSD System Manager's Manual MILTER-REGEX(8)
2
4 milter-regex — sendmail milter plugin for regular expression filtering
5
7 milter-regex [-d] [-c config] [-f facility] [-j dirname] [-l loglevel]
8 [-m number] [-p pipe] [-r pid-file] [-u user] [-G group]
9 [-P mode] [-U user]
10
12 The milter-regex plugin can be used with the milter API of sendmail(8) to
13 filter mails using regular expressions matching SMTP envelope parameters
14 and mail headers and body.
15 The options are as follows:
17 -d Don't detach from controlling terminal and produce verbose
19 debug output on stdout.
20 -c config Use the specified configuration file instead of the default,
22 /etc/mail/milter-regex.conf.
23 -f facility
25 Use the specified syslog facility instead of the default, dae‐
26 mon.
27 -j dirname
29 Change root to the specified directory.
30 -l loglevel
32 Only log messages up to and including the specified level.
33 See syslog(3) for the numerical values, e.g. the default
34 LOG_INFO=6.
35 -m number Ignore mail body after the specified number of lines.
37 -p pipe Use the specified pipe to interface sendmail(8). Default is
39 unix:/var/spool/milter-regex/sock.
40 -r pid-file
42 Write the pid to the specified file. Default is not to write a
43 file.
44 -u user Run as the specified user instead of the default, mregex.
46 When milter-regex is started as root, it calls setuid(2) to
47 drop privileges. The non-privileged user should have read
48 access to the configuration file and read-write access to the
49 pipe.
50 -G group Set the group ID of the pipe.
52 -P mode Set the permissions of the pipe to the specified mode instead
54 of the default, 0600.
55 -U user Set the user ID of the pipe.
57
59 The plugin needs to be registered in the sendmail(8) configuration, by
60 adding the following lines to the .mc file
61 INPUT_MAIL_FILTER(`milter-regex',
63 `S=unix:/var/spool/milter-regex/sock, T=S:30s;R:2m')
64 rebuilding /etc/mail/sendmail.cf from the .mc file using m4(1), and
66 restarting sendmail(8).
67
69 The configuration file consists of rules that, when matched, cause
70 sendmail(8) to reject mails. Emtpy lines and lines starting with # are
71 ignored, as well as leading whitespace (blanks, tabs). Trailing back‐
72 slashes can be used to wrap long rules into multiple lines. Each rule
73 starts with one of the following commands:
74 reject <message>
76 Subsequent rules cause the mail to be rejected with a permanent
77 error consisting of the specified text part. The SMTP reply con‐
78 sists of the three-digit code 554 (RFC 2821 "command rejected for
79 policy reasons"), the extended reply code 5.7.1 (RFC 1893 "Perma‐
80 nent Failure", "Security or Policy Status", "Delivery not autho‐
81 rized, message refused") and the text part (which defaults to "Com‐
82 mand rejected", if not specified). This is a permanent failure,
83 which causes the sender to remove the message from its queue with‐
84 out trying to retransmit, commonly generating a bounce message to
85 the sender.
86 tempfail <message>
88 Subsequent matching rules cause the mail to be rejected with a tem‐
89 porary error consisting of the specified text part. The SMTP reply
90 consists of the three-digit code 451 (RFC 2821 "Requested action
91 aborted: local error in processing"), the extended reply code 4.7.1
92 (RFC 1893 "Persistent Transient Failure", "Security or Policy Sta‐
93 tus", "Delivery not authorized, message refused") and the text part
94 (which defaults to "Please try again later", if not specified).
95 This is a temporary failure, which causes the sender to keep the
96 message in its queue and try to retransmit it, commonly for several
97 days.
98 discard
100 Subsequent matching rules cause the mail to be accepted but then
101 discarded silently. Note that connect and helo rules should not
102 use discard.
103 quarantine <message>
105 Subsequent matching rules cause the mail to be quarantined in
106 sendmail(8).
107 accept
109 Subsequent matching rules cause the mail to be accepted without
110 further rule evaluation. Can be used for whitelist criteria.
111 A command is followed by one or more expressions, each causing the previ‐
113 ous command to be executed when matched. The following expressions can
114 be used:
115 connect <hostname> <address>
117 Reject the connection if both the sender's hostname and address
118 match the specified regular expressions. The numerical address is
119 either dotted-quad (IPv4) or coloned-hex (IPv6). The hostname is
120 the result of a DNS reverse resolution of the numerical address
121 (which sendmail(8) performs independantly of the milter plugin).
122 When resolution fails, the hostname contains the numerical address
123 in square brackets.
124 helo <name>
126 Reject the connection if the sender supplied HELO name matches the
127 specified regular expression. Commonly, the sender supplies his
128 fully-qualified hostname as HELO name.
129 envfrom <address>
131 Reject the mail if the sender supplied envelope MAIL FROM address
132 matches the specified regular expression. Addresses commonly have
133 the form <user@host.doma.in>.
134 envrcpt <address>
136 Reject the mail if the sender supplied envelope RCPT TO address
137 matches the specified regular expression.
138 header <name> <value>
140 Reject the mail if a header matches the specified name and value.
141 For instance, the header "Subject: Test" matches name Subject and
142 value Test.
143 body <line>
145 Reject the mail if a body line matches the specified regular
146 expression.
147 macro <name> <value>
149 Reject the mail if a sendmail macro value matches.
150 The plugin regularly checks the configuration file for modification and
152 reloads it automatically. Signals like SIGHUP will terminate the plugin,
153 according to the milter signal handler. The plugin reacts to any kind of
154 error, like syntax errors in the configuration file, by failing open,
155 accepting all messages. When the plugin is not running, sendmail(8) will
156 accept all messages.
157
159 The regular expressions used in the configuration rules are enclosed in
160 arbitrary delimiters, no further escaping is needed.
161 The first character of an argument is taken as the delimiter, and all
163 subsequent characters up to the next occurance of the same delimiter are
164 taken literally as the regular expression. Since the delimiter itself
165 cannot be part of the regular expression (no escaping is supported), a
166 delimiter must be chosen that doesn't occur in the regular expression
167 itself. Each argument can use a different delimiter, all characters
168 except spaces and tabs are valid.
169 Two immediately adjacent delimiters form an empty regular expression,
171 which always matches and requires no regexec(3) call. This can be used
172 in rules requiring multiple arguments, to match only some arguments.
173 See re_format(7) for a detailed description of basic and extended regular
175 expressions.
176 Optionally, the following flags can be used after the closing delimiter:
178 e Extended regular expression. This sets REG_EXTENDED for regcomp(3).
179 i Ignore upper/lower case. This sets REG_ICASE.
180 n Not matching. Reverses the matching result, i.e. the mail is
181 rejected if the regular expression does not match.
182
184 A rule can consist of either a simple term or more complex expressions.
185 A term has the form
186 header /From/ /domain/i
188 and expressions can be built combining terms with operators "and", "or",
190 "not" and parentheses, as in
191 header /From/ /domain/i and body /money/
193 ( not header /From/ /domain/ ) and ( body /sex/ or body /fast/ )
194 Operator precedence should not be relied on, instead parentheses should
196 be used to resolve any ambiguities (they usually produce syntax errors
197 from the parser).
198
200 Macros allow to store terms or expressions as a name, and $name can be
201 used as term within other rules, expressions or macro definitions. Exam‐
202 ple:
203 friends = header /^Received$/ /^from [^ ]*(ork.net|home.com)/e
205 attachments = header ,^Content-Type$, ,multipart/mixed, and \
206 body ,^Content-Type: application/,
207 executables = $attachments and body ,name=".*.(pif|exe|scr)"$,e
208 reject "executable attachment from non-friends"
210 $executables and not $friends
211 Macro names must begin with a letter and may contain alphanumeric charac‐
213 ters and punctuation characters. Reserved keywords (like "reject" or
214 "header") cannot be used as macro names. Macros must be defined before
215 use, the definition must precede the use in the configuration file, read
216 from top to bottom.
217
219 Rules are evaluated in the order specified in the configuration file,
220 from top to bottom. When a rule matches, the corresponding action is
221 taken, that is the last action specified before the matching rule.
222 The plugin evaluates the rules every time a line of mail (or envelope) is
224 received. As soon as a rule matches, the action is taken immediately,
225 possibly before the entire mail is received, even if further lines might
226 possibly make other rules match, too. This means the first rule matching
227 chronologically has precedence.
228 If evaluation for a line of mail makes two (or more) rules match, the
230 rule that comes first in the configuration file has precedence.
231 Boolean expressions are short-circuit evaluated, that means "a or b"
233 becomes true as soon as one of the terms is true and "a and b" becomes
234 false as soon as one of the terms is false, even if the other term is not
235 known, possibly because the relevant mail line has not been received yet.
236
238 # /etc/mail/milter-regex.conf example
239 # Accept anything encrypted, just to demonstrate sendmail macros
241 accept
242 macro /tls_version/ /TLSv/
243 tempfail "Sender IP address not resolving"
245 connect /\[.*\]/ //
246 reject "Malformed HELO (not a domain, no dot)"
248 helo /\./n
249 reject "Malformed RCPT TO (not an email address, not <.*@.*>)"
251 envrcpt /<(.*@.*|Postmaster)>/ein
252 reject "HTML mail not accepted"
254 # use comma as delimiter here, as / occurs within RE
255 header /^Content-type$/i ,^text/html,i
256 body ,^Content-type: text/html,i
257 # Swen worm
259 discard
260 header /^(TO|FROM|SUBJECT)$/e //
261 header /^Content-type$/i /boundary="Boundary_(ID_/i
262 header /^Content-type$/i /boundary="[a-z]*"/
263 body ,^Content-type: audio/x-wav; name="[a-z]*\.[a-z]*",i
264 # Some nasty spammer
266 reject "Business Corp spam, get lost"
267 body /^Business Corp. for W.& L. AG/i and \
268 ( body /043.*317.*0285/ or body /0041.43.317.02.85/ )
269
272 milter-regex sends log messages to syslogd(8) using facility daemon and,
273 with increasing verbosity, level err, notice, info and debug. The fol‐
274 lowing syslog.conf(5) section can be used to log messages to a dedicated
275 file:
276 !milter-regex
278 daemon.err;daemon.notice /var/log/milter-regex
279
281 Syntax for milter-regex in BNF:
282 file = ( rule | macro ) file
284 rule = action expr-list
285 action = "reject" msg | "tempfail" msg | "discard" |
286 "quarantine" msg | "accept"
287 msg = ( '"' | "'" ) string ( '"' | "'" )
288 expr-list = expr [ expr-list ]
289 expr = term | term "and" expr | term "or" expr | "not" term
290 term = '(' expr ')' | "connect" arg arg | "helo" arg |
291 "envfrom" arg | "envrcpt" arg | "header" arg arg |
292 "body" arg | "macro" arg arg | '$' name
293 arg = del regex del flags
294 del = '/' | ',' | '-' | ...
295 flags = [ 'e' ] [ 'i' ] [ 'n' ]
296 macro = name '=' expr
297
299 /etc/mail/milter-regex.conf
300
302 mailstats(1), regex(3), syslog(3), syslog.conf(5), re_format(7),
303 sendmail(8), syslogd(8)
304 Simple Mail Transfer Protocol, RFC 2821.
306 Enhanced Mail System Status Codes, RFC 1893.
308
310 The first version of milter-regex was written in 2003. Boolean expres‐
311 sion evaluation was added in 2004.
312
314 Daniel Hartmeier ⟨daniel@benzedrine.cx⟩
315BSD September 24, 2003 BSD