1MIMEDEFANG(8)               System Manager's Manual              MIMEDEFANG(8)
2
3
4

NAME

6       mimedefang - Sendmail MIME mail filter
7

SYNOPSIS

9       mimedefang prcap
10
11       mimedefang -p connection -m mx_socket_name -U user [options]
12
13

DESCRIPTION

15       mimedefang is a filter built around Sendmail 8.11's milter API for mail
16       filters.  It collects each incoming message and runs a  filter  on  the
17       message.   This is useful for deleting attachments which may be a secu‐
18       rity risk on poorly-designed systems like Microsoft Windows.
19
20       mimedefang does not actually run the Perl filter; instead, it  communi‐
21       cates  with  mimedefang-multiplexor(8), which manages a pool of persis‐
22       tent Perl processes.  See the mimedefang-multiplexor man page for addi‐
23       tional information.
24
25

OPTIONS

27       If  you  invoke  mimedefang  with  the single argument prcap, it prints
28       information about the version of Milter it is linked against and exits.
29       Otherwise,  you should invoke mimedefang as shown in the second line of
30       the SYNOPSIS.
31
32
33       -U user
34              Runs mimedefang as user rather than  root.   The  user  argument
35              must match the argument to mimedefang-multiplexor's -U option as
36              well.
37
38
39       -y     If the -y command-line option is  given,  MIMEDefang  will  call
40              smfi_setsymlist  to set the list of macros it wants.  This func‐
41              tion leaked memory in versions of Sendmail prior to 8.14.4 so by
42              default  we do not call it.  If you are running an older version
43              of sendmail, you should explicitly set the list  of  macros  you
44              want in the Sendmail configuration file.
45
46
47       -z spooldir
48              Set the spool directory to spooldir.  If this option is omitted,
49              the spool directory defaults to /var/spool/MIMEDefang.
50
51
52       -p connection
53              The -p switch is required and specifies  the  milter  connection
54              type.  Typically, you should run mimedefang on the same computer
55              as sendmail.  Therefore, you should use a UNIX-domain socket for
56              the  connection  type.  The suggested value for the -p switch is
57              mimedefang.sock under the spool directory.
58
59
60       -m mx_socket_name
61              Specifies the socket for  communicating  with  mimedefang-multi‐
62              plexor(8).   The  mx_socket_name specifies the path of the UNIX-
63              domain socket.  See mimedefang-multiplexor(8) for details.
64
65
66       -b backlog
67              Sets the "backlog" argument to  the  listen(2)  system  call  to
68              backlog.   If  this option is omitted, then the operating-system
69              default backlog is used.
70
71
72       -G     Normally, mimedefang uses a umask of 077 when creating the  mil‐
73              ter  socket and files.  If you would like the socket to be read‐
74              able and writeable by the group and files to be  group-readable,
75              supply  the -G option.  This causes the umask to be 007 whenever
76              UNIX-domain sockets are created and 027 whenever files are  cre‐
77              ated.   Note:  if  your  milter  library  is too old to have the
78              smfi_opensocket() function, the -G option causes  mimedefang  to
79              use a umask of 007 throughout its execution.
80
81              Note that by default, /var/spool/MIMEDefang is created with mode
82              0700.  If you use the -G option, you probably should change  the
83              mode to 0750.
84
85
86       -d     The  -d  switch  causes  mimedefang  not to delete the temporary
87              spool files it creates  for  incoming  messages.   This  is  for
88              debugging purposes only and should never be used on a production
89              mail server.
90
91
92       -r     Causes mimedefang to perform a relay check before processing any
93              messages.   It  calls  into a user-supplied Perl function called
94              filter_relay with the IP address and host name  of  the  sending
95              relay.  (See mimedefang-filter(5) for details.)
96
97
98       -H     Causes  mimedefang to perform a HELO check before processing any
99              messages.  It calls into a user-supplied  Perl  function  called
100              filter_helo  with  the  IP  address and host name of the sending
101              relay, and the HELO  argument.   (See  mimedefang-filter(5)  for
102              details.)
103
104
105
106       -s     Causes  mimedefang  to  perform a sender check before processing
107              the message body.  It calls into a user-supplied  Perl  function
108              called  filter_sender  with  the envelope address of the sender.
109              (See mimedefang-filter(5) for details.)
110
111
112       -t     Causes mimedefang to perform recipient checks before  processing
113              the  message  body.  It calls into a user-supplied Perl function
114              called filter_recipient with the envelope address of each recip‐
115              ient.  (See mimedefang-filter(5) for details.)
116
117
118       -q     Permits  the multiplexor to queue new connections.  See the sec‐
119              tion QUEUEING REQUESTS in the mimedefang-multiplexor  man  page.
120              Note  that this option and the -R option are mutually-exclusive.
121              If you supply -q, then -R is ignored.
122
123
124       -k     Causes mimedefang not to delete working directories if a  filter
125              fails.  This lets you obtain the message which caused the filter
126              to fail and determine what  went  wrong.   mimedefang  logs  the
127              directory containing the failed message using syslog.
128
129
130       -P fileName
131              Causes mimedefang to write its process-ID (after becoming a dae‐
132              mon) to the specified file.  The file will be owned by root.
133
134
135       -o fileName
136              Causes mimedefang to use fileName as a lock file to avoid multi‐
137              ple  instances  from running.  If you supply -P but not -o, then
138              mimedefang constructs a lock file by appending  ".lock"  to  the
139              pid file.  However, this is less secure than having a root-owned
140              pid file in a root-owned directory and a lock file  writable  by
141              the  user  named  by  the  -U  option.   (The  lock file must be
142              writable by the -U user.)
143
144
145       -R num Normally, mimedefang tempfails a new SMTP  connection  if  there
146              are  no free workers.  Supplying the -R num option makes mimede‐
147              fang tempfail new connections if there are fewer than  num  free
148              workers,  unless  the  connection  is from the local host.  This
149              allows you to favour connections from localhost so your  client‐
150              mqueue  doesn't  build  up.   Note that supplying -R 0 is subtly
151              different from omitting the option;  in  this  case,  mimedefang
152              permits new connections from localhost to queue, but not connec‐
153              tions from other hosts (unless you also supply the -q option.)
154
155              The purpose of the -R option is to reserve resources for client‐
156              mqueue  runs.   Otherwise,  on  a very busy mail server, client‐
157              mqueue runs can starve for a long time, leading  to  delays  for
158              locally-generated  or streamed mail.  We recommend using a small
159              number for num; probably no more than 3 or 10% of the total num‐
160              ber of workers (whichever is smaller.)
161
162              Note  that this option and the -q option are mutually-exclusive.
163              If you supply -q, then -R is ignored.
164
165
166       -C     Conserve file descriptors by opening and closing disk files more
167              often.   (Disk  files  are  never  held open across Milter call‐
168              backs.)  While this shortens the length of time a file  descrip‐
169              tor  is  open, it also leaves more opportunities for the open to
170              fail.  We do not recommend the use of this flag except  on  very
171              busy  systems  that  exhibit  failures due to a shortage of file
172              descriptors.
173
174
175       -T     Causes mimedefang to log the run-time of the Perl  filter  using
176              syslog.
177
178
179       -x string
180              Add  string  as the content of the X-Scanned-By: header.  If you
181              set string to the empty string (i.e. -x ""), then no  X-Scanned-
182              By: header will be added.
183
184
185       -X     Do not add an X-Scanned-By: header.  Specifying -X is equivalent
186              to specifying -x "".
187
188
189       -D     Do not fork into the background and become a  daemon.   Instead,
190              stay  in  the foreground.  Useful mainly for debugging or if you
191              have a supervisory process managing mimedefang.
192
193
194       -M     This option is obsolete; it is accepted for backward-compatibil‐
195              ity, but is ignored.
196
197
198       -N     Normally,  mimedefang  sees  all  envelope recipients, even ones
199              that Sendmail knows to be invalid.  If you don't  want  Sendmail
200              to  perform  a  milter  callback  for  recipients it knows to be
201              invalid, invoke mimedefang with the -N flag.  Please  note  that
202              this  flag only works with Sendmail and Milter 8.14.0 and newer.
203              It has no effect if you're running an older version of  Sendmail
204              or Milter.
205
206
207       -S facility
208              Specifies  the syslog facility for log messages.  The default is
209              mail.  See openlog(3) for a list of valid facilities.   You  can
210              use either the short name ("mail") or long name ("LOG_MAIL") for
211              the facility name.
212
213
214       -a macro
215              Pass the value of the specified Sendmail macro  through  to  the
216              Perl  filter.  You can repeat the -a option to write more macros
217              than the built-in defaults.  Note that  in  addition  to  asking
218              mimedefang  to pass the macro value to the filter, you must con‐
219              figure Sendmail to pass the macro through  to  mimedefang  using
220              the  confMILTER_MACROS_ENVFROM  definition in Sendmail's m4 con‐
221              figuration file.
222
223
224       -c     Strip "bare" carriage-returns (CR) characters from  the  message
225              body.   A  bare  CR  should  never  appear in an e-mail message.
226              Older versions of mimedefang used to strip  them  out  automati‐
227              cally,  but  now  they  are  left  in by default.  The -c option
228              enables the older behavior.
229
230       -h     Print usage information and exit.
231
232

OPERATION

234       When mimedefang starts, it connects to sendmail using the  milter  API.
235       (See  the  Sendmail  8.11  documentation.)   For each incoming message,
236       mimedefang creates a temporary directory and saves information  in  the
237       directory.   At various phases during the SMTP conversation, mimedefang
238       communicates with mimedefang-multiplexor to perform various operations.
239       mimedefang-multiplexor manages a pool of persistent Perl processes that
240       actually perform the mail scanning operations.
241
242
243       When a Perl process scans an e-mail, the temporary spool directory con‐
244       tains  certain  files;  details  of  the communication protocol between
245       mimedefang and the Perl script are in mimedefang-protocol(7).
246
247

WARNINGS

249       mimedefang does violence to the flow of e-mail.   The  Perl  filter  is
250       quite  picky  and  assumes  that  MIME e-mail messages are well-formed.
251       While I have tried to make the script safe, I  take  no  responsibility
252       for  lost  or mangled e-mail messages or any security holes this script
253       may introduce.
254
255

AUTHOR

257       mimedefang was written by Dianne Skoll  <dfs@roaringpenguin.com>.   The
258       mimedefang home page is http://www.mimedefang.org/.
259
260

SEE ALSO

262       mimedefang.pl(8),    mimedefang-filter(5),   mimedefang-multiplexor(8),
263       mimedefang-protocol(7)
264
265
266
267
268
2694th Berkeley Distribution       8 February 2005                  MIMEDEFANG(8)
Impressum