1MILTER-REGEX(8) BSD System Manager's Manual MILTER-REGEX(8)
2
4 milter-regex — sendmail milter plugin for regular expression filtering
5
7 milter-regex [-d] [-c config] [-f facility] [-j dirname] [-l loglevel]
8 [-m number] [-p pipe] [-u user] [-G group] [-P mode]
9 [-U user]
10
12 The milter-regex plugin can be used with the milter API of sendmail(8) to
13 filter mails using regular expressions matching SMTP envelope parameters
14 and mail headers and body.
15
16 The options are as follows:
17
18 -d Don't detach from controlling terminal and produce verbose
19 debug output on stdout.
20
21 -c config Use the specified configuration file instead of the default,
22 /etc/mail/milter-regex.conf.
23
24 -f facility
25 Use the specified syslog facility instead of the default, dae‐
26 mon.
27
28 -j dirname
29 Change root to the specified directory.
30
31 -l loglevel
32 Only log messages up to and including the specified level.
33 See syslog(3) for the numerical values, e.g. the default
34 LOG_INFO=6.
35
36 -m number Ignore mail body after the specified number of lines.
37
38 -p pipe Use the specified pipe to interface sendmail(8). Default is
39 unix:/var/spool/milter-regex/sock.
40
41 -u user Run as the specified user instead of the default, mregex.
42 When milter-regex is started as root, it calls setuid(2) to
43 drop privileges. The non-privileged user should have read
44 access to the configuration file and read-write access to the
45 pipe.
46
47 -G group Set the group ID of the pipe.
48
49 -P mode Set the permissions of the pipe to the specified mode instead
50 of the default, 0600.
51
52 -U user Set the user ID of the pipe.
53
55 The plugin needs to be registered in the sendmail(8) configuration, by
56 adding the following lines to the .mc file
57
58 INPUT_MAIL_FILTER(`milter-regex',
59 `S=unix:/var/spool/milter-regex/sock, T=S:30s;R:2m')
60
61 rebuilding /etc/mail/sendmail.cf from the .mc file using m4(1), and
62 restarting sendmail(8).
63
65 The configuration file consists of rules that, when matched, cause
66 sendmail(8) to reject mails. Emtpy lines and lines starting with # are
67 ignored, as well as leading whitespace (blanks, tabs). Trailing back‐
68 slashes can be used to wrap long rules into multiple lines. Each rule
69 starts with one of the following commands:
70
71 reject <message>
72 Subsequent rules cause the mail to be rejected with a permanent
73 error consisting of the specified text part. The SMTP reply con‐
74 sists of the three-digit code 554 (RFC 2821 "command rejected for
75 policy reasons"), the extended reply code 5.7.1 (RFC 1893 "Perma‐
76 nent Failure", "Security or Policy Status", "Delivery not autho‐
77 rized, message refused") and the text part (which defaults to "Com‐
78 mand rejected", if not specified). This is a permanent failure,
79 which causes the sender to remove the message from its queue with‐
80 out trying to retransmit, commonly generating a bounce message to
81 the sender.
82
83 tempfail <message>
84 Subsequent matching rules cause the mail to be rejected with a tem‐
85 porary error consisting of the specified text part. The SMTP reply
86 consists of the three-digit code 451 (RFC 2821 "Requested action
87 aborted: local error in processing"), the extended reply code 4.7.1
88 (RFC 1893 "Persistent Transient Failure", "Security or Policy Sta‐
89 tus", "Delivery not authorized, message refused") and the text part
90 (which defaults to "Please try again later", if not specified).
91 This is a temporary failure, which causes the sender to keep the
92 message in its queue and try to retransmit it, commonly for several
93 days.
94
95 discard
96 Subsequent matching rules cause the mail to be accepted but then
97 discarded silently. Note that connect and helo rules should not
98 use discard.
99
100 quarantine <message>
101 Subsequent matching rules cause the mail to be quarantined in
102 sendmail(8).
103
104 accept
105 Subsequent matching rules cause the mail to be accepted without
106 further rule evaluation. Can be used for whitelist criteria.
107
108 A command is followed by one or more expressions, each causing the previ‐
109 ous command to be executed when matched. The following expressions can
110 be used:
111
112 connect <hostname> <address>
113 Reject the connection if both the sender's hostname and address
114 match the specified regular expressions. The numerical address is
115 either dotted-quad (IPv4) or coloned-hex (IPv6). The hostname is
116 the result of a DNS reverse resolution of the numerical address
117 (which sendmail(8) performs independantly of the milter plugin).
118 When resolution fails, the hostname contains the numerical address
119 in square brackets.
120
121 helo <name>
122 Reject the connection if the sender supplied HELO name matches the
123 specified regular expression. Commonly, the sender supplies his
124 fully-qualified hostname as HELO name.
125
126 envfrom <address>
127 Reject the mail if the sender supplied envelope MAIL FROM address
128 matches the specified regular expression. Addresses commonly have
129 the form <user@host.doma.in>.
130
131 envrcpt <address>
132 Reject the mail if the sender supplied envelope RCPT TO address
133 matches the specified regular expression.
134
135 header <name> <value>
136 Reject the mail if a header matches the specified name and value.
137 For instance, the header "Subject: Test" matches name Subject and
138 value Test.
139
140 body <line>
141 Reject the mail if a body line matches the specified regular
142 expression.
143
144 macro <name> <value>
145 Reject the mail if a sendmail macro value matches.
146
147 The plugin regularly checks the configuration file for modification and
148 reloads it automatically. Signals like SIGHUP will terminate the plugin,
149 according to the milter signal handler. The plugin reacts to any kind of
150 error, like syntax errors in the configuration file, by failing open,
151 accepting all messages. When the plugin is not running, sendmail(8) will
152 accept all messages.
153
155 The regular expressions used in the configuration rules are enclosed in
156 arbitrary delimiters, no further escaping is needed.
157
158 The first character of an argument is taken as the delimiter, and all
159 subsequent characters up to the next occurance of the same delimiter are
160 taken literally as the regular expression. Since the delimiter itself
161 cannot be part of the regular expression (no escaping is supported), a
162 delimiter must be chosen that doesn't occur in the regular expression
163 itself. Each argument can use a different delimiter, all characters
164 except spaces and tabs are valid.
165
166 Two immediately adjacent delimiters form an empty regular expression,
167 which always matches and requires no regexec(3) call. This can be used
168 in rules requiring multiple arguments, to match only some arguments.
169
170 See re_format(7) for a detailed description of basic and extended regular
171 expressions.
172
173 Optionally, the following flags can be used after the closing delimiter:
174 e Extended regular expression. This sets REG_EXTENDED for regcomp(3).
175 i Ignore upper/lower case. This sets REG_ICASE.
176 n Not matching. Reverses the matching result, i.e. the mail is
177 rejected if the regular expression does not match.
178
180 A rule can consist of either a simple term or more complex expressions.
181 A term has the form
182
183 header /From/ /domain/i
184
185 and expressions can be built combining terms with operators "and", "or",
186 "not" and parentheses, as in
187
188 header /From/ /domain/i and body /money/
189 ( not header /From/ /domain/ ) and ( body /sex/ or body /fast/ )
190
191 Operator precedence should not be relied on, instead parentheses should
192 be used to resolve any ambiguities (they usually produce syntax errors
193 from the parser).
194
196 Macros allow to store terms or expressions as a name, and $name can be
197 used as term within other rules, expressions or macro definitions. Exam‐
198 ple:
199
200 friends = header /^Received$/ /^from [^ ]*(ork.net|home.com)/e
201 attachments = header ,^Content-Type$, ,multipart/mixed, and \
202 body ,^Content-Type: application/,
203 executables = $attachments and body ,name=".*.(pif|exe|scr)"$,e
204
205 reject "executable attachment from non-friends"
206 $executables and not $friends
207
208 Macro names must begin with a letter and may contain alphanumeric charac‐
209 ters and punctuation characters. Reserved keywords (like "reject" or
210 "header") cannot be used as macro names. Macros must be defined before
211 use, the definition must precede the use in the configuration file, read
212 from top to bottom.
213
215 Rules are evaluated in the order specified in the configuration file,
216 from top to bottom. When a rule matches, the corresponding action is
217 taken, that is the last action specified before the matching rule.
218
219 The plugin evaluates the rules every time a line of mail (or envelope) is
220 received. As soon as a rule matches, the action is taken immediately,
221 possibly before the entire mail is received, even if further lines might
222 possibly make other rules match, too. This means the first rule matching
223 chronologically has precedence.
224
225 If evaluation for a line of mail makes two (or more) rules match, the
226 rule that comes first in the configuration file has precedence.
227
228 Boolean expressions are short-circuit evaluated, that means "a or b"
229 becomes true as soon as one of the terms is true and "a and b" becomes
230 false as soon as one of the terms is false, even if the other term is not
231 known, possibly because the relevant mail line has not been received yet.
232
234 # /etc/mail/milter-regex.conf example
235
236 # Accept anything encrypted, just to demonstrate sendmail macros
237 accept
238 macro /tls_version/ /TLSv/
239
240 tempfail "Sender IP address not resolving"
241 connect /\[.*\]/ //
242
243 reject "Malformed HELO (not a domain, no dot)"
244 helo /\./n
245
246 reject "Malformed RCPT TO (not an email address, not <.*@.*>)"
247 envrcpt /<(.*@.*|Postmaster)>/ein
248
249 reject "HTML mail not accepted"
250 # use comma as delimiter here, as / occurs within RE
251 header /^Content-type$/i ,^text/html,i
252 body ,^Content-type: text/html,i
253
254 # Swen worm
255 discard
256 header /^(TO|FROM|SUBJECT)$/e //
257 header /^Content-type$/i /boundary="Boundary_(ID_/i
258 header /^Content-type$/i /boundary="[a-z]*"/
259 body ,^Content-type: audio/x-wav; name="[a-z]*\.[a-z]*",i
260
261 # Some nasty spammer
262 reject "Business Corp spam, get lost"
263 body /^Business Corp. for W.& L. AG/i and \
264 ( body /043.*317.*0285/ or body /0041.43.317.02.85/ )
265
266
268 milter-regex sends log messages to syslogd(8) using facility daemon and,
269 with increasing verbosity, level err, notice, info and debug. The fol‐
270 lowing syslog.conf(5) section can be used to log messages to a dedicated
271 file:
272
273 !milter-regex
274 daemon.err;daemon.notice /var/log/milter-regex
275
277 Syntax for milter-regex in BNF:
278
279 file = ( rule | macro ) file
280 rule = action expr-list
281 action = "reject" msg | "tempfail" msg | "discard" |
282 "quarantine" msg | "accept"
283 msg = ( '"' | "'" ) string ( '"' | "'" )
284 expr-list = expr [ expr-list ]
285 expr = term | term "and" expr | term "or" expr | "not" term
286 term = '(' expr ')' | "connect" arg arg | "helo" arg |
287 "envfrom" arg | "envrcpt" arg | "header" arg arg |
288 "body" arg | "macro" arg arg | '$' name
289 arg = del regex del flags
290 del = '/' | ',' | '-' | ...
291 flags = [ 'e' ] [ 'i' ] [ 'n' ]
292 macro = name '=' expr
293
295 /etc/mail/milter-regex.conf
296
298 mailstats(1), regex(3), syslog(3), syslog.conf(5), re_format(7),
299 sendmail(8), syslogd(8)
300
301 Simple Mail Transfer Protocol, RFC 2821.
302
303 Enhanced Mail System Status Codes, RFC 1893.
304
306 The first version of milter-regex was written in 2003. Boolean expres‐
307 sion evaluation was added in 2004.
308
310 Daniel Hartmeier ⟨daniel@benzedrine.cx⟩
311
312BSD September 24, 2003 BSD