Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Qmail: users

Backscattering

  

 
Qmail users RSS feed   Index | Next | Previous | View Threaded


sunny at tetrain

May 6, 2008, 3:48 AM

Post #1 of 3 (97 views)
Permalink
Backscattering
Hello ALL,
Can anyone suggest me that how to stop backscattering
in qmail with vpopmail.


jbacksch-qmail at tca-os

May 6, 2008, 11:07 AM

Post #2 of 3 (90 views)
Permalink
Re: Backscattering [In reply to]
Sunny Bhatheja wrote:

> Can anyone suggest me that how to stop backscattering in
> qmail with vpopmail.

Try out Bounce Address Tag Validation (BATV) (<http://mipassoc.org/batv/>).

--
Greetings
Jörg Backschues


jbacksch-qmail at tca-os

May 7, 2008, 2:00 AM

Post #3 of 3 (86 views)
Permalink
Re: Backscattering [In reply to]
Arvind Singh wrote:

> I was trying to implement the BATV patch given by John Levine,
> http://mipassoc.org/pipermail/batv-tech/2007q4/000032.html . The emails are
> getting signed with this patch But while the bounce mails come to MX the
> signature is not matching due to which the address is not stripped with the
> BATV tag.

The qmail BATV patch from John is a little bit "buggy":

First of all qmail-remote uses the old syntax to sign senders:

tag-type "=" loc-core "=" tag-val

The recent syntax from "draft-levine-batv-03.txt" is:

tag-type "=" tag-val "=" loc-core

This are my qmail-remote modifications for BATV with the recent syntax
from "draft-levine-batv-03.txt":

stralloc newsender = {0};

signenv()
{
int daynumber = (now() / 86400) % 1000;
int i, atpos;
char kdate[] = "0000";
static char hex[] = "0123456789abcdef";
MD5_CTX md5;
unsigned char md5digest[MD5_DIGEST_LENGTH];

if(stralloc_starts(&sender, "prvs=")) return; /* already signed */
if(stralloc_starts(&sender, "sb*-")) { /* don't sign this */
sender.len -= 4;
byte_copy(sender.s, sender.len, sender.s+4);
return;
}

if(!stralloc_ready(&newsender, sender.len+(2*BATVLEN+10)))
temp_nomem();
if(!stralloc_copyb(&newsender, "prvs=", 5)) temp_nomem();

/* only one key so far */
kdate[1] = '0' + daynumber/100;
kdate[2] = '0' + (daynumber/10)%10;
kdate[3] = '0' + daynumber%10;

if(!stralloc_catb(&newsender, kdate, 4)) temp_nomem();

MD5_Init(&md5);
MD5_Update(&md5, kdate, 4);
MD5_Update(&md5, sender.s, sender.len);
MD5_Update(&md5, signkey.s, signkey.len);
MD5_Final(md5digest, &md5);

for(i = 0; i < BATVLEN; i++) {
char md5hex[2];

md5hex[0] = hex[md5digest[i]>>4];
md5hex[1] = hex[md5digest[i]&15];
if(!stralloc_catb(&newsender, md5hex, 2)) temp_nomem();
}

/* separator */
if(!stralloc_catb(&newsender, "=", 1)) temp_nomem();

/* copy in the mailbox */
if(!stralloc_0(&sender)) temp_nomem();
sender.len--; /* null isn't part of of the
sender */
atpos = str_rchr(sender.s, '@');
if(!stralloc_catb(&newsender, sender.s, atpos)) temp_nomem();

if(!stralloc_catb(&newsender, sender.s+atpos, sender.len-atpos))
temp_nomem();
if(!stralloc_copy(&sender, &newsender)) temp_nomem();
if(!stralloc_copys(&newsender, "")) temp_nomem();
}

> But when it comes inside its batv tag don’t get stripped I checked the code
> its failing on byte compare.

The BATV checker of qmail-smtpd uses the very old syntax with "/":

local-part= tag-type "=" loc-core "/" tag-val

The modifications for qmail-smtpd are not ready yet.
I'm working on it.

Please consider:
<http://mipassoc.org/pipermail/batv-tech/2008q2/000045.html>
<http://mipassoc.org/pipermail/batv-tech/2008q2/000049.html>

--
Greetings
Jörg Backschues

Qmail users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.