I would advise you to be sure that the -d Domain option is given to the filter, because this is the important part that the filter is looking for and I do not think that the default "localhost" would match your domain. If the wrong domain is given to the filter, the filter would look for this domain and if not found, will send the mail to the postmasteralias@ the domain given to the filter.
The -t localdomain option is requiered, if you want to replace the offical domain(given by -d) with a other domain. With this option the domainparts of the addresses, which fit to domains given by -d, will be replaced with the domain given by -t. This allows you to use a different local domain for mail delivery than your offical internet domain.
The -n postmasteralias is important if the filter won't find any matching address within the mailheader, than the filter will send the mail to postmasteralias@domain(given by domain option). The default postmasteralias is "postmaster" so it should match most environments, the default for most unix systems has a alias from postmaster to root.
Mails could also be redirected to a address set by the -r address
option. If -r is set all addresses in the header will be ignored and the To:-line
will be rewriten to the given address.
Take care, even if -r is set the options
-d and -n should be set too, because out of this two options the postmaster
address will be build and this is the address error and warning mails will be
sent to (e.g. VBS-warnings or headparse errors).
Since V0.8.2:
Since V0.8.2 the -d and -n options are not longer needed with the -r option,
because domain and postmaster are set by the address given with the -r option.
If no -d option is given the To:-line and Cc:-line won't be replaced if mails
are resend with SMTP(default). This should cause no mailloops or unwanted
double resend to other receipients of a mail, because the SMTP server gets the
receipient with the SMTP-commands. Anyhow, some less SMTP server may ignore the
SMTP-chat and parse the To:-line themself. In this case the -d and -n options
should be used with the -r option, this will make the filter replace the To:-line
as before.
Since Version V0.9.3 it's also possible to replace defined To-Addresses with
a other address. The To-Address-Routing is using the same file as Domain-Routing
for defining the routes. If some addresses should be replaced by some other
addresses, only a line for each ":"-seperated address pair have to
be added to the domroute.conf file.
Example:
# domroute.conf: Domain-Routing
# domain.from:domain.to
domain.xxx:domain.yyy
...
offical.dom:local.dom
# To-Address-Routing
name@domain.xxx:othername@otherdomain.yyy
maillist@some.dom:name@local.dom
Attention: Domains of addresses which will be routed should not
be added to the domains of -d option. Only domains for domain-routing have
to be added to the -d option, to-address-routing will only be used if no
matching domain was found.
By default SMTP of localhost is used to resend filtered mails. With the -s SMTP-Host option another host than localhost can be used for resend mails with SMTP.
The default use of SMTP could be overwritten by the -m MDA option
to use a local MDA like "sendmail -t" instead.
The -m option should allow nearly every MDA, but I can't promise it. I only
have the possibilities to test it with Sendmail and so far my tests worked
without any problems. If someone has had experiences with other
MDA's, I would be glad to hear about it.
!!! Important: If the MDA statement has spaces like "sendmail -t" than it you need to quote the whole statement, otherwise I can't say what will happen. If you have to quote statement with in double quotes, use single quotes for MDA like "mailf ... -m 'sendmail -t' -l ..." !!!
As default logfile the filter uses same as the calling process uses.
To use a another logfile, use the -l logfile option.
It will log the date, the From:-line, the To:-line of the mails passed through
the filter. For example "-l /var/log/mailf.log" will write the log into the file
"/var/log/mailf.log".
If --novbs option is added to the commandline, the filter will
search for attachments with VB-Worm-Virus common file extensions .vbs, .vbe,
.wsh, .wsc, .wsf, .scr, .chm, .pif and .shs and will replace them with .txt.
The extension .txt should not be executed by any mailprogram, even if attachment
is double-clicked.
If someone knows more file extensions for worms as mentioned above, please send
me a mail with this information.
The <iframe> and <script> tags in HTML mail (Nimda Virus) will also be disabled
with the --novbs option. So attachment like
readme.exe won't start in a preview of the mail and also not atomaticly by opening
the mail. Anyhow the attached files like readme.exe can still be infected it only
won't start automaticly.
New in V1.0rc6: The file extension to be replaced, can be defined with VirusExts=
option in configfile. Every extension has to begin with a .(dot) and to be within only one line.
Example:
~/.mailf/mailf.conf
VirusExts=.vbs.vbe.wsh.wsc.wsf.scr.chm.pif.shs
Attachments of mails could be scanned for virus with the
--vscan "/path.../scanner options" option. If a Virus is found
in a attachment then the attachment will be replaced by a textfile to inform the
receipient about the replacement.
The option should work with every virusscanner, the scanner only should return 0
if no virus is found. The filter was tested with Network Associates Virus Scan
and H+BEDV AntiVir/X virusscanners, to use a other virusscanner, it's recommended
to use the --nodelvir option too.
The commandline for the virusscanner could be given directly after the --vscan
option or by the the file "/$HOME/.mailf/vscan.cmd" in the homedirectory
of the user the filter is started with. If only --vscan is set without a scanner,
the filter will try to open the file "/$HOME/.mailf/vscan.cmd" and will
look for the commandline within it.
Example:
mailf -d ... --vscan "/usr/local/uvscan/uvscan --secure"
--- or:---
mailf -d ... --vscan
~/.mailf/vscan.cmd
/usr/local/uvscan/uvscan --secure
With the --nodelvir option infected files will not be deleted from the
tmp-folder "/$HOME/.mailf/", the files will only be removed from mail
that the mail will reach the receipient without a virus.
Attention: With this option mails, which were detected as infected, will be
safe, but the files within the tmp-folder are still infected. Use this option only
for testing or in order to clean the files with a viruskiller.
Note: The --vscan option will only work as good as the used virusscanner does.
A virusscanner should be updated frequently (at least each month, recommended each
week).
Spammails can be filtered by sender address or sender domain. This feature will
be enabled by creating a file "/$HOME/.mailf/from.spam" in the home
directory of the user the filter was started with. Each line of this file should
contain a pair of sender or domain and keyword about handling such mails seperated
by a ":" char (sender:action). As keywords for action following could be used:
trash (delete mail silently), postmaster (notify postmaster and include mail as
attachment), reject (delete mail and notify sender), postmaster-reject (postmaster
and reject at once)
Example:
# from.spam: From address spamfilter
# sender:action
# domain:action
spammer@some.dom:trash
sender@other.dom:reject
spam.dom:postmaster
spaming.xxx:postmaster-reject
Some spammail also can be detected easy by a line like X-Mailer: ...Mass Sender...
within the mailheader. Such lines are generated by a mass mailer software which
often scan homepages for email addresses. The filter could also detect and handle
such mails.
The --delmass option will delete a mail silently which contains such line
as described above and the --mass2pm option will send it to postmaster as
attachment of a notification mail.
Attention: Mass mailer software as mentioned above also could be used for
maintain maillists. Commonly such software isn't used for maillist, but it's not
impossible.
In order to preserve most of mail-headers the replacing of the To:-lines
could be supressed with the --norewrite option. This option will only
work if mail will be resend with SMTP, because in this case the filter generates
a SMTP-server-dialog only with the needed receipients.
Anyhow, some less SMTP server may ignore the SMTP-chat and parse the To:-line
themself. In this case the --norewrite option should not be set.
Since Version V0.9.2 will mails smaller than a specified size be parsed in
memory. For this only one tmp-file is needed and mails will be processed
faster.
By default mails smaller than 1048576 Bytes (= 1 MB) will be processed within
memory. At Computers with much memory a larger limit(e.g. --maxmem 5242880 for
5 MB) could also be used with the --maxmem # option.
By setting "--maxmem 0", mails will be processed with files(mailheader,
mailbody, new header) as usual.
Since V0.7.7 the filter exits normal (exit status 0) if a resend error
occures. Resend errors recently happen with misaddressed mails or if SMTP-Server
or local MDA wasn't available. In most cases it's not wanted to keep mails
exiting resend with e.g. "550 unknown local mailbox" on the remote
server, so exiting the filter with status 0 will tell the fetching software
like fetchmail to delete mail from server.
If such mails should not be removed from remote server, the --keepresend
option can be used to exit filter with fail status and leave the mail on the
remote server. But if such mails are left on server the greping software may
fetch only this mail over and over and exit before receiving any mails after
it. Anyhow this option could be useful for testing a SMTP-Server or a local MDA
with which resend errors are expected.
In both cases mails, with which a resend error occured, are stored in a
subfolder called "fail" in the tmp-directory and can, if needed,
be send manually.
A commandline tool to resend a mail from this folder is also currently in
developement.
The filter also notifys the sender of a mail if a mailbox is not known and a 550 error is returned by the server. The same mails normaly would be send by the sending mailserver. If such mails should not been send the --no550 option can be used. Note, the filter won't send notify mails with the --no550 option, but it can't suppress notify mails generated by the receiving mailserver.
By using --pm550 a copy of a mail will also be send to postmaster if a 550 error occurs.
There are two final options which won't change the behavior of the filter, they both are just for informative use. The -v option will display the Version number of the filter and the -h or --help option will display a short help for the filter.
Since Version V0.9.3 most options described above could be set by a configfile
instead of commandline parameters.
If NO Domain(-d), Alias(-n) and Redirect-address(-r) have been set by
commandline then the filter will look for options in a configfile. If ONLY ONE
of them(-d, -n or -r) has been set by the commandline, the filter won't read any
options from any file. All other options will be added to the options read from
a configfile.
The filter first will try to open the configfile
"?userhome?/.mailf/mailf.conf" for the user with which the filter has been
started. If there isn't such file, the filter will try to open the global configfile
"/etc/mailf.conf" and read the options from this file.
A example for a "mailf.conf"-file could be found in the folder
"samples.mailf" of the sourcestree. Not needed options can be ignored by
adding a #-charakter at the beginning of the line.
In order to test a configuration(commandline or file) the new option -cf has
been added. By adding this option to the commandline, the filter only will print out
the current configuration of the filter.
Attention: the -cf option only
prints the configuration, but NO incoming mails will be proccessed. Only use this
option in a shell to test the configuration.