man messagewall (Commandes) - a filtering SMTP proxy
NAME
messagewall - a filtering SMTP proxy
SYNOPSIS
messagewall
DESCRIPTION
When MessageWall starts, it begins listening on port 25 of listen_ip, and opens up max_backends connections to backend_ip on port 25. It accepts messages from SMTP clients on listen_ip, assigns them a "profile" based on their envelope destination address and performs filtering as specified in the "profile". If the message passes this filtering, it is sent on to the backend for delivery. Refused messages generate errors during the SMTP conversation itself; MessageWall never generates bounce messages itself.
If the backend server becomes unavailable, MessageWall will issue temporary errors to connecting clients. MessageWall never queues mail internally.
SECURITY
MessageWall needs to bind to port 25 on listen_ip shortly after starting, so it must be run as root. After binding this IP, it chroots to the directory specified as root. It then drops its UID and GID to user and group, respectively. It also drops supplemental groups.
Precautions are taken inside MessageWall at all points for safe string and format handling to protect against buffer overflows. MessageWall never launches any external programs, and only opens files inside its chroot that were specified in the configuration file. It never opens any files for writing.
max_clients and max_per_ip provide DoS protection to the greatest extent possible in TCP.
Please report any security issues to <ian@penguinhosting.net>. While we understand that all security researchers have their own disclosure policies, we would appreciate 48 hours notice before public release of an advisory, to give us time to develop and test appropriate fixes.
AUTHOR
Ian Gulliver <ian@penguinhosting.net>