>>> TMDA 
  
  

TMDA Server Configuration

TMDA processes incoming messages on the SMTP server though a mail filter program called tmda-filter.

Server configuration instructions differ based on which MTA you are running. First follow the general set of instructions, and then read the set of instructions corresponding to your MTA [ qmail | Courier | Exim/Postfix | Sendmail ]


TMDA Server Configuration (general)

  1. A unique, private key is required for every TMDA user. This key is stored in its own file ~/.tmda/crypt_key. A key-generation utility is included with the distribution. Simply run tmda-keygen and follow its instructions.

  2. Optionally create an incoming filter file by reading through the TMDA Filter Specification (especially the examples section at the end). If you don't have an incoming filter file, or the sender address doesn't match any lines in your filter file, the incoming message will require confirmation. The lines in your filter make exceptions to that rule. You can also change the default by setting ACTION_INCOMING in your .tmda/config.

    The most common use for the incoming filter is to create both a "whitelist" (see the FAQ) to allow your trusted contacts directly into your mailbox, as well as a "blacklist" for those senders you want to refuse mail from.


TMDA Server Configuration (qmail-only)

  1. Finish setting up your ~/.tmda/config and optionally a system-wide /etc/tmdarc by reading through the included sample.config file.

  2. Setup dot-qmail files appropriately in your home directory.

    First setup .qmail as shown below, and then make a symbolic link from there to .qmail-default. This way you will only have to make changes to the one file. See dot-qmail(5) if you are unfamiliar with how to use dot-qmail files to control the delivery of mail messages.

    dot-qmail file: file contents: action:
    .qmail |preline /path/to/tmda/bin/tmda-filter
    ./Mailbox
    If the message is legitimate, it will pass-through to the second line and get saved to "~/Mailbox", otherwise it goes through the confirmation process.
    .qmail-default symbolic link
    ($ ln -s ~/.qmail ~/.qmail-default)
    Catches jason-*@ as long as another dot-qmail file does not take priority.

    You may decide that you don't want to use TMDA on your primary address, but would still like to set aside a secondary address which does. This would be useful not only for testing purposes, but also for using in public forums such as newgroups and mailing lists where the "harvesting" potential is high. This is a much better alternative than using a munged address such as jasonNOSPAM@mastaler.com or jason@REMOVE_THIS.mastaler.com which is confusing, error prone, and inconvenient for those trying to reply to your messages.

    This can easily be accomplished with the dot-qmail interface. For example, if I wanted only jason-tmda@mastaler.com to be processed by TMDA, I'd edit .qmail-tmda and make a link from there to .qmail-tmda-default.

    dot-qmail file: file contents: action:
    .qmail-tmda |preline /path/to/tmda/bin/tmda-filter
    ./Mailbox
    Catches jason-tmda@. If the message is legitimate, it will pass-through to the second line and get saved to "~/Mailbox", otherwise it goes through the confirmation process.
    .qmail-tmda-default symbolic link
    ($ ln -s ~/.qmail-tmda ~/.qmail-tmda-default)
    Catches jason-tmda-*@


TMDA Server Configuration (Courier only)

    Given the similarily of the dot-courier interface to dot-qmail, you can simply follow the qmail configuration instructions above, substituting .courier-foo for .qmail-foo.

TMDA Server Configuration (Exim and Postfix only)

  1. Finish setting up your ~/.tmda/config and optionally a system-wide /etc/tmdarc by reading through the included sample.config file. MAIL_TRANSFER_AGENT, DELIVERY, and RECIPIENT_DELIMITER are required entries for non-qmail users.

  2. Modify ~/.forward to send your mail through tmda-filter.
    
    "| /path/to/tmda/bin/tmda-filter"
    
    
    If this produces a bounce with an env: python: No such file or directory error, you will need to add the full path to your Python interpreter, e.g,:
    
    "|/usr/local/bin/python /path/to/tmda/bin/tmda-filter"
    
    
  3. If you already filter your mail with procmail and wish to continue doing so, you can invoke tmda-filter from your .procmailrc instead.

    Make sure your ~/.forward calls procmail with the -p option:
    
    "|/path/to/bin/procmail -p"
    
    
    Finally, add the following snippet to the end of your existing .procmailrc to do final delivery:
    
    # Run the message through tmda-filter.
    :0 w
    | /path/to/tmda/bin/tmda-filter
    
    # Take the exit code from TMDA.
    EXITCODE=$?
    
    # TMDA takes care of final delivery
    DEFAULT=/dev/null
    
    

TMDA Server Configuration (Sendmail only)

These instructions assume you are running procmail as your local mailer as described in the Pre-Configuration page.
  1. Finish setting up your ~/.tmda/config and optionally a system-wide /etc/tmdarc by reading through the included sample.config file. MAIL_TRANSFER_AGENT, DELIVERY, and RECIPIENT_DELIMITER are required entries for non-qmail users.

  2. Set the SENDER, RECIPIENT, and EXTENSION variables, and then invoke tmda-filter by adding the following snippet to the end of your ~/.procmailrc.
    
    # Uncomment this for users without valid shells.
    # SHELL=/bin/sh
    
    # Set the necessary environment variables.
    EXTENSION="$1"
    :0
    * EXTENSION ?? .
    {
      DELIMITER="+"
    }
    RECIPIENT="$LOGNAME$DELIMITER$EXTENSION@$HOST"
    SENDER=`formail -x Return-Path | sed 's/[<>]//g;s/^[ ]*//'`
    
    # Run the message through tmda-filter.
    :0 w
    | /path/to/tmda/bin/tmda-filter
    
    # Take the exit code from TMDA.
    EXITCODE=$?
    
    # TMDA takes care of final delivery
    DEFAULT=/dev/null