init

README.md

@@ -1,2 +1,37 @@
 # Spoof Milter
+Postfix does not provide libmilter so you will need to install that
+```
+apt install libmilter
+```
+may be provided by sendmail-devel on some systems
 
+You will also need to install pymilter
+```
+pip install pymilter
+```
+
+## Installation
+in /etc/postfix/mail.cf
+```
+smtpd_milters = inet:localhost:<portnumber> ...other filters...
+```
+Write systemd thing to run milter
+```
+/some/where/opendkim -l -u userid -p inet:<portnumber>@localhost ...other options...
+```
+
+### Other notes
+Different milter settings for different client IP addresses 
+```
+/etc/postfix/main.cf:
+    smtpd_milter_maps = cidr:/etc/postfix/smtpd_milter_map
+    smtpd_milters = inet:host:port, { inet:host:port, ... }, ...
+
+/etc/postfix/smtpd_milter_map:
+    # Disable Milters for local clients.
+    # do this for local waterloo 
+    127.0.0.0/8    DISABLE
+    192.168.0.0/16 DISABLE
+    ::/64          DISABLE
+    2001:db8::/32  DISABLE
+```

setup.py

@@ -0,0 +1,14 @@
+from setuptools import setup, find_packages
+
+setup(
+        name='milter_nospoof',
+        version='0.0.1',
+        description='rejects messages using csclub.uwaterloo.ca on port 25',
+        packages=find_packages('src'),
+        package_dir={'': 'src'},
+        python_requires='>=3.0',
+        install_requires=[
+        ],
+)
+
+

src/milter_nospoof/milter.py

@@ -0,0 +1,48 @@
+import Milter
+from socket import AF_INET, AF_INET6
+from Milter.utils import parse_addr
+
+class myMilter(Milter.Base):
+
+    def __init__(self):  # A new instance with each new connection.
+        self.id = Milter.uniqueID()  # Integer incremented with each call.
+
+#    @Milter.noreply 
+    # called on connect to MTA
+    def connect(self, IPname, family, hostaddr):
+        # IPname: the PTR name or bracketed IP of the SMTP client
+        # family: one of (socket.AF_INET, socket.AF_INET6, socket.AF_UNIX)
+        # hostaddr: a tuple or string with peer IP or socketname
+        # (self, 'ip068.subnet71.example.com', AF_INET, ('215.183.71.68', 4720) )
+        # (self, 'ip6.mxout.example.com', AF_INET6, ('3ffe:80e8:d8::1', 4720, 1, 0) )
+        self.IP = hostaddr[0]
+        self.port = hostaddr[1]
+        if family == AF_INET6:
+            self.flow = hostaddr[2]
+            self.scope = hostaddr[3]
+        else:
+            self.flow = None
+            self.scope = None
+        self.IPname = IPname  # Name from a reverse IP lookup
+        self.H = None
+        return Milter.CONTINUE
+
+    # called when the SMTP client says MAIL FROM
+    def envfrom(self, mailfrom, *str):
+        uwaddr = "csclub.uwaterloo.ca"
+        if uwaddr in parse_addr(mailfrom) and self.IP == 25:
+            return Milter.REJECT # this will only drop the msg not the connection
+        return Milter.CONTINUE
+
+
+def main():
+    socketname = "/var/run/milter-nospoof"
+    timeout = 600
+    # Register to have the Milter factory create instances of your class:
+    Milter.factory = myMilter
+#   print "%s milter startup" % time.strftime('%Y%b%d %H:%M:%S')
+#   sys.stdout.flush()
+#   Milter.runmilter("pythonfilter",socketname,timeout)
+#   print "%s bms milter shutdown" % time.strftime('%Y%b%d %H:%M:%S')
+    if __name__ == "__main__":
+        main()