NAME

batv


DESCRIPTION

Plugin to implement Bounce Address Tag Validation (BATV).

For relay clients this plugin rewrites the envelope sender to include a signature as described in section 4 (Simple Private Signature (prvs)) of draft-levine-batv-03.

For unauthenticated clients, it does the following:

If the sender is not <> and the recipient address doesn't conform to BATV syntax, return DECLINED.

If the signature checks out, return OK. (is this a good idea? Or should we merely remove the signature and return DECLINED?)

Otherwise return DENY.


CONFIG

The following parameters can be passed to require_resolvable_client:

secret <secret_file>

The path of the file containing the secret. (generations? Last line?) Default: config_dir/batv_secrets

domain_map <map_file>

If specified, the domain name of outgoing messages will be changed according to the map included in <map_file>.

Example:

    example.net bounce.example.net
    example.com sender.example.com

will map any oufgoing address of the form <foo@example.net> to <prvs=XXXXXXXXXX=foo@bounce.example.net>. When receiving a message, the reverse mapping will be performed.

Default: none


NOTES

This plugin makes use of the following connection notes:

$connection->('client_options')->{batv}{skip}

...

and of the following transaction notes:

$transaction->notes('recipient_options')->{batv}

...


COPYRIGHT AND LICENSE

Copyright (c) 2008 Peter J. Holzer <hjp@hjp.at>.

This plugin is licensed under the same terms as the qpsmtpd package itself. Please see the LICENSE file included with qpsmtpd for details.