batv
Plugin to implement Bounce Address Tag Validation (BATV).
For relay clients this plugin rewrites the envelope sender to include a signature as described in section 4 (Simple Private Signature (prvs)) of draft-levine-batv-03.
For unauthenticated clients, it does the following:
If the sender is not <> and the recipient address doesn't conform to BATV syntax, return DECLINED.
If the signature checks out, return OK. (is this a good idea? Or should we merely remove the signature and return DECLINED?)
Otherwise return DENY.
The following parameters can be passed to require_resolvable_client:
The path of the file containing the secret. (generations? Last line?) Default: config_dir/batv_secrets
If specified, the domain name of outgoing messages will be changed according to the map included in <map_file>.
Example:
example.net bounce.example.net example.com sender.example.com
will map any oufgoing address of the form <foo@example.net> to <prvs=XXXXXXXXXX=foo@bounce.example.net>. When receiving a message, the reverse mapping will be performed.
Default: none
This plugin makes use of the following connection notes:
...
and of the following transaction notes:
...
Copyright (c) 2008 Peter J. Holzer <hjp@hjp.at>.
This plugin is licensed under the same terms as the qpsmtpd package itself. Please see the LICENSE file included with qpsmtpd for details.