|
Index of /nadir/tech/qmail-removeip
|
Name Last modified Size Description
![[DIR]](/icons/back.gif)
Parent Directory 21-Sep-2008 09:25 -
![[ ]](/icons/compressed.gif)
qmail-removeip-0.0.1.tar.gz 21-Sep-2008 11:01 13k
Qmail-removeip
==============
qmail-removeip is a small filter for use with qmail-qfilter. It strips some
traces of private computers from certain incoming mails on a smarthost.
Technically: qmail-removeip changes a certain received-header of a mail if (a)
that received-header is written by a qmail-smtpd process on the same host and
if (b) it is the first received-header (on a time-axis) of that message.
In practice it is useful for stripping private data from users mails on
smarthosts.
qmail-removeip is tested on Linux. But it should work on other POSIX-systems,
too, as it is written in simple C.
Dependencies
------------
- qmail-qfilter (http://untroubled.org/qmail-qfilter/)
- pcre (http://www.pcre.org/)
Installation
------------
1. Install qmail-qfilter and pcre.
2. Compile qmail-removeip with a simple 'make'. Optionally copy the resulting
binary to some place you like.
3. Write a tiny shell-script containing the following, adapted line:
exec /path/to/qmail-qfilter /path/to/qmail-removeip myhostname
'myhostname' needs to be replaced by the hostname-argument you gave the
tcpserver-process that is wrapping qmail-smtpd (typically the hostname of
your machine or '0' (zero)). qmail-removeip needs this argument in order to
figure out which received-header is written by its own qmail-process.
4. Make the script executable at least for the user that is executing
qmail-smtpd.
5. Fill the environment variable QMAILQUEUE with the path to your script and
make it available to qmail-smtpd:
- If you want to filter only mail from selected remote hosts append
,QMAILQUEUE="/path/to/yourscript.sh"
to each particular ':allow'-line. Afterwards don't forget to re-pack
tcp.smtp.cdb.
- If you want all and every mail to be filtered (and/or you have a
smtp-after-pop-setup running which writes IPs to tcp.smtp.cdb) write
export QMAILQUEUE="/path/to/yourscript.sh"
into the beginning of your qmail-smtpd startup script (that's
bash/zsh-style, for tcsh et al. adapt the line accordingly).
6. Restart qmail-smtpd and test.
Example
-------
This is how it looks like and works on an actually running host that's
authenticating its users with smtp-auth (no smtp-after-pop).
Setup
$> cat /usr/local/etc/tcp.smtp
127.:allow,RELAYCLIENT=""
:allow,QMAILQUEUE="/usr/local/bin/qmail-removeip-script.sh"
$> cat /usr/local/bin/qmail-removeip-script.sh
#!/bin/sh
exec /usr/local/bin/qmail-qfilter /usr/local/bin/qmail-removeip 0
Impact
- Without qmail-removeip:
Received: from unknown (HELO ?192.168.0.1?) (user@domain@dialupip)
by 0 with ESMTPA; 27 Feb 2008 14:30:47 -0000
- With qmail-removeip:
Received: from whatdoyoucare.example.com
by 0 with ESMTPA; 27 Feb 2008 14:30:47 -0000
Background
----------
qmail-removeip has been written as a small weapon against data retention (as
executed across Europe nowadays). The main key to match records stored by
internet access providers, mail service providers and the like in their
decentralized databases is the IP of the user. An e-mail that does not contain
any personal information (addresses, body, specific headers, ...) can still be
traced back to its sender from the sending IP address. This address usually is
stored in the received-headers of the e-mail or the log files of the mail
service provider.
Now: If we strip the sending IP from this specific received header and do not
log remote IPs connecting our smtp daemon we provide our users with the
possibility(!) to write anonymous e-mails that are not traceable. Again: it's
nothing more than a possibility. No user should feel more 'secure' or
'anonymized' due to this filter unless he/she takes much further actions into
his/her own hands. qmail-removeip is only one little piece in a chain, but one
piece users cannot take care of themselves.
Issues
------
- qmail-removeip fails to strip the private information if the e-mail has
already been touched by another smtp daemon. So users that send e-mail e.g.
via a private forward-only smarthost in their home or company won't benefit
from it. It is not trivial to change this without risking to touch e-mails
that should not be touched.
- By now it's not possible to change the string 'whatdoyoucare.example.com'
other than editing the file filter_header.c.
Contact
-------
Bug-reports, feedback and more chocolate send to nadir-technik@nadir.org.
We don't have much time for support requests. Please try hard to succeed on
your own. If you really need our help please be verbose about what you did and
how you failed.
In no case we will help you set up qmail or fix a qmail installation. It's
your duty to ensure a clean and running qmail system before you complain about
our tiny filter.
Changelog
---------
0.0.1: initial release (20. Sept. 2008)
Licence
-------
GPLv2 (http://www.gnu.org/licenses/gpl-2.0.txt)