Version 0.98 of mailfront is now available at:
	http://untroubled.org/mailfront/
------------------------------------------------------------------------------
Changes in version 0.98

- Added enhanced mail system status codes (RFC 1893/2034).

- Added support for rejecting all mail unless client is authenticated
  (either as a relay client or with SMTP authentication) if
  $REQUIRE_AUTH is set.

- Full domain names are now required in all addresses except for the
  null sender.

- Removed the "bounce must have a single recipient" rule, as it is
  currently causing more problems (with address checkers) than it is
  solving (spammers no longer use this technique).

- Fixed one-off bug in counting recipients for $MAXRCPTS.

- Truncate UIDL responses to 70 characters as per RFC 1939.

- Added QMQP and QMTP "reject" front ends, for completeness.

The enhanced mail system status codes together with the $REQUIRE_AUTH
change should make smtpfront compliant with RFC 2476's requirements for
a "message submission agent", suitable for use on TCP port 587.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
mailfront
Mail server network protocol front-ends
Bruce Guenter <bruceg@em.ca>
Version 0.98
2005-10-26

This is mailfront, a package containing customizeable network front-ends
for mail servers.  It contains complete SMTP, QMQP, QMTP, and POP3
front-ends as well as an authentication module for IMAP.  The mail
delivery front-ends also contain internal address filtering features.

Two SMTP back-ends are provided.  One delivers mail to qmail-queue,
mimicking most of the behavior of qmail-smtpd, with the addition of
support for SMTP AUTH.  The other rejects all SMTP commands if
$SMTPREJECT is set, and execs its command line otherwise (in order to
run the above program).

A mailing list has been set up to discuss this and other packages.
To subscribe, send an email to:
	bgware-subscribe@lists.untroubled.org
A mailing list archive is available at:
	http://lists.untroubled.org/?list=bgware

Development versions of mailfront are available via Subversion at:
	svn://bruce-guenter.dyndns.org/mailfront/trunk

Requirements:

- bglibs version 1.022
- cvm version 0.71

Installation:

- Build the sources by running "make"
- Run the "instshow" command to see what will be installed (optional).
- After the package has been compiled, run the following commands as root:
	./installer
	./instcheck
  These commands will produce no output if there are no errors.

Configuration:

- To take advantage of the SMTP AUTH features, make sure you have a CVM
  authentication program (some are included with the cvm package itself).
- Run a CVM authentication module to provide the AUTH feature.
  Example:  To run cvm-vmailmgr as a daemon:
    exec /usr/local/bin/softlimit -m 9000000 \
     /usr/local/bin/cvm-vmailmgr /tmp/.cvm-vmailmgr 2>&1
- Configure your mail system to use the SMTP back-end with the
  appropriate environment variables.

  Example using tcpserver (highly recommended):
    #!/bin/sh
    QMAILDUID=`id -u qmaild`
    NOFILESGID=`id -g qmaild`
    MAXSMTPD=`head -1 /var/qmail/control/concurrencyincoming`
    if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" ]; then
        echo $0: QMAILDUID, NOFILESGID, or MAXSMTPD is unset
        exit 1
    fi
    exec \
    /usr/local/bin/envdir /etc/smtpfront \
    /usr/local/bin/softlimit -m 2000000 \
    /usr/local/bin/tcpserver -v -R -H \
      -l "`head -1 /var/qmail/control/me`" -x /etc/tcp.smtp.cdb \
      -c "$MAXSMTPD" -u "$QMAILDUID" -g "$NOFILESGID" 0 25 \
    /usr/local/bin/smtpfront-qmail 2>&1

  /etc/smtpfront/CVM_SASL_PLAIN:
    cvm-local:/tmp/.cvm-vmailmgr

  Example using xinetd with TCP Wrappers:

  /etc/xinetd.d/smtp:
    # default: on
    # description: smtp
    service smtp
    {
    	disable	= no
    	flags		= REUSE NAMEINARGS
    	socket_type	= stream        
    	protocol	= tcp
    	wait		= no
    	user		= qmaild
    	server		= /usr/sbin/tcpd
    	server_args 	= /var/qmail/bin/tcp-env -R /usr/local/sbin/smtpfront-wrapper
    	log_on_success          += USERID
    	log_on_failure          += USERID
    }

  /usr/local/sbin/smtpfront-wrapper:
    #!/bin/sh
    CVM_SASL_PLAIN=cvm-local:/tmp/.cvm-unix
    export CVM_SASL_PLAIN
    CVM_SASL_LOGIN=cvm-local:/tmp/.cvm-unix
    export CVM_SASL_LOGIN
    exec /usr/local/bin/smtpfront-qmail 2>> /tmp/smtpfront-errs.txt


This project was initiated at FutureQuest, Inc.  We are releasing it
as an open-source project because we felt it would be useful to others,
as well as to repay our debt of gratitude to the larger open-source
community for the excellent packages we have enjoyed.

For more details, you may contact FutureQuest, Inc. at:
FutureQuest, Inc.
PO BOX 623127
Oviedo FL 32762-3127 USA
http://www.FutureQuest.net/
ossi@FutureQuest.net

This package is Copyright(C) 2005 Bruce Guenter or FutureQuest, Inc.,
and may be copied according to the GNU GENERAL PUBLIC LICENSE (GPL)
Version 2 or a later version.  A copy of this license is included with
this package.  This package comes with no warranty of any kind.
