TMDA Server Configuration
TMDA processes incoming messages on the SMTP server though a mail filter program called tmda-filter.
Server configuration instructions differ based on which MTA you are running. First follow the general set of instructions, and then read the set of instructions corresponding to your MTA
[ qmail | Courier | Exim/Postfix | Sendmail ]
TMDA Server Configuration (general)
A unique, private key is required for every TMDA user. This key is stored in its own file ~/.tmda/crypt_key. A key-generation utility is included with the distribution. Simply run tmda-keygen and follow its instructions.
Optionally create an incoming filter file by reading through the [config-filter.html TMDA Filter Specification] (especially the examples section at the end). If you don't have an incoming filter file, or the sender address doesn't match any lines in your filter file, the incoming message will require confirmation. The lines in your filter make exceptions to that rule. You can also change the default by setting ACTION_INCOMING in your ~/.tmda/config.
The most common use for the incoming filter is to create both a "whitelist" (see the FAQ) to allow your trusted contacts directly into your mailbox, as well as a "blacklist" for those senders you want to refuse mail from.
TMDA Server Configuration (qmail-only)
Finish setting up your ~/.tmda/config and optionally a system-wide /etc/tmdarc by reading through the included contrib/dot-tmda/config file.
Setup dot-qmail files appropriately in your home directory.
First setup .qmail as shown below, and then make a symbolic link from there to .qmail-default. This way you will only have to make changes to the one file. See dot-qmail(5) if you are unfamiliar with how to use dot-qmail files to control the delivery of mail messages.
dot-qmail file: |
file contents: |
action: |
.qmail |
|preline /path/to/bin/tmda-filter |
If the message is legitimate, it will pass-through to the second line and get saved to "~/Mailbox", otherwise it goes through the confirmation process. |
.qmail-default |
soft link |
Catches jason-*@ as long as another dot-qmail file does not take priority. |
You may decide that you don't want to use TMDA on your primary address, but would still like to set aside a secondary address which does. This would be useful not only for testing purposes, but also for using in public forums such as newgroups and mailing lists where the "harvesting" potential is high. This is a much better alternative than using a munged address such as jasonNOspam@mastaler.com or jason@REMOVE_THIS.mastaler.com which is confusing, error prone, and inconvenient for those trying to reply to your messages.
This can easily be accomplished with the dot-qmail interface. For example, if I wanted only jason-tmda@mastaler.com to be processed by TMDA, I'd edit .qmail-tmda and make a link from there to .qmail-tmda-default.
dot-qmail file: |
file contents: |
action: |
.qmail-tmda |
|preline /path/to/bin/tmda-filter |
Catches jason-tmda@. If the message is legitimate, it will pass-through to the second line and get saved to "~/Mailbox", otherwise it goes through the confirmation process. |
.qmail-tmda-default |
soft link |
Catches jason-tmda-*@ |
TMDA Server Configuration (Courier only)
Given the similarily of the dot-courier interface to dot-qmail, you can simply follow the qmail configuration instructions above, substituting .courier-foo for .qmail-foo.
TMDA Server Configuration (Exim and Postfix only)
Finish setting up your ~/.tmda/config and optionally a system-wide /etc/tmdarc by reading through the included contrib/dot-tmda/config file. MAIL_TRANSFER_AGENT, DELIVERY, and RECIPIENT_DELIMITER are required entries for non-qmail users.
Modify ~/.forward to send your mail through tmda-filter.
"| /path/to/bin/tmda-filter"
If this produces a bounce with an env: python: No such file or directory error, you will need to add the full path to your Python interpreter, e.g,:
"|/path/to/bin/python /path/to/bin/tmda-filter"
If you already filter your mail with procmail and wish to continue doing so, you can invoke tmda-filter from your .procmailrc instead.
Make sure your ~/.forward calls procmail with the -p option, as shown below. This is to ensure that the SENDER, EXTENSION, and RECIPIENT environment variables that are created by Exim/Postfix are passed through to filter applications (i.e. TMDA) that are called by procmail."|/path/to/bin/procmail -p"
Finally, add the following snippet to the end of your existing .procmailrc to do final delivery:
# Run the message through tmda-filter. :0 w | /path/to/bin/tmda-filter # Take the exit code from TMDA. EXITCODE=$? # TMDA takes care of final delivery DEFAULT=/dev/null
If you already filter your mail with maildrop and wish to continue doing so, you can invoke tmda-filter from your .mailfilter instead.
Add the following snippet to the end of your existing .mailfilter to do final delivery:import SENDER import RECIPIENT import EXTENSION to "| /path/to/bin/tmda-filter"
TMDA Server Configuration (Sendmail only)
These instructions assume you are running either procmail or maildrop as your local mailer as described in the PreConfiguration page.
Finish setting up your ~/.tmda/config and optionally a system-wide /etc/tmdarc by reading through the included contrib/dot-tmda/config file. MAIL_TRANSFER_AGENT, DELIVERY, and RECIPIENT_DELIMITER are required entries for non-qmail users.
Procmail as the local mailer
Set the SENDER, RECIPIENT, and EXTENSION variables, and then invoke tmda-filter by adding the following snippet to the end of your ~/.procmailrc.# Uncomment this for users without valid shells. # SHELL=/bin/sh # Set the necessary environment variables. EXTENSION="$1" :0 * EXTENSION ?? . { DELIMITER="+" } RECIPIENT="$LOGNAME$DELIMITER$EXTENSION@$HOST" SENDER=`formail -x Return-Path | sed 's/[<>]//g;s/^[ ]*//'` # Run the message through tmda-filter. :0 w | /path/to/bin/tmda-filter # Take the exit code from TMDA. EXITCODE=$? # TMDA takes care of final delivery DEFAULT=/dev/nullMaildrop as the local mailer
Set the SENDER, RECIPIENT, and EXTENSION variables, and then invoke tmda-filter by adding the following snippet to the end of your ~/.mailfilter.# Uncomment this for users without valid shells. # SHELL=/bin/sh # Set the necessary environment variables. EXTENSION="$1" HOST="$2" SENDER="$3" if ( "$EXTENSION" ne "" ) { DELIMITER="+" } RECIPIENT="$LOGNAME$DELIMITER$EXTENSION@$HOST" # "to" will deliver to message to tmda-filter. It will exit with the # exit code of the program. to "| /path/to/bin/tmda-filter"