Inside sendmail is the often overlooked checkcompat( ) routine. It has existed since V3, and is intended to allow the site administrator to accept, reject, and log mail delivery attempts. As sendmail continues to evolve, the need for this checkcompat( ) routine diminishes. It is no longer, for example, needed to screen for spam rejection because much of that can now be done in rule sets and the access database. On modern machines that support POSIX threads, the MILTER API allows external programs to perform all the tasks that formerly could be handled only by the checkcompat( ) routine.
But the checkcompat( ) routine still has a number of uses. Here are a few:
Capture the message body for each outbound message and send it via TCP/IP to a central archive host. Be sure to detect multiple recipients to avoid duplicate archived messages.[A]
[A] Of course, if the archive host supports POSIX threads, these tasks would be better handled by a Milter running on that host.
Check the Received: headers on messages sent from one of your MX servers to see who sent it. This allows you to reject spam messages that try to do an end run around your access database. Sort the Received: headers by date and examine the second to the most recent.
Monitor a port for incoming commands, or a database of times. You might use this to defer delivery for particular recipients during selected windows of time.
Check for a particular header that means a copy of the message should be archived. You might use this to add a recipient (if not already present) that results in archival of the message (such as archiver@archive.host).
In this appendix we show how to use the checkcompat( ) routine to solve two problems that cannot be solved otherwise: checking the message body for viruses on non-POSIX thread machines and rejecting subject headers with 50% or more 8-bit set characters.
Note that these two examples involve modifying source code. Be aware that they are examples only, and you will need C-programming skills to extend them to real-world situations.
Note too that because the checkcompat( ) routine is called for every delivery attempt a cascade of errors can propagate if you are not careful with your design. Logging a warning based on the sender, for example, can result in multiple warnings when there are multiple recipients.
Finally, note that V8.8 sendmail also offers a check_compat rule set (see Section 7.1.4) that can perform some of the checkcompat( ) routine's functionality at the rule set level. This is one way to avoid having to program in the C language.
|