Maintainer: Messaging Team
(messaging-team@zks.net)
$Revision: 1.1 $
$Date: 2000/07/20 17:20:32 $
$Author: roger $
On behalf of both freedom and non-freedom users, make sure that the an e-mail recipient can request (and have enforced) their desire not to have unwanted mail from a particular sender or domain delivered via the freedom mail system. We want to silently (where silent is somewhat vaguely defined at the moment) drop messages through conversations that have been expressly blocked.
frmailblocklist consists of two libraries (client and server) and a small set of utility programs.
There are four situations in which one would want to "block" a user or combination of users:
There are sevaral ways to implement this functionality:
blocklist@freedom.net
) which would validate that the sender
is legimitate and then replace the block list stored for the sender with the
one contained in the message. The list of blocked senders could contain a
hash of the names rather than the actual sender names.
We have elected to go with the second option because:
To implement this functionality, we can maintain a database of revoked target recipient pairs. This will be a database of keys without corresponding values. The presence of a key in the database indicates that the sender-recipient pair it represents is a disallowed delivery path. Thus, A blocklist is a database of keys having the general form:
hash([sender][->recipient])
where sender is the e-mail address or domain of the sending party and recipient is the e-mail address or domain of the receiving party. Both sender and recipient are optional.
When the system wants to validate that a particular operation is allowed to take place, it can search for the appropriate key in the database. For instance, if the mail system want to validate that it is allowed to deliver mail to an internet recipient on behalf of a particular nym, it ...
hash(sender)
" is in databasehash(sender domain)
" is in databasehash(->recipient)
" is in databasehash(->recipient domain)
" is in databasehash(sender->recipient domain)
"
is in database
hash(sender->recipient)
"
is in database
Question: Do we want to do 5 through 8?
If any key is is found in the database then the mail is discarded by the mail system.
Performs lookups on the sender and recipient within a blocklist file. Its usage is as follows:
checkblocklist [-s] [-r] [-c] checkblocklist looks in the directory denoted by the HOME environment variable for a file called blocklist.cdb. If the file is found then it searches the blocklist for the sender and sender domain hashes (-s), and the sender/recipient combination hashes (-c). The sender and recipient email addresses are taken from the SENDER and RECIPIENT environment variables respectively. This program also takes a -r options which causes it to also search for the recipient and recipient domain hashes.
If any of the hashes are found the program returns 99 which tells qmail that this program has successfully handled delivery of the message and that it no longer needs to continue processing the message (i.e., it stops/blocks qmail from actually delivering the message).
Takes a set of lookup keys separated by a newline on standard input and outputs a cdbmake compliant data stream (to standard output). This can be used by the blocklist update alias to generate new blocklists when nyms send them the updated hashes.
This program may be a useful tool for generating the nym to internet blocklist. It can also be used to build test lists for target nyms as well.
The program reads (from stdin) line-based data having the format:
[sender_info][,recipient_info] and outputs (to stdout) a data stream containing the corresponding block list search keys. The output from list2hashlistcan then be run through the txt2cdbmake utility to transform the data into the format expected by cdbmake in order to construct CDB files.
For instance, the following is a valid input stream:
This input stream results in a list of block list keys being sent to stdout such that txt2cdbmake can read it in order to construct a cdbmake input file. Once converted into a CDB arcive, it can act as a blocklist which prohibits:
alice@freedom.net,bob@hotmail.com
aol.com
,foo@bar.net
- alice@freedom.net from sending to bob@hotmail.com
- anyone from aol.com from having their mail delivered to the recipient
- anyone from sending mail to foo@bar.net
Typically the nym->internet blocklist will contain the first type of entry (i.e., blocking specific converstions) where the sender is a particular nym and the recipient is either an e-mail address of a domain.
Typically a nym blocklist will contain the second type of entry (i.e., blocking specif senders) because the recipient is denoted by the owner of the list, and is therefore redundant. The sender may be either a specific e-mail address or a domain.
Copyright © 2000 Zero-Knowledge Systems Inc.
All Rights Reserved