frmailblocklist

Maintainer: Messaging Team (messaging-team@zks.net)
$Revision: 1.1 $
$Date: 2000/07/20 17:20:32 $
$Author: roger $

Contents

  1. Motivation
  2. Design
  3. Programs
  4. References

1 - Motivation

Go to: [ top ]

On behalf of both freedom and non-freedom users, make sure that the an e-mail recipient can request (and have enforced) their desire not to have unwanted mail from a particular sender or domain delivered via the freedom mail system. We want to silently (where silent is somewhat vaguely defined at the moment) drop messages through conversations that have been expressly blocked.

frmailblocklist consists of two libraries (client and server) and a small set of utility programs.

2 - Design

Go to: [ top ]

There are four situations in which one would want to "block" a user or combination of users:

  1. Block on Log-In to POP server
    If we wish to be able to revoke the mail system usage priveleges of a nym we can have the authentication system check whether or not the nym attempting to authenticate itself is located in a blocklist (some might prefer the name "revocation list").

  2. Block on Log-In to NMTA
    If we wish to be able to revoke the mail system usage priveleges of a nym we can have the authentication system check whether or not the nym attempting to authenticate itself is located in a blocklist (some might prefer the name "revocation list").

  3. Block on Internet Delivery
    When attempting to deliver a message from a nym to an internet address, we should validate the following:

  4. Block on Nym Delivery
    When attempting to deliver a message to a nym, from either an internet address or another nym, we should validate the following:

There are sevaral ways to implement this functionality:

We have elected to go with the second option because:

To implement this functionality, we can maintain a database of revoked target recipient pairs. This will be a database of keys without corresponding values. The presence of a key in the database indicates that the sender-recipient pair it represents is a disallowed delivery path. Thus, A blocklist is a database of keys having the general form:

hash([sender][->recipient])

where sender is the e-mail address or domain of the sending party and recipient is the e-mail address or domain of the receiving party. Both sender and recipient are optional.

When the system wants to validate that a particular operation is allowed to take place, it can search for the appropriate key in the database. For instance, if the mail system want to validate that it is allowed to deliver mail to an internet recipient on behalf of a particular nym, it ...

  1. normalizes the sender
  2. normalizes the sender's domain
  3. normalizes the recipient's domain
  4. normalizes the recipient
  5. checks if "hash(sender)" is in database
  6. checks if "hash(sender domain)" is in database
  7. checks if "hash(->recipient)" is in database
  8. checks if "hash(->recipient domain)" is in database
  9. checks if "hash(sender->recipient domain)" is in database
  10. checks if "hash(sender->recipient)" is in database

Question: Do we want to do 5 through 8?

If any key is is found in the database then the mail is discarded by the mail system.

3 - programs

Go to: [ top ]

checkblocklist

Performs lookups on the sender and recipient within a blocklist file. Its usage is as follows:

checkblocklist [-s] [-r] [-c]

checkblocklist looks in the directory denoted by the HOME environment variable for a file called blocklist.cdb. If the file is found then it searches the blocklist for the sender and sender domain hashes (-s), and the sender/recipient combination hashes (-c). The sender and recipient email addresses are taken from the SENDER and RECIPIENT environment variables respectively. This program also takes a -r options which causes it to also search for the recipient and recipient domain hashes.

If any of the hashes are found the program returns 99 which tells qmail that this program has successfully handled delivery of the message and that it no longer needs to continue processing the message (i.e., it stops/blocks qmail from actually delivering the message).

txt2cdbmake

Takes a set of lookup keys separated by a newline on standard input and outputs a cdbmake compliant data stream (to standard output). This can be used by the blocklist update alias to generate new blocklists when nyms send them the updated hashes.

list2hashlist

This program may be a useful tool for generating the nym to internet blocklist. It can also be used to build test lists for target nyms as well.

The program reads (from stdin) line-based data having the format:

[sender_info][,recipient_info]

and outputs (to stdout) a data stream containing the corresponding block list search keys. The output from list2hashlistcan then be run through the txt2cdbmake utility to transform the data into the format expected by cdbmake in order to construct CDB files.

For instance, the following is a valid input stream:

alice@freedom.net,bob@hotmail.com
aol.com
,foo@bar.net

This input stream results in a list of block list keys being sent to stdout such that txt2cdbmake can read it in order to construct a cdbmake input file. Once converted into a CDB arcive, it can act as a blocklist which prohibits:

  1. alice@freedom.net from sending to bob@hotmail.com
  2. anyone from aol.com from having their mail delivered to the recipient
  3. anyone from sending mail to foo@bar.net

Typically the nym->internet blocklist will contain the first type of entry (i.e., blocking specific converstions) where the sender is a particular nym and the recipient is either an e-mail address of a domain.

Typically a nym blocklist will contain the second type of entry (i.e., blocking specif senders) because the recipient is denoted by the owner of the list, and is therefore redundant. The sender may be either a specific e-mail address or a domain.

4 - References

Go to: [ top ]


Copyright © 2000 Zero-Knowledge Systems Inc.
All Rights Reserved