triplicator
Prev Kernun UTM Reference (1) Next

Name

triplicator — SMTP Grey-listing Triplet Database Manipulator

Synopsis

triplicator [-hv] [-d debuglev] -f cfgfile -c command

Description

Utility triplicator provides a user interface to Kernun's smtp-proxy(8) grey-listing triplet database management operations.

The main task of this tool is to clean the database. For this purpose, it is recommended to include the following call of triplicator in a cron plan: 

    system FIREWALL {
      crontab {
        ...
        plan "0 * * * * kernun path/triplicator -f smtp-cfg -c clean"
      }
    }

where smtp-cfg is the configuration file name of smtp-proxy that uses the grey-listing method and path is the path to the Kernun binaries directory (usually /usr/local/kernun/bin).

Grey-listing method

Grey-listing (http://projects.puremagic.com/greylisting) is a spam blocking method based on the fact that most spam sources do not behave in the same way as "normal" mail systems and do not repeat delivery attempt in the case of temporary rejection. Thus, smtp-proxy with grey-listing configured temporarily rejects every new e-mail it has never seen, keeps this information and, under certain conditions, allows reception of this mail in the future. More precisely speaking: the proxy looks at three pieces of information (called triplet) for any particular mail delivery attempt:

  • The IP address of the host attempting the delivery

  • The envelope sender address

  • The envelope recipient address

Each triplet can be in one of the following states:

blocked

If we have never seen this triplet before, then refuse this delivery and any others that may come within a certain period of time with a temporary failure.

released

If the triplet has passed the initial blocking period, we expect repeated delivery within a certain period of time. Any e-mail with the identical triplet coming within this time period will change the triplet's state to granted. If no such delivery occurs, the triplet is forgotten.

granted

If a triplet has been successfully acknowledged, any mail with the identical triplet will be delivered without delay for a certain period of time. Every new delivery attempt for the triplet will restart this time period. If the time period passes without any delivery attempt, the triplet is forgotten.

Proper functionality of the method can be set up using three basic parameters that control the above-mentioned time periods:

block-time

The initial delay of a previously unseen triplet.

Default: 1 Hour

For this period of time, a new triplet is in state blocked.

retry-time

The lifetime of triplets that have not yet allowed an e-mail to pass and wait for confirmation by another delivery attempt.

Default: 4 Hours

The total time the client has to retry the delivery attempt. If this period of time elapses and no mail with the particular triplet has come, the triplet is forgotten. Notice that this time includes also the initial block-time amount of time. Thus, in fact, the length of the time period, during which a triplet is in state released, is retry-time - block-time.

guard-time

The lifetime of auto-whitelisted triplets that allow mail to pass.

Default: 36 Days

For this time (after any successful delivery), the triplet is guarded and mails with particular triplet are granted to pass.

All the above parameters are part of the grey-listing section of the smtp-proxy section.

The proxy saves the information about triplet states in a local database in a file (its name must be set in smtp-proxy.grey-listing). For every triplet, it holds the state and the time of its expiration. Using the triplicator tool, you can manage this database - clean it (i.e. remove forgotten triplets), display and change triplet data.

Commands

stat

Display the number of triplets in the database per states.

list

Display all triplets in the database, each with its state and the time of the expiration of the state.

Example: 

  <10.1.1.1, , root@tns.cz> 1=ts_blocked, 2000/02/04 01:00:00, 10800

clean

Remove all expired triplets.

add

Add/change triplet data.

Command synopsis:

add state date time <sender> <recipient>

state

Triplet state, possible values: 'b+next', 'r' and 'g'.

The next parameter for the blocked state defines the time period (in seconds), for which the triplet will stay in the released state after reaching the deadline of the blocked state. In fact, it is the difference between retry-time and block-time.

date

Expiration date, format: year/month/day

time

Expiration time, format: hh:mm:ss

Example: 

  add b+3600 2000/2/4 01:00:00 10.1.1.1 <> <root@tns.cz>

purge

Rebuild the database file (implemented as backup + restore).

backup

Dump non-expired triplets.

Command synopsis:

backup [filename]

filename

Output file name (stdout if omitted).

restore

Rebuild database from a backup file.

Command synopsis:

restore [filename]

filename

Input file name (stdin if omitted).

Program options

-h

Display usage information and exit.

-v

Print version information and exit.

-d dbglev

Set debugging level.

-f cfgfile

Read configuration from cfgfile.

-c command

Command to execute.

See Also

Kernun: smtp-proxy(5), smtp-proxy(8),

Authors

This man page is a part of Kernun Firewall.
Copyright © 2000–2023 Trusted Network Solutions, a. s.
All rights reserved.

Prev Up Next
switchlog Home Kernun UTM Reference (5)