New user-controlled features

Sender address rewriting

Since authenticated submission runs as you, messages you send can be modified according to your settings.

For example, since checkpassword sets $HOME, you can give ofmipd your own CDB of rules for rewriting envelope senders and From: headers.

Here’s an ofmipd-with-user-cdb wrapper to do this:



if [ -f "${user_cdb}" ]; then
    exec @PREFIX@/bin/ofmipd "${user_cdb}" "$@"
    exec @PREFIX@/bin/ofmipd "$@"

Stateful filtering

Since authenticated submission and incoming delivery both run as you, messages you send can influence what happens to messages you receive.

For example, filtering your submitted messages through pymsgauth-filter inserts a token into the headers and records it in $HOME, where pymsgauth-confirm can find and match the token in incoming messages.

Here’s how to post to DJB’s mailing lists from any AUTH-capable mail client without ever seeing a qsecretary challenge again:

  1. Apply the QMAILQUEUE patch (available here for ofmipd, included with netqmail for qmail-smtpd).
  2. Install qmail-qfilter.
  3. Install rejectutils.
  4. Install pymsgauth with the pymsgauth-filter patch.
  5. Configure $HOME/.pymsgauth/pymsgauthrc and the relevant .qmail file.
  6. Add pymsgauth-filter to control/ofmipfilters.
  7. Set QMAILQUEUE="qmail-qfilter-queue", QMAILQUEUEFILTERS="control/ofmipfilters", and PYMSGAUTH_TOLERATE_UNCONFIGURED=1 in your service’s environment.