What is milter?

Every one gets tons of email these days. This includes emails about super duper offers from amazon to princess and wealthy businessmen trying to offer their money to you from some African country that you have never heard of. In all these emails in your inbox there lies one or two valuable emails either from your friends, bank alerts, work related stuff. Spam is a problem that email service providers are battling for ages. There are a few opensource spam fighting tools available like SpamAssasin or SpamBayes.

What is milter ?

Simply put – milter is mail filtering technology. Its designed by sendmail project. Now available in other MTAs also. People historically used all kinds of solutions for filtering mails on servers using procmail or MTA specific methods. The current scene seems to be moving forward to sieve. But there is a huge difference between milter and sieve. Sieve comes in to picture when mail is already accepted by MTA and had been handed over to MDA. On the other hand milter springs into action in the mail receiving part of MTA. When a new connection is made by remote server to your MTA, your MTA will give you an opportunity to accept of reject the mail every step of the way from new connection, reception of each header, and reception of body.

milter stages
milter protocol various stages

The above picture depicts simplified version of milter protocol working. Full details of milter protocol can be found here https://github.com/avar/sendmail-pmilter/blob/master/doc/milter-protocol.txt  . Not only filtering; using milter, you can also modify message or change headers.

HOW DO I GET STARTED WITH CODING MILTER PROGRAM ?

If you want to get started in C you can use libmilter.  For Python you have couple of options:

  1. pymilter –  https://pythonhosted.org/milter/
  2. txmilter – https://github.com/flaviogrossi/txmilter

Postfix supports milter protocol. You can find every thing related to postfix’s milter support in here – http://www.postfix.org/MILTER_README.html

WHY NOT SIEVE WHY MILTER ?

I found sieve to be rather limited. It doesn’t offer too many options to implement complex logic. It was purposefully made like that. Also sieve starts at the end of mail reception process after mail is already accepted by MTA.

Coding milter program in your favorite programming language gives you full power and allows you to implement complex , creative stuff.

WATCHOUT!!!

When writing milter programs take proper care to return a reply to MTA quickly. Don’t do long running tasks in milter program when the MTA is waiting for reply. This will have crazy side effects like remote parties submitting same mail multiple time filling up your inbox.

How to chat securely using Pidgin and OTR

These days surveillance news are coming out frequently. After Snowden’s revelation if you’r suffering from paranoia and want to secure your digital presence, follow this tutorial to communicate securely.

  1. Install Pidgin chat client.
    • for ubuntu –
    • for arch linux –
    • also you can download it manually from here & then install it as per instructions
  2. Install OTR plugin of Pidgin.
    • for ubuntu –
    • for arch linux –
  3. Now start Pidgin. It will show ‘Accounts’ Popup. Click on ‘Add’ button. add
  4. Now you will get ‘Add Account’ popup.
    add-account-0
  5. Now configure new account as follows.
    • Tab ‘Basic’
      • Login Options
        • Protocol : XMPP (don’t use ‘Facebook XMPP’)
        • Username: (don’t use a username which will somehow connected to real you)
        • jabber.rayservers.com
        • leave blank
        • enter password you want
      • User Options
        • Local alias : Leave blank
        • New mail notifications : DO NOT check
        • Use this buddy icon : check if you want
        • Create this new account on the server : MUST checkadd-account-1
    • Tab ‘Advanced’
      • Connection security : Require Encryption
      • Allow plaintext auth over unencrypted streams : DO NOT check
      • Connect port : 5222
      • Show Custom Smileys : check
      • Create this new account on the server : MUST check add-account-2
    • Tab ‘Proxy’
      • Proxy type : Use Global Proxy Settings
      • Create this new account on the server : MUST check add-account-3
    • Tab ‘Voice and Video’
      • Use silence suppression : leave default
      • Create this new account on the server : MUST check add-account-4
  6. Now to add this new account, click on ‘Add’
  7. Wait for few seconds. Popup will come for ‘SSL Certificate Verification’. Click on ‘Accept’. Cross-check ‘Certificate Information’. Then ‘Accept’ cetificate. cert-1 cert-2
  8. Now you will get popup saying ‘Register New XMPP Account’. Click on ‘Register’.
  9. From top menus select
    Tools -> Plugins -> Off-The-Record Messaging (MUST checked)
  10. Click on ‘Configure Plugin’
  11. Configure ‘Off-the-record Messaging’ popup as follows, otr-1
    • My Private Keys –
      • Click on ‘Generate’ if you get message ‘No key present’. Generating keys takes time. When keys are getting generated try to do some CPU intensive work to add more entropy.
    • Default OTR Settings – Check all
      • Enable private messaging – check
      • Automatically initiate private messaging – check
      • Require private messaging – check
      • Don’t log OTR conversations – check
    • OTR UI Options
      • Show OTR button in toolbar – check
  12. Once key is generated, click on ‘Close’ to close popup windows of ‘Off-the-record Messaging’ & ‘Configure plugin’.
    otr-2
  13. Now in top window ‘Buddy List’ ,
    Tools -> Preferences -> Logging -> Do NOT check any options here & close popup. otr-4
  14. Now enable your new account as,
    Accounts -> Enable account -> Select newly created account
  15. Now to add buddy,
    Buddies -> Add buddy
  16. In ‘Add Buddy’ popup, enter ‘Buddy’s username’ – something like ‘foo@bar.qux.com’.  Optionally you can add ‘Alias name’ for ease. Here important thing to remember is, once you add buddy it will appear in your buddy list only after authorization of your buddy.
  17. Now if you add buddy successfully and he is online & double-click on buddy and start to chat.
  18. Here you will get another private messaging window. Don’t forget to ‘Start OTR’ here & to Authenticate your buddy.
  19. Further, you can use Tor with Pidgin to circumvent IP address.