================================================================================ The 'Postconfirm' Mailing List Poster Confirmation Daemon ================================================================================ Postconfirm was designed to be a less resource-intensive replacement for certain uses of TMDA, in particular for the purpose of sitting in front of a group of mailing lists and verify or request a first-time posting confirmation of the poster's envelope-from address. It provides functonality which is a subset of TMDA, but is adapted to high-volume usage and does not have anywhere near all the bells and whistles which TMDA has. On the other hand, since the whitelist lookup is done by a long-running server part, the overhead of doing a verification that a poster has a confirmed address is much smaller than for TMDA (on the order of 0.01 seconds per lookup vs. 10-600 seconds per lookup for TMDA, and ~5 MB total memory usage vs. ~100 MB *per lookup* for TMDA) On the IETF Mail Server, it has been set up as follows: Email Routing ------------- On receipt of an incoming email, it is first sent through a spam filter. If it passes this, it is routed to a wrapper script which replaces (and eventually calls) Mailman's original binary, which takes action as follows: * If the sender localpart ends with -bounces or the recipient localpart ends in -owner, the email is forwarded directly to Mailman for bounce- detection or forwarding to the list owner (so this can't be used to bypass postconfirm for delivery to a list). * Else if the action is 'post', 'owner', or 'admin', the email is checked by postconfirm: - if the envelope-from is in a whitelist, the email is sent to Mailman - else if the email is a returned confirmation, the envelope-from is whitelisted, and the original email is taken from cache and sent to Mailman - else the email is cached by postconfirm, and a posting confirmation email is sent to the envelope-from address. * Else the email is a mailman command, and - if the email is flagged as spam, it's saved in a spam folder - else it's sent to mailman as a command Whitelist Files --------------- The daemon part reads its configuration and whitelist files on startup (and when receiving a SIGHUP). There are multiple whitelist files, for different purposes: * One whitelist file is re-generated nightly from all the subscriber addresses to the IETF mailing lists hosted on the IETF Mail Server. People with the same email envelope-from as From: header field doesn't have to do anything in order to post. * One whitelist file holds a list of people who have received a confirmation request from postconfirm and replied to it, thus confirming their envelope-from posting address * One whitelist file holds a set of manually edited whitelist regular expressions, in order to be able to efficiently whitelist groups of addresses.