SMTPRCV V0.45 and RCVPNL V0.14

Author:  Mike van Meeteren

Freeware.

Description:

This is a service designed to replace the IMS SMTPRS v0.83 SMTP receiver
module.  The reason for replacement is threefold.  1)  Be able to deny
relaying mail at the source, instead of after the mail has been received.
It is common thought that this is the way that mail servers should be
implemented.  2)  Allow the use of DNS type blacklists for rejecting mail
from known open relays and spam domains at connection time.  3) refuse to
accept mail for users not known to your domain.

The RCVPNL.EXE file is the executable that can be used to set up the registry
entries for SMTPRCV.  After installing the SMTPRCV service, configuration
changes should be made using this executable, and the service should be
restarted (the configuration is read when the service is started only).
RCVPNL can import settings from antirelay.ini, the control file for
AntiRelay.

Goals:

Make replacement of the SMTPRS service that is identical in most respects
with added functionality.  To make the service easy to use, it uses all the
settings in the registry from IMS and SMTPRS.

Revision:  *Initially* the values from SMTPRS are loaded into the SMTPRCV
registry when the "import" function is used.  However, due to limitations in
the way SMTPRS stores certain things in the registry and added functionality
in SMTPRCV, SMTPRCV uses it's own registry settings to override most of the
settings in SMTPRS.  What does this mean?  Two things: 1) yes, SMTPRCV will
come up and limp without running RCVPNL to configure it's settings.  It will
grab as much information as it can find in the registry, but this is not a
secure way to run this service, and it may not function as you expect.  The
correct way to install this service is to run RCVPNL and verify all settings
before starting SMTPRCV.  2) modifications made to the SMTPRCV receiver using
RCVPNL are written to it's own registry settings, and you may lose some
functionality if you ever decide to revert back to SMTPRS.

Installation:

Place both the control panel applet and the service (SMTPRCV.EXE and
RCVPNL.EXE) in a directory.  At the command line, you should type
SMTPRCV -install, which installs the service.  Then run RCVPNL.EXE, and
configure the service (antirelay.ini can be imported at this time).

After configuration is complete, use the "services" part of the control panel,
stop the SMTPRS service, and start the SMTPRCV service.  The service is now
running.  You will want to turn the start settings for SMTPRS to manual, and
the start setting for SMTPRCV to boot.

Technical:

Do not remove the SMTPRS service, just disable the startup at boot time.
This is done so that the settings in the registry remain, which is essential
for the operation of SMTPRCV.

The following settings are retrieved from the IMS registry settings:

from [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\smtprs\Parameters]:

MailInLogEnabled:  turns the mail logging on for SMTP receiver.
MailQueueDir:      where the inbound mail is written

from [HKEY_LOCAL_MACHINE\Software\EMWAC\IMS]:

MailSpoolDir:      this is the root directory path for EMWAC.  This is
                   added to MailQueueDir to come up with the complete path.
AutoCreateInboxDir:This is used to create the path listed above.  If that path
                   does not exist, and this is turned off, the service will not
                   start.
LastMsgID:         This is the running total of incoming messages, used for
                   generating the Message-ID.
DomainNamesAreLocal:  This is a list of domain names that the receiver regards
                      as local.  It will accept mail for these domains from any
                      SMTP client, without being a localnet or popauth.

The following are used from antirelay.ini:

PopAuth            Whether IP addresses can use the server as a relay when
                   not listed as a localnet.  The log file from POP3LOG is
                   read to find the IP address.
DNSLists           This is the switch to turn on blacklist verification.
LocalNets          Turns on localnet receiving.  Without this, the server can
                   only receive mail for it's own domain, unless the IP
                   address is found in PopAuth.
From LocalNets categories:
  All localnets are used just like Antirelay.
From DNSLists categories:
  Only the headertext is read.  All IP addresses go through localnet and PopAuth
  checking, this can currently not be bypassed.

Functional description:

When a client connects to the server, the IP address is immediately run through
the Localnet list, then PopAuth, and failing that the blacklists as shown in
DNSlists.  If the IP is local or PopAuthed, it can send to anyone.  If the IP
is not local, it can send to valid domains only.  If it is blacklisted, the
SMTP server replies with "554 access denied, <headertext>" to any RCPT To: and
DATA commands.

If the IP is not local, and it attempts to send to a non-local address, the
server responds with:

550 <baddaddress@nonlocaldomain.com>... Relaying denied

and just keeps going.

Restrictions:

Revisions:

v0.11  Added logging to the IMS INLOG directory, same format as they use.
       (554 RBL rejections should show up here too)
v0.12  Fixed bug in the localnet masking routine that allowed most IP
       addresses to appear local
v0.13-0.15
       Fixed a difference between the way SMTPRS and Winshoes deals with
       the terminating period that stops the DATA transfer.  (This caused
       no non-local mail to get delivered).
v0.16  Fixed address parsing engine to correctly deal with !, % and :
       This then correctly parses and address to be a relay hack, and
       allows the server to reject the address.
v0.17  Corrected startup bug that caused service to crash when started on
       some NT4 workstations.
v0.18  Made MAIL FROM: <> reply RFC 2505 compatible (server now no longer
       cares what's there and responds with a 250 OK regardless).
v0.19  When IP fails to rDNS, the header says unverified instead of a blank
       spot.
v0.20  When local IP fails to rDNS, the server name changes to an IP
       instead of blank, fixing message-id problems
v0.21  Deleted an unneccesary check for localdomain
v0.22  Trying to gain some speed on the write for large files
v0.23  OK, that didn't work :)
v0.24  Removed date insertion when another received line is found
       to track down a possible bug where Netscape and Outlook puke when
       downloading mail.
v0.25  Fixed bonehead date: insertion bug
v0.26  3 different ways to kill an RBL listed server connection now:
       1) immediate termination via a 421 command
       2) any rcpt to: and data command result in a 554
       3) first rcpt to: results in a 554 and a killed connection
       (currently method 2 is the hardcoded method)
       Also fixed so that no valid RCPT results in a 503 No valid recipients specified
v0.27  Control values now read from our own registry settings.  A
       control panel app is included.
v0.28  By some miracle I discovered that if two threads hit the server at the
       exact same time, the RBL info can pass from one thread to the other.
v0.29  Fix in 0.28 removed access denied log file entries, added back in.
v0.30  Fix in 0.29 caused abstract method crash.
v0.31  After a DATA command finishes, flush the message.  Apparently some
       mailing list servers don't issue an RSET before starting the next message.
v0.32  Trying to make servername resolve correctly.
v0.33  Added localuser deny (notify MTU when user doesn't exist).  Pulled from
       the alias listing for IMS. (probably won't work for list aliases)
v0.34  Fixed time offset notation by adding calc for daylight savings
v0.35  Added TCriticalSections around log file reads/writes to make multithread
       safe.  Also added optional error logging to the inlog which adds errors
       for invalid local names and relay attempts.  Made localuser deny (0.33)
       list compatible.
v0.36  Added capability to use plugin1's config file to extract user list and
       ability to check NT user database for user name (Thanks Klint Gore).
       Speed seems to be an issue with the username lookup.
v0.37  added list-request for EMWAC mailing lists.
v0.38  adding "nobody@a.com" to the plugin1 config file causes all mail
       being delivered for a.com to be accepted without passing the user check
v0.39  fixed a small problem with plugin1 file parsing and corrected enumerated
       string order for command list
v0.40  All date time strings now in english format
v0.41  Changed subnet internal structure to add local black and white list.
       Eliminates the need for a local DNS server
v0.42  NT User verification changed to reading all members of a group at
       service start
v0.43  Rebuild with fix in NT User Verification
v0.44  After much wrestling with the user verification code, I finally
       got all the bugs out of it.  The API can be such a pain in the ass.
       Also added -version as a command line parameter.
v0.45  If a socket dumps on a socket error (remote terminates for example),
       the message was not getting disposed, causing a large memory leak.
       put try..finally block around socket code to handle this problem.

Source code:

This software was built using a modified version of the Delphi "Winshoes"
library, v7.037b.  This is a free library that can be downloaded from
http://www.nevrona.com/indy/  The source code for this project can be
downloaded from http://www.fast351.com/IMS/

Remember, source code may be a rev or two behind.  Always check the rev
number in the server component to be sure you have the current source.

Warranty:

You're kidding right?  No warranty whatsoever, use at your own risk.