ratfs – mail address ratification file system|
ratfs [ –d ] [ –c configuration ] [ –f classification ] [ –m mountpoint
Ratfs starts a process that mounts itself (see bind(2)) on mountpoint
(default /mail/ratify). Ratfs is a persistent representation of
the local network configuration and spam blocking list. Without
it each instance of smtpd(6) would need to reread and parse a
multimegabyte list of addresses and accounts. |
Ratfs serves a control file, ctl, and several top level directories: trusted, deny, dial, block, delay, and allow.
The control file is write only and accepts three possible commands:
The directory trusted serves a file for each IP range from which all mail is trusted. The names of the files are CIDR blocks; an IP address or an IP address followed by #n, where n is the number of bits to match. To check if any IP address falls in a trusted range, it is sufficient to open the file whose name is the IP address. For example, if trusted contains only the file 126.96.36.199#16, an attempt to open the file 188.8.131.52 will succeed while opening 10.1.1.1 will fail. To determine the particular range matched, dirfstat (see stat (2)) the open file and the name field will be the matching CIDR range.
The trusted ranges come both from the ournet entries in the file configuration (default /mail/lib/blocked) and from creates, typically done by imap4d (see ipserv(8)) and pop3 (see mail(1)) whenever they are used to read someone's mail.
The remaining directories, allow, block, delay, deny, and dial, represent the contents of the classification (default /mail/lib/smtpd.conf.ext). Each contains two directories; ip and account. The ip directory has the same open semantics as the trusted directory, i.e., to check if an IP address falls in that category, try to open a file whose name is the IP address. The account directory is similar but is used for matching strings. Each file in the directory represents a regular expression. To see if one of the strings matches one of the regular expressions, try to open the file whose name is the string. If it succeeds, then there is a regular expression that matches. To determine the regular expression, fstat the open file. The name field will be the regular expression.
There is a direct mapping from entries in classification and files
under allow, block, delay, deny, and dial. A configuration file
entry of the form:
Both the configuration file and control file formats are described
mail(1) smtpd(6) scanmail(8)|