WO2005062561A1 - Method and device for blocking undesired emails - Google Patents

Abstract

The invention relates to a method and a device that are able to block undesired emails, e.g. spam emails.

Description

 Method and device for blocking unwanted emails

The invention relates to a method and a device which are able to block unwanted emails, for example so-called spam emails. Such methods and devices are known, inter alia, from the publications US 2003/0200267 and US 2003/01 91 969

Around 25 years ago, the majority of all messages were sent by post, for example in the form of a letter. The sender posted the letter at the post office. The post then transported the letter to the destination city by car, for example, where the letter was delivered by a postman e.g. brought to the recipient by bike in the middle of the 1,980 years, then the transmission of messages by fax arose. The messages were read by a fax machine and transmitted to the recipient via the telephone line by entering a corresponding fax number since the middle of the 1,990 years With the increasing use of the Internet, a new type of message transmission spread. The messages, the so-called e-mails, are created on a computer or mobile phone and then sent to the recipient as so-called electronic mail. The transmission uses specially laid fiber optic cables, but also telephone lines and wireless Ubert system, for example in the form of satellites

Today, the Internet is one of the most popular communication methods. With its spread, however, previously unknown problems also arose. One of these is the mass sending of advertising e-mails to a large number of e-mail addresses in comparison with the sending of advertising letters with normal ones Mail is mass-priced to send e-mails very cost-effectively. Senders of such e-mails are therefore not prevented by costs to shower millions of possible recipients with unwanted e-mails. Since commercial operators of the Internet have an economic interest in using the Internet, some of them are even willing to support anonymous sending By making servers accessible for such purposes, senders of advertising malfunctions can send anonymously, so that it is then not even possible to take action against such senders using the usually available means. There is therefore a strong interest in devices and methods for blocking unwanted emails. From the US 2003/0200267 such a method and such a device for Abloc ken unwanted emails, for. B, advertising emails, known, a recipient transfers a code or a so-called "key" to a sender of an e-mail. The sender sends his e-mails together with this code. The recipient then receives the sent e-mails,

If an e-mail is sent to the recipient without a code, the sender receives a request to obtain a provisional code that he can receive over the Internet. If the sender now sends his e-mail with the provisional code, he receives Recipients of the e-mail in extracts. The recipient then decides whether the sender receives a final code or key. The sender is a natural person who sends e-mails and the recipient is a natural person who receives e-mails.

The recipient disadvantageously has to do a relatively large amount of work in order to assign provisional and regular codes. E rm uss also always at least a section of the emails read who reach him with a temporary code to decide whether the transmitter should get a regular code

A method and a device for blocking unwanted e-mails are also known from US 2003/01 91 969. The recipient of the e-mails maintains a list of senders. Each transmitter is compared with the list. The senders are not a On the list, his e-mail is blocked. All e-mail addresses used by the recipient when sending e-mails reach the list. Senders who are not on the list have the option of adding a test to the list to become

Even with this level of technology, the recipient has to put in a relatively large amount of work in order to keep his lists up-to-date and thus block unwanted e-mails and receive desired e-mails

The invention has for its object to keep the workload at the recipient to block unwanted emails low

The object is achieved with a method and a device which have the features of the main claim and of the secondary claim. Advantageous refinements are the subject of the dependent claims

A sender of an e-mail has received or obtained the e-mail address of a recipient, which he can have found on the Internet, for example, or via commercially available CDs, on the e-mail addresses of millions of people I nternet users are saved, procured In addition to the procured or received email address, the sender must now obtain a key according to the invention, which is preferably provided outomatically. An email without a key does not reach the recipient. Instead, the sender is prompted, for example, by an automatically sent mail, to use a key for sending The reply mail also contains information about how to obtain or use the key. For example, the sender can be given a website from which the key can be downloaded

This key can, for example, be provided automatically by the recipient's own website or a commercially operated server that the recipient or a service provider has set up once. The key can also be transmitted with the response mali

If the sender sends an e-mail to the recipient's e-mail address received or procured together with the procured key, the e-mail is not blocked and reaches the recipient in full

In order for an e-mail to reach the recipient, the recipient has to carry out additional work that is low. The sender must also regularly provide a valid e-mail address or identify himself in some other way so that he receives any information about the key Millions of recipients are prevented by the additional workload. In individual cases, the additional workload is low. The sender of mass mali can no longer carry out this workload. Such mass-sent emails therefore no longer reach the recipient A filter is available that ensures that massly sent and / or anonymously sent emails no longer reach the recipient. Anyone who has a real interest in reaching the respective recipient by email will not find the additional effort an obstacle represents.

A sender of an e-mail that is provided with the appropriate key is advantageously included in a positive list. These transmitters then no longer need to use the key. This further minimizes the workload for transmitters which are basically to be classified as "seπos". This embodiment of the invention is particularly advantageous if a single key is provided, the key is fixed or free selectable time intervals are exchanged automatically or manually and a previous key after such exchange is automated and / or loses its validity within a predetermined and / or freely selectable period of time. In this way, misuse of keys is prevented in a technically very simple manner the positive list so that the sender can not use his procured key again and again, but must regularly obtain one again. If the recipient can manually exchange a key, this has the advantage that de r The recipient can react in a targeted manner if abuse occurs in a conspicuous manner

The questioning in the positive list can be done, for example, by the e-mail program that is used by the recipient. Alternatively, an operator of an e-mail server provides this possibility. The latter case has the advantage that the recipient has various receiving devices such as computers or Mobile device can use without having to recreate or transfer the list for each individual device. Therefore, the list is kept up to prefer an E-Mdil server

In one embodiment of the invention, the sender is included in the positive list when the recipient sends the sender an e-mail. It can be a reply e-mail. This embodiment has the advantage that an additional barrier is created because an e-mail address of a sender is not automatically added to the positive list, but this sender is only added to the positive list by the activity of the recipient. By answering the e-mail, the recipient indirectly confirms that the sender is authorized This is particularly advantageous if the sender must always obtain a new key for each additional e-mail sent from the sender to the recipient and this does not apply until a sender has been entered in the positive list

Alternatively or in addition, a sender is automatically added to the positive list if the first e-mail contact originates from the recipient, ie the recipient sends an e-mail to the sender for the first time without first receiving an e-mail from the sender Having this also further reduces the workload, since the first transmission is also used for later uploading. The fact that a transmitter is automatically added to a positive list also has the advantage that it ensures that a response generated by a machine also reaches the recipient can A typical example of an automated response is an absence notice or an acknowledgment of receipt. The machine that responds in this way cannot obtain a key. An automated absence notice may not be able to reach the recipient if the sender first has a key for the reply had to procure Alternatively, the reply address that is transmitted can already contain the key that causes the recipient to receive e-mail. This can ensure that automatically generated e-mail warnings, for example that an e-mail (still ) could not be delivered to the recipient.

In a further embodiment of the invention, when the e-mail is sent by the recipient, as an alternative or in addition, additional data for the e-mail sent is stored, with the aid of which it can be determined whether an e-mail is arriving as a response, which may be created automatically has been . For example, the time, the date of sending and / or the address to which the recipient sent an email can be saved. If an email arrives containing this additional data, it will reach the recipient regardless of this Whether this has been provided with a key or whether the sender is on a positive list, can be further improved to ensure that answers reach the recipient, even if it has been created automatically.

In one embodiment of the invention, the automatically created entry in the positive list or the transmitted reply address with the attached key can be valid for a limited time. A typical period would take a few days or weeks. The time period can advantageously be set individually by the recipient. The time period is advantageously chosen so that it is typical for the receipt of a desired response. For example, should it be ensured that a warning message in the form of an automatically generated email reaches the recipient, the period to be set or specified is typically five days, namely if an e-mail sent by the recipient to the sender cannot be delivered within this period, so such email messages are automatically sent to the recipient within this period of time, so it can be expected that a machine desires to send an email to the recipient without the machine being able to conclude Haffen

A negative list is preferably provided, into which the recipient can enter transmitters, including those from the positive list, so that the e-mails from these senders are blocked. This enables the recipient to act against misuse of his email at any time Protect e-mail address, also from senders who have a key. Advantageously, the negative list for the aforementioned reasons is also on the central e-mail server from which the recipient retrieves his e-mails

As an alternative or in addition, a key of a transmitter in the negative list can automatically lose its validity. The recipient is thus protected against the reuse of a key by unauthorized third parties. This is particularly the case if the same key is not always used

A key advantageously loses its validity after a predetermined time of, for example, a day, a week or a month. Alternatively or in addition, a key can only be used once so that an e-mail reaches a recipient. This is particularly advantageous if after a station is included in the positive list after the first reception. This prevents the misuse of a closing ice

Each sender must preferably obtain an individual, automatically provided key for each recipient. For example, a sender that had to process one million advertising emails wants to send, get a million individual keys, this workload is too high This is effectively blocked

A transmitter advantageously receives only one automatically provided key per specified time unit. This makes purchasing a large number of keys a time-consuming work step. This is particularly useful if, for example, a central server is responsible for key management for several recipients Time unit only take one key from the server and is then forced to wait until it can remove a next key for the next e-mail address. This prevents a sender from automatically obtaining key and then sending millions of e-mails, that reach the recipients

The unit of time can be designed variably.For example, it is one minute if senders are to be admitted who send a manageable number of advertising emails. This would be useful, for example, for a small company that wants to send its customers information. At E 00 to be sent - Getting mails was the key so it took 1 hour and 40 minutes

It would also be possible to limit the withdrawal to one key per day. This prevents automated key collection. For senders of advertising emails who want to reach ten thousand recipients, for example, the key was then acquired for about 27 years last

The large "time unit" can be set and changed individually by the recipient in an advantageous embodiment. Each recipient has the possibility to make individual decisions In a further advantageous embodiment, the key is a variable part of the email address. The recipient can thus keep his old email address, which is only supplemented by an addition. For example, the original e-mail address hein, muec k (a) sc hlickschleuder.de, becomes the extended e-mail address hein. muec, pf lffi (5 ⁾ sc hlickschleuder.de. In this example, the addition "pfiffi" is the key. The key can also be optically separated from the actual e-mail address by other fixedly specified characters or character strings that can be freely selected by the recipient, for example. The E extended by the key "pfiffi" - So the email address can also be read. mueck- pfiffifcDschlic kschleuder.de, Here is used as a separator as a dash, In this embodiment, a sender can enter the email address extended by the key in his address book. This is particularly advantageous if no positive checks are made and the key does not lose its validity due to the lapse of time. After a one-off effort, the sender can then use the address in his address book in the usual way without having to worry about the key again to have to ,

Keys for several recipients are preferably provided centrally by a server. A service provider can operate this server advantageously. This enables efficient access control to the keys. B. The collection of keys is made more difficult by computer programs. The service provider can, for example, prevent the complete provision of keys for suspicious transmitters. This embodiment is also of particular interest to private individuals, since one

Private users then do not have to deal with technical issues or installation of programs, etc. A configuration according to which the procured key is transmitted via the Internet is also advantageous. This means that a sender connected to the Internet can immediately obtain the key, so that the workload for the sender of an individual e-mail is minimized,

The key obtained is preferably only valid in connection with the email address used for the procurement. For example, a sender of mass emails is forced to always identify himself when sending ten thousand emails. This makes it easier for a recipient to contact this sender in a targeted manner, should this be necessary.

Another advantageous embodiment is the sending of the key to the transmitter by mobile phone or via the fixed network, e.g. also as a short message or the like. This would also force the sender to identify further and not just via the email address. An additional key can preferably be transmitted when the automatically provided key is transmitted. This key can be used to encrypt and decrypt the sent e-mails. Third parties who might intercept the e-mail are not able to read it. Alternatively, the key can be programmed to automatically encrypt a sent e-mail in order to ensure the confidential exchange of information.

A device that consists of computers or servers that are connected to one another is used to carry out the method. One or more computers are provided with a means for automatically providing a key. The computers include means that block e-mails that are sent without a key, The computers and / or servers can e.g. B, be connected to the Internet, for example via telephone lines or radio connections, with the interposition of a modem, it is also possible to connect to a local intranet, which is operated as a conventional network via lines or as a radio network, so-called wireless LAN, the sending E-mails, like receiving e-mails, are possible using a computer, mobile phone or PDA (e.g. Palm).

To successfully send an e-mail, the sender needs an automatically provided key, which he can obtain from the Internet. The procurement can take place, for example, by e-mail, but also by telephone from the landline or by mobile phone. All emails that are sent without a key are automatically blocked,

To use the method, computers or servers are preferably provided in order to automatically assign and manage keys. The keys are advantageously generated using a random generator,

The generation of the keys by a random generator has great security advantages, obvious keys that are easy to find by third parties are avoided and the protective function of the key is increased. This is particularly useful with regard to company networks. Alternatively, it is possible to use the keys e.g. B. from a list provided by the recipient. This is particularly advantageous for private recipients. This enables them to transmit a key directly to people, which simplifies personal contact. The key can be transmitted orally or, for example, by email or telephone. In such a case, it is particularly advantageous to: if the key is part of the e-mail address, the sender does not even notice that he has a key. No special effort is required for such a key

Preferably, the automatically provided key is automatically transferred from the computer or server to the receiving means of the receiver. This is particularly useful when generating the keys with a random generator. It is thus possible to compare the generated key with keys that have already been used before being assigned In this way, multiple assignments of the same key can be prevented. Even when using lists on which the keys are stored, multiple assignments of the key can be prevented by comparing them with the keys that have already been assigned Receiving means therefore knows all the keys at all times, knows whether they were previously issued by honors, and in this case can reject the keys before issuing them. The method also has a device that preferably prevents the automated acquisition of keys For example, when using a Central server for the provision of the key can be checked whether keys from one sender are requested in bulk for several recipients at the same time

exemplary

Figure 1 shows three e-mail servers 1, 2 and 3, which are provided, for example, by three different providers for use by the recipient and several senders. A service provider provides a key via a server 4. The servers 1 to 4 are connected via the internet. A sender with the e-mail address senderA@providerA.com sends an e-mail for the first time via his mobile device 5 to the e-mail address of the recipient, which isempfaenger @ providerl, com. He has previously taken the e-mail address from a business card of the recipient. The e-mail is forwarded via the e-mail server 2 of his provider A to the e-mail server 1 of the provider 1. This e-mail server 1 is used by the recipient. Since the sender did not use a key, he automatically receives a reply that he must obtain a key, which he can obtain from the http://www.token.com website. Sender A calls the website htfp: // www. token.com, the content of which is stored on server 4. After entering the e-mail address recipient @ providerl .com, the sender receives the e-mail in addition to his own e-mail address senderA@providerA.com Information that he should send the email he has sent again to recipient.xyz@provideM .com. Sender A follows these instructions and after resending to the address recipient, xyz @ provider l, com, the email is stored on email server 1 for retrieval by the recipient,

The recipient then calls up this email via a computer 6, which is then deleted on the email server 3. The recipient then replies to the sender A by email. When this answer is sent, sender A is entered in a positive list which is located on server 1. If sender A now sends an e-mail again to the addressempfaenger.xyz@providerl .com or to the addressempfaenger @ provider l .com, this email easily reaches the recipient,

From an e-mail server 3, a sender B anonymously sends thousands of e-mails, including an e-mail, to the recipient and uses the address recipient @ provider l, com, this e- Mail does not reach the recipient because the sender is not on the positive list. An automated reply does not reach sender B because the sender has not provided a reply e-mail address. His email is missing the desired effect.

After a month, the key "xyz" of the service provider who uses the server 4 is exchanged for a key "abc". The email server 1 is automatically configured so that both keys are available for a transition period of, for example, four weeks are valid and after the four weeks an email can only reach the recipient if either the new key, i.e. the address recipient .abc @ provider l .com is used, or the sender is on the positive list, The positive list then has priority. If sender A still uses the address with the old, now invalid key, the recipient will then receive the email,

As a further embodiment of the invention, a program code called "SpamKiss" is attached.

Explanations of the program code SpamKiss Process description The transport of messages via the SMTP protocol consists of several defined steps, four of which are relevant for testing by the SpamKiss system: • CONNECT: Two SMTP processes have established a connection • HELO: Protocol handshake has been carried out • MAIL : The sending process transfers the address of the sender of a message • RCPT: The sending process transfers the address of the recipient of a message There is a method for each of these four steps mentioned, which the received process can call up in the course of the protocol. After each method call, the method skc_getresponse is to be executed by the received process in order to collect the messages generated by the tests. These messages cause the received process to either continue to follow the protocol or to abort. All methods that are required in the course of the protocol by the received process are implemented in the class skCheck. These methods, in turn, take various actions to determine the status of the incoming message. To do this, they use a data structure that is suitable for making the information required for the decision to accept or reject the message available. These methods are mainly implemented in the class skCore, from which skCheck is derived.

Classes / files Γ ^ Ä '' ΪΪS ^^ SV skCheck j Contains the functions for communication with the Mail Transfer Agent. Provides | the interface between the SpamKiss system and the MTA, so to speak. ¹ It uses the methods and properties provided by the other classes. skCore, implementation of tests performed by skCheck. skResponse: Class for the transfer of the messages (responses) generated by the methods of skCheck to the MTA skMxlist class for the compilation of the historical test data for outgoing messages skConfig ^' pattern class for the creation of configuration objects skConstants constants used by the program. skCheck.class.php - Printed on 12/20/2003, 1:35:14 PM - Page 1 1? PHP 2 3 * SpamKiss core System - Method for te MTA 4 5 * T lε file conCains the class hich l plements ehe Met ods s * υsed by the MTA to cornmunicate with the spamkiss System _* * Θpackage SpamKiss 9 * © subpackage SpamKissCore 10 11 12 13 * Main class for carrying out ehe tests 14 15 * This class concains ehe ain events handled by the system, Chat IS * oeeur during the SMTP handshake It extends the skCore class, hich 17 * contains the Implementation of the tests 18 _* 19 * / 20 class skCheck extends skCore 21 (22 23 24 * Class conεtru tor 25 26 * The coπsLrυctor for the skCheck class Main purpose 27 * is to call the parent construclor and set some deπued properties 20 29 V 30 function skCheck () 31 (32 $ thιs-> skCore (), 33) 34 3b 36 37 Transfer responses to calling process 38 39 This method is called hy the MTA process after each step 40 in the SMTP protocol to transfer the responses generated 41 to the MT A luneexon ske geL response () 45 {Sresult = "", 47 48 for each ($ Lt) js> response as $ key = _* $ valυe) f 49 $ t_resu} t = Schis-> response l Skey] - askr_dιspa chResponse 0, SO jf ($ CΛj5-> response i $ key) -> scate == S _STA_FINAL) (51 $ C ιs-> EendDebυgMessage ("Do some logging to the database"), 5? c ιs ->'; k _] ogcιansactiDn (5r /] iS'> response [Skey] -> gr_code $ thι ς-> uιd Schis esponse I Skey) -> ι rode), 53 54 // if LhiΞ xs a local essage, log the stuff twice, also £ oι the sending user 55 if ((5thJΞ-> directιon == SK_DIR_LOCALl Λ / fD («empt i≤LhiΞ-> uιd2))) (..response [$ key] -> gr_code , $ chιs »uιd2 _# $ thxs-> response ISkey] - _> ι_code),

59 £ 0 61 if (leount f5thJS-> ιesρonΞe) - 11> $ ey) 62 St reεult = SK RES DELIMITER, 63 S4 $ L reευlt, 65 eβ unsec (Schi s- »response), 67 Schis-> SendDebυgMessage ($ cesul), es recurn Sresult 69 70 71 72 73 Set the connect lon informac 74 75 See the Hostip and Hostname aecording to MTA nowledge 76

77 /

7B funccion check_hoscιnfo (Shoεtip, Shostπame)

79 i

B0 Schis> hostιp = Shostip. βl $ chιs. > hos name π Shαscname, B2 $ cήιs- »SendDebugMessage (" MTA thint's hostname is ScΛιs-> hoscname and Hose IP is Schι_- _> h ₀₅ tιp "), B3 $ Chls-> response 0 = ^■ new skResponse (SK_PSGR_CONTIN S _CON_FINA ), 84 retυrn, B5 86 67 / ^• * 9 Set the e tended connectlon Information0 skCheckclass.php - Printed on 20.12.2003, 13:35:14 - Page 2 91 * Set the Heloname, which is the na e the host claime to have 92 * in the greeting meεsage to the MTA 93 »94 * / 9B iunction check_heloname (Säata I 96 (97 SCAls- »heloname = Sdata, 9Θ Sthis-sSendDebug essage (" MTA th nks Heloname is $ thiΞ- »heloname"}, 99 StΛ s- »response [] - new skResponse (S _RSGR_CONTIN, SK_HELO_FINAL ), 10D returπ. 101) 102 103 104 / <* 105 + Check the enders address 106 »107 'Do all steps to check the direction of the meεsage and - in case of outbound - 10B * prepare saving of some information in the ongoing process 109 110 • / 111 funccion checJ'_maιl (Sdata) 112 {113 114 // check if IC is a valld address 115 fl'Sehis »skc_valιdate ISdataϊ) (116 Schis-» response I) - new skResponse SK MAIL VALIDATE), 117 recurn

120 // asεign eüäca 121 Schis-> aι 1 = Sddta, 322 123 // Check it ue lelay foi the sending domain 124 Sthis »mrelay - $ thιs> s c_checkrela (Sthis _* maιl), 135 f (Schis» mrelayl ( 126 Sthis- »direction = SK_DIR_CιuTBOUND, 127) 12S 129 // m case of an ouCgoing message and we relay for ehe sending hosL, 110 // igure out ehe id of the usev Bending this message 131 if (Sth s-» djrecLion = = Sr_DIR_OUTBOUND) (132 133 // if the Bender s not listed heie Jet ehe admm decide 134 lfl 'Sthis »skc_getuser ld ISεh s-» mal J}) (135 i lStΛjs -aconf ig- »ob unlisted user == 0) 5ιesuJc - SK_RSGR_REJECT, 136 ice S SGH_ACCEPT, 137 skis

new skResponse {SresuJt SK_RCPT_IN_USER1D) 13B return, 139) 140 | 141 Schis-> response |) - new skResponse IΞK_RSGR_C0NT1N, SK MAIL riNAM 142 reLUrn 143 | 144 145 146 / •• 147 * Check before leceivers address 148 149 * Do all steps to decide, if the system accepts marriage message or re] ects lt 150 151 • / 152 fuπction checl- rept I Tdata J 153 | 154 // check f it ls a υalid address 155 ιf \ '$ chιs, skc_va) idate (Sdata) I {156 S th s- »response I] - n« skResponse (S _RSGR_REJECT, SK_RCPT_VALI FILE, 157 return 15β) 159 160 // score data m local properey 161 Sthis-> rcpt - SdaCa, 162 163 164 // ch cy if ue relay for the rec pients domain 165 Schis> rrelay - Schis- »skc_check.relay ($ thj s> rcpt), 166 ifl (sth s- »rrelay) and (Schis-» mrelayl) 167 5cήιs-> dιrec-ion = 16S 169 // if we do not relay for at lease one of chese domains generace an error

110 // co e sending address

171 if (('$ chιs-> rrelay) and (' Sthis- »mrelayl) {

172 skis »response [J - new SkResponse (SK_RSGR_E / RESU, SK_RCPT_IN_FINAi. E _ECO_HORεLAΫ),

173 return,

174) 175

176 // tokens can only shou up m the recipienc aαdress m // grep efte coken m he aαdress f there is one

17 ^β ιfl • sthis- »skc_εplιttoken (l) (

179 see »response (1 - new skResponsa ISK_RSGR_REJECT, Sr_RCPr_TOK £ NSP IT),

180 return skCheck.class.php - Printed on 12/20/2003, 1:35:14 p.m. - Page 3 1B1) 182 183 // jjf tsa locaJ message, do εome furcher investigation on how we handle ic 1S4 Sthls-s-dochecklocal = false, 185 if (5chιs-> dιrectιαn == SK_DIR_ OCAL) (185 ι / (Sthιs- »aconf ιg-» check_local = 3 0) {167 // Nothmg shoυld be done - crust thesε guys and accept the message 188 Sthis- »response [ ) = new skResponse (SK_RSGR_ACCEPT, SK_RCPT_ C_FINALI, 189 return, • 190) 191 eise {192 // Are both m ehe sa e domain? 193 if ($ chιs- »skc_checkdlffdomain (Sthis-> maιl, Sthis-» rcptl) {194 // di ferent local domams - does the admm want us to run checks " ³ 195 i (sth s-» aconflg »chec _local = = II 196 $ chι≤-> dochecklocal = crue 197) 198 eise (199 // same local domain - does the admm want us to run checks ^t 200 ir * (Sthιs- »aconf 19» check_local »- 2) 201 Sthis» dochecklocal = trυe 202) 203) 204) 205 206 207 // in case of an ouCgomg message we might want to add this 208 // address to our lisslisc 209 if I (Schis-, direction • ■ SK_D1R_OUTBOUND) 01 (Sthis »dochecklocal - = Lrue)) (210 211 // gec ehe iπλ lisc for the domain we are sending messages eo 212 ιf (»Sεhis-» skc_gecmxlιsc (Schιs- »rcpt I) (213 Sthis» response () = new skResponse (SK_RSGR_REJECT, SK_RCPT_OT_CKMX), 214 return 215) 216 217 // save ehe mx list for checklng of mcom ng notices 21a ifCSthis> skc_savedomhιstor 0 I (219 Sthιs- »response!). New skResponse (SK_RSGR_REJECT SK_RCPT_OT_SVLurn) , 221) 222 223 // 1 f not in ery to add the rece vers addiess to our kissliαt 224 Schis- »skc_addtokιsslιs (Schis-» rcptl 225 226 // 1 f we got here, we can accept ehe rest as we are sending this message 227 l (Sthis »dlrecLlon = - SX_DIR_OUTBOUND) (220 skis» response [J = new skResponse (SK_RSGR_ACCEPT, SX_RCPT_0T_FINA), 229 return 230 J 231 ise {232 skis »reoponsell new skResponse (SK_RSX_COMFINTL 236 ) 236 237 23fi // if this message is local or inbound, f nd ehe user in the dacabaεe 239 lfl (SCh s »direction == SK_DIR_LOCAL) or (Schis» direction == SK_DIR_INBOUND) I (240 // cry co f nd out f ehe recip enC a valid user of the System and 241 242 ScΛιs- »uιd2 - Schis» uid 243 244 ιf ('Schis> skc_getusend (Schis »rcpt! I (245 // always creac it llke a failed oυtbαund message 246 unsec (ScΛιs- »uιd2>, 247 // ehe admm decides if he wanca co rejeet or accept by defaule 248 ιr ^" (Seh s- »aconfιg-» ιb_unlιsted_user = - 0) SresuJt - SK_RSGR_REJ £ CT, 249 else SresulC - SK_RSGR_ACCEPT, 250 Schis- »response (] = new skResponse (SresuJt, SK_RCPT_IN_USERID), 251 return, 252) 253) 254 255 256 f (I St / us-» direction == SK_DIR_INBOUND) or (Scήιs- »dochec local == cruel) (257 258 // if ehe user deaceivaeed spa kiss we are fmishεd here 259 ιf (Schis->ucontιg-> actιve == 0) (260 Sthis-» SendDebugMessage ("User set SpamKiss to passive mode" I, 261 Schis- »response 0 - new skResponse (SK_RSGR_ACCEPT, SK_RCPT_UC_PASSIVE),

262 return

263) 264

265 // check if we can find a εysce coken with this message

266 ι- ^, (Sthιs- »skc_checksyscoken (StΛιs-» token)) (

267 if (Schis- »ueonf lg» answer_token_request) (

268 J sc (S-ιser, Sdomain) - expiodef® ', Schis »rcpt, 2),

269 Saddress "sprmcfC Vs + tsfflϊs Suser Schis" token Sdomain),

270 Sansωer = spnπc (sκ_EC0_AUT0T0i: N, ON ', Saddress), skCheck.class.php - Printed on 20.12.2003, 13:35:14 - Page 4 271 Schis- »response [) - new skResponse (SK_RSGR_EXRESU, SX_RCPT_IN_REQTOKENOK, Sanswer), 272 return, 273) 275 Sanswer - sprinCf <SK_ECO_AuTOT "OFF", Sthis- »rcp | , 276 Sthis- »response!) - new skResponse (SK_RSGR_EXRESU, SK_RCPT_IN_REQTOKENFAπ ,. Sanswer), 277 return; 278) 279) 280 281 282 283 // Test 'sender' addreεses againεc ehe l εtε 284 // we only can do 1c here as we firsc need 285 // co be sure ehac ue relay this message 28b 2B7 // is Chlε sender known '' 238 f [Stfiis- »skc_checkkιcklιst ISch s> maιl)) (289 sthis-» response I) - new skResponse ISX_RSCR_EXRESU, SK_RCPT_] N_CKX1CK, SX_ECO_K.ICKLIST), 290 return 291 | 292 293 // Jε this sender known »"'294 i (Sthis-askc chec kissliεt (Sthis- »mall) I (295 296 // Well, if we aeeepe his meεsage replace our possibly tokrnized 297 // addiesε wich ehe real one 298 if lstrlen (Sch s- »token)> 0) (799 Sth s-» ιesρonse () = new skResponse (EK_RSGR_ACTION, SK_RES_DELRCPT, Sthis- »taddressl 300 Sthis-» response () - new skResponse ISK_RSGR_ACTION, SK_REShl sADCP - »icpt I, 301 Sthis-» response 0 = new skResponse (SK_RSGR_AcriON, SK_RES_ADDHCADR, SK_HDA_OR1GTO "\ 0" Sthjs »taddressl, 302 | 303 304 Sthis-» response I) = new skPesponse (SK_R5GR_ΛKTCE_INC, 305C 306)

311 // WeJJ, if we accept hiε message, replace our poεsibly tokeni zed 312 // addiess wich ehe real one 313 lf (scrlen (Schιs- »tokeni» 0) (314 Sthis »response!) - new skResponse (SX_RSGR_ACriON, EK_RE £ _DE RCPT, Sthis »taddress), 315 SthJS- .response!) - new skResponse (SK_RSGR_ACT10N, SK_RES_ADDRCPT, Sth s-» rcp), 316 Schis- »response |) = new skResponse (SK RSGR ACTION, SK_RES_ADDHEADR, SK HDA ORIGTO "\ 0" Schis »taddressl,

324 // Js this a possible failure notlce ⁷ 325 j ftschis- »skc_checknotιce 0) {326 327 328 // add a header X-MailClass Noeice for öeccer checklng 329 Sthis» response!) »New skResponse ISK_RSGR_ACTION, SK_RES_ADDHEADR," SK_HDA_C \ 0Not lce "I, 330 Schis-» response I) - new skPesponse ISK_R £ CR_ACCEPT, 331 return, 332) 333 335 ιf (Schis- »ueon g-> la ledmessages - = 0) (336 Sthis- ^ response!) = new skResponse (SK_R≤GR_ACTIOM, ≤κ_RES_ADDHEADP, _K_HDA_CLAS_ "\ 0Unl isced"), 337 hours - »response () - new skResponse lsr_RSGR_ACCEPT, SX_RCPT_IN_FINA) 338 recurn, 339} | 341 SK_RSGR_EXRESU, SK_RCPT_IN_FINAJ _J , sr_ECO_usετθkEN), 342 return, 343] 344 | 345

346 ιf (Sthιs »docnecklocal == fajse) (

347 // nobody wanc 's co check anyching and we εnded up here - ae epe ehe message and Jet 348 // ehe MTA do the rest

349 skis »response!) - new skResponse (SK_R £ GR_ACCEPT, SK_RCPT_IN_FINA),

350 return,

351)

352) 353

354)

355

356 7 » skCore.class.php - Printed on 12/20/2003, 1:35:50 p.m. - Page 1 1 <'PHP 2 / * • 3 • SpamKiss core System 4 * 5 * The real SpamKiss classes, fullfllling all the nice and spicy actions 6 * 7 * © package SpamKiss 8 * Θsubpackage SpamKissCore 9 10 • / 11 12 // SpamKiss eonscants 13 requι e_once ("skconstants php") 14 15 // SpamKiss helper class for sCoring Information about mx εettlngs 16 regu re_once ("skMxlist class php '), 17 18 // SpamKiss helper class for generaClng responεes Co the MTA 19 reguιre_once ("skResponse class php"), 20 21 // SpamKiss - before implemeneation of the MTA Interface 22 reguιre_once ("skCheck class php"), 23 24 // Pear DB package 25 requi le _^ once 'DB php' 26 27 class skCoie extends skDase 2ß (29 var Shostip, 30 var $ hθ5tnam, 31 vai S os do in, 32 var Shelonam, 33 var $ maιl, 34 var $ rcpt, 35 var Srcptdo ain = '"35 var $ domιd α Q, 37 var $ taddress, 38 var Sübcon, 39 var S xlist, 40 var $ bestmx, 4 L var Stoken 42 var $ uιd = SK_ALb USEKI D, // ehe database user d of the local user 43 var $ u ± d2, // if both usera are useis of the system, lea local message 44 var Sresponse 45 vai $ dιrectιon = sκ_Dl _IMDOUND, 46 var $ aconfιg 47 vai Sυconfig 48 var $ rrelay = false // do ve relay for the tεceiver ^? 49 var $ mιelay - false, // do we relay for the sender 50 51 52 υnction skCore () 53 (54 // Λeguesc my configuiations settings 55 Sth 3 »εkgecconf ig (" skcore "), 56 57 // cαnnece co ehe database SS Schis »dbcon = Sthis» skc_connectdb (), 59 60 // on any errorε juεc break - chiε carπeε out ehe default accion of ehe 61 // MTA for th ε tep 62 if (Sthis- »dbcon === faJsel 63 recurn faJse 64 65 Schis- »response.arrayO, 66 Schis-» skc_gecadmιnconf i (), 67) 68 69 funccion skc_destroy () 70 (71 // close conection 72 Sthis- »dbcon-» disconnect (), 73) 74 75 76 funccion skc_checktoken (stoken) 77 (

78 Schis- »Seπ DebugMessage I" Chec mg token "),

79 Sreεult = »Sthis-> skc_query (SK_SQL_S £ LEeτ_TO EN, Stoken, SK_ALL_USEPID, $ c) ιιs-> uιd) ao ifiSresult« aβ false) {

81 5CΛιs-> SendDebugMessage ('Resulc recurns false "),

82 reCürn false, B3]

84

85 // Get the number of recordε found

86 $ counted = Sresul -> f ecchro f)

S7 Sco nted = (integer) $ cαunted [0), es fi9 // return the number of recordε0 Sthis- »SendDebugMessage (" Foυnd Scoυnted atc ing tokens} ") skCore.class.php - Printed on 12/20/2003, 1:35:50 p.m. - Page 2 91 return Scounted, 92 93 94 95 96 funccion skc_checksystoken (Stoken) 97 (98 $ thιs-. »SendDebυgMessage ('Checking ι message contains the systemtoken ") 99 10D 101 102 iftStoken« SC / us-> acon ig-> εystoken) {103 104 // xf xt is the systemtoken, retrieve the token the user erjtered a public token 105 Sresult = Sthis-> skc_qυery ISK_SQL_SELECT_OUTTOKEN St / ns-> uιd), 106 ι {(Sresult === false) or ($ resuit- NumRαws () == 0)) {107 Sthis> SendDebugMessage ("User did not defme a public token"). 100 return false. 109 110 111 // Get the fxrεt lecord found - he εhould on y have one 112 Sr_temp _* $ resυl L -> feLchro () 113> token = Sr_ terop | 0], 114 $ thxs-> ΞendDcbυgMessage I "+ Users pub ic token is

"), 115 116 return _rue, 117! 110 ι etυi n alse. 119 120 121 122 funccion skc chec kissl ist iSaddress) 123 i 124 Sresult = Sthis> skc_quer / (SK_S0 _SELECT_K1SS ST, Saddress, SK_A L_USCR1D Sthis-, ιnd» 125 if [Sresult === false) {126 SLhxs- SendDebugMesεage ("Result teturns false"), 127 return false 120 129 130 // Get the number of records found 131 Scounted = Sresult - * f etchroi (), 132 Scounted = tintegei) Scounted i 0}, 133 134 // leturn the numbei of rccoxds 135 eturn Scounted, 136 137 136 139 unc on skc_checkkιc lιsc (Saddreεε) 140 (141 S esult - Sthis -.skc_φery (SK_ΞQL._SELCCr_KlCKLIST, Saddiess, Saddiess, , Sthis »uid), 142 flSierυlc ... fajs-p) (143 Schis-» SendtiebugMessage (ResulL recurns falsp'J, 144 recurn false, 145) 146 147 // Cet the number of records found 140 Scounted * Sresult> f etchrow {), 149 Scounted - (integer) $ tounted [Q) 150 151 // recurn the numbei of recoids 152 return Scoυnted 153 154 155 156 157 Add a new addiess O the users kisslisc 158 159 Does etactly whac the natne says 160 161 «Scodo add also the coken used in this mail '■' 162/163 funccion skc_addcokιssl ist ($ new__address, $ lflag« SK LFLAG_M EMAIL) 164 {165 166 // first check if it is alreaϋy there 167 Scounted - Sthis-> skc_checkkιssl is (new_ address), 166 169 170 // xf it is not xn the database and we ax a userid not equal SK_ALL_USERXD - add χι

171 i i iScounced == 0) and {Schis-> uιd <> S _AL USERID) and (> xs_booll Scounted))) {

172

173 Sresult = Sthis-> skc_query fSK_SQL_lN3ERT_KlSSLlST, $ new_address, Slflag, $ thιs- * uid, $ chιs> to en)

174)

175

176 j {^ r-suJc = = = false) [

177 Schis- ^ SendDeougMessage ("Inserc returns false"],

178 recurn false

179

180 skCore.class.php - Printed on 12/20/2003, 1:35:50 pm - Page 3 181 return true, 182 183} 184) ("Checking notice from host Sthis-> host p / $ thιs-> hoε name for user £ tfoι.s -> rcpt •).

190 // Valid senders of notxces 191 Ssenders = arrayi 'mailerdaemoπ "" administrator "," postmaster "," «, εtrtoiσwe [$ thιs-> τcpt)), 192 193 // this is only a faxlure notice if before sending part xs xn the list 194 // of valid senderε above, empty or equals the reeexverε address - 195 // this can never be in the recipients part 196 197 198 // splxt the addresε at the 9 character 199 Ixst (Slocal, Sdo ain) = explode \ "®" $ thιs-> maιl 2), 200 201 // check xf the name lε in the allowed ender names list 202 if I ('l n_aι-ray (st rtolower (Slocal), Ssenders)) AND f' π_aπ y [strtoJower (5thjs-> maι 1) Ssendeis))) 203 recurn fβjse 204 205 // check if the sending hoεt is somehow related to some actiαn the usei took a while ago 206 j [Schis-> a c_checkhιstoιy [)) 207 recurn ti ue 20B 209 return ialse 210 211) 212 213 214 nc ion skc__g Cmxl is (address) 215 (216 unset i thi s -? Mκl ist), 217 $ thιε-> tnxl ist = new skN l ist (), 21B 219 // MX xε meant for s ending ail oπJy - we Jiave to fxgure out 220 // to which host we cou d delxvei ails for the domain xn Saddresε 221 222 // splxt the addiess at the & chaiactei 223 J ist (Slocal, Sdomain) - pi eg_sρl xt I " / »/", Saddress), 2? 4 $ Lhιε- ist> dαmam = Sdomain, 225 226 Sthis-> SendDebugMessflge ("Trying to find rnκ config for 'Sdomain''), 227 // find all mλ'es 22β Siεsult - getmxi r {$ domain SmΑ.hαsts, $ weights), 229 xf (t $ ιeεult) and (empcyi mxhoεts))) Sresul - false, 230 231 [Sresult) [232 233 Sthxs> SendDebugMessage CTound MX hosts for domain '$ domaxn '"), 234 // ine but maybe we want to add the domain anyway, if 235 // - ic haε a valid A recoid 236 // - xt is not already m the list, either by IP or by name 237 / / - we dont have anochεi 0 weighted mx 23β

239 // we want all lp addεesses for the mx hosts

240 asorc I $ wexghcs),

241 foreach (Swe ghcε aε Skey => Svalue) (

242 Sxp = gethostbyname lSm> hosts I Skey))

2-53 $ name = ^ xΛoscs | Skey)

244 Sweight * Svalue,

245 i f Istrcmpl ip Sname)) Srname = gethoαtbyadd ($ ιp)

246 ice {

247 Srname = ""

24 ß Sxp "" ",

249) 50 skis -> m / li5 -? x_add (Sweight, Sname, Sxp Srname), 51) 5253 // look for an A record54 Smailhostip - gethostbyname (Sdomain), 55 if (trcmp (Smailhostip, Sdomain)) {56 if ( ^l £ cΛιs- mx-Hst- » mx_hashost: {Sdomain)) {57 // xnβert as lowest record58 S name = gethoεtbyaddr (Smailhostip), 59 5tΛιs-- 'κli9t-> mx_ιnsercloweΞt (1, Sdomain, Smailhostip, Srname) 60) 61) 62} 63 eise {64 // Fallback No x'es, treat host as only mx 5 // But only if the Saddress host has a valxd dns record'6 // We crυεt good dns practxce7 // s> tσdo iet ehe user confxgure ι £ he wants only A, or A and CNAME here8 // gschos-thyname deiivers A records and CUAMΞ's checkdnsrr gxves true even9 // if this host is just a CMAME and has not got An A0 Smaxlhoscip = gethostbyname (Sdomain), skCore.class.php - Printed on 20.12.2003, 13:35:50 - Page 4 271 if (εtιcmp (Sma lhostip, Sdomain)) (272 Schis-> SendDebugMesεage ("Found IP Smailhostip for domain 'Sdomain'." ( , 273 rname - gethosCbyaddr (Smailhostip); 274 $ chιε->mxliBt-> mx_addtl, Sdomain, Smailhoεcip, Srname); 275) 27G 277) 27β 279 if (counc (Sthis- * mylιst-> ιrυell5t) »- 0) ( 2Θ0 Schis-> SendDebijgMes5age ("'There is no way Co send messages to' Sdomain '") 2ΘI return faj≤e, 2Θ2) 2B3 284 Sthis-> bestmx - $ chis-> mAl is t-> π_l ist | 0) , 295 // var_duιnp (Sth s-> mxlιsc, Sthιs-> eseιτuc J, 2B6 recurn true, 267) 286 289 / * • 290 • validate an RFCB22 Address 291 292 * Does e <acc] y has the name says 293 * 294 * © todo Setter checklng 295 • / 296 funccion skc_valιdace (Saddress) 297 {298 Sthis> SendDebugMe5sage ("Vai ldat ing address 'Saddress'"), 299 300 // paccern co validate ema i addiesses 301 SpatCern - SK_MAIL_CHECKPATT / in case of incoming messages, even an em pey sender add ess lε allowed 304 // these can be error messages 305 f (ISth s-> dιrectιon == SK_DIR_INBOUND> and IstrJenl tr m (Saddress)). = 0)) 306 return true, 307 30S // validate marriage given address agamst the pattern 309 if (preg_macch (Spateern, Saddress)) 330 return erue, 311 332 // this sa bad address 313 Schis-> SendDebugMessage ("* Saddress le not a valid email address"), 314 return djse 315) 316 317 318 / ** 319 * Check an address .or a token 320 321 * Ho do we find out, if th s is a token or just part of the naι «e"> 322 'Well, oπl y one tokenchar is J lo ed in the local address part 1 C 323 * there is one, bur it not a token - hrnmmtn 324 325 * θiecurn address 326 * © todo better e pression checking '' • 327 • / 328 Funccion a c_splιttθken [) 329 (330 Sthxs -> SendDebugMessage / "Lookmg for a token in ^• $ chjs-> rcρ '"), 331 332 // What xs the token char " ³ 333 Stokenchar =" * ", 334 335 // Pattern to idencify a possxble token by assumxng that at least 136 // one dot should be preεent in the local part of the address 337 Spattern = "/ ^* (") + \ + + ( ^* \ s) * $ / ι ", 338 339 // split the address at the ö εign - address is valid because we 310 // check that before 341 listsSlocal, Sdomain) = explodef "®", $ thιs-> rcpt, 2), 34 Sthis-> rcp domain = Sdomain, 143 144 // do a regex atch and splxt the address if it conta ns a token 345 if Ipreg match (Spattern, Slocal)) {246 347 // Token should be from last tokenchar co end of string 34fl // and remove the trailing tokenchar 349 Stoken = subscrlstrrchr (Slocal, Stokenchar) , 1), 350 // Stoken = substr (Stoken, 0, εtrlen! $ Coken) - 1), 351

352 // Get the rest of the the local address

353 Slocal = substr (Slocal, 0, strlen (Slocal) - strleniStoken) - 1), 354

355 Sε i≤- ^ SendDebugMsssagef "Sliced out token 'Stoken * and address Slocal' ^• ),

355

257 // disturb marriage token xn marriage preperty

256 Sthιs ~ * cDk n = Stoken,

359

360 // disturb the origjJiaJ address skCore.class.php - Printed on 12/20/2003, 1:35:50 p.m. - Page 5 361 Schis-> taddress = Sthis-> rcpt, 3S2 353 // disturb your address 354 Schιs-> rcpt - sprmtf ("ts®ϊs ", Slocal, Sdomain), 3.S 366 367) 36β 369 // At ehe time, Chiε allways returns true as we check ehe address and token later 370 return true, 371) 372 373 function skc_checkrela (Saddress) 374 (375 375 // spiit the address ae the & sign 377 lιse (Slocal. Sdomain) = expJodef '© *, Saddress 2), 378 379 SresuJt - Sthis- »skc_query (SK_SQL_SELECT_RE AY, Sdomain), 3S0 383 // recurn true if we know aboue ehe receiv g domain 382 ιf ((SresuJt »nuιnüo» sl) »0) AND I 'SresuJt. == false)) [383 Schis-> ΞendDebugHessag (' Do a in Sdomain found in relaydomains - internal") 384 recurn true , 386 eJse 387 Schis-> SeπdDebυg essage ("Domain Sdomain not in relaydomains - external"), 308 389 return faJse, 390 391) 392 393 394 395 funccion skc__chec dιf f omalnf n, Sout) 396 (397 398 // sp ic the address at the & sign 399 J st (Sm__Jocal, Sm _^ do am) ■ = expJodel'® ", $ m, 2) 400 1 ist ($ oυc_local, Sout_doma n) - explode (" © ", SoυC, 2), 401 402 Sdoms = Schis ^ Ξ ) -c_queryassoc (SK_S01._SELECT_D0MAIH, Sm_do aιn, S out_ doma in) 403 404 l ficeunt (Sdoms) = »2} (405 Sthis> SendDebugMessage (" LocaJ domains S π_domajπ / 5out_dσmal /) 40 dlfferent ") 407) 408 4D9 Schis> SendDebugMessag ^p ("LDcal domains Sm_doιnajr) / out_dσmaιrι are the same -) 410 return false, 411 413 414 // function skc_chec) mtemalmessage (Saddi essl 415 // (416 // 417 // // spJ t the address at the fi> sign 418 // lisc '$ JocaJ, Sdomain) = explode (&' Saddress, 2), 419 // 420 // Sresult = Sthis-> skc_query {SK _^ S01._SFLECΥ_RELAY Sdomain) 421 422 // // retrurn crue lf we know about the receivmg domain 423 // xff fSreεult- ^ nu RowεO> O) AND f'Sreεulc = • = = false)} {424 // Sdata = Sresult f cchRow () 4 5 / / Sthis-> SεndDebυgMessage ('Recei ver is internal "), 426 // recuin crue 427 //) 42θ // eJse 429 // Sthis> SendDebugMessag ('Receiver is external ") 430 // 431 // return false, 432 // 433 //) 434 435 funccion skc_cneckhιscory () 436 (437 // go through all the tests and rate this message Return the rate or false 436 Srate = 0, 439 440 Sreversehost = gethostbyaddrlSthxs> hostιp),

441

442 // If it has no reverse mapping, lec the admxn decide if he wan 's

443 // co accept chac and take the helo name xnstead or refuεe the message

444 ιf ('scrempf Srever≤e.host ₍ Schxs-> hostip)) (

445 chxs-> SendPebugMessage ("'The sending hose Sthxs-> hoscιp does noc have a reverse DMs encry")

446 xft $ thxs-> acon £ ιg-> £ orcs_reverse ≤ <ιstencs) 447 recurn false,

44B)

449 ice

450 Schis-> SendDebugMessage ("Found Sreversehoεt as reverse DHS entry for sending host Sthis ^ oscip"), skCore.class.php - Printed on 12/20/2003, 1:35:50 pm - Page 6 4SI 452 453 // here we f rst cake ehe reverse na e of ehe hose which conneceed 454 // and check lC aga sC ehe do aintable join logtable seruceure 455 // Did so ebody send a message Co th s domain reeentJy? 456 // rscodo regard user seteingε for dayε and hecter time seuff 457 Sresule - Schis-> skc_query (SK_SQL_SELECT_DOMh ^, IST, Stήιs-> uid, StJus->aconfig-> hi5tcheck_timedlff, Sreversehost), 458 - £ ('Sresversehost), - faJse) and (Sresule-> numRows ()> 0)) {45S // fme - we acched ^■ >) 460 Sthis-> SendDebugMessage {"- 'Reverse en ry agamst domaintable' check was just wonder ul."), 461 Sraee + ■ 100, 462 j 463 eJse 464 Sthis> SendDebυgMessage ("'' Reverse entry againsc domaintable * check was really awful"), 465 466 467 // checc the reverse Chmg agamsC ehe mx liscmgs and cry to find a domain chat macches 46B SresuJt • SthlB- »skc_query (ΞK_SQL__ELECT_ XHIST, Sthis> uιd, Sthis _> aconfιg-> hιstcheck_timedlff, Sreversehost," reverse "), 469 ιf (('Sresult === iaJsen)) and ISows (nu)> nu ) {470 // fme - ue matched 1) 471 Schis-> SendDebugMessage ("- 'Reverse entry agamst mxtabJe' check was} usc wonderful") 472 Siate + = 1000, 473) 474 eJse 475 sthis-> SendDebug Message ("'' Reverse entry againsc mxcable 'check was really awful"), 476 477 478 // check ehe hoεcip againsc ehe πt \ listmgs and ery eo find a domain thae matches 479 SresuJt - Sthis-> skc_query ISK_SQL_ΞELECT_MXHIST, Sthis> uld , Schis ..acoπfig-> hιstc eck_t liπedl ff, Schis- _> hoscιp, 480 lf (('SresuJt === fajsel and (Sresult ^ nu Rowsl)> 01) (481 // fme - we matched il 482 Schis ^ SendDebugMe ≤εage ("'Host ip against mytable' check was} ust wonderful"), 483 Siale i. 10000, 484 | 485 eise 406 Sthis- »SendDebυgMessage ("'' Host ip entry against mxtable 'check was really awful ") 4B7 4ßö Schis- ..SendDebugMeεeage (" Eπd up with a rate of Srate for hiεtory checking "), 489 490 // possible lαtes aie gieaLei 20 000,>1000,> 100, 10, == J0 491 lflSrate> Sthιs --- acon ig> hιstcheck_ιninrate) 492 return true 493 494 | 495 496 function skc_sa vedom is t ory () 497 (498 499 SsgJ = 5O0 // read oi Update the doma n tab e 501 5D2 // is the recip ents domain in s domain * 503 SresuJt - Sthis> skc_query ISK_SQL_SuLEcT_DOM, Sthis> rcptdomaιn), 504 f ((! SresuJc === faJse) and (Sreεu t -> numRows (I == 0)) {505 // not n - add it 506 Sthis- = .doιτud = Sthis->dbcon-> next 1D (SK_SQL_D0M_ΞEQ !, 507 SresuJc - Sthis-> s c_query (SK_SQL_I SERT_DOM, Sthis-> domιd, Sthis- »rcpcdonain), 50B iflSresuJc === faJse) (509 Sthi3- ..SendDisuging> Add rcptdomaιn to domaintable failed ") 510 recurn false, 511) 512 eise 513 Schis-:> SendDebυqMessage (" Added 'Schis->rcptdomaιn' to domaintable '}, 514) 515 eJse (SIE Sdaca • = SresuJ t -> £ ecchRow ( ) 517 Schis sdomld = (ncegei) SdacalO), 518 J 519 520 // is ehe domams mx sec in s_mxrecord '521 SresuJc = Schis-> skc_query (SK_SOL_SELECT_M /, StΛJS-> domid), 522 lf ((' Sresule - « faJse) and (resuJ t-> numRows () == 0)) {523 // not in ■ add IC 524 t ^" oreach (Sthιs->mxlιsc-> rrιxltst as Sυalue) (525 SvarrayO = array (Sthis-» domid, SvaJ ue! 'weight'), SvaJ ue ("hostname '1, Sval ue (" m.cip "), SvaJue [" reverse ")) 526) 527

528 Spreguery = St ls-> dbcoπ-> prepare (SK_SQL_INSERT_KX),

529 SresuJt - Sthis> dbcon> e ^ ecuceMult ple (Spreguery, Svarray),

530 iflSresuJc _ = = faJse) {

531 Schis- SendDebugMessage C 'Adding domain' Schis-> rcptdomaιn 'to mxtable failed "),

532 return false,

533)

534 eJse

535 Schis - »SendDebugMessage ('Added' Schis-> rcptdomain 'co mκtable -), 536

537)

538 skCore.class.php ■ - Printed on 12/20/2003, 1:35:50 p.m. - Page 7 539 return true, 540} 541 542 funccion skc_logtranεactιon (SJfJaeτ, Su d, Sreason - 0) 543 (544 // ∑f we do noc have a userid here, xt might be a message 545 // for β υεer not in db Take the all userid aε a fallback, 546 // which s se as a defauJt vajue for Sthιs-> υιd 547 548 // If the sender is empeγ, Cell xt Co ehe peop e 549 ιf (εerlen (trιm ($ Chιε-> maιl)) - 0) 550 Sthιs-> maιJ = "ERROR © ¹¹ Sthιs-> hostname 551 552 // GeC a rowid and Store it for posslble εaving of a hiεtory record 553 Srowid - Sthiε-> dbcon- »ne-JtlD (SK_SQL_LOC, _SE0>. 554 SresuJt = St / us-» skc_query (SK_SQL_INSERT_LOG, Srowid, Suid, Schis »d. direction, Schis-> dom , 555 Schis »maij, Schis> rcpt, Schis» token, Slflag, Sreason), 556 557 ι (SrεsuJC === faJsel (558 Schis- »SendDebugMessage (" I Insert returns false "), 559 return faise, 560) 561 562 563 ιf (Schιε »aconflg -» log_admιn_ιnf oϊ (564 SresuJc = Schis > skc_query fSK_S0L_INSCRT_ALOG, Srowid, Schis »hostname, Schis-» hostlp Sthi s- »heloname), 565 566 iflSresulc ==. faJse) (567 Schis- SendDebugMessage ('' Insert leturns false), 568 return false, 569) 570) 571 572 return ciue 573 574) 575 576 function ske getadmlnconf lg () 579 Sresult = Schis- »Ξ c_queryascoc (SK_S0L_SEL £ CT_ACONFIG), 580 501 // Recurn false, if the th g is empey 582 if ['SresuJc === faJse) 583 Schis- »aconfig = new skdbConf i (SresuJ t), 564 eJse (585 Schis-» SendDebugMessage ("'Syscem conf lgυrac lon could not be read'), 586 recurn false, 587) 508 589 Sthiε- »SendDebugMessage ('SysLem configurat lon εet'), 590 i ecuin t rυe, 591) S92 593 594 funccion s c_gecυserconf g 0 595 (596 597 SresuJt - Schis- »skc_queryasso (SK_SOL_SELECT_UCONFIG Schis» uldl, 59B 599 // Return false, lf the chlng is empey 600 r ^" ('SresuJc =« = faJse) 601 Schis »uconfig = new sl'dbconf ig (SresuJ ), 602 eJse (603 Schis »SendDebugMessage ("'User conf lgurat lon could not be read ") 604 recurn faJse, 605) 606 607 Schis» SendDebugMessage ("User conf lguLation set") , 608 recurn true, 609) 610 611 / •• 612 ^♦ Retrieve a userid 613 614 * Does exaccly what the na e says 615 616 • Θreturn boolean true if user exiscs, eise false 617 * Qcodo also fill the user conflguration objeet

618 _

619 funccion skc_getuserιd ISlocaJ_user)

620 (621

622 SresuJc - SChiε- »skc_querγ ISK_SQL_SELECT_USER SJocaJ_user), 623

624 // Λecurn before uid or just SK_ALL_USεPID

625 ιf ((Sresule »numRowsl) = - 3) ('SresuJt - = xaJse)) (

626 Sdaca - Sresule- »fetchRowO

627 Sthiε- »uid - (integer) Sdaca [0],

628 Schis- »SendDebugMessage (" userid is sthis- »uid"), skCore.class.php - Printed on 12/20/2003, 1:35:50 p.m. - Page 8 629 Schis- »skc_getusercon £ ι 0, 630} 631 eJse (632 Sthi s -» SendDebugMessage ('! User for address' $ local_user' not found "), 633 recurn false, 634] 635 636 637 return true, 638} 639 640 6 1 644 Sargs - func_get_args I). 615 SsgJ = caJJ_user_runc_array ('sprlncf', Sargs), 646 Sthis» SendDebugMessage ("Sending qυery SsgJ ', 10), 647 SresuJt - Sthis- »dbcon- query (SsσJ), 648 650 if (DD ιsError (SresuJt)) (651 Sthis-» SendDebugMessage 1 "'Failed" SresuJ t -. GcCMessage 0), 653 ) 654 655 leturn ult, 656 657) 658 659 function skc_queryat.soc () 660 (

664 SresuJc = Schis »dbcon» getAssoc (Ssg), 665 667 f ιsError (SιesiJJC)) (670) 671 673 674) 675 676 function skc _^ connectd () 677 | 680 Sthic- cαn £ lg- -rdbrns, 681 Schis- »conf ig-» user, 682 Sthj s- »con ig-» pass, 6G3 Sthis- »con ig-» host, 604 Sch s- »conf ig» db_name ) 6B5 688 689 Sdh - DB connect (Sdsπl 690 693 f (DB isError (Sdh)) (S94 S his- »SendDebugMessage (Sdb-» getMes age ())

695 Sdb = faJse

696 |

697 eJse

698 Schis »SendDebugMessage [" Connected to dacabase Sdsn "), 699

700 return Sdb

701

702)

703

704)

705

706 '» sk esponse.class.php - Printedon 12/20/2003, 13:36:35 - Page 1 1 <? php 2 3 4 5 c ass skResponse exeends skBase 6 var Scode; // The reεult code send to the serves // The group code from ehe check routmes - eranslated into Scode // The infor ation code - for logging purpoεeβ // The Statement caεe of an action or ehe εκ_RSGR_εXRESV group // Aceion or adv ce // Error, TransiClon or Final

15 16 function skResponse (Sgr code, $ ι code, Sstacemenc = 17 (18 Schis- »gr_code = Sgι_code IS Sthis-» ι_code = $ ι_code, 20 Schis- »scatement = SsCaCemenC, 21 22 // Prepare before response objecc 23 Schis - »skr_setResponse (}, 24

25

26 function skr _^ setResponse (1

27 // the fault type and state

29 Sthis- »type = SK_TYP_ADVICE,

30 Sthis- »State» Sk_STA FINAL, εwitch (Sthis-> gr_code) f caie SK_RSGR_CONTIN Sthis »code = SK_RES_tONTIWUE,

36 Sthis »State - SK_STA_TRANΞ,

37 break, case SKJ * SGR_CDNFIN

39 Sthis »code - SK_RC3_COHTIWυC, 0 break, 1 case SK RSGP ACCEPT2 Sthis» code - SK_RES_COWTlNυE, 3 break4 caεe SK_RSGR_REJECT5 See ε »code = SK RES CONTINUE, 6 break, 7 case S _RSGR_TMFA_0_ breakI code» break 0 case SK_RSGR_EXRESU1 Schιs-> cαde = SK_RES_CXCODE, break, case ΞK_R GR_ACTIOM Sthis- »code = Sthis» l_code Sthis- »type = SK_TYP_ACTION, Sthis-» sCate = SK_STA_TRAMS, break, default // the dehi-ls to continue »Code = SK_RES_CONTIWUE, Sth s-» cype - SK_TYP_ADVICE, Schis- »scate« SK_STA_TRAW_, break,

funccion skr_dιspacchPesponse () (swicch (Sthis- »code) (case SK_RES_CDNTINUE return SK_RES_CONTINUE" \ 0 "Schis-» type "\ OCONT1NUE", breaki case SK_RES_ACCEPT recurn SK_RES_ACCEPT "\ 0" \ Sc breakιs-CEPT case SK_RES_REJECT return SK_RES_REJECT "\ 0" Schis- »type" \ 0REJECT ", breaJc, case SK_RES_TMPFAIL recurn SK ~ RES_TMPFAIL" \ 0 "Schis-» type "\ 0TEMPFAIL", hreaJ; case SK_RES_EXCODE. recurn SK_EES. Skis »cype" \ 0 "Skis» scacement break, case SK_RES_ADDHEADR return SK_RES_ADDHEADR "\ 0" Skis »type '\ 0" Skis »Statement, break, case SK RES ADDRCPT. skResponse.class.php - Printed on 12/20/2003, 1:36:35 p.m. - Page 2 91 return SK_RES_ADDRCPT. 92 break;

93 caεe SK_RES_DELRCPT; 94 recurn SK_RES_DELRCPT. "\ 0". Sthis- »type. ^» \ 0 'Sthis->εtatemeπt; 95 break: 96) 97) 96 99

100)

101

102?>

sk xlis ciass.php - Printed on 12/20/2003, 1:37:08 PM - Page 1 1 «'PHP 2 / ** 3 * SpamKiss core syscem • 4 * 5 _* The real SpamKiss classes, fullfllling all the nice and spicy actions 6 ^♦ 7 * © package SpamKiss 8 * ffisubpackage SpamKieeCore 9 10 * / il 12 class skMxlist extends skBase 13 | 14 var $ mxlxst 15 var $ mxxtem 16 var Sdomain 17 Iß function skMxli3t () 19 {20 Sthis-> Sr ^, geCcon-: ιg ("skmxlist ^■ J, 21 $ thιs-> xlιst = arrαy (), 22) 23 24 funccion x_add ($ wexgh, Sname, $ xp, Srname) 25 | 26 Sokay = true, 27 28 Sthi ^ SendDebugMessage ("Processing MX 'name' with weight Sweighf) 29 30 Sthiε-> mxι tem = airayi), 31 Sthxε- > mxιtem ("eighC"} _* $ we ght, 32 Sthiε> mxιteτnf hostname "] = Sname 33 Sthxs> mxιtem I" tn ip '] = $ xp, 34 Sthis> mxx tem | "reverse'] = Siname, 35 36 // check if this is a valid record contaming data m all fields 37 foreach ($ Chls-

as Skey => $ value) 30 xf (emptytSvalυe)) {39 Sokay a false, 40 Sthxs> SeπdDebugMessage ( ^■ 'Mi33ing' $ key * "), 41) 42 43 f (Sokay) (44 Sthis-> mκl lsc [ ] = ch s-> mxιcem 45 Schis-> SeπdDebugMessage ("Adding MX Sname '"), 46 {47 eJse 48 Sthis- SendDebυgMessage I "Ignoring MX' Sname '"), 49 50 us eC {5ch is> πwltem}, 51 return Sokay, 52 53) 54 55 function m / _ιnsect lo est (Sweight, Sname, Sip, Srname) 56 [57 Sbackup * $ thιs-> m. '} LBt, 5Θ SChxs- array I), 59 xf (Sthis -> ms_add (SweighL, Sname, Sip, $ rn me) \ 60 Schis-> mκl isc = array_merge (Sthiε> rτ lιst, Sbackup), 61 eise 62 Sthis-> m lxst = Sbackup, 63} (series)

67 foreach (Schis-> mxlιεt as Sjcernl (68 i ('strcmp ($ crιt, $ tem ("host name"])) 69 recurn true, 70

71 if (> scrcmplScrit, Sx Cent ("xip" J))

72 recurn crue

73) 74

75 recurn false,

76) 77

78 funccion mx_hasweιght (Sweighc)

79 (

B0 foreacΛ (SCΛιs-> mκllst as Sicem) (

81 lf ('strc pliwe gnt, J teml "weight")] |

82 recurn crue,

83) 45 return false, 6 {7S} 90 ^• , skConfig.class.php - Printed on 12/20/2003, 1:37:32 PM - Page 1 1 7PHP 2 / • * 3 * SpamKiss Cαπfig file 4 * 5 * Configuration options for the spamkiss system, included by skSase class 6 "7 * © package SpamKiss 8 * Θsubpackage SpamKi-sCore 9 • / 10 11 cJass skConfig 12 | 13 14 funccion skcon ig (Sconflgdaca) 15 (16 foreach (Sconfigdata aε $ key => $ value) l ^" ? Sthis-> $ key» Svalue , 18) 19 20 21) 22 23 cJass skdbConfig excends skConfig 24 (25 26 funccion skdbConfigf Sconflgdaca)

27 (

28 foreachiSconfigdata as Skey => Svalue) {29

30 lf (preg_match ("/ ^* <| 0 9) +) 5 / ^B , Svalue))

31 $ value = (integer) Svalue, 32

33 Sthxs-> $ key = Svalue,

34)

35) 36

37

38 y

39 0 1 ^• >>

skConstants.php - Printed on 12/20/2003, 1:37:49 p.m. - Page 1 1 <? php 2 3 // Overall conεtantε 4 ε in ('SK_AL _USERID', 0), 5 dafineC SK CFG_VAΛNAME ',' ≤kconfig ' ) // Array m globalε contammg all the configuration objects 6 def-ne ('SK_CFG_FILE', '/ home / exports / deveJopment / spamkiss / spamkiss im'), 7 define ('SK_RES_DELIMITER', "*"«"); e definel SK_CFG_TOKEN '' IVs) "l, 9 10 11 // Mail direction 12 define ('SK_DIR_INBOUND', 0), 13 defαne (, 1), 14 deflnel 'ΞK_D1R_L0CAV, 2), 15 ιe I -i (az) (2,) S / i "),

20 21 // SQL Ξtatemencs 22 deflnel 'SK_SQL_LOG_SεQ', "u_log"), 23 definef SK_SQL, _DOM_SEQ "s__domain"), 24 deflnel 'SK_SOL_MX_SBQ, "s nxrecord'), 25 deflnel 'SK_SQL_INSERT_LOG' ^■ INSERT INTO u_log VA1ΛJES ( Vs, Vs, NOW I),% s, Vs'Vs''ts''Vs' Vs, Vs) "), 26 deflnel 'SK_SQL_INSERT_AJ _J OG'" INSERT INTO a_log VALUES (Vs, 'Vs''Vs'' Vs ')'), 27 definel 'SK_SOL_SELECT_TOKEN, "SELECT countCI as counced FROM u_coken WHERE tcoken =' Is 'and taccive = 1 and uid in (Vs Vs)" 7 2β deflnel' S _S0L_SELECT_OUTTOkEN ',' SELECT ttoken FROM u_tok. n WHERE ttype = 1 and tactlve - 1 and uid.% s "), 29 deflnel 'SK_SQL_SELECT_KISSLIST', 'SELECT count (') as counced FROM u_kιsslιst WHERE s ail - 'Vs' and uid in (Vs Vs)), 30 defmel'SK SOL_SELCCT_KICKLIST ', "SELECT counCI as counced FROM u_kιcklιst WHERE kcmail -'ϊs' and uid in (Vs, Vs)) 31 define ('S _SQL_INSERT_KISSLIST', 'INSERT INTO u_kιεslιst VALUES, (N,' Vs ), Vs, Vs, 'Vs) "), 32 defmel' SK_SQL ~ SELECT_INTHOST '"SELECT • FROM a_ιnternaJ_host WHERE ip in (Vs)"), 33 definel 'SK_SQL_SELECT_RELAY', "SELECT rid FROM a_relaydomaιn WHERE 'Vs' REGEXP rdomain '), 34 deflnel' SK_SQL_SCLECT_DOMAIN '' SELECTdom rainain FROM a relay s' REGEXP rdomain) and ('Vs' REGEXP rdomain)'), 35 deflnel SK_SOL_SELCCT_USER ', "SELECT uid FROM u_maιl WHERE maddress -'Vs'" |, 36 definel 'sκ_SQL_SELECT_UCONFIG', "SELECT usname, uEREue FROM u settings uid = Vs "), 37 define ('SK_SQL_SELECT_ACONFIG'," SELECT sname, svalue FROM a_setclngs WHERE sname not like 'u_V>"), 38 def nel' SK_SOL_SELECr_DOM '," SELECT dld FROM s domain WHERE dname =' Vs •) , 39 definel 'SK_SQL_INSERT_DOM', 'INSERT INTO s_domaιn VALUES (Vs,'Vs')"), 40 definel 'SK_SQL_SELECT_MX'," SELECT dld FROM s_π_ <record WHERE did -% s "l, 41 definel 'SK_SQL ~ INSERT_MX' , 'INSERT INTO s_mxrecord VALUES (i, ^■ > ^■ >, ^■ > ^■ >) "), 42 definel' SK_SQL_SELECT_DOMHIST ',' SELECT A dname FROM ε_domain AS A INNER JOIN U_log A S B ON A dld = B Idom WHERC Idir = 1 AND ~ uιd = Vs AND ITO_DAYSI NOW ()) TO_DAYS | B ldace I) <Vs and 'V' LIKE CONCA I 'VI, A dname) "), 43 deflnel' SK_SQL_SELECT_MXHIST '," SELECT Λ hoscname FROM s_mxrecord AS A INNER JOIN u_l og AS B ON A did - B Idom WHERE Jdir - 1 AND uid = Vs AND ITO_DAY≤ (NOW ()) - TOJ3AYS IB ldace) I c Vs and 'Vs' = Vs ") 44 45 // Flags fo additions co the kissliεt 46 defines 'SK_L, FLAG_MEMΛIL', 0) , // I send hi a message 47 defines SK_LFLAG HCMAIL ¹ , 1), // / Je send me a message with valid token AB defme ('SK_LFLAG_MEWEB' 2) // I put Chis here via ehe web interface 49 definel 'SK_LFLAG_ EIMP ', 3), // I imporced this from ad fferenc source 50 51 52 // Check reεulcs 53 54 // Reεulc groups fieCumed wich eu resu c onjeccl 55 defines' sκ_RSGR_CONTJN, 500), // ConCinue checkmg - is 56 def nel 'SK_RSGR_CONFlN', 510), // ConCinue checking, buC final result 57 deflnel 'SK_RSGR_ACCEPT', 520), // Accept the message - s final 58 def ne ('SK_RSGR_REJECT', 530), // RejecC ehe message - is final 59 def ne ('SK_RSGR _TMFAIL '540), // DecJare before message as Cemporary failed - lε final 60 deflnel' SK_R≤GR_EXRESU '5S0), // Return extended SMTP resule is final 61 definel' SK_RSGR_ACTIO '560), // Recurn to a elon 62 63 // Connecc βcace 64 definel 'SK_CON_HOST' 1000), 65 definel SK_CON_IP ', 1010), 66 defines' SK ~ CON_PROTO', 1020) 67 deflnel 'SK_CON_PORT' 10301, 68 definel SK_CON_FINAL, 1050), 69 70 // HBLO scace 71 definel 'SK_HELO_H0ST', 2000), 72 definel 'SK_HELO_FINAL', 2050), 73

74 // MAIL State

75 definel 'SK_MAIL_VALIDATS, 3000),

76 deflnel 'SK_MAIL_OT_USERID', 3010),

77 deflnel 'SK_MAIL_OT_RELAY', 3020),

78 deflnel 'SK_MAIL_FINAL', 3500), 79

80 // RCPT scate

Bl deflnel 'SK_RCPT_VALIDATE', 4000),

82 definel SK_RCPT_TOKENSPLIT ', 4010),

83 define ('SK_RCPT_OT_CKLOCAL' 4100) 94 deflnel'SK RCPT OT CK X ', 41101 skConstants.php - Printed on 12/20/2003, 1:37:49 PM - Page 2 85 define ('SK_RCPT_OT_SVX •, 4115); 86 define ('SK_RCPT ~ OT_FrNAL', 4200); 87 definel 'SK_SCPT_IN USERID', 4310), 88 de ine ('SK_RCPT_IN_CKLOCAL', 4315), 89 definel 'SK ~ RCPT_IN_CKRELAY'. 4320); 90 definel 'SK_RCPT_UC_PASSIVE', 4330), 91 deflnel ^• S _RCPT_IN_REQTOKENOK ', 4335), 92 deflnel' SK, _RCPT_IN_REQTOKENFAIL ', 4336), 93 definef' SK_HCPT_IN_CKKICK_ '' SKEL '', 4340), 94K), 95K 'SK_RCPT_IN_CK OKEN', 4360), 96 define I • SK_RCPT_IN_CKNOTICE ', 43701, 97 definel' SK_RCPT_IN_FINA ', 4500), 9 ^β definel' SK_RCPT_LC_FINAL ', 5000), S9 100 101 // SMTP proCocoles flow 102 // Response define l'SK_TYP_ADVICE ', 0). 104 define ('ΞK_TYP_ACTION', 1], 105 106 // Λdvices 107 def ne I 'SK_RES_CONTINUE, 0), 108 defines'ΞK_RES_ACCEPT', 1), 1D9 defines' SK ~ RES ~ REJECT ', 2), 110 def nel 'SK_RES_TMPFAIL', 3), 111 definel 'SK_RCS_EXCODG, 4), 112 113 // Actions 114 definel' SK_PES_ADDHEADR ', 20), 115 defines' SK? ES_ADDRCPT', 30), 116 definel 'SK ~ RES_DELRCP' 40], 117 118 // States 119 def in t 'ΞK_STA_TRANS', 200). 120 definel 'SK_STA_ERR, 2011, 121 definel' SK_STA_FINAL ', 202), 122 123 124 // SMTP Action patcerns 125 // Header ε 126 definel SK HDA ORrGTC "' X-OnginalTo '), 127 definel SK_HDA_CLASS', 'X MailClass ), 126

129

130 // Scatemeπts

131 definel 'SK_CCO_AUTOTOKEN' '550 5 5 0 Token Vs - == lε'),

132 deflnel 'SK_ECO_USETOKEN', 550 5 5 0 Use a token to send messages See ytoken com for ore infoimation ')

133 define l 'SK_εCO_KICKLIST' 550 5 5 0 Your messages has been blocked because your address is on the users kicklist '),

134 defines ^• SK_ECO_NORELAY ^• 550 5 5 1 Relayiπg denied '), 135

136 ^■ >>

Claims

claims:

1 . Procedure for blocking unwanted emails with steps a. a sender obtains or receives the e-mail address of a recipient b. a transmitter additionally procures an automatically provided key c. if the sender sends an e-mail to the received or procured e-mail address together with the acquired key, then the e-mail is not blocked and reaches the recipient in full; d, dadurc h marked, e. that the sender actively procures an automatically provided key to send the email.

2. A method for blocking unwanted e-mail according to claim 1, characterized in that a sender of an e-mail that is provided with the appropriate key can be included in a positive list and key use for this sender is then omitted can, the transfer to a positive list preferably being carried out by the recipient sending the e-mail back to the sender. , Method for blocking unwanted e-mails according to claim 1, characterized in that a negative list is provided in which the recipient can enter sender at any time, also from the positive list, so that the e-mails of these senders are blocked. Method for blocking unwanted e-mails according to one of the preceding claims, characterized in that the key of a sender from the negative list automatically becomes invalid

Method for blocking unwanted emails according to one of the preceding claims, characterized in that each sender has to obtain an individual, automatically provided key for each recipient

Method for blocking unwanted emails according to one of the preceding claims, characterized in that a sender receives only one automatically provided key per time unit

Method for blocking unwanted emails according to one of the preceding claims, characterized in that the automatically provided key is a variable part of the recipient's email address

Method for blocking unwanted emails according to one of the preceding claims, characterized in that a service provider provides the keys for several recipients separately, automatically. Method for blocking unwanted emails according to one of the preceding claims, characterized in that the automatically provided key via Internet is transmitted to the broadcaster

Method for blocking unwanted e-mails according to one of the preceding claims, characterized in that the automatically provided key is sent via the Internet the sender is transmitted and the E-Mai is not blocked only in connection with the Internet address used in the procurement. ,

1 1, Method for blocking unwanted e-mails according to one of the preceding claims, characterized in that the automatically provided key is transmitted to the sender via direct connection, by mobile phone or landline phone.

1 2, Method for blocking unwanted e-mails according to one of the preceding claims, characterized in that a sender who sends a message to the recipient without a suitable key is automatically asked to separately obtain a key. 3. A method for blocking unwanted e-mails according to one of the preceding claims, characterized in that a key for encrypting the e-mail is provided with the automatically provided key. 4. The method according to one of the preceding claims, characterized in that a key is exchanged for a new one within a time interval and the old exchanged key loses its validity with the exchange or a predetermined or freely selectable time later. Device for blocking unwanted e-mails according to one of the preceding claims, consisting of servers and / or computers which are connected to a network, characterized in that means are available from the prior art (US 2003 / 02002ό7), means for au- Tomαtized provide a key are available, means for blocking e-mails that are sent without a key are available. 6, device for blocking unwanted e-mails according to one of the preceding claims, characterized in that keys are managed and provided automatically by a computer or server, the keys being generated by a random generator,

7. Device for blocking unwanted emails according to one of the preceding claims, characterized in that the keys automatically provided by computers or servers are automatically transmitted to the means for receiving the emails, device for blocking unwanted emails according to one of the preceding claims, characterized in that the server or computer which provides the keys automatically provides protective devices against the automated procurement of keys,