ratfs – mail address ratification file system


ratfs [ -d ] [ -c configuration ] [ -f classification ] [ -m mountpoint ]


Ratfs starts a process that mounts itself (see bind(2)) on mountpoint (default /mail/ratify). Ratfs is a persistent representation of the local network configuration and spam blocking list. Without it each instance of smtpd(6) would need to reread and parse a multimegabyte list of addresses and accounts.

Ratfs serves a control file, ctl, and several top level directories: trusted, deny, dial, block, delay, and allow.

The control file is write only and accepts three possible commands:


rereads classification and configuration  

debug file

creates file and sends debugging output to it.  


closes the debug file and turns off debugging  

The directory trusted serves a file for each IP range from which all mail is trusted. The names of the files are CIDR blocks; an IP address or an IP address followed by #n, where n is the number of bits to match. To check if any IP address falls in a trusted range, it is sufficient to open the file whose name is the IP address. For example, if trusted contains only the file, an attempt to open the file will succeed while opening will fail. To determine the particular range matched, dirfstat (see stat (2)) the open file and the name field will be the matching CIDR range.

The trusted ranges come both from the ournet entries in the file configuration (default /mail/lib/blocked) and from creates, typically done by imap4d (see ipserv(8)) and pop3 (see mail(1)) whenever they are used to read someone’s mail.

The remaining directories, allow, block, delay, deny, and dial, represent the contents of the classification (default /mail/lib/smtpd.conf.ext). Each contains two directories; ip and account. The ip directory has the same open semantics as the trusted directory, i.e., to check if an IP address falls in that category, try to open a file whose name is the IP address. The account directory is similar but is used for matching strings. Each file in the directory represents a regular expression. To see if one of the strings matches one of the regular expressions, try to open the file whose name is the string. If it succeeds, then there is a regular expression that matches. To determine the regular expression, fstat the open file. The name field will be the regular expression.

There is a direct mapping from entries in classification and files under allow, block, delay, deny, and dial. A configuration file entry of the form:


corresponds to the file dial/ip/ An entry of the form

	*block	.*!gre

corresponds to the file block/account/.*!gre.

Both the configuration file and control file formats are described in smtpd(6).




mail(1) smtpd(6) scanmail(8)