[ Home | Articles | Account | People | Projects | FAQ ] Recent versions of sendmail have an interface called milter which allows you to test all sorts of things during the SMTP transaction. This makes it the natural place to add checks for things like forged e-mail addresses.
dvpmilter is just a wrapper around dvpquery which speaks sendmail's milter language. If it detects a forgery, then it will instruct sendmail to generate a temporary failure. Permanent (5xx) rejections are also an option, but I'm going for the light approach at the moment.
In the short time that this code has existed, it's already stopped something dubious. Some random box tried to send mail to me using a forged exploits.org user name. My secondary MX did the DVP check, noticed that it failed, and kicked back a temporary failure as intended. It obviously works.
Long story short: if you run sendmail and hate forged e-mails, I'd like you to check this out. If you run some other MTA and know how to write a plugin/add-on for it, that would also be helpful.
FOAF updates: Trust rankings are now exported, making the data available to other users and websites. An external FOAF URI has been added, allowing users to link to an additional FOAF file.
Keep up with the latest Advogato features by reading the Advogato status blog.
If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!