Home

Documentation

Download

FAQ

Important notice: time has shown that SMTP direct authentication has turned quite commonplace, making SMTP After POP authentication obsolete. So I have decided to not further develop the SAPD project.

This site with documentation and source code will remain available to the public. However, I will not support SAPD anymore.

As SAPD is a daemon that can be modified to fit other purposes, feel free to get the code and derive other projects from it. Please note that SAPD is licensed under the GPL.


SAPD - A SIMPLE E-MAIL SECURITY DAEMON

Copyleft 2002-2003 Milton Maldonado Junior

Introduction

This is the homepage for the SAPD project, a GPL'd security daemon aimed to work as a companion for Sendmail.

For those who don't know or don't remember, the protocol used to receive e-mail is called POP3 and is assigned to the port TCP 110. The protocol used to send e-mail is called SMTP and is assigned to the TCP port 25. From now and ever, we will always say in terms of POP3 protocol and SMTP protocol.

The protocol used to send a-mail, the SMTP, has a severe flaw, that is the fact it doensn't require passwords. Due to this fact, the e-mail server is vulnerable to all kinds of abuse via the Internet, like SPAM relaying and origination of e-mail with the sender's address forged.

SAPD is a daemon designed to protect a Sendmail server against such abuses, demanding the user fetches (reads) his e-mails before he can start sending. As fetching e-mail requires an username and password, we have here a good authentication method that prevents misuse of the SMTP protocol.

This kind of authentication is called SMTP-After-POP3, because it allows sending e-mail (SMTP) only after fetching e-mail (POP3). Hence the name SAPD, that means "SMTP After POP3 Daemon".

The highlights of SAPD are:

Please see the documentation to learn more about SAPD.

In addition, you can check our FAQ for some important information.

System requirements

SAPD has been tested with Linux 2.4 kernel (IPTABLES enabled) running Sendmail and GNU-POP3D, but it will likely compile and run in other UNIX-like systems. I don't know much about other MTAs (like QMail, or VPOP3D) and if SAPD would be useful for them. Anyway, SAPD was written specifically for Sendmail. I will thank you for your feedback on building and running SAPD in other OSs, and on its adequacy for use with other MTAs.

2003-06-01: Feedback from users have reported problems with the VPOP3D, however I currently don't have an available test platform to address this issue.

SAPD History

2002-04-07: First release, version 1.2

Disclaimer

Well, you've already seen this before. No warranties of any kind are given by the author. SAPD is an original work licensed under GPL.

SAPD is a brand new project and it's in a very, very crude stage. No command line options nor config files are supported: every option has to be defined in build time. I hope I will be able to address these issues soon.

SourceForge Logo