TMDA Plugin
-----------
This plugin is designed as a start in managing the interface between the
excellent TMDA (Tagged Message Delivery Agent) package and SquirrelMail.
TMDA is by far the best spam relief system available.  More information
can be found about it here:

  http://software.libertine.org/tmda/

I initially had some problems interfacing with it, as the webserver runs
as another user and not as the real sender.  I was having difficulty with
the fact that TMDA needed to pick up the real user's files, the  ~/.tmda
directory and the ~/.tmdarc file.

Since Squirrelmail normally runs as the user which the webserver is
running as, there did't seem to be a way to pass this information
along to tmda when sending mail out.  (Incoming mail is no problem,
as the MTA is normally set to deliver incoming mail as the user, and
will pick up the appropriate information and execute through the
.forward file.)

So for outgoing mail, I found it necessary to put a hook in which
gives the wrapper script the username when sending mail out via
the sendmail interface.  This is a simple change, and will not
impact the normal operations of the MTA.  Unfortunately, I could
not find a way to do this through the "plugin" mechanism, so for
now (until something like this is included in Squirrelmail itself),
you will need to manually patch the "smtp.php" source file.

In version 1.2.5, the line which needs changing is on line 431.
The popen() function needs to have the username inserted as an
environment variable before the sendmail wrapper.

Change this:

-------------------------------------------------------------------------------
} else {
  $fp = popen (escapeshellcmd("$sendmail_path -t -f$envelopefrom"), "w");
}
-------------------------------------------------------------------------------

to look like this:

-------------------------------------------------------------------------------
} else {
  $fp = popen (escapeshellcmd("username=$username $sendmail_path -t -f$envelopefrom"), "w");
}
-------------------------------------------------------------------------------


by inserting "username=$username " just before the $sendmail_path variable.
Sorry I didn't provide a "patch" file, but the change is extremely simple.



To use TMDA for outgoing email, you also need to configure SquirrelMail
to use the "sendmail" interface as opposed to SMTP.  You then need to set
the sendmail path to where you install the "wrap-sendmail" shell script
which is included here.

You also need to make sure that each user's directory and files used by
tmda are readable by the group which the webserver is running as.  While
there are perhaps more secure alternatives than this (such as inverting
the files needed by TMDA into another set of subdirectories, such as
/var/tmda/username/.tmda) the security risk on many setups is probably
minimal.

Finally, you need to set up each user's .forward file to pipe incoming
mail through TMDA, usually by putting a line like this in .forward:
  "| /usr/local/tmda/bin/tmda-filter"

Note that you should also read the documentation provided on the TMDA
website, as I can't reproduce it all here.

For the record, I am using this configuration successfully with Exim
as the MTA.  I've tested this with SquirrelMail v1.2.4, v1.2.5 and
TMDA versions 0.47 and 0.48.


ChangeLog:
----------
2002.02.23 - 0.1 - initial release, working version

2002.03.11 - 0.2 - changes to wrap-sendmail script and to README


To Install:
-----------
  1. Unarchive the file
      $ cd plugins
      $ tar xvzf tmda-20020223.tgz

  2. Go back to the squirrelmail directory and  run conf.pl, choose "8"
     from the main menu, and add "tmda" as a new plugin.  Save and quit.

  3. Verify that you have sendmail/SMTP option set to "sendmail", and change
     to this if you don't.  (From main menu, choose "server settings" option
     #2, and on that menu option #4)

  4. Modify the path to sendmail to point to either the "wrap-sendmail" or
     the alternate "fake-sendmail" scripts provided.

  5. Save, Quit and you're done.

  6. Test and adjust to taste.  You should minimally provide a
     ~/.tmda directory and ~/.tmdarc file for each user.  You should
     also have filter files for incoming and outgoing mail.  You can
     set minimally set something up pretty quickly to get it going..
     Also, make sure that these files and directories are readable
     by either the user or group which your webserver runs as.


Future:
-------
If anyone would like to help, I'd like to:

  1.  provide better documentation, to bootstrap people in using TMDA
  2.  provide screens for the user to manage filters, whitelists,
  3.  lastly, I'd like to provide a screen for users to manage "pending"
      mail.

I'm new to PHP and to squirrelmail, (and now to TMDA).  I can probably fight
my way through it, but if you'd like to help, contact me at:

  bduncan@beachnetcommunications.com

PS.  You'll have to go through the TMDA confirmation process... ;-)


