YENMA

YENMA is a milter program to check domain authentication in a mail receiving side. It can be used with Sendmail or Postfix which support the milter protocol.

YENMA is designed and implemented by IIJ and is tested well. So, its quality is good enough to be run in a large environment such as big ISP.

The current stable version of YENMA is 2.0.0-rc1.

Domain authentication

Phishing and massive spam messages with forged sender information has been a big problem these days. Damage caused by this threat is not limited to personal. If a domain of a company is used to forgery, its credibility would go down.

To solve this problem, domain authentication technologies are developed. With these technologies, we can clarify information on message sender. So, even if a bad person abuses your domain for forgery, we can tell the forgery.

Supported domain authentication technologies

YENMA supports the following domain authentication protocols. Each authentication result is recorded in the Authentication-Results: field.

SPF (Sender Policy Framework)

A receiving MTA extracts a domain from SMTP MAIL FROM and authenticates it. We can check whether or not the message was sent from a legitimate sending MTA.

Sender ID Framework

A receiving MTA extracts a domain from the header of a message and authenticates it. We can check whether or not the message was sent from a legitimate sending MTA.

DKIM (DomainKeys Identified Mail)

A receiving MTA verifies a signature attached in the header of a message. We can check whether or not the message was sent from a legitimate sending MTA and integrity of the message contents.

DKIM ADSP(Author Domain Signing Practices)

A receiving MTA extracts a domain from the header of a message and checks the DKIM policy of the domain. We can tell such that all messages from the domain must be signed but the message is not.

DMARC(Domain-based Message Authentication, Reporting, and Conformance)

Since each protocol has its own advantages and disadvantages, mutually complementary usage would be effective. To implement a feature to change actions of Sendmail/Postfix according multiple results is a future work.

Installation

To use YENMA, one of the following OSes and softwares are required.

• OSes which we tested
  • Linux
  • FreeBSD
  • NetBSD
  • MacOS X 10.5.x
  • Solaris 10 or later
• Required Software
  • GNU C Compiler (if installed from the source code)
  • GNU Make (if installed from the source code)
  • OpenSSL (0.9.8 or later)
  • ldns (1.6.0 or later)
    • Source, RPM for CentOS5, RPM for CentOS6
  • libmilter (sendmail 8.13 or later)

Download

YENMA can be downloaded from the following:

• Downloading YENMA

Community

In the following mailing-list, we accepts questions about and discuss YENMA:

• enma-users@lists.sourceforge.net (English)
• enma-users-jp@lists.sourceforge.net (Japanese)