ABOUT BATV-TOOLS

batv-tools implements Bounce Address Tag Validation, a system
for filtering backscatter.  Briefly, BATV works as follows:

  1. The envelope sender of all outgoing mail is rewritten ("signed")
     to contain a cryptographic token.  If the message bounces,
     it is bounced to this address.

  2. The envelope recipient of all incoming bounces is checked
     for a valid token.  If a bounce has a missing or invalid token,
     it's obviously not in reply to a real message and can be filtered.

BATV is described by an Internet Draft which was last revised in
2008.  batv-tools implements the draft standard, but also supports
an alternative address meta-syntax based on sub-addressing, described
below.

batv-tools provides both a milter (batv-milter) and a collection
of standalone tools (batv-sign, batv-validate, batv-sendmail) that
do signing and validation.  The standalone tools enable individual
users to use BATV without the involvement of their system administrators.


HOW BATV-TOOLS WORKS

Outgoing mail is passed through either batv-milter or batv-sign.  If a
BATV key exists for the envelope sender, the envelope sender is rewritten
to a signed BATV address.

Incoming mail is passed through either batv-milter or batv-validate.
The envelope recipient is validated and the result of the validation
is placed in the X-Batv-Status header.  If the envelope recipient contains
a valid BATV signature, it is rewritten to its original non-BATV form.

batv-milter can be configured to reject bounces which aren't addressed to
a valid BATV signature, but by default, it is the user's responsibility
to filter mail based on the X-Batv-Status header.


BUILDING BATV-TOOLS

Run 'make'.  To build only the standalone tools (and not the milter),
run 'make all-tools'.


GETTING UP AND RUNNING

See doc/quickstart.milter.txt and doc/quickstart.standalone.txt for
instructions on getting up-and-running quickly.


DEPENDENCIES

To use the milter, you need:

  * libmilter, from Sendmail 8.14.0 or higher
  * Postfix 2.6 or higher, Sendmail 8.14.0 or higher, or a MTA with equivalent
    milter functionality

To build you need a C++ compiler (such as gcc) and development
headers for libmilter.


CURRENT STATUS

As of 2021, batv-tools is no longer maintained.  The code does not
contain any known bugs and worked reliably for many years.  However,
the author no longer uses it and provides no support for it.


SUB-ADDRESS META-SYNTAX

batv-tools supports an alternative (and highly-recommended) address
meta-syntax based on sub-addressing (aka "plus" addressing).  Instead of
rewriting the entire local part of the email address, the BATV token is
appended to the local part after a sub-address delimiter (typically '+'
or '-').  For example:

        andrew+prvs=9352e50792@example.com

Since many mail systems support sub-addressing, this syntax permits
BATV-signed mail to be routed through mail servers that have no knowledge
of BATV.  This has a couple advantages:

  1. Backup MX servers which accept mail only for known recipients
     need not support BATV.  As long as they support sub-addressing,
     mail destined to BATV addresses will be accepted.  (In contrast,
     the standard meta-syntax appears to the backup MX server as an
     unknown recipient, meaning the backup MX server must either accept
     all mail regardless of recipient (a bad idea), or support BATV
     (not always feasible).)

  2. It lets individual users use BATV with support from their MUA and/or
     MDA, without the MTA needing to support BATV.

The standalone BATV tools support only the non-standard sub-address syntax
(otherwise MTA support would be required).  The milter uses the standard
syntax by default but may be configured to use sub-address syntax.
It is highly recommended that you use the sub-address syntax; batv-tools
is most extensively tested with the sub-address syntax, and using the
standard syntax may require additional configuration from your MTA that
isn't documented here.


DEBIAN PACKAGING

Debian packaging, complete with an init script, can be found in the
'debian' branch of the project Git repository.  The package is built
using git-buildpackage as follows:

  1. Check out the debian branch: `git checkout debian`
  2. Build the package: `git-buildpackage -uc -us`


FURTHER DOCUMENTATION AND EXAMPLES

See files in the 'doc' sub-directory.


LEGALESE

Copyright (C) 2013 Andrew Ayer

Licensed predominantly under the GPLv3 with OpenSSL Linking Exception.
Also contains code licensed under more permissive GPL-compatible licenses.

batv-tools is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.

See COPYING for details.