What is PyMP?

I've been using procmail for a number of years, and often found its arcane syntax for rules both frustrating and inflexible (though admittedly the former was typically caused by the latter). Unfortunately, I've never had the impetus to write something--anything--better. Until now.

A recent attempt to add functionality to the latest release of procmail (which is 3.22, and was released on September 10, 2001--two years ago) led to the harsh realization of just how badly written it is. Not only is it a leading example of how not to write C, it's poorly written from a security standpoint. To be blunt, after looking at the source, it scared the hell out of me, and I refused to continue running it. In fact, I put up with unfiltered mail for the several days it took me to put PyMP together.

While I did not perform any kind of real audit on procmail's source code, a cursory glance of its source was enough to tell me that there is a tangled mess of evil badness lurking within it. Its signal handlers are all written exactly how they're not supposed to be. Its privilege dropping code is a tangled mess that more than likely doesn't work properly on all platforms. It segmentation faults under conditions where production quality code should never crash (e.g., on a freshly installed FreeBSD 5.1 system with procmail installed from ports, running procmail on the command-line without arguments and hitting ctrl-c will cause a segmentation fault).

On another server that I administer, we're using maildrop. While it's not quite as bad as procmail, it has its own set of problems that don't leave me with an very warm fuzzy feeling inside. After looking at two of the most prominent mail processors out there and being left in a state of shock, I couldn't bring myself to even go in search of another alternative. Thus, PyMP was born.

What are the goals of PyMP?

The goals of PyMP are simple:

1. Security. While there are probably places where its security could possibly be improved, it does at least get the basics right. Privileges are dropped properly, the environment is properly sanitized, etc.
2. Flexibility. Procmail is horribly inflexible, which is due primarily to its arcane syntax for mail filtering rules. Getting the basics like forwarding messages to various different folders based on the List-Id header or the recipient is easy enough, but much beyond that gets signficantly more complicated, often requiring external scripts or programs. Mailproc uses Python for its mail processing. You write your rules in Python, giving you as much flexibility as you could ask for.
3. Virtual mailbox support. The feature I was attempting to add to procmail was the ability to look up user information in a MySQL database. So clearly PyMP has support for this.

Where can I get PyMP?

Look no further! This is the home/support site for PyMP, so you've come to the right place. Mailproc is currently only available in source form for Unix systems.

The current release is 0.9.8, which was released on July 2, 2005:

pymp-0.9.8.tar.gz

What kind of support is available?

Mailproc is something that I wrote fairly quickly in an effort to replace procmail on systems that I administrate. It's something I did quickly because I needed it quickly. It does what I need it do, so I'm not terribly motivated to add much more to it, largely because I simply do not have the time to dedicate to it. However, I'm providing it to the world at large, and so I will maintain it. Contributions are most certainly welcome and encouraged.

I have set up a mailman mailing list for discussion of issues relating to PyMP. It is an unmoderated list, and it is where I would prefer people discuss it rather than sending me email directly. You can find the mailing list at http://www.prilnari.com/mailman/listinfo/pymp/. Archives for the list are also available by following the aforementioned link.

If for some reason you need to contact me directly, you can reach me at mmessier-pymp@prilnari.com, but if at all possible, I would prefer that you send mail to the mailing list. That's what I set it up for. Somebody else is likely to help you more quickly than I can.