Get started

This short guide helps you to get the mopher mail filter up and running as fast as possible.


Mopher requires the following libraries to be installed on your system. Because you are compiling from source code you also need to install the development packages.

The following libraries are optional.


There are no binary mopher packages available right now. So download the latest mopher source distribution tarball from here.

Or do something like this:

user@host $ cd /usr/local/src
user@host $ wget

Unpack the source distribution tarball.

user@host $ tar xzvf mopher-0.5.0.tar.gz
user@host $ cd mopher-0.5.0

Compile mopher.

user@host $ ./configure
user@host $ make
user@host $ sudo make install

On most linux systems these commands will install mopher behind the prefix /usr/local. Use common configure arguments like --prefix or --sysconfdir to adjust the installation directories to your needs.

Check if mopher was installed correctly:

user@host $ mopherd -v
Note: For this to work mopherd needs to be installed somewhere in your $PATH.

Initial configuration

The mopher daemon process uses two configuration files:

If mopherd.conf does not exist mopherd runs with the builtin default configuration.

Bulitin default configuration overview

The following table contains the most important default values.

Default Key Value
User moperd_user nobody
Group moperd_group nogroup
Database driver table memdb (for all tables)
Milter socket milter_socket inet:44555@
Control socket control_socket inet:44554@

Mopherd user and group

You should change the mopherd user and group to something better than nobody and nogroup. Add a new system user and group named mopher and configure mopher to use the new account.

Add a mopher system account:

user@host $ sudo useradd -r mopher
Note: Command may be different on your system. See man useradd(8).

Example mopher.conf:

mopherd_user = "mopher"
mopherd_group = "mopher"

Persistent database storage

If you are using the default database driver memdb, all mopher tables are lost after the mopherd process is terminated. If you want your mopher tables to survive a restart you have to use a persistent database driver.

Persistent database drivers

Configuration example using bdb:

table[state] = {
  driver = "bdb",
  path = "/usr/local/lib/mopherd/state.bdb"

table[greylist] = {
  driver = "bdb",
  path = "/usr/local/lib/mopherd/greylist.bdb"

table[counter_relay] = {
  driver = "bdb",
  path = "/usr/local/lib/mopherd/counter_relay.bdb"

table[counter_penpal] = {
  driver = "bdb",
  path = "/usr/local/lib/mopherd/counter_penpal.bdb"
Note: the used directory /usr/local/lib/mopherd needs to be created manually.

DNSBL configuration

If you want to use DNS blacklists in your mopherd.acl, you need to configure them in your mopherd.conf file.

Example mopherd.conf using DNSBLs:

dnsbl = {
    list_spamhaus = "",
    list_sorbs    = "",
    list_spamcop  = "",
    list_dnswl    = ""

Example mopherd.acl using DNSBLs:

# Reject known spammers
connect list_spamhaus == reject

connect list_dnswl ~ "^127\.0\.[0-9]+\.3$" accept

Spamassassin connectivity

If you are running Spamassassin on the same box as mopherd using the default port of 783, you can use the spamd_symbols in your mopherd.acl without any configuration.

Example mopherd.acl using Spamassassin:

# Greylist email with a spamd_score > 3
eom spamd_score > 3 greylist delay 30m attempts 3 deadline 4h visa 7d

# Reject email with a spamd_score > 12
eom spamd_score > 12 reject


The mopherd.acl file controls how mail is filtered. The source distribution ships with a very basic ACL file. You might want to adjust this file to your requirements. Following an example of a complete mopherd.acl.

# Tarpit unknown relays for 20 seconds.
connect  counter_relay == null                tarpit 20s

# Known penpal (origin, sender, receipient) record exists.
envrcpt  counter_penpal                       continue

# Try to load a greylisting record from the database. Skipped if not found.
envrcpt                                       greylist reply 451 xcode "4.7.1" message "greylisting in action"

# If SPF fails or the sender is listed on a blacklist jump to the user defined table called spam.
envrcpt  spf == SPF_FAIL                      jump spam
envrcpt  spf == SPF_SOFTFAIL                  jump spam
envrcpt  list_sorbs                           jump spam
envrcpt  list_spamcop                         jump spam
envrcpt  list_spamhaus                        jump spam

# Skip Spamassassin for known penpals
eom      counter_penpal > 3                   continue

# Skip Spamassassin for DNSWL_HI
eom      list_dnswl ~ "^127\.0\.[0-9]+\.3$"   continue

# Reject Mail with a score above 12
eom      spamd_score > 12                     reject reply 550 xcode "5.7.1" message "message considered spam"

# Jump to the user defined table spam if score above 3
eom      spamd_score > 3                      jump spam

# User defined table spam: Greylist for 30 minutes and 4 delivery attempts.
spam                                          greylist delay 30m attempts 4 reply 451 xcode "4.7.1" message "greylisting in action"

Mail server configuration

After mopher is set up you need to hook mopher into your mail server configuration. Here are examples for Sendmail and Postfix.

Sendmail (m4)

INPUT_MAIL_FILTER(`mopher', `S=inet:44555@localhost, F=T, T=S:10s;R:10s;E:5m')

Postfix (

smtpd_milters = inet:localhost:44555

Further reading

Congratulations, your mopher installation is up and running. Further information on mail filtering with mopher can be found here: