pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/mail/qmail-run
Module Name: pkgsrc
Committed By: schmonz
Date: Fri Dec 14 06:49:31 UTC 2018
Modified Files:
pkgsrc/mail/qmail-run: INSTALL MESSAGE Makefile PLIST
pkgsrc/mail/qmail-run/files: README.pkgsrc qmailofmipd.sh qmailpop3d.sh
qmailsmtpd.sh smtpfilters smtpplugins tcprules-smtp
Added Files:
pkgsrc/mail/qmail-run/files: greylisting-spp-wrapper.sh
Removed Files:
pkgsrc/mail/qmail-run/files: greylisting-spp-with-exemptions.sh
Log Message:
Extract most of MESSAGE to README.pkgsrc. (MESSAGE was getting too long.)
Comment out qmail-qfilter-viruscan in control/smtpfilters. It's not a
very precise tool, so the cost (false positives) probably outweighs the
benefit (blocked malware attachments) for many users.
Also not a sensible default: rejecting incoming mail on SPF
explicit-fail. This needs to be an admin decision because, among other
reasons, it would also reject messages forwarded through servers that
haven't configured SRS. Document SPF setup, including how to reject
(with this caveat) and how to greylist SPF explicit-pass (which would
otherwise be exempted from greylisting).
Rename greylisting-spp-with-exemptions to greylisting-spp-wrapper. Add a
feature: to effectively omit IP from the (IP,sender,recipient) tuple,
add GL_WRAPPER_TCPREMOTEIP="127.127.127.127" to control/tcprules/smtp.
rc.d scripts:
- Location of tcprules file is configurable
- By default, CDB is auto-rebuilt as needed on service start
- CDB auto-rebuilding can be configured off
Bump version.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/mail/qmail-run/INSTALL
cvs rdiff -u -r1.14 -r1.15 pkgsrc/mail/qmail-run/MESSAGE
cvs rdiff -u -r1.64 -r1.65 pkgsrc/mail/qmail-run/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/mail/qmail-run/PLIST
cvs rdiff -u -r1.5 -r1.6 pkgsrc/mail/qmail-run/files/README.pkgsrc
cvs rdiff -u -r1.1 -r0 \
pkgsrc/mail/qmail-run/files/greylisting-spp-with-exemptions.sh
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/qmail-run/files/greylisting-spp-wrapper.sh
cvs rdiff -u -r1.19 -r1.20 pkgsrc/mail/qmail-run/files/qmailofmipd.sh
cvs rdiff -u -r1.27 -r1.28 pkgsrc/mail/qmail-run/files/qmailpop3d.sh
cvs rdiff -u -r1.24 -r1.25 pkgsrc/mail/qmail-run/files/qmailsmtpd.sh
cvs rdiff -u -r1.2 -r1.3 pkgsrc/mail/qmail-run/files/smtpfilters
cvs rdiff -u -r1.4 -r1.5 pkgsrc/mail/qmail-run/files/smtpplugins
cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/qmail-run/files/tcprules-smtp
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/mail/qmail-run/INSTALL
diff -u pkgsrc/mail/qmail-run/INSTALL:1.10 pkgsrc/mail/qmail-run/INSTALL:1.11
--- pkgsrc/mail/qmail-run/INSTALL:1.10 Tue Dec 11 17:49:40 2018
+++ pkgsrc/mail/qmail-run/INSTALL Fri Dec 14 06:49:30 2018
@@ -1,4 +1,4 @@
-# $NetBSD: INSTALL,v 1.10 2018/12/11 17:49:40 schmonz Exp $
+# $NetBSD: INSTALL,v 1.11 2018/12/14 06:49:30 schmonz Exp $
case "${STAGE}" in
@@ -12,13 +12,4 @@ PRE-INSTALL)
;;
-POST-INSTALL)
- cd ${PKG_SYSCONFDIR}/control/tcprules
- for i in ofmip pop3 smtp; do
- ${CHMOD} 644 ${i}
- ${PREFIX}/bin/tcprules ${i}.cdb ${i}.tmp < ${i}
- ${CHMOD} 644 ${i}.cdb
- done
-
- ;;
esac
Index: pkgsrc/mail/qmail-run/MESSAGE
diff -u pkgsrc/mail/qmail-run/MESSAGE:1.14 pkgsrc/mail/qmail-run/MESSAGE:1.15
--- pkgsrc/mail/qmail-run/MESSAGE:1.14 Wed Nov 14 16:46:58 2018
+++ pkgsrc/mail/qmail-run/MESSAGE Fri Dec 14 06:49:30 2018
@@ -1,34 +1,16 @@
===========================================================================
-$NetBSD: MESSAGE,v 1.14 2018/11/14 16:46:58 schmonz Exp $
+$NetBSD: MESSAGE,v 1.15 2018/12/14 06:49:30 schmonz Exp $
-Please read ${PREFIX}/share/doc/qmail-run/README.pkgsrc.
+Assuming NetBSD-style mailwrapper(8) and rc(8), to enable qmail for
+local and outbound delivery:
-Assuming NetBSD-style mailwrapper(8) and rc(8), to enable qmail for...
-
-Local and outbound delivery:
+- Run "/etc/rc.d/postfix stop" and set postfix=NO in /etc/rc.conf.
+- Replace /etc/mailer.conf with ${PREFIX}/share/examples/qmail-run/mailer.conf.
- Check configuration in ${PKG_SYSCONFDIR} (especially alias/.qmail-*).
-- Copy ${PREFIX}/share/examples/qmail-run/mailer.conf to /etc/mailer.conf.
- Set qmailsend=YES and qmailqread=YES in /etc/rc.conf.
+- Run "/etc/rc.d/qmail start".
-Incoming SMTP on port 25:
-- Add any qmail-rcptcheck programs to control/rcptchecks.
-- Add any qmail-qfilter programs to control/smtpfilters.
-- Add any qmail-spp programs (such as greylisting) to control/smtpplugins.
-- Set qmailsmtpd=YES in /etc/rc.conf.
-
-Greylisting:
-- Add any exempt recipient addresses to control/greylist/exemptrcpts.
-- Add any exempt recipient domains to control/greylist/exemptrcpthosts.
-- Uncomment "greylisting-spp-with-exemptions" in control/smtpplugins.
-
-Authenticated submission on port 587:
-- Add any qmail-qfilter programs to control/ofmipfilters.
-- Set qmailofmipd=YES in /etc/rc.conf.
-
-POP3 (for Maildirs only) on port 110:
-- Set qmailpop3d=YES in /etc/rc.conf.
-
-TLS encryption everywhere applicable:
-- Create cert and DH params as instructed by the qmail package.
+For SMTP, TLS, and more, please read
+${PREFIX}/share/doc/qmail-run/README.pkgsrc.
===========================================================================
Index: pkgsrc/mail/qmail-run/Makefile
diff -u pkgsrc/mail/qmail-run/Makefile:1.64 pkgsrc/mail/qmail-run/Makefile:1.65
--- pkgsrc/mail/qmail-run/Makefile:1.64 Wed Dec 12 01:08:30 2018
+++ pkgsrc/mail/qmail-run/Makefile Fri Dec 14 06:49:30 2018
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.64 2018/12/12 01:08:30 schmonz Exp $
+# $NetBSD: Makefile,v 1.65 2018/12/14 06:49:30 schmonz Exp $
#
-DISTNAME= qmail-run-20181211.1
+DISTNAME= qmail-run-20181214
CATEGORIES= mail
MASTER_SITES= # empty
DISTFILES= # empty
@@ -78,7 +78,7 @@ MAKEVARS+= PKG_SYSCONFDIR.qmail-run
SUBST_CLASSES+= paths
SUBST_STAGE.paths= pre-configure
SUBST_FILES.paths= mailer.conf
-SUBST_FILES.paths+= greylisting-spp-with-exemptions ofmipd-with-user-cdb
+SUBST_FILES.paths+= greylisting-spp-wrapper ofmipd-with-user-cdb
SUBST_FILES.paths+= qmail-isspam-* qmail-procmail qmail-qread-client
SUBST_FILES.paths+= rcptchecks ofmipfilters smtpfilters smtpplugins tcprules-*
SUBST_VARS.paths= PKGNAME PKG_SYSCONFDIR PREFIX
@@ -93,14 +93,14 @@ post-extract:
tcprules-ofmip tcprules-pop3 tcprules-smtp; do \
${CP} ${FILESDIR}/$$f ${WRKDIR}/$$f; \
done; \
- for f in greylisting-spp-with-exemptions ofmipd-with-user-cdb \
+ for f in greylisting-spp-wrapper ofmipd-with-user-cdb \
qmail-isspam-rspamd qmail-isspam-spamassassin \
qmail-procmail qmail-qread-client; do \
${CP} ${FILESDIR}/$$f.sh ${WRKDIR}/$$f; \
done
do-install:
- for f in greylisting-spp-with-exemptions ofmipd-with-user-cdb \
+ for f in greylisting-spp-wrapper ofmipd-with-user-cdb \
qmail-isspam-rspamd qmail-isspam-spamassassin \
qmail-procmail qmail-qread-client; do \
${INSTALL_SCRIPT} ${WRKDIR}/$$f ${DESTDIR}${PREFIX}/bin; \
Index: pkgsrc/mail/qmail-run/PLIST
diff -u pkgsrc/mail/qmail-run/PLIST:1.19 pkgsrc/mail/qmail-run/PLIST:1.20
--- pkgsrc/mail/qmail-run/PLIST:1.19 Tue Dec 11 17:49:40 2018
+++ pkgsrc/mail/qmail-run/PLIST Fri Dec 14 06:49:30 2018
@@ -1,5 +1,5 @@
-@comment $NetBSD: PLIST,v 1.19 2018/12/11 17:49:40 schmonz Exp $
-bin/greylisting-spp-with-exemptions
+@comment $NetBSD: PLIST,v 1.20 2018/12/14 06:49:30 schmonz Exp $
+bin/greylisting-spp-wrapper
bin/ofmipd-with-user-cdb
bin/qmail-isspam-rspamd
bin/qmail-isspam-spamassassin
Index: pkgsrc/mail/qmail-run/files/README.pkgsrc
diff -u pkgsrc/mail/qmail-run/files/README.pkgsrc:1.5 pkgsrc/mail/qmail-run/files/README.pkgsrc:1.6
--- pkgsrc/mail/qmail-run/files/README.pkgsrc:1.5 Tue Dec 11 17:49:41 2018
+++ pkgsrc/mail/qmail-run/files/README.pkgsrc Fri Dec 14 06:49:31 2018
@@ -1,3 +1,58 @@
+ Getting started
+ ===============
+
+Assuming NetBSD-style mailwrapper(8) and rc(8), to enable qmail for...
+
+Local and outbound delivery:
+- Run "/etc/rc.d/postfix stop" and set postfix=NO in /etc/rc.conf.
+- Replace /etc/mailer.conf with ${PREFIX}/share/examples/qmail-run/mailer.conf.
+- Check configuration in ${PKG_SYSCONFDIR} (especially alias/.qmail-*).
+- Set qmailsend=YES and qmailqread=YES in /etc/rc.conf.
+- Run "/etc/rc.d/qmail start".
+
+Incoming SMTP on port 25:
+- Set qmailsmtpd=YES in /etc/rc.conf.
+- Add any qmail-rcptcheck programs to control/rcptchecks.
+- Add any qmail-qfilter programs to control/smtpfilters.
+- Add any qmail-spp programs (such as greylisting) to control/smtpplugins.
+- Run "/etc/rc.d/qmailsmtpd start".
+
+Greylisting:
+- Add any exempt recipient addresses to control/greylist/exemptrcpts.
+- Add any exempt recipient domains to control/greylist/exemptrcpthosts.
+- Tuples are (IP,sender,recipient). To effectively omit IP, add
+ GL_WRAPPER_TCPREMOTEIP="127.127.127.127" to control/tcprules/smtp,
+ then run "/etc/rc.d/qmailsmtpd cdb".
+- Uncomment "greylisting-spp-wrapper" in control/smtpplugins.
+
+Authenticated message submission on port 587:
+- Set qmailofmipd=YES in /etc/rc.conf.
+- Add any qmail-qfilter programs to control/ofmipfilters.
+- Run "/etc/rc.d/qmailofmipd start".
+
+POP3 (for Maildirs only) on port 110:
+- Set qmailpop3d=YES in /etc/rc.conf.
+- Run "/etc/rc.d/qmailpop3d start".
+
+TLS encryption for SMTP, submission, POP3, and remote delivery:
+- Create cert and DH params (as instructed by the qmail package).
+- Run "/etc/rc.d/qmail restart".
+
+Sender Policy Framework:
+- Configure Sender Rewriting Scheme (as instructed by the qmail package)
+ so your auto-forwarded messages will reach servers that choose to
+ enforce the forwarded domains' SPF policies.
+- Publish a DNS TXT record with your desired policy.
+- Incoming messages that explicit-fail published policy are nonetheless
+ accepted. To reject -- including rejecting auto-forwarded messages
+ from servers that haven't configured SRS -- add
+ SPP_SPF_RESULT_FAIL="E550 spf_smtp_msg" to control/tcprules/smtp,
+ then run "/etc/rc.d/qmailsmtpd cdb".
+- Messages that explicit-pass are not greylisted. To remove the
+ exemption, remove SPP_SPF_RESULT_PASS="SGL_WHITELISTED=1" from
+ control/tcprules/smtp, then run "/etc/rc.d/qmailsmtpd cdb".
+
+
Getting help
============
Index: pkgsrc/mail/qmail-run/files/qmailofmipd.sh
diff -u pkgsrc/mail/qmail-run/files/qmailofmipd.sh:1.19 pkgsrc/mail/qmail-run/files/qmailofmipd.sh:1.20
--- pkgsrc/mail/qmail-run/files/qmailofmipd.sh:1.19 Tue Dec 11 17:49:41 2018
+++ pkgsrc/mail/qmail-run/files/qmailofmipd.sh Fri Dec 14 06:49:31 2018
@@ -1,6 +1,6 @@
#!@RCD_SCRIPTS_SHELL@
#
-# $NetBSD: qmailofmipd.sh,v 1.19 2018/12/11 17:49:41 schmonz Exp $
+# $NetBSD: qmailofmipd.sh,v 1.20 2018/12/14 06:49:31 schmonz Exp $
#
# @PKGNAME@ script to control ofmipd (SMTP submission service).
#
@@ -18,6 +18,8 @@ name="qmailofmipd"
: ${qmailofmipd_tcpflags:="-ne -vRl0"}
: ${qmailofmipd_tcphost:="0.0.0.0"}
: ${qmailofmipd_tcpport:="587"}
+: ${qmailofmipd_tcprules:="@PKG_SYSCONFDIR@/control/tcprules/ofmip"}
+: ${qmailofmipd_autocdb:="YES"}
: ${qmailofmipd_precheckpassword:="@PREFIX@/bin/reup -t 5 @PREFIX@/bin/authup smtp"}
: ${qmailofmipd_checkpassword:="@PREFIX@/bin/nbcheckpassword"}
: ${qmailofmipd_preofmipd:="@PREFIX@/bin/checknotroot @PREFIX@/bin/fixsmtpio"}
@@ -41,7 +43,7 @@ required_files="${required_files} @PKG_S
required_files="${required_files} @PKG_SYSCONFDIR@/control/rcpthosts"
required_files="${required_files} @PKG_SYSCONFDIR@/control/smtpcapabilities"
required_files="${required_files} @PKG_SYSCONFDIR@/control/fixsmtpio"
-required_files="${required_files} @PKG_SYSCONFDIR@/control/tcprules/ofmip.cdb"
+required_files="${required_files} ${qmailofmipd_tcprules}.cdb"
command="${qmailofmipd_tcpserver}"
procname=nb${name}
start_precmd="qmailofmipd_precmd"
@@ -84,13 +86,16 @@ qmailofmipd_precmd()
qmailofmipd_logcmd=${qmailofmipd_nologcmd}
fi
qmailofmipd_configure_tls
+ if [ -f /etc/rc.subr ] && checkyesno qmailofmipd_autocdb; then
+ qmailofmipd_needcdb && qmailofmipd_cdb
+ fi
# tcpserver(1) is akin to inetd(8), but runs one service per process.
# We want to signal only the tcpserver process responsible for this
# service. Use argv0(1) to set procname to "nbqmailofmipd".
command="@PREFIX@/bin/pgrphack @SETENV@ - ${qmailofmipd_postenv}
@PREFIX@/bin/softlimit -m ${qmailofmipd_datalimit} ${qmailofmipd_pretcpserver}
@PREFIX@/bin/argv0 ${qmailofmipd_tcpserver} ${procname}
-${qmailofmipd_tcpflags} -x @PKG_SYSCONFDIR@/control/tcprules/ofmip.cdb
+${qmailofmipd_tcpflags} -x ${qmailofmipd_tcprules}.cdb
-c `@HEAD@ -1 @PKG_SYSCONFDIR@/control/concurrencysubmission`
${qmailofmipd_tcphost} ${qmailofmipd_tcpport}
${qmailofmipd_precheckpassword} ${qmailofmipd_checkpassword}
@@ -126,12 +131,17 @@ qmailofmipd_cont()
kill -CONT $rc_pid
}
+qmailofmipd_needcdb() {
+ _src=${qmailofmipd_tcprules}
+ _dst=${qmailofmipd_tcprules}.cdb
+ [ -f "${_src}" -a "${_src}" -nt "${_dst}" ] || [ ! -f "${_dst}" ]
+}
+
qmailofmipd_cdb()
{
- @ECHO@ "Reloading @PKG_SYSCONFDIR@/control/tcprules/ofmip"
- cd @PKG_SYSCONFDIR@/control/tcprules
- @PREFIX@/bin/tcprules ofmip.cdb ofmip.tmp < ofmip
- @CHMOD@ 644 ofmip.cdb
+ @ECHO@ "Reloading ${qmailofmipd_tcprules}"
+ @PREFIX@/bin/tcprules ${qmailofmipd_tcprules}.cdb ${qmailofmipd_tcprules}.tmp < ${qmailofmipd_tcprules}
+ @CHMOD@ 644 ${qmailofmipd_tcprules}.cdb
}
if [ -f /etc/rc.subr ]; then
Index: pkgsrc/mail/qmail-run/files/qmailpop3d.sh
diff -u pkgsrc/mail/qmail-run/files/qmailpop3d.sh:1.27 pkgsrc/mail/qmail-run/files/qmailpop3d.sh:1.28
--- pkgsrc/mail/qmail-run/files/qmailpop3d.sh:1.27 Tue Dec 11 17:49:41 2018
+++ pkgsrc/mail/qmail-run/files/qmailpop3d.sh Fri Dec 14 06:49:31 2018
@@ -1,6 +1,6 @@
#!@RCD_SCRIPTS_SHELL@
#
-# $NetBSD: qmailpop3d.sh,v 1.27 2018/12/11 17:49:41 schmonz Exp $
+# $NetBSD: qmailpop3d.sh,v 1.28 2018/12/14 06:49:31 schmonz Exp $
#
# @PKGNAME@ script to control qmail-pop3d (POP3 server for Maildirs).
#
@@ -17,6 +17,8 @@ name="qmailpop3d"
: ${qmailpop3d_tcpflags:="-ne -vRl0"}
: ${qmailpop3d_tcphost:="0.0.0.0"}
: ${qmailpop3d_tcpport:="110"}
+: ${qmailpop3d_tcprules:="@PKG_SYSCONFDIR@/control/tcprules/pop3"}
+: ${qmailpop3d_autocdb:="YES"}
: ${qmailpop3d_precheckpassword:="@PREFIX@/bin/authup pop3"}
: ${qmailpop3d_checkpassword:="@PREFIX@/bin/nbcheckpassword"}
: ${qmailpop3d_prepop3d:="@PREFIX@/bin/checknotroot"}
@@ -38,7 +40,7 @@ rcvar=${name}
required_files="@PKG_SYSCONFDIR@/control/me"
required_files="${required_files} @PKG_SYSCONFDIR@/control/concurrencypop3"
required_files="${required_files} @PKG_SYSCONFDIR@/control/pop3capabilities"
-required_files="${required_files} @PKG_SYSCONFDIR@/control/tcprules/pop3.cdb"
+required_files="${required_files} ${qmailpop3d_tcprules}.cdb"
command="${qmailpop3d_tcpserver}"
procname=nb${name}
start_precmd="qmailpop3d_precmd"
@@ -81,13 +83,16 @@ qmailpop3d_precmd()
qmailpop3d_logcmd=${qmailpop3d_nologcmd}
fi
qmailpop3d_configure_tls
+ if [ -f /etc/rc.subr ] && checkyesno qmailpop3d_autocdb; then
+ qmailpop3d_needcdb && qmailpop3d_cdb
+ fi
# tcpserver(1) is akin to inetd(8), but runs one service per process.
# We want to signal only the tcpserver process responsible for this
# service. Use argv0(1) to set procname to "nbqmailpop3d".
command="@PREFIX@/bin/pgrphack @SETENV@ - ${qmailpop3d_postenv}
@PREFIX@/bin/softlimit -m ${qmailpop3d_datalimit} ${qmailpop3d_pretcpserver}
@PREFIX@/bin/argv0 ${qmailpop3d_tcpserver} ${procname}
-${qmailpop3d_tcpflags} -x @PKG_SYSCONFDIR@/control/tcprules/pop3.cdb
+${qmailpop3d_tcpflags} -x ${qmailpop3d_tcprules}.cdb
-c `@HEAD@ -1 @PKG_SYSCONFDIR@/control/concurrencypop3`
${qmailpop3d_tcphost} ${qmailpop3d_tcpport}
${qmailpop3d_precheckpassword} ${qmailpop3d_checkpassword}
@@ -123,12 +128,17 @@ qmailpop3d_cont()
kill -CONT $rc_pid
}
+qmailpop3d_needcdb() {
+ _src=${qmailpop3d_tcprules}
+ _dst=${qmailpop3d_tcprules}.cdb
+ [ -f "${_src}" -a "${_src}" -nt "${_dst}" ] || [ ! -f "${_dst}" ]
+}
+
qmailpop3d_cdb()
{
- @ECHO@ "Reloading @PKG_SYSCONFDIR@/control/tcprules/pop3."
- cd @PKG_SYSCONFDIR@/control/tcprules
- @PREFIX@/bin/tcprules pop3.cdb pop3.tmp < pop3
- @CHMOD@ 644 pop3.cdb
+ @ECHO@ "Reloading ${qmailpop3d_tcprules}."
+ @PREFIX@/bin/tcprules ${qmailpop3d_tcprules}.cdb ${qmailpop3d_tcprules}.tmp < ${qmailpop3d_tcprules}
+ @CHMOD@ 644 ${qmailpop3d_tcprules}.cdb
}
if [ -f /etc/rc.subr ]; then
Index: pkgsrc/mail/qmail-run/files/qmailsmtpd.sh
diff -u pkgsrc/mail/qmail-run/files/qmailsmtpd.sh:1.24 pkgsrc/mail/qmail-run/files/qmailsmtpd.sh:1.25
--- pkgsrc/mail/qmail-run/files/qmailsmtpd.sh:1.24 Tue Dec 11 17:49:41 2018
+++ pkgsrc/mail/qmail-run/files/qmailsmtpd.sh Fri Dec 14 06:49:31 2018
@@ -1,6 +1,6 @@
#!@RCD_SCRIPTS_SHELL@
#
-# $NetBSD: qmailsmtpd.sh,v 1.24 2018/12/11 17:49:41 schmonz Exp $
+# $NetBSD: qmailsmtpd.sh,v 1.25 2018/12/14 06:49:31 schmonz Exp $
#
# @PKGNAME@ script to control qmail-smtpd (SMTP service).
#
@@ -18,6 +18,8 @@ name="qmailsmtpd"
: ${qmailsmtpd_tcpflags:="-ne -vRl0"}
: ${qmailsmtpd_tcphost:="0.0.0.0"}
: ${qmailsmtpd_tcpport:="25"}
+: ${qmailsmtpd_tcprules:="@PKG_SYSCONFDIR@/control/tcprules/smtp"}
+: ${qmailsmtpd_autocdb:="YES"}
: ${qmailsmtpd_presmtpd:="@PREFIX@/bin/greetdelay @PREFIX@/bin/rblsmtpd -r zen.spamhaus.org @PREFIX@/bin/fixsmtpio"}
: ${qmailsmtpd_smtpdcmd:="@PREFIX@/bin/qmail-smtpd"}
: ${qmailsmtpd_postsmtpd:=""}
@@ -37,7 +39,7 @@ rcvar=${name}
required_files="@PKG_SYSCONFDIR@/control/me"
required_files="${required_files} @PKG_SYSCONFDIR@/control/concurrencyincoming"
required_files="${required_files} @PKG_SYSCONFDIR@/control/rcpthosts"
-required_files="${required_files} @PKG_SYSCONFDIR@/control/tcprules/smtp.cdb"
+required_files="${required_files} ${qmailsmtpd_tcprules}.cdb"
command="${qmailsmtpd_tcpserver}"
procname=nb${name}
start_precmd="qmailsmtpd_precmd"
@@ -80,13 +82,16 @@ qmailsmtpd_precmd()
qmailsmtpd_logcmd=${qmailsmtpd_nologcmd}
fi
qmailsmtpd_configure_tls
+ if [ -f /etc/rc.subr ] && checkyesno qmailsmtpd_autocdb; then
+ qmailsmtpd_needcdb && qmailsmtpd_cdb
+ fi
# tcpserver(1) is akin to inetd(8), but runs one service per process.
# We want to signal only the tcpserver process responsible for this
# service. Use argv0(1) to set procname to "nbqmailsmtpd".
command="@PREFIX@/bin/pgrphack @SETENV@ - ${qmailsmtpd_postenv}
@PREFIX@/bin/softlimit -m ${qmailsmtpd_datalimit} ${qmailsmtpd_pretcpserver}
@PREFIX@/bin/argv0 ${qmailsmtpd_tcpserver} ${procname}
-${qmailsmtpd_tcpflags} -x @PKG_SYSCONFDIR@/control/tcprules/smtp.cdb
+${qmailsmtpd_tcpflags} -x ${qmailsmtpd_tcprules}.cdb
-c `@HEAD@ -1 @PKG_SYSCONFDIR@/control/concurrencyincoming`
-u `@ID@ -u @QMAIL_DAEMON_USER@` -g `@ID@ -g @QMAIL_DAEMON_USER@`
${qmailsmtpd_tcphost} ${qmailsmtpd_tcpport}
@@ -122,12 +127,17 @@ qmailsmtpd_cont()
kill -CONT $rc_pid
}
+qmailsmtpd_needcdb() {
+ _src=${qmailsmtpd_tcprules}
+ _dst=${qmailsmtpd_tcprules}.cdb
+ [ -f "${_src}" -a "${_src}" -nt "${_dst}" ] || [ ! -f "${_dst}" ]
+}
+
qmailsmtpd_cdb()
{
- @ECHO@ "Reloading @PKG_SYSCONFDIR@/control/tcprules/smtp."
- cd @PKG_SYSCONFDIR@/control/tcprules
- @PREFIX@/bin/tcprules smtp.cdb smtp.tmp < smtp
- @CHMOD@ 644 smtp.cdb
+ @ECHO@ "Reloading ${qmailsmtpd_tcprules}."
+ @PREFIX@/bin/tcprules ${qmailsmtpd_tcprules}.cdb ${qmailsmtpd_tcprules}.tmp < ${qmailsmtpd_tcprules}
+ @CHMOD@ 644 ${qmailsmtpd_tcprules}.cdb
}
if [ -f /etc/rc.subr ]; then
Index: pkgsrc/mail/qmail-run/files/smtpfilters
diff -u pkgsrc/mail/qmail-run/files/smtpfilters:1.2 pkgsrc/mail/qmail-run/files/smtpfilters:1.3
--- pkgsrc/mail/qmail-run/files/smtpfilters:1.2 Wed Nov 28 16:22:41 2018
+++ pkgsrc/mail/qmail-run/files/smtpfilters Fri Dec 14 06:49:31 2018
@@ -1,2 +1,2 @@
-@PREFIX@/bin/qmail-qfilter-viruscan
+#@PREFIX@/bin/qmail-qfilter-viruscan
@PREFIX@/bin/qmail-qfilter-addtlsheader
Index: pkgsrc/mail/qmail-run/files/smtpplugins
diff -u pkgsrc/mail/qmail-run/files/smtpplugins:1.4 pkgsrc/mail/qmail-run/files/smtpplugins:1.5
--- pkgsrc/mail/qmail-run/files/smtpplugins:1.4 Tue Dec 11 17:49:41 2018
+++ pkgsrc/mail/qmail-run/files/smtpplugins Fri Dec 14 06:49:31 2018
@@ -13,7 +13,7 @@
# plugins to execute on RCPT command
[rcpt]
@PREFIX@/bin/qmail-rcptcheck
-#@PREFIX@/bin/greylisting-spp-with-exemptions
+#@PREFIX@/bin/greylisting-spp-wrapper
# plugins to execute on DATA command
[data]
Index: pkgsrc/mail/qmail-run/files/tcprules-smtp
diff -u pkgsrc/mail/qmail-run/files/tcprules-smtp:1.1 pkgsrc/mail/qmail-run/files/tcprules-smtp:1.2
--- pkgsrc/mail/qmail-run/files/tcprules-smtp:1.1 Tue Dec 11 17:49:41 2018
+++ pkgsrc/mail/qmail-run/files/tcprules-smtp Fri Dec 14 06:49:31 2018
@@ -1,2 +1,2 @@
127.:allow,RELAYCLIENT=""
-:allow,UCSPITLS="",GREETDELAY="2",SPP_SPF_RESULT_FAIL="E550
spf_smtp_msg",SPP_SPF_RESULT_PASS="SGL_WHITELISTED=1",GL_DATABASE="@PKG_SYSCONFDIR@/control/greylist/database",GL_VERBOSE="1",QMAILQUEUE="@PREFIX@/bin/qmail-qfilter-queue",QMAILQUEUEFILTERS="control/smtpfilters"
+:allow,UCSPITLS="",GREETDELAY="2",SPP_SPF_DONT_ALLOW_RANDOM_IP_PASS="1",SPP_SPF_RESULT_PASS="SGL_WHITELISTED=1",GL_DATABASE="@PKG_SYSCONFDIR@/control/greylist/database",GL_VERBOSE="1",QMAILQUEUE="@PREFIX@/bin/qmail-qfilter-queue",QMAILQUEUEFILTERS="control/smtpfilters"
Added files:
Index: pkgsrc/mail/qmail-run/files/greylisting-spp-wrapper.sh
diff -u /dev/null pkgsrc/mail/qmail-run/files/greylisting-spp-wrapper.sh:1.1
--- /dev/null Fri Dec 14 06:49:31 2018
+++ pkgsrc/mail/qmail-run/files/greylisting-spp-wrapper.sh Fri Dec 14 06:49:31 2018
@@ -0,0 +1,43 @@
+#!@SH@
+#
+# $NetBSD: greylisting-spp-wrapper.sh,v 1.1 2018/12/14 06:49:31 schmonz Exp $
+#
+# @PKGNAME@ wrapper for greylisting-spp.
+# Skips greylisting for configured recipient addresses and domains.
+# Optionally assigns a fixed "ip" in (ip,sender,recipient).
+#
+
+EXEMPTRCPTS=@PKG_SYSCONFDIR@/control/greylist/exemptrcpts
+EXEMPTRCPTHOSTS=@PKG_SYSCONFDIR@/control/greylist/exemptrcpthosts
+
+is_exempt_recipient_address() {
+ [ -f "$EXEMPTRCPTS" ] \
+ && @GREP@ -qFx -- "$1" "$EXEMPTRCPTS"
+}
+
+is_exempt_recipient_domain() {
+ [ -f "$EXEMPTRCPTHOSTS" ] \
+ && @GREP@ -qFx -- "$1" "$EXEMPTRCPTHOSTS"
+}
+
+main() {
+ [ -n "$SMTPRCPTTO" ] || return
+
+ rcpt="$SMTPRCPTTO"
+ rcpthost=$(@ECHO@ "$rcpt" | @SED@ -e 's|.*@||')
+
+ if is_exempt_recipient_address "$rcpt"; then
+ @ECHO@ >&2 "greylisting skipped for recipient address: $rcpt"
+ GL_WHITELISTED="1"; export GL_WHITELISTED
+ elif is_exempt_recipient_domain "$rcpthost"; then
+ @ECHO@ >&2 "greylisting skipped for recipient domain: $rcpthost"
+ GL_WHITELISTED="1"; export GL_WHITELISTED
+ fi
+
+ if [ -n "$GL_WRAPPER_TCPREMOTEIP" ]; then
+ TCPREMOTEIP="$GL_WRAPPER_TCPREMOTEIP"; export TCPREMOTEIP
+ fi
+}
+
+main "$@"
+exec @PREFIX@/bin/greylisting-spp
Home |
Main Index |
Thread Index |
Old Index