Attachment #141508 for bug #188319




# $FreeBSD$

PORTNAME=	greyfix
PORTVERSION=	0.4.0
CATEGORIES=	mail
MASTER_SITES=	http://www.kim-minh.com/pub/greyfix/ \
		http://stereochro.me/distfiles/

MAINTAINER=	k@stereochro.me
COMMENT=	A greylisting policy daemon for Postfix


SUB_FILES=	pkg-message

USE_BDB=	5+
GNU_CONFIGURE=	yes
CONFIGURE_ARGS+=--with-berkeleydb-libdir=${BDB_LIB_DIR} \
		--with-berkeleydb-includedir=${BDB_INCLUDE_DIR} \
		--localstatedir=/var

PLIST_SUB=	GREYFIXDBDIR=/var/db/${PORTNAME}

post-patch:
	@${REINPLACE_CMD} 's|-ldb|-l${BDB_LIB_NAME}|g' ${WRKSRC}/configure
	@${REINPLACE_CMD} 's|$$(localstatedir)/lib|$$(localstatedir)/db|' \
		${WRKSRC}/Makefile.in

post-install:
	${INSTALL_MAN} ${FILESDIR}/greyfix.8 ${STAGEDIR}${MAN1PREFIX}/man/man8/
	${INSTALL} -o nobody -m 700 -d ${STAGEDIR}/var/db/greyfix

.include <bsd.port.mk>

Lines 1-2 Link Here

(-)distinfo (-2 / +2 lines)
1	SHA256 (greyfix-0.3.9.tar.gz) = dee4428aef9b248b68799a640a85b44ffee0e9a3b2d2f16eed1bb41edad5f204	1	SHA256 (greyfix-0.4.0.tar.gz) = 26013edce3a38d586282bfc22eb91bd22df54e3558ea1b3dae54d3e7a769e4fe
2	SIZE (greyfix-0.3.9.tar.gz) = 79883	2	SIZE (greyfix-0.4.0.tar.gz) = 98051




.Dd April 26, 2014
.Dt GREYFIX 8
.Os
.Sh NAME
.Nm greyfix
.Nd "A greylisting policy daemon for Postfix"
.Sh SYNOPSIS
.Nm
.Op Fl Vvd
.Op Fl h Ar home_directory
.Op Fl g Ar delay_period
.Op Fl b Ar bloc_idle_period
.Op Fl p Ar pass_period
.Op Fl r Ar reject_action
.Op Fl G Ar greylist_action
.Op Fl / Ar prefix_size
.Op Fl 6 Ar prefix_size
.Op Fl -dump-triplets
.Op Fl -help
.Sh DESCRIPTION
.Nm
is a efficient greylisting policy daemon for Postfix.
.Pp
The options are:
.Bl -tag -width indent
.It Fl V , Fl -version
Show version information.
.It Fl v , Fl -verbose
Verbose logging.
.It Fl d , Fl -debug
Debug logging.
.It Fl -help
Show usage information.
.It Fl -dump-triplets
Dump the triplets database to stdout. Mostly for debugging purposes.
.It Fl b Ar seconds , Fl -bloc-max-idle Ar seconds
How many seconds of life are given to a record that is created from a new mail
.Em ( ip , from , to )
triplet. Note that the window created by this setting for passing mails is
reduced by the amount set for
.Fl -greylist-delay .
Also see
.Fl -pass-max-idle .
Defaults to 18000.
.It Fl g Ar seconds , Fl -greylist-delay Ar seconds
How many seconds we will block inbound mail that is from a previously unknown
.Em ( ip , from , to )
triplet. If it is set to zero, incoming mail association will be learned, but
no deliveries will be tempfailed. Use a setting of zero with caution, as it
will learn spammers as well as legitimate senders. Defaults to 3480.
.It Fl h Ar home_directory , Fl -home Ar home_directory
Location of the Berkeley DB environment home location. Defaults to
.Pa /var/db/greyfix .
.It Fl p Ar seconds , Fl -pass-max-idle Ar seconds
How long to give to a record we are updating from an allowed (passed) email.
.Pp
The default is 3110400, which should be enough to handle messages that may only
be sent once a month, or on things like the first monday of the month (which
sometimes means 5 weeks). Plus, we add a day for a delivery buffer.
.It Fl r Ar action , Fl -reject-action Ar action
The reject action directive that will be used.  See
.Xr access 5
for valid actions. The placeholder
.Em %d
expand to the number of seconds,
.Em %p
to the empty string if
.Em %d
expands to 1 or
.Dq s
otherwise,
.Em %s
to a single space, and
.Em %%
to
.Dq % .
.Pp
The default is
.Dq DEFER_IF_PERMIT Greylisted by greyfix 0.4.0, try again in %d second%p. See http://www.kim-minh.com/pub/greyfix/ for more information.
.It Fl G Ar action , Fl -greylisted-action Ar action
The action that will be used the first time a triplet passes greylisting. Same
expansion as for
.Fl -reject-action .
.Pp
The default is
.Dq PREPEND X-Greyfix: Greylisted by greyfix 0.4.0 for %d second%p. See http://www.kim-minh.com/pub/greyfix/ for more information.
.It Fl / Ar prefix_size , Fl -network-prefix Ar prefix_size
Only consider the first
.Ar prefix_size
bits of an IPv4 address. Defaults to 32, i.e., the whole address is
significant.
.It Fl 6 Ar prefix_size , Fl -network6-prefix Ar prefix_size
Only consider the first
.Ar prefix_size
bits of an IPv6 address. Defaults to 128, i.e., the whole address is
significant.
.El
.Sh USAGE
Edit Postfix's master configuration file,
.Pa /usr/local/etc/postfix/master.cf ,
and add the following:
.Bd -literal
greyfix    unix  -       n       n       -       -       spawn
  user=nobody argv=/usr/local/sbin/greyfix -/ 24 -6 56
.Ed
.Pp
Edit Postfix's main configuration file,
.Pa /etc/postfix/main.cf ,
and add the following:
.Bd -literal
smtpd_recipient_restrictions =
  permit_mynetworks,
  reject_unauth_destination,
  check_policy_service unix:private/greyfix
.Ed
.Pp
If there is already an
.Em smtpd_recipient_restrictions
configuration line, you should edit it rather than add a new one. The
important part for Greyfix is that you should add
.Em check_policy_service unix:private/greyfix
to it. Finally, have Postfix reload its configuration with
.Ic "postfix reload" .
.Sh NOTES
.Ss Logs
Greyfix logs to
.Xr syslog 3
with the
.Li LOG_MAIL
facility. As such, the log messages should appear along Postfix's.
.Sh ALSO SEE
.Xr access 5
.Sh AUTHORS
.Nm
was written by
.An Kim Minh Kaplan
.Aq http://www.kim-minh.com/ .

Line 0 Link Here

(-)files/patch-sockets (+11 lines)
	1	--- greyfix.c.orig 2014-04-06 16:23:26.000000000 +0100
	2	+++ greyfix.c 2014-04-06 16:23:37.000000000 +0100
	3	@@ -26,6 +26,8 @@
	4	#include <syslog.h>
	5	#include <sys/stat.h>
	6	#include <arpa/inet.h>
	7	+#include <netinet/in.h>
	8	+#include <sys/socket.h>
	9
	10	#include <db.h>
	11

Lines 1-4 Link Here

(-)pkg-plist (-3 / +3 lines)
1	@exec mkdir -m 700 -p /var/db/greyfix && chown nobody /var/db/greyfix	1	man/man8/greyfix.8.gz
2	sbin/greyfix	2	sbin/greyfix
3	@cwd /	3	@exec install -d -o nobody -g mail -m 770 %%GREYFIXDBDIR%%
4	@dirrmtry /var/db/greyfix	4	@dirrmtry %%GREYFIXDBDIR%%

Return to bug 188319

Lines 2-10 Link Here

(-)Makefile (-7 / +9 lines)
2	# $FreeBSD$	2	# $FreeBSD$
3		3
4	PORTNAME= greyfix	4	PORTNAME= greyfix
5	PORTVERSION= 0.3.9	5	PORTVERSION= 0.4.0
6	CATEGORIES= mail	6	CATEGORIES= mail
7	MASTER_SITES= http://www.kim-minh.com/pub/greyfix/	7	MASTER_SITES= http://www.kim-minh.com/pub/greyfix/ \
		8	http://stereochro.me/distfiles/
8		9
9	MAINTAINER= k@stereochro.me	10	MAINTAINER= k@stereochro.me
10	COMMENT= A greylisting policy daemon for Postfix	11	COMMENT= A greylisting policy daemon for Postfix
Lines 11-29 Link Here
11		12
12	SUB_FILES= pkg-message	13	SUB_FILES= pkg-message
13		14
14	USE_BDB= yes	15	USE_BDB= 5+
15	GNU_CONFIGURE= yes	16	GNU_CONFIGURE= yes
16	CONFIGURE_ARGS= --with-berkeleydb-libdir=${BDB_LIB_DIR} \	17	CONFIGURE_ARGS+=--with-berkeleydb-libdir=${BDB_LIB_DIR} \
17	--with-berkeleydb-includedir=${BDB_INCLUDE_DIR} \	18	--with-berkeleydb-includedir=${BDB_INCLUDE_DIR} \
18	--localstatedir=/var	19	--localstatedir=/var
19		20
		21	PLIST_SUB= GREYFIXDBDIR=/var/db/${PORTNAME}
		22
20	post-patch:	23	post-patch:
21	@${REINPLACE_CMD} 's\|-ldb\|-l${BDB_LIB_NAME}\|g' ${WRKSRC}/configure	24	@${REINPLACE_CMD} 's\|-ldb\|-l${BDB_LIB_NAME}\|g' ${WRKSRC}/configure
22	@${REINPLACE_CMD} 's\|$$(localstatedir)/lib\|$$(localstatedir)/db\|' \	25	@${REINPLACE_CMD} 's\|$$(localstatedir)/lib\|$$(localstatedir)/db\|' \
23	${WRKSRC}/Makefile.in	26	${WRKSRC}/Makefile.in
24		27
25	do-install:	28	post-install:
26	${INSTALL_PROGRAM} ${WRKSRC}/greyfix ${STAGEDIR}${PREFIX}/sbin	29	${INSTALL_MAN} ${FILESDIR}/greyfix.8 ${STAGEDIR}${MAN1PREFIX}/man/man8/
27	${INSTALL} -o nobody -m 700 -d ${STAGEDIR}/var/db/greyfix
28		30
29	.include <bsd.port.mk>	31	.include <bsd.port.mk>

Line 0 Link Here

(-)files/greyfix.8 (+137 lines)
		1	.Dd April 26, 2014
		2	.Dt GREYFIX 8
		3	.Os
		4	.Sh NAME
		5	.Nm greyfix
		6	.Nd "A greylisting policy daemon for Postfix"
		7	.Sh SYNOPSIS
		8	.Nm
		9	.Op Fl Vvd
		10	.Op Fl h Ar home_directory
		11	.Op Fl g Ar delay_period
		12	.Op Fl b Ar bloc_idle_period
		13	.Op Fl p Ar pass_period
		14	.Op Fl r Ar reject_action
		15	.Op Fl G Ar greylist_action
		16	.Op Fl / Ar prefix_size
		17	.Op Fl 6 Ar prefix_size
		18	.Op Fl -dump-triplets
		19	.Op Fl -help
		20	.Sh DESCRIPTION
		21	.Nm
		22	is a efficient greylisting policy daemon for Postfix.
		23	.Pp
		24	The options are:
		25	.Bl -tag -width indent
		26	.It Fl V , Fl -version
		27	Show version information.
		28	.It Fl v , Fl -verbose
		29	Verbose logging.
		30	.It Fl d , Fl -debug
		31	Debug logging.
		32	.It Fl -help
		33	Show usage information.
		34	.It Fl -dump-triplets
		35	Dump the triplets database to stdout. Mostly for debugging purposes.
		36	.It Fl b Ar seconds , Fl -bloc-max-idle Ar seconds
		37	How many seconds of life are given to a record that is created from a new mail
		38	.Em ( ip , from , to )
		39	triplet. Note that the window created by this setting for passing mails is
		40	reduced by the amount set for
		41	.Fl -greylist-delay .
		42	Also see
		43	.Fl -pass-max-idle .
		44	Defaults to 18000.
		45	.It Fl g Ar seconds , Fl -greylist-delay Ar seconds
		46	How many seconds we will block inbound mail that is from a previously unknown
		47	.Em ( ip , from , to )
		48	triplet. If it is set to zero, incoming mail association will be learned, but
		49	no deliveries will be tempfailed. Use a setting of zero with caution, as it
		50	will learn spammers as well as legitimate senders. Defaults to 3480.
		51	.It Fl h Ar home_directory , Fl -home Ar home_directory
		52	Location of the Berkeley DB environment home location. Defaults to
		53	.Pa /var/db/greyfix .
		54	.It Fl p Ar seconds , Fl -pass-max-idle Ar seconds
		55	How long to give to a record we are updating from an allowed (passed) email.
		56	.Pp
		57	The default is 3110400, which should be enough to handle messages that may only
		58	be sent once a month, or on things like the first monday of the month (which
		59	sometimes means 5 weeks). Plus, we add a day for a delivery buffer.
		60	.It Fl r Ar action , Fl -reject-action Ar action
		61	The reject action directive that will be used. See
		62	.Xr access 5
		63	for valid actions. The placeholder
		64	.Em %d
65	expand to the number of seconds,
66	.Em %p
67	to the empty string if
68	.Em %d
69	expands to 1 or
70	.Dq s
71	otherwise,
72	.Em %s
73	to a single space, and
74	.Em %%
75	to
76	.Dq % .
77	.Pp
78	The default is
79	.Dq DEFER_IF_PERMIT Greylisted by greyfix 0.4.0, try again in %d second%p. See http://www.kim-minh.com/pub/greyfix/ for more information.
80	.It Fl G Ar action , Fl -greylisted-action Ar action
81	The action that will be used the first time a triplet passes greylisting. Same
82	expansion as for
83	.Fl -reject-action .
84	.Pp
85	The default is
86	.Dq PREPEND X-Greyfix: Greylisted by greyfix 0.4.0 for %d second%p. See http://www.kim-minh.com/pub/greyfix/ for more information.
87	.It Fl / Ar prefix_size , Fl -network-prefix Ar prefix_size
88	Only consider the first
89	.Ar prefix_size
90	bits of an IPv4 address. Defaults to 32, i.e., the whole address is
91	significant.
92	.It Fl 6 Ar prefix_size , Fl -network6-prefix Ar prefix_size
93	Only consider the first
94	.Ar prefix_size
95	bits of an IPv6 address. Defaults to 128, i.e., the whole address is
96	significant.
97	.El
98	.Sh USAGE
99	Edit Postfix's master configuration file,
100	.Pa /usr/local/etc/postfix/master.cf ,
101	and add the following:
102	.Bd -literal
103	greyfix unix - n n - - spawn
104	user=nobody argv=/usr/local/sbin/greyfix -/ 24 -6 56
105	.Ed
106	.Pp
107	Edit Postfix's main configuration file,
108	.Pa /etc/postfix/main.cf ,
109	and add the following:
110	.Bd -literal
111	smtpd_recipient_restrictions =
112	permit_mynetworks,
113	reject_unauth_destination,
114	check_policy_service unix:private/greyfix
115	.Ed
116	.Pp
117	If there is already an
118	.Em smtpd_recipient_restrictions
119	configuration line, you should edit it rather than add a new one. The
120	important part for Greyfix is that you should add
121	.Em check_policy_service unix:private/greyfix
122	to it. Finally, have Postfix reload its configuration with
123	.Ic "postfix reload" .
124	.Sh NOTES
125	.Ss Logs
126	Greyfix logs to
127	.Xr syslog 3
128	with the
129	.Li LOG_MAIL
130	facility. As such, the log messages should appear along Postfix's.
131	.Sh ALSO SEE
132	.Xr access 5
133	.Sh AUTHORS
134	.Nm
135	was written by
136	.An Kim Minh Kaplan
137	.Aq http://www.kim-minh.com/ .