diff --git a/CHANGES b/CHANGES new file mode 100644 index 0000000..25ddd84 --- /dev/null +++ b/CHANGES @@ -0,0 +1,15 @@ +# Legend: +# --- = A new release +# + = Added a feature (in a backwards compatible way) +# ! = Changed something significant, or removed a feature +# * = Fixed a bug, or made a minor improvement + +--- 1.08 (2006-06-17 20:00) + + * Added Debian package control files. + * Moved documentation from executable into separate README and INSTALL + files. Improved documentation. + * Minor and purely cosmetic code clean-up. + +# $Id$ +# vim:tw=79 sts=2 sw=2 diff --git a/INSTALL b/INSTALL new file mode 100644 index 0000000..9e9c3cd --- /dev/null +++ b/INSTALL @@ -0,0 +1,32 @@ +System Requirements +------------------- + +The following Perl version and packages are required for running +postfix-policyd-spf-perl: + + Perl 5.6 + Mail::SPF::Query + +Installing +---------- + + 1. Copy postfix-policyd-spf-perl to /usr/lib/postfix/policyd-spf-perl + + 2. Add the following line to /etc/postfix/master.cf: + + policy unix - n n - - spawn + user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl + + 3. Configure the Postfix policy service in /etc/postfix/main.cf: + + smtpd_recipient_restrictions = + ... + reject_unauth_destination + check_policy_service unix:private/policy + ... + + NOTE: Specify check_policy_service AFTER reject_unauth_destination or + else your system can become an open relay. + +# $Id: README 167 2005-01-17 18:26:45Z julian $ +# vim:tw=79 diff --git a/README b/README new file mode 100644 index 0000000..75bf03d --- /dev/null +++ b/README @@ -0,0 +1,66 @@ +postfix-policyd-spf-perl 1.08 +A Postfix SMTPd policy server for SPF checking +(C) 2003-2004 Meng Weng Wong +Contributions by various members of the SPF project + +============================================================================== + +postfix-policyd-spf-perl is a Postfix SMTPd policy daemon for SPF checking. +It is implemented in pure Perl and uses the Mail::SPF::Query CPAN module. + +See INSTALL for installation instructions. + +Usage: + policyd-spf-perl [-v] + +This documentation assumes you have read Postfix's README_FILES/ +SMTPD_POLICY_README. + +Logging is sent to syslogd. + +Each time a Postfix SMTP server process is started it connects to the policy +service socket, and Postfix runs one instance of this Perl script. By +default, a Postfix SMTP server process terminates after 100 seconds of idle +time, or after serving 100 clients. Thus, the cost of starting this Perl +script is smoothed out over time. + +The default policy_time_limit is 1000 seconds.  This may be to short for some +SMTP transactions to complete.  As recommended in SMTPD_POLICY_README, this +should be extended to 3600 seconds.  To do so, set "policy_time_limit = 3600" +in /etc/postfix/main.cf. + +Testing the policy daemon +------------------------- + +To test the policy daemon by hand, execute: + + % perl /usr/lib/postfix/policyd-spf-perl + +Each query is a bunch of attributes. Order does not matter, and the daemon +uses only a few of all the attributes shown below: + + request=smtpd_access_policy + protocol_state=RCPT + protocol_name=SMTP + helo_name=some.domain.tld + queue_id=8045F2AB23 + sender=foo@bar.tld + recipient=bar@foo.tld + client_address=1.2.3.4 + client_name=another.domain.tld + [empty line] + +The policy daemon will answer in the same style, with an attribute list +followed by a empty line: + + action=dunno + [empty line] + +License +------- + +Thingy is free software. You may use, modify, and distribute it under the +GNU GPL (version 2 or later). + +# $Id$ +# vim:tw=79 diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..63b4f20 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +postfix-policyd-spf-perl (1.08) unstable; urgency=low + + * Initial release as a Debian package. + + -- Julian Mehnle Sat, 17 Jun 2006 19:32:31 +0000 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..7ed6ff8 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +5 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..987d0b8 --- /dev/null +++ b/debian/control @@ -0,0 +1,14 @@ +Source: postfix-policyd-spf-perl +Section: mail +Priority: optional +Maintainer: Julian Mehnle +Build-Depends-Indep: debhelper (>= 5), perl (>= 5.6) +Standards-Version: 3.7.2 + +Package: postfix-policyd-spf-perl +Architecture: all +Depends: libmail-spf-query-perl +Recommends: postfix +Description: pure-Perl Postfix policy daemon for SPF checking + postfix-policyd-spf-perl is a Postfix SMTPd policy daemon for SPF checking. + It is implemented in pure Perl and uses the Mail::SPF::Query module. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..2f5d76e --- /dev/null +++ b/debian/copyright @@ -0,0 +1,13 @@ +This is the Debian package for postfix-policyd-spf-perl, which is available +from . + +(C) 2003-2004 Meng Weng Wong +Contributions by various members of the SPF project + +Julian Mehnle is the maintainer of the Debian package. + +This is free software; you can redistribute it and/or modify it under the terms +of the GNU General Public License (version 2 or later). + +On Debian systems, the complete text of the GPL v2 can be found here: +/usr/share/common-licenses/GPL-2 diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..435fce5 --- /dev/null +++ b/debian/rules @@ -0,0 +1,56 @@ +#!/usr/bin/make -f + +PACKAGE = $(shell dh_listpackages) + +ifndef PERL + PERL = /usr/bin/perl +endif + +TMP = $(CURDIR)/debian/$(PACKAGE) + +build: build-stamp + # Nothing to do. + +clean: + dh_testdir + dh_testroot + dh_clean build-stamp install-stamp + +install: install-stamp +install-stamp: + dh_testdir + dh_testroot + dh_clean -k + + install -D postfix-policyd-spf-perl $(TMP)/usr/lib/postfix/policyd-spf-perl + + touch install-stamp + +# Build architecture-independent files here: +binary-indep: build install + dh_testdir + dh_testroot + + dh_install + dh_installdirs + dh_installdocs README + dh_installchangelogs CHANGES + #dh_installexamples examples/* + #dh_installman + #dh_link + + dh_compress + dh_fixperms + dh_installdeb + dh_perl + dh_gencontrol + dh_md5sums + dh_builddeb + +# Build architecture-dependent files here: +binary-arch: + # Nothing to do. + +binary: binary-indep binary-arch + +.PHONY: build clean binary-indep binary-arch binary install diff --git a/postfix-policyd-spf b/postfix-policyd-spf-perl similarity index 57% rename from postfix-policyd-spf rename to postfix-policyd-spf-perl index b668f25..b533d83 100755 --- a/postfix-policyd-spf +++ b/postfix-policyd-spf-perl @@ -1,23 +1,25 @@ #!/usr/bin/perl # postfix-policyd-spf-perl -# http://www.openspf.org/source/software/postfix-policyd-spf/ +# http://www.openspf.org/source/software/postfix-policyd-spf-perl/ # version 1.08 # $Id: postfix-policyd-spf 147 2006-03-14 21:51:58Z julian $ +our $VERSION = '1.08'; + +use strict; + use Fcntl; use Sys::Syslog qw(:DEFAULT setlogsock); -use strict; +use Mail::SPF::Query; # ---------------------------------------------------------- # configuration # ---------------------------------------------------------- -# to use SPF, install Mail::SPF::Query from CPAN or from the SPF website at http://www.openspf.org/downloads.html - - my @HANDLERS; - push @HANDLERS, "testing"; - push @HANDLERS, "sender_permitted_from"; use Mail::SPF::Query; +my @HANDLERS; +push @HANDLERS, "testing"; +push @HANDLERS, "sender_permitted_from"; my $VERBOSE = 0; @@ -35,87 +37,6 @@ my $syslog_options = "pid"; my $syslog_priority = "info"; my $syslog_ident = "postfix/policy-spf"; -# ---------------------------------------------------------- -# minimal documentation -# ---------------------------------------------------------- - -# -# Usage: smtpd-policy.pl [-v] -# -# Demo delegated Postfix SMTPD policy server. -# This server implements SPF. -# Another server implements greylisting. -# Postfix has a pluggable policy server architecture. -# You can call one or both from Postfix. -# -# The SPF handler uses Mail::SPF::Query to do the heavy lifting. -# -# This documentation assumes you have read Postfix's README_FILES/SMTPD_POLICY_README -# -# Logging is sent to syslogd. -# -# How it works: each time a Postfix SMTP server process is started -# it connects to the policy service socket, and Postfix runs one -# instance of this PERL script. By default, a Postfix SMTP server -# process terminates after 100 seconds of idle time, or after serving -# 100 clients. Thus, the cost of starting this PERL script is smoothed -# out over time. -# The default policy_time_limit is 1000 seconds.  This may be to short -# for some SMTP transactions to complete.  As recommended in -# SMTPD_POLICY_README, this should be extended to 3600 seconds.  To do -# so, set "policy_time_limit = 3600" in /etc/postfix/main.cf. -# -# To run this from /etc/postfix/master.cf: -# -# policy unix - n n - - spawn -# user=nobody argv=/usr/bin/perl /usr/libexec/postfix/smtpd-policy.pl -# -# To use this from Postfix SMTPD, use in /etc/postfix/main.cf: -# -# smtpd_recipient_restrictions = -# ... -# reject_unauth_destination -# check_policy_service unix:private/policy -# ... -# -# NOTE: specify check_policy_service AFTER reject_unauth_destination -# or else your system can become an open relay. -# -# To test this script by hand, execute: -# -# % perl smtpd-policy.pl -# -# Each query is a bunch of attributes. Order does not matter, and -# the demo script uses only a few of all the attributes shown below: -# -# request=smtpd_access_policy -# protocol_state=RCPT -# protocol_name=SMTP -# helo_name=some.domain.tld -# queue_id=8045F2AB23 -# sender=foo@bar.tld -# recipient=bar@foo.tld -# client_address=1.2.3.4 -# client_name=another.domain.tld -# [empty line] -# -# The policy server script will answer in the same style, with an -# attribute list followed by a empty line: -# -# action=dunno -# [empty line] -# - -# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: client_address=208.210.125.227 -# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: client_name=newbabe.mengwong.com -# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: helo_name=newbabe.mengwong.com -# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: protocol_name=ESMTP -# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: protocol_state=RCPT -# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: queue_id= -# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: recipient=mengwong@dumbo.pobox.com -# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: request=smtpd_access_policy -# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: sender=mengwong@newbabe.mengwong.com - # ---------------------------------------------------------- # initialization # ----------------------------------------------------------