File: README.postfix

package info (click to toggle)
bld 0.3.2-3.2
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 500 kB
  • ctags: 252
  • sloc: ansic: 2,307; perl: 180; makefile: 143; sh: 106; python: 36
file content (76 lines) | stat: -rw-r--r-- 3,185 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
BLD and Postfix
    As of version 0.3.1, BLD comes with tools allowing its interaction
    with Postfix.

Feeding BLD
    To submit IP addresses to BLD, you have to read your mail logs with
    a small script named bld-pf_log.pl.  Basically, it takes any
    line logging a "User unknown" reject and sends the IP address of the
    SMTP client to BLD.

    On FreeBSD, you can do it with something like this:
	tail -c0 -F /var/log/maillog | bld-pf_log.pl

    If you use Linux or more generally GNU tail, this would be:
	tail -c0 --follow=name /var/log/mail.log | bld-pf_log.pl
    Of course, you'll have to replace /var/log/mail.log with the file
    that gets the logs for "user unkown" errors.

    You may want to test that everything works fine by reading the logs
    BLD sends to syslog.  A submission looks like this:
    Feb 24 06:50:01 mx bld[1975]: 192.168.0.1 submitted by 127.0.0.1

    And an insertion in the blacklist:
    Feb 24 06:50:02 mx bld[1975]: 192.168.0.1 put in bl: 19 reqs / 30 secs


Using BLD from Postfix
    This is easy if you have Postfix 2.1 or a later version thanks to 
    the policy server.  If you don't, you can have a look at the
    bld2zone.pl script that generates a RBL zone file from BLD dumps.
    The problem with this method is that potential dictionnary-spammers
    won't be rejected until the RBL zone is reloaded.

    If you run Postfix 2.1, though, BLD is really simple to use as a
    policy server.  It works just like the greylist mechanism implemented
    by the greylist.pl distributed with Postfix source code (more
    precisely, the following script is written from greylist.pl).

    You'll only have to put these lines in your master.cf file:
    bld-policy  unix  -       n       n       -       -       spawn
      user=nobody argv=/usr/bin/perl /usr/local/sbin/bld-pf_policy.pl

    Alternative:
    If you prefer using a binary compiled for your platform, you can try
    using bld-postfix_policy (a C program that comes with BLD):
    bld-policy  unix  -       n       n       -       -       spawn
      user=nobody argv=/usr/bin/perl /usr/local/sbin/bld-pf_policy

    And add the following to smtpd_recipient restrictions after
    reject_unauth_destination:
	check_policy_service unix:private/bld-policy

    The best way to test this is to temporarily insert your own IP
    with the command "bldinsert 127.0.0.1".  This should generate a log
    line like this one:
    Feb 24 06:50:03 mx bld[1975]: 127.0.0.1 inserted by 127.0.0.1

    Then try to connect to Postfix and see if you are rejected:
-->   % telnet localhost 25
      Trying 127.0.0.1...
      Connected to localhost.redhate.org.
      Escape character is '^]'.
      220 r14.redhate.org ESMTP Postfix
-->   HELO localhost
      250 r14.redhate.org
-->   MAIL FROM: me
      250 Ok
-->   RCPT TO: me
      554 <me>: Recipient address rejected: Too many Users unknown from this IP
-->   QUIT
      221 Bye
      Connection closed by foreign host.

    If you dislike the idea of not getting local mail any more, you may
    wish to remove yourself from the blacklist.  This can be done by
    stopping BLD and deleting all files in /var/run/bld/.