From 10f4f2613ea21c6d0ea92b347c22098c2a7f1253 Mon Sep 17 00:00:00 2001
From: Stuart Gathman <stuart@gathman.org>
Date: Thu, 29 Nov 2007 14:35:17 +0000
Subject: [PATCH] Packaging tweaks.
---
TODO | 5 +++++
bms.py | 7 +++++--
milter.cfg | 6 ++++++
milter.rc | 2 +-
pymilter.spec | 58 ++++++++++++++++++++++++++++-----------------------
5 files changed, 49 insertions(+), 29 deletions(-)
diff --git a/TODO b/TODO
index 3e76e00..76de62c 100644
--- a/TODO
+++ b/TODO
@@ -1,3 +1,8 @@
+Support CBV to local domains and cache results so that invalid users
+can be rejected without maintaining valid user lists.
+
+Now that we blacklist IPs for too many bad rcpts, delay SPF until RCPT TO.
+
Convert DSN to REJECT unless sender gets SPF pass or best guess pass. Make
configurable by SPF result with NOTSPAM policy (reject or deliver without DSN).
Maybe policy should be NODSN - still verify sender with CBV.
diff --git a/bms.py b/bms.py
index bee0e42..084afc5 100644
--- a/bms.py
+++ b/bms.py
@@ -1,6 +1,9 @@
#!/usr/bin/env python
# A simple milter that has grown quite a bit.
# $Log$
+# Revision 1.116 2007/11/01 20:09:14 customdesigned
+# Support temperror policy in access.
+#
# Revision 1.115 2007/10/10 18:23:54 customdesigned
# Send quarantine DSN to SPF pass (official or guessed) only.
# Reject blacklisted email too big for dspam.
@@ -740,9 +743,9 @@ class bmsMilter(Milter.Milter):
self.user = self.getsymval('{auth_authen}')
if self.user:
- # Very simple SMTP AUTH policy by defaul:
+ # Very simple SMTP AUTH policy by default:
# any successful authentication is considered INTERNAL
- # FIXME: configure allowed MAIL FROM by user
+ # Detailed authorization policy is configured in the access file below.
self.internal_connection = True
self.log(
"SMTP AUTH:",self.user, self.getsymval('{auth_type}'),
diff --git a/milter.cfg b/milter.cfg
index c99e689..fd9a35e 100644
--- a/milter.cfg
+++ b/milter.cfg
@@ -1,4 +1,5 @@
[milter]
+datadir = /var/log/milter
# the socket used to communicate with sendmail. Must match sendmail.cf
socket=/var/run/milter/pythonsock
# where to save original copies of defanged and failed messages
@@ -186,6 +187,11 @@ blind = 1
# Map email addresses and aliases to dspam users
;dspam_users=david,goliath,spam,falsepositive
+# List dspam users which train on all delivered messages, as opposed to
+# "train on error" which trains only when a spam or falsepositive is reported.
+# Training mode will build the dictionary faster, but requires close attention
+# so as not to miss any spam or false positives.
+;dspam_train=goliath
;david=david@foocorp.com,david.yelnetz@foocorp.com,david@bar.foocorp.com
;goliath=giant@foocorp.com,goliath.philistine@foocorp.com
# address to forward spam to. milter will process these and not deliver
diff --git a/milter.rc b/milter.rc
index 3fad6c5..133d68e 100755
--- a/milter.rc
+++ b/milter.rc
@@ -46,7 +46,7 @@ start() {
stop() {
# Stop daemons.
echo -n "Shutting down $prog: "
- killproc milter
+ killproc -d 5 milter
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/milter
diff --git a/pymilter.spec b/pymilter.spec
index c952583..cc24627 100644
--- a/pymilter.spec
+++ b/pymilter.spec
@@ -1,5 +1,9 @@
+# This spec file contains 2 noarch packages in addition to the pymilter
+# module. To compile all three on 32-bit Intel, use:
+# rpmbuild -ba --target=i386,noarch pymilter.spec
+
%define version 0.8.9
-%define release 1
+%define release 2
# what version of RH are we building for?
%define redhat7 0
@@ -29,10 +33,6 @@
%define libdir /usr/lib/pymilter
%endif
-# This spec file contains 2 noarch packages in addition to the pymilter
-# module. To compile all three, use:
-# rpmbuild -ba --target=i386,noarch pymilter.spec
-
%ifarch noarch
Name: milter
Group: Applications/System
@@ -112,16 +112,7 @@ find /var/log/milter/save -mtime +7 | xargs $R rm
EOF
chmod a+x $RPM_BUILD_ROOT/etc/cron.daily/milter
-%ifos aix4.1
-cat >$RPM_BUILD_ROOT%{libdir}/start.sh <<'EOF'
-#!/bin/sh
-cd /var/log/milter
-# uncomment to enable sgmlop if installed
-#export PYTHONPATH=/usr/local/lib/python2.1/site-packages
-exec /usr/local/bin/python bms.py >>milter.log 2>&1
-EOF
-%else # not aix4.1
-cp start.sh $RPM_BUILD_ROOT%{libdir}
+%ifnos aix4.1
mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
cp %{sysvinit} $RPM_BUILD_ROOT/etc/rc.d/init.d/milter
cp spfmilter.rc $RPM_BUILD_ROOT/etc/rc.d/init.d/spfmilter
@@ -141,18 +132,8 @@ python="%{python}"
w
q
EOF
-ed $RPM_BUILD_ROOT%{libdir}/start.sh <<'EOF'
-/^python=/
-c
-python="%{python}"
-.
-w
-q
-EOF
%endif # aix4.1
-chmod a+x $RPM_BUILD_ROOT%{libdir}/start.sh
-mkdir -p $RPM_BUILD_ROOT/var/run/milter
mkdir -p $RPM_BUILD_ROOT/usr/share/sendmail-cf/hack
cp -p rhsbl.m4 $RPM_BUILD_ROOT/usr/share/sendmail-cf/hack
@@ -185,7 +166,6 @@ fi
%files
%defattr(-,root,root)
-%config %{libdir}/start.sh
/etc/logrotate.d/milter
/etc/cron.daily/milter
%{libdir}/bms.py?
@@ -254,13 +234,39 @@ env CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$LDFLAGS" %{python} setup.py build
%install
rm -rf $RPM_BUILD_ROOT
%{python} setup.py install --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES
+mkdir -p $RPM_BUILD_ROOT/var/run/milter
+mkdir -p $RPM_BUILD_ROOT%{libdir}
+%ifos aix4.1
+cat >$RPM_BUILD_ROOT%{libdir}/start.sh <<'EOF'
+#!/bin/sh
+cd /var/log/milter
+# uncomment to enable sgmlop if installed
+#export PYTHONPATH=/usr/local/lib/python2.1/site-packages
+exec /usr/local/bin/python bms.py >>milter.log 2>&1
+EOF
+%else # not aix4.1
+cp start.sh $RPM_BUILD_ROOT%{libdir}
+ed $RPM_BUILD_ROOT%{libdir}/start.sh <<'EOF'
+/^python=/
+c
+python="%{python}"
+.
+w
+q
+EOF
+%endif
+chmod a+x $RPM_BUILD_ROOT%{libdir}/start.sh
%if !%{redhat7}
grep '.pyc$' INSTALLED_FILES | sed -e 's/c$/o/' >>INSTALLED_FILES
%endif
+# start.sh is used by spfmilter and milter, and could be used by
+# other milters running on redhat
%files -f INSTALLED_FILES
%defattr(-,root,root)
%doc README HOWTO ChangeLog NEWS TODO CREDITS sample.py milter-template.py
+%config %{libdir}/start.sh
+%dir /var/run/milter
%endif # noarch
--
GitLab