diff options
author | Alexander Vershilov <qnikst@gentoo.org> | 2012-09-06 17:38:25 +0000 |
---|---|---|
committer | Alexander Vershilov <qnikst@gentoo.org> | 2012-09-06 17:38:25 +0000 |
commit | 5d3d25f32036f27d3ff1488963da5251291451e3 (patch) | |
tree | 282b6a619eb46fb27c809703e4ce6cb4bc7f8e36 /mail-filter/postgrey | |
parent | Add mail-filter/dovecot_deleted_to_trash, thanks to slepnoga. Bug 273435 (diff) | |
download | gentoo-2-5d3d25f32036f27d3ff1488963da5251291451e3.tar.gz gentoo-2-5d3d25f32036f27d3ff1488963da5251291451e3.tar.bz2 gentoo-2-5d3d25f32036f27d3ff1488963da5251291451e3.zip |
mail-filter/postgrey add targrey patch, thanks to slepnoga
(Portage version: 2.2.0_alpha120/cvs/Linux x86_64)
Diffstat (limited to 'mail-filter/postgrey')
-rw-r--r-- | mail-filter/postgrey/ChangeLog | 10 | ||||
-rw-r--r-- | mail-filter/postgrey/files/targrey-0.31-postgrey-1.34.patch | 202 | ||||
-rw-r--r-- | mail-filter/postgrey/metadata.xml | 8 | ||||
-rw-r--r-- | mail-filter/postgrey/postgrey-1.34-r1.ebuild | 68 |
4 files changed, 286 insertions, 2 deletions
diff --git a/mail-filter/postgrey/ChangeLog b/mail-filter/postgrey/ChangeLog index b3bead8f097b..31300ac9635c 100644 --- a/mail-filter/postgrey/ChangeLog +++ b/mail-filter/postgrey/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for mail-filter/postgrey # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/mail-filter/postgrey/ChangeLog,v 1.74 2012/06/05 00:03:02 zmedico Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-filter/postgrey/ChangeLog,v 1.75 2012/09/06 17:38:25 qnikst Exp $ + +*postgrey-1.34-r1 (06 Sep 2012) + + 06 Sep 2012; Alexander Vershilov <qnikst@gentoo.org> + +files/targrey-0.31-postgrey-1.34.patch, +postgrey-1.34-r1.ebuild, + metadata.xml: + mail-filter/postgrey add targrey patch, thanks to slepnoga 05 Jun 2012; Zac Medico <zmedico@gentoo.org> postgrey-1.34.ebuild: inherit user for enewgroup and enewuser @@ -316,4 +323,3 @@ 28 Apr 2005; Andrej Kacian <ticho@gentoo.org> +files/postgrey.conf, +files/postgrey.rc, +metadata.xml, +postgrey-1.21.ebuild: Initial import. Ebuild provided by steveb <tp22a@softhome.net>, bug #59691. - diff --git a/mail-filter/postgrey/files/targrey-0.31-postgrey-1.34.patch b/mail-filter/postgrey/files/targrey-0.31-postgrey-1.34.patch new file mode 100644 index 000000000000..a17b6457d39a --- /dev/null +++ b/mail-filter/postgrey/files/targrey-0.31-postgrey-1.34.patch @@ -0,0 +1,202 @@ +--- postgrey.orig 2011-05-04 22:54:15.000000000 +0200 ++++ postgrey 2011-10-17 10:10:21.000000000 +0200 +@@ -309,6 +309,22 @@ + $self->mylog(1, "cleaning clients database finished. before: $nr_keys_before, after: $nr_keys_after"); + } + ++ if($self->{postgrey}{targrey}) { ++ # cleanup tarpit blacklist database ++ my $tarpit_db = $self->{postgrey}{db_tarpit}; ++ ($nr_keys_before, $nr_keys_after) = (0, 0); ++ while (my ($key, $tarpit_last_seen) = each %$tarpit_db) { ++ $nr_keys_before++; ++ if($now - $tarpit_last_seen > $retry_window) { ++ delete $tarpit_db->{$key}; ++ } ++ else { ++ $nr_keys_after++; ++ } ++ } ++ $self->mylog(1, "cleaning tarpit blacklist database finished. before: $nr_keys_before, after: $nr_keys_after"); ++ } ++ + $self->{postgrey}{last_maint_keys}=$now; + } + } +@@ -383,7 +399,7 @@ + # whitelist if count is enough + if(defined $cawl_count and $cawl_count >= $self->{postgrey}{awl_clients}) + { +- if(($now >= $cawl_last+3600) or ($cawl_last > $now)) { ++ if(($now >= $cawl_last + $self->{postgrey}{awl_delay}) or ($cawl_last > $now)) { + $cawl_count++; # for statistics + $cawl_db->{$cawl_key}=$cawl_count.','.$now; + } +@@ -392,6 +408,28 @@ + } + } + ++ # check tarpit passed if targrey mode ++ if ($self->{postgrey}{targrey} && $attr->{protocol_state} eq 'DATA') { # passed tarpit ++ # remove tarpit blacklist ++ my $tarpit_db = $self->{postgrey}{db_tarpit}; ++ my $tarpit_key = $attr->{client_address}; ++ delete $tarpit_db->{$tarpit_key}; ++ ++ # auto whitelist clients by tarpit ++ if ($self->{postgrey}{awl_clients}) { ++ # enough time has passed (record only one attempt per hour) ++ if (! defined $cawl_last or $now >= $cawl_last + $self->{postgrey}{awl_delay}) { ++ # ok, increase count ++ $cawl_count++; ++ $cawl_db->{$cawl_key}=$cawl_count.','.$now; ++ $self->mylog(1, "tarpit whitelisted: $attr->{client_name}"."[".$attr->{client_address}."]") ++ if $cawl_count==$self->{postgrey}{awl_clients}; ++ } ++ } ++ ++ return 'DUNNO'; ++ } ++ + # lookup + my $sender = $self->do_sender_substitutions($attr->{sender}); + my ($client_net, $client_host) = +@@ -402,10 +440,11 @@ + } + my $val = $db->{$key}; + my $first; ++ my $retry_count=0; + my $last_was_successful=0; + if(defined $val) { + my $last; +- ($first, $last) = split(/,/,$val); ++ ($first, $last, $retry_count) = split(/,/,$val); + # find out if the last time was unsuccessful, so that we can add a header + # to say how much had to be waited + if($last - $first >= $self->{postgrey}{delay}) { +@@ -426,16 +465,19 @@ + $first = $now; + } + ++ my $diff = $self->{postgrey}{delay} - ($now - $first); ++ ++ # enough waited? -> increase retry_count ++ $retry_count++ if($diff <= 0); ++ + # update (put as last element stripped host-part if it was stripped) + if(defined $client_host) { +- $db->{$key}="$first,$now,$client_host"; ++ $db->{$key}="$first,$now,$retry_count,$client_host"; + } + else { +- $db->{$key}="$first,$now"; ++ $db->{$key}="$first,$now,$retry_count"; + } + +- my $diff = $self->{postgrey}{delay} - ($now - $first); +- + # auto whitelist clients + # algorithm: + # - on successful entry in the greylist db of a triplet: +@@ -443,23 +485,41 @@ + # - client whitelisted already? -> update last-seen timestamp + if($self->{postgrey}{awl_clients}) { + # greylisting succeeded +- if($diff <= 0 and !$last_was_successful) { ++ if($retry_count >= $self->{postgrey}{retry_count} and !$last_was_successful) { + # enough time has passed (record only one attempt per hour) +- if(! defined $cawl_last or $now >= $cawl_last + 3600) { ++ if(! defined $cawl_last or $now >= $cawl_last + $self->{postgrey}{awl_delay}) { + # ok, increase count + $cawl_count++; + $cawl_db->{$cawl_key}=$cawl_count.','.$now; + my $client = $attr->{client_name} ? + $attr->{client_name}.'['.$attr->{client_address}.']' : + $attr->{client_address}; +- $self->mylog(1, "whitelisted: $client") ++ $self->mylog(1, "whitelisted: $attr->{client_name}"."[".$attr->{client_address}."]") + if $cawl_count==$self->{postgrey}{awl_clients}; + } + } + } + +- # not enough waited? -> greylist +- if ($diff > 0 ) { ++ # not enough retry? -> greylist ++ if ($retry_count < $self->{postgrey}{retry_count}) { ++ if($self->{postgrey}{tarpit} && ! $self->{postgrey}{targrey}) { ++ # do tarpit and greylist if tarpit option only ++ # don't add message after greylist_action ++ return "SLEEP $self->{postgrey}{tarpit}, $self->{postgrey}{greylist_action}"; ++ } ++ if($self->{postgrey}{targrey}) { ++ # do tarpit if targrey option ++ # add tarpit blacklist ++ my $tarpit_db = $self->{postgrey}{db_tarpit}; ++ my $tarpit_key = $attr->{client_address}; ++ my $tarpit_last = $tarpit_db->{$tarpit_key}; ++ $tarpit_last = 0 unless (defined $tarpit_last); ++ $tarpit_db->{$tarpit_key} = "$now" if ($now >= $tarpit_last+300); # update if 5min ago ++ ++ # return sleep if not tarpit blacklisted ++ return "SLEEP $self->{postgrey}{tarpit}" if ($tarpit_last == 0); ++ # greylist if tarpit blacklisted ++ } + my $msg = $self->{postgrey}{greylist_text}; + # Workaround for an Exchange bug related to Greylisting: + # use DSN 4.2.0 instead of the default 4.7.1. This works +@@ -517,6 +577,7 @@ + 'syslogfacility|syslog-facility|facility=s', + 'retry-window=s', 'greylist-action=s', 'greylist-text=s', 'privacy', + 'hostname=s', 'exim', 'listen-queue-size=i', 'x-greylist-header=s', ++ 'tarpit:s', 'targrey', 'retry-count=i', 'auto-whitelist-delay=i', + ) or exit(1); + # note: lookup-by-subnet can be given for compatibility, but it is default + # so do not do nothing with it... +@@ -606,7 +667,9 @@ + awl_clients => defined $opt{'auto-whitelist-clients'} ? + ($opt{'auto-whitelist-clients'} ne '' ? + $opt{'auto-whitelist-clients'} : 5) : 5, ++ awl_delay => $opt{'auto-whitelist-delay'} || 3600, + retry_window => $retry_window, ++ retry_count => $opt{'retry-count'} || 1, + greylist_action => $opt{'greylist-action'} || 'DEFER_IF_PERMIT', + greylist_text => $opt{'greylist-text'} || 'Greylisted, see http://postgrey.schweikert.ch/help/%r.html', + whitelist_clients_files => $opt{'whitelist-clients'} || +@@ -618,6 +681,10 @@ + hostname => defined $opt{hostname} ? $opt{hostname} : hostname, + exim => defined $opt{'exim'}, + x_greylist_header => $opt{'x-greylist-header'} || 'X-Greylist: delayed %t seconds by postgrey-%v at %h; %d', ++ tarpit => defined $opt{'tarpit'} ? ++ ($opt{'tarpit'} ne '' ? ++ $opt{'tarpit'} : 65) : undef, ++ targrey => defined $opt{'targrey'}, + }, + }, 'postgrey'; + +@@ -633,6 +700,11 @@ + require Digest::SHA; + } + ++ # --targrey needs tarpit sec ++ if(defined $opt{'targrey'} && ! defined $opt{'tarpit'}) { ++ $server->{postgrey}{tarpit} = 125; ++ } ++ + $0 = join(' ', @{$server->{server}{commandline}}); + $server->run; + +@@ -711,6 +783,13 @@ + -Env => $self->{postgrey}{db_env} + ) or die "ERROR: can't create database $self->{server}{dbdir}/postgrey_clients.db: $!\n"; + } ++ if($self->{postgrey}{targrey}) { # use targrey ++ tie(%{$self->{postgrey}{db_tarpit}}, 'BerkeleyDB::Btree', ++ -Filename => 'tarpit_clients.db', ++ -Flags => DB_CREATE, ++ -Env => $self->{postgrey}{db_env} ++ ) or die "ERROR: can't create database $self->{server}{dbdir}/tarpit_clients.db: $!\n"; ++ } + } + + sub mux_input() diff --git a/mail-filter/postgrey/metadata.xml b/mail-filter/postgrey/metadata.xml index 8840500dadca..b5a13fe1ba59 100644 --- a/mail-filter/postgrey/metadata.xml +++ b/mail-filter/postgrey/metadata.xml @@ -2,6 +2,14 @@ <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> <herd>net-mail</herd> + <maintainer> + <email>andreis.vinogradovs@gmail.com</email> + <name>Andreis Vinogradovs</name> + </maintainer> + <maintainer> + <email>alexander.vershilov@gmail.com</email> + <name>Alexander Vershilov</name> + </maintainer> <longdescription>Postgrey is a Postfix policy server implementing greylisting developed by David Schweikert at the ISG.EE.</longdescription> <use> <flag name='targrey'>Enables the targrey patch</flag> diff --git a/mail-filter/postgrey/postgrey-1.34-r1.ebuild b/mail-filter/postgrey/postgrey-1.34-r1.ebuild new file mode 100644 index 000000000000..5e989a9963c5 --- /dev/null +++ b/mail-filter/postgrey/postgrey-1.34-r1.ebuild @@ -0,0 +1,68 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/mail-filter/postgrey/postgrey-1.34-r1.ebuild,v 1.1 2012/09/06 17:38:25 qnikst Exp $ + +EAPI=4 + +inherit eutils user + +DESCRIPTION="Postgrey is a Postfix policy server implementing greylisting" +HOMEPAGE="http://postgrey.schweikert.ch/" +SRC_URI="http://postgrey.schweikert.ch/pub/${P}.tar.gz + http://postgrey.schweikert.ch/pub/old/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~hppa ~ppc ~ppc64 ~x86" +IUSE="targrey" + +DEPEND="" +RDEPEND=">=dev-lang/perl-5.6.0 + dev-perl/net-server + dev-perl/IO-Multiplex + dev-perl/BerkeleyDB + dev-perl/Net-DNS + dev-perl/Parse-Syslog + dev-perl/Net-RBLClient + >=sys-libs/db-4.1" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /dev/null ${PN} +} + +src_prepare() { + if use targrey ; then + epatch "${FILESDIR}"/targrey-0.31-postgrey-1.34.patch + fi +} + +src_install() { + # postgrey data/DB in /var + diropts -m0770 -o ${PN} -g ${PN} + dodir /var/spool/postfix/${PN} + keepdir /var/spool/postfix/${PN} + fowners postgrey:postgrey /var/spool/postfix/${PN} + fperms 0770 /var/spool/postfix/${PN} + + # postgrey binary + dosbin ${PN} + dosbin contrib/postgreyreport + + # policy-test script + dosbin policy-test + + # postgrey data in /etc/postfix + insinto /etc/postfix + insopts -o root -g ${PN} -m 0640 + doins postgrey_whitelist_clients postgrey_whitelist_recipients + + # documentation + dodoc Changes README + + # init.d + conf.d files + insopts -o root -g root -m 755 + newinitd "${FILESDIR}"/${PN}.rc.new ${PN} + insopts -o root -g root -m 640 + newconfd "${FILESDIR}"/${PN}.conf.new ${PN} +} |