Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO: exim4 and Debian's greylistd
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
andyknownasabu
Apprentice
Apprentice


Joined: 06 Feb 2003
Posts: 281
Location: Zurich, Switzerland

PostPosted: Sat Jun 24, 2006 1:30 pm    Post subject: HOWTO: exim4 and Debian's greylistd Reply with quote

Hi folks,

after having tried to get bagley to work with my exim4 installation I recognized (and installed) the greylistd Debian package on another server.
As this worked like a charme I decided to try to "port" it to Gentoo which is what I want to show you today.

If someone would like to provide a nice ebuild for this please post it to bugzilla (bugs.gentoo.org) and a reference in this thread.

Anyway: Have fun! :-)

Step 1:
Download the greylistd Debian package from http://packages.debian.org/unstable/mail/greylistd

Step 2:
Create the greylistd user/group and add the mail user to it:
Code:
useradd greylistd
groupadd greylistd
usermod -g mail -G greylistd mail


Step 3:
Use (as I did) mc with its dpkg plugin to extract the following files/directories from the Debian package to the appropriate target directories and set permissions (to minimize the impact of this manual = non-portage approach on the system I didn't include the docs here):
Code:
CONTENTS/etc/greylistd/* -> /etc/greylistd/*
CONTENTS/usr/bin/greylist -> /usr/bin/greylist
CONTENTS/usr/sbin/greylistd -> /usr/sbin/greylistd
CONTENTS/var/lib/greylistd/* -> /var/lib/greylistd/*

Code:
cd /var/lib/
chown greylistd:greylistd greylistd


Step 4:
Create the following initscript as /etc/init.d/greylistd:
Code:
#!/sbin/runscript
# Copyright 2006 Andreas Bulling
# Distributed under the terms of the GNU General Public License v2

opts="${opts} reload status"

client=/usr/bin/greylist
daemon=/usr/sbin/greylistd
rundir=/var/run/greylistd
datadir=/var/lib/greylistd
pidfile=$rundir/pid
socket=$rundir/socket
user=greylistd

depend() {
        need exim
}

start() {
        ebegin "Starting greylisting daemon"

        start-stop-daemon --start --background \
            --chuid "$user" \
            --pidfile "$pidfile" --make-pidfile \
            --exec "$daemon"

        eend ${?}
}

stop() {
        ebegin  "Stopping greylisting daemon"

        start-stop-daemon --stop --pidfile "$pidfile" &&
            rm -f "$pidfile"

        eend ${?}
}

reload() {
        ebegin "Reloading greylisting daemon configuration"

        "$client" reload

        eend ${?}
}

status() {
        "$client" stats
}


Step 5:
Create the directory /var/run/greylistd and set appropriate permissions:
Code:
cd /var/run/
mkdir greylistd
chown greylistd:greylistd greylistd


Step 6:
Add the needed exim configuration to /etc/exim/exim.conf

At the beginning of the acl_check_rcpt section:
Code:
  defer
    message        = $sender_host_address is not yet authorized to deliver \
                     mail from <$sender_address> to <$local_part@$domain>. \
                     Please try again later.
    log_message    = greylisted.
    !senders       = :
    !hosts         = : +relay_from_hosts : \
                     ${if exists {/etc/greylistd/whitelist-hosts}\
                                 {/etc/greylistd/whitelist-hosts}{}} : \
                     ${if exists {/var/lib/greylistd/whitelist-hosts}\
                                 {/var/lib/greylistd/whitelist-hosts}{}}
    !authenticated = *
    domains        = +local_domains : +relay_to_domains
    verify         = recipient/callout=20s,use_sender,defer_ok
    condition      = ${readsocket{/var/run/greylistd/socket}\
                                 {--grey \
                                  $sender_host_address \
                                  $sender_address \
                                  $local_part@$domain}\
                                 {5s}{}{false}}


At the beginning of the acl_check_data section:
Code:
  defer
    message        = $sender_host_address is not yet authorized to deliver \
                     mail from <$sender_address> to <$recipients>. \
                     Please try again later.
    log_message    = greylisted.
    senders        = :
    !hosts         = : +relay_from_hosts : \
                     ${if exists {/etc/greylistd/whitelist-hosts}\
                                 {/etc/greylistd/whitelist-hosts}{}} : \
                     ${if exists {/var/lib/greylistd/whitelist-hosts}\
                                 {/var/lib/greylistd/whitelist-hosts}{}}
    !authenticated = *
    condition      = ${readsocket{/var/run/greylistd/socket}\
                                 {--grey \
                                  $sender_host_address \
                                  $recipients}\
                                  {5s}{}{false}}


Step 7 (final):
Start greylistd and restart exim:
Code:
/etc/init.d/greylistd start
/etc/init.d/exim reload

_________________
Please, also have a look at:
Global Marshall Plan Initiative
http://www.globalmarshallplan.org/
Back to top
View user's profile Send private message
himpierre
l33t
l33t


Joined: 31 Aug 2002
Posts: 839
Location: Berlin

PostPosted: Thu Oct 05, 2006 10:59 am    Post subject: Reply with quote

Hello.

I created an experimental ebuild.
https://bugs.gentoo.org/show_bug.cgi?id=150060

cheers
t.
Back to top
View user's profile Send private message
freedomadvocate
n00b
n00b


Joined: 13 Dec 2002
Posts: 5

PostPosted: Tue Oct 24, 2006 5:30 pm    Post subject: Everything but the exim configuration example worked. Reply with quote

Hey, tried the experimental ebuild today (on a x86 machine). It all worked perfectly (after my crash course in portage overlays and several failed attempts at it) with the exception of the instructions for modifying /etc/exim/exim.conf. With those instructions I got the following error in exim's main log.

Quote:
unknown ACL verb in "acl_whitelist_local_deny"


Is that some special ACL that you have set up? I checked all the config files in /etc/exim including /etc/exim/exim.conf.dist for the acl_whitelist_local_deny and could not find it.

Just for kicks, I tried the suggestions for exim.conf changes from the author of this howto. The only problem I had with the howto instructions for exim.conf changes was that my exim.conf did not have an acl_check_data so I guessed and placed it at the top of the acl_check_content. Everything is working now as advertised so I guess I got it right or at least not to terribly wrong.

Thanks for the work put into creating this ebuild and the oppurtunity to learn more about overlays. 8O
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum