[Greylist-users] Getting greylisting going on a new Debian
Paul Venezia
pvenezia at jpj.net
Thu Jun 26 15:09:45 PDT 2008
*shrug* okay.
This code has been working fine for me for years now. As a consultant,
I've probably put this into production in 30 different networks.
Probably more.
If it ain't broke, don't fix it.
On Jun 26, 2008, at 5:59 PM, thing wrote:
> Hi,
>
> Thanks but I am in the process of ripping it out and will look for
> something else.
>
> regards
>
> Steven
>
> Paul Venezia wrote:
>> You can always use my PHP front-end:
>>
>> http://www.pvenezia.com/rd-tools.tgz
>>
>> -Paul
>>
>>
>> On Jun 26, 2008, at 5:41 PM, Steven Jones wrote:
>>
>>> Hi,
>>>
>>> I have dropped the database and re-done it, used the xlist.pl
>>> all to no avail.
>>>
>>> regards
>>>
>>> Steven
>>>
>>> -----Original Message-----
>>> From: greylist-users-bounces at lists.puremagic.com on behalf of
>>> Dennis Wynne
>>> Sent: Fri 27/06/2008 04:44
>>> To: Greylisting Users and Developers Discuss
>>> Subject: Re: [Greylist-users] Getting greylisting going on a new
>>> Debian
>>>
>>> It used to be part of the CVS on the puremagic web page, but the
>>> link is now
>>> broken. I THINK this copy is unchanged, just fix the user name and
>>> password
>>> to access the database and it should be good to go.
>>>
>>>
>>>
>>>
>>> #!/usr/bin/perl
>>>
>>> ############################################################################
>>> #
>>> #
>>> # File: xlist.pl
>>> #
>>> # Version: 0.01
>>> #
>>> # Programmer: Evan J. Harris <eharris at puremagic.com>
>>> #
>>> # Description:
>>> # Will create manual white or blacklist entries in the greylist
>>> database,
>>> # with some basic checking to ensure this isn't a duplicate, and
>>> to
>>> # expire existing rows that would match.
>>> #
>>> # References:
>>> # For Greylisting info, see http://projects.puremagic.com/greylisting/
>>> #
>>> # Notes:
>>> # This is a quick and dirty implementation, and no doubt can be
>>> made
>>> # much nicer, but it works pretty good as-is.
>>> #
>>> # Bugs:
>>> # None known.
>>> #
>>> #
>>> # *** Copyright 2003 by Evan J. Harris --- All Rights Reserved ***
>>> # *** No warranties expressed or implied, use at your own risk ***
>>> #
>>> ############################################################################
>>> #
>>>
>>> use Errno qw(ENOENT);
>>> use DBI;
>>>
>>> use strict;
>>>
>>> ###############################################
>>> # Our global settings file
>>> ###############################################
>>> my $config_file = "/etc/mail/relaydelay.conf";
>>>
>>>
>>> #################################################################
>>> # Our global settings that may be overridden from the config file
>>> #################################################################
>>>
>>> # If you do/don't want to see debugging messages printed to stdout,
>>> # then set this appropriately.
>>> my $verbose = 1;
>>>
>>> # Database connection params
>>> my $database_type = 'mysql';
>>> my $database_name = 'relaydelay';
>>> my $database_host = 'localhost';
>>> my $database_port = 3306;
>>> my $database_user = 'user_name_here';
>>> my $database_pass = 'password_here';
>>>
>>>
>>> #############################################################
>>> # End of options for use in external config file
>>> #############################################################
>>>
>>> # Set this to nonzero if you wish to optimize the active table
>>> # after deleting the rows moved to the reporting table.
>>> my $optimize_active_table = 1;
>>>
>>> # Global vars that should probably not be in the external config
>>> file
>>> my $global_dbh;
>>> my $config_loaded;
>>>
>>>
>>> #######################################################################
>>> # Database functions
>>> #######################################################################
>>>
>>> sub db_connect($) {
>>> my $verbose = shift;
>>>
>>> return $global_dbh if (defined $global_dbh);
>>>
>>> my $dsn =
>>> "DBI:$database_type:database=$database_name:host=
>>> $database_host:port=$databa
>>> se_port";
>>> print "DBI Connecting to $dsn\n" if $verbose;
>>>
>>> # Note: We do all manual error checking for db errors
>>> my $dbh = DBI->connect($dsn, $database_user, $database_pass,
>>> { PrintError => 0, RaiseError => 1 });
>>>
>>> $global_dbh = $dbh;
>>> return $global_dbh;
>>> }
>>>
>>> sub db_disconnect {
>>> $global_dbh->disconnect() if (defined $global_dbh);
>>> $global_dbh = undef;
>>> return 0;
>>> }
>>>
>>>
>>> sub load_config() {
>>>
>>> # make sure the config is only loaded once per instance
>>> return if ($config_loaded);
>>>
>>> print "Loading Config File: $config_file\n" if ($verbose);
>>>
>>> # Read and setup our configuration parameters from the config file
>>> my($msg);
>>> my($errn) = stat($config_file) ? 0 : 0+$!;
>>> if ($errn == ENOENT) { $msg = "does not exist" }
>>> elsif ($errn) { $msg = "inaccessible: $!" }
>>> elsif (! -f _) { $msg = "not a regular file" }
>>> elsif (! -r _) { $msg = "not readable" }
>>> if (defined $msg) { die "Config file $config_file $msg" }
>>>
>>> open INFILE, "<$config_file";
>>> while (<INFILE>) {
>>> my $tstr = $_;
>>> if ($tstr =~ /\A\s*(\$database_\w+)\s*=/) {
>>> eval $tstr;
>>> if ($@ ne '') { die "Error in config file $config_file: $@" }
>>> }
>>> }
>>>
>>> $config_loaded = 1;
>>> }
>>>
>>> sub usage {
>>> my $error = shift;
>>> if (defined $error) {
>>> print "$error\n\n";
>>> }
>>> print "Usage:\n"
>>> . " $0 <black|white> <ip|from|to> <fromaddr|ip|network>\n\n"
>>> . "Note: networks must be specified in incomplete form, i.e.
>>> 10.2 =
>>> 10.2.0.0/16\n"
>>> . " NEVER whitelist on the 'from' address, since it is easily
>>> forged.\n\n"
>>> . "Examples:\n\n"
>>> . "$0 white ip 10\n"
>>> . " -- Whitelist all mail from systems on the private 10.x.x.x
>>> network\n"
>>> . "$0 white to sales\@somedomain.com\n"
>>> . " -- Whitelist mail sent to the sales address to avoid
>>> possible
>>> delays\n"
>>> . "$0 black from aspamdomain.com\n"
>>> . " -- Blacklist all mail with a from address at
>>> aspamdomain.com\n";
>>> exit;
>>> }
>>>
>>>
>>> BEGIN:
>>> {
>>> my $never = "'0000-00-00 00:00:00'";
>>> my $always = "'9999-12-31 23:59:59'";
>>>
>>>
>>> # load config file before we start
>>> load_config();
>>>
>>> # parse command line params
>>> my $direction = lc(shift);
>>> usage("Error: First parameter must be either black or white.") if
>>> ($direction !~ /\A(black|white)\Z/);
>>> my $rectype = lc(shift);
>>> usage("Error: Second parameter must be a valid field type.") if
>>> ($rectype
>>> !~ /\A(ip|from|to|relay_ip|mail_from|rcpt_to)\Z/);
>>> $rectype = "relay_ip" if ($rectype eq "ip");
>>> $rectype = "mail_from" if ($rectype eq "from");
>>> $rectype = "rcpt_to" if ($rectype eq "to");
>>> my $fieldval = lc(shift);
>>>
>>> if (length($fieldval) < 2) {
>>> print "Error! Field parameter too short!\n";
>>> exit;
>>> }
>>>
>>> if ($rectype eq "mail_from" and $direction eq "white") {
>>> print "Whitelisting of from addresses is not allowed!\n";
>>> exit;
>>> }
>>> if ($rectype eq "relay_ip" and $fieldval !~
>>> /\A(\d+)(|\.(\d+)(|\.(\d+)(|\.(\d+))))\Z/) {
>>> if ($1 < 1 or $1 > 255 or $2 > 255 or $3 > 255 or $4 > 255) {
>>> print "IP is invalid format!\n";
>>> exit;
>>> }
>>> }
>>> my $block_expires = ($direction eq "white" ? $never : $always);
>>>
>>> # connect to the database
>>> my $dbh = db_connect(0);
>>> die "$DBI::errstr\n" unless($dbh);
>>>
>>> # Make sure there isn't a similar manual entry already.
>>> my $rows = $dbh->selectrow_array("SELECT id FROM relaytofrom WHERE
>>> record_expires > NOW() AND $rectype = ? "
>>> . " AND origin_type = 'MANUAL' ", undef, $fieldval);
>>> if ($rows > 0) {
>>> print "Similar Record already exists! Aborting.\n";
>>> exit;
>>> }
>>>
>>> # Insert the wildcard row (blacklist or whitelist)
>>> my $rows = $dbh->do("INSERT INTO relaytofrom (create_time,
>>> record_expires,
>>> block_expires, $rectype) "
>>> . " VALUES (NOW(), $always, $block_expires, " . $dbh-
>>> >quote($fieldval)
>>> . ")") or die;
>>>
>>> # Make sure it inserted ok
>>> if ($rows != 1) {
>>> print "Error inserting record.\n";
>>> die;
>>> }
>>> else {
>>> my $rowid = $dbh->selectrow_array("SELECT LAST_INSERT_ID()");
>>> print "Inserted row $rowid\n";
>>>
>>> # expire any old records that match
>>> # - find records that may be similar (do real similarity testing
>>> later,
>>> this is wide pass)
>>> my $sth = $dbh->prepare("SELECT id, $rectype FROM relaytofrom
>>> WHERE
>>> record_expires > NOW() "
>>> . " AND $rectype LIKE " . $dbh->quote('%' . $fieldval . '%'));
>>> $sth->execute();
>>> my $rows = 0;
>>> while (my @cols = $sth->fetchrow_array()) {
>>> next if ($cols[0] == $rowid); # Don't expire the row we just
>>> inserted
>>> $cols[1] = lc($cols[1]); # Make sure the comparisons are
>>> lowercase
>>> my $doexpire = 0;
>>>
>>> if ($rectype eq "relay_ip" and substr($cols[1], 0,
>>> length($fieldval))
>>> eq $fieldval) {
>>> $doexpire = 1;
>>> }
>>> else {
>>> # expire if is an exact match, with or without surrounding
>>> angle
>>> brackets
>>> $doexpire = 1 if ($fieldval =~ /\A.+ at .+\Z/ and ($cols[1] eq
>>> "<$fieldval>" or $cols[1] eq "$fieldval"));
>>> # expire if is a username@ match
>>> $doexpire = 1 if ($fieldval =~ /@\Z/ and substr($cols[1], 0,
>>> length($fieldval) + 1) eq "<$fieldval");
>>> # expire if is a partial domain match
>>> $doexpire = 1 if ($fieldval !~ /@/ and
>>> ( substr($cols[1], - (length($fieldval) + 2)) eq ".
>>> $fieldval>"
>>> or substr($cols[1], - (length($fieldval) + 2)) eq "\@
>>> $fieldval>"
>>> or substr($cols[1], - (length($fieldval) + 1)) eq ".
>>> $fieldval"
>>> or substr($cols[1], - (length($fieldval) + 1)) eq
>>> "\@$fieldval"));
>>> }
>>> if ($doexpire) {
>>> $rows += $dbh->do("UPDATE relaytofrom SET record_expires =
>>> NOW()
>>> WHERE id = $cols[0]");
>>> }
>>> }
>>> $sth->finish();
>>> print "Expired $rows rows\n";
>>> }
>>>
>>> }
>>>
>>>
>>>
>>>
>>>
>>> ===== Original Message from greylist-users at lists.puremagic.com
>>> (Greylisting
>>> Users and Developers Discuss) at 6/26/08 11:41 am
>>>> Hi,
>>>>
>>>> Where do I find this xlist.pl script ?
>>>>
>>>> Regards,
>>>>
>>>> Denio
>>>>
>>>>> I use the provided xlist.pl script to do all my white and black
>>>>> listing
>>>>>
>>>>> xlist.pl white ip 192.168.1
>>>>>
>>>>> should make the proper table entry for you.
>>>>>
>>>>>
>>>>>
>>>>> ===== Original Message from greylist-users at lists.puremagic.com
>>>>> (Greylisting
>>>>> Users and Developers Discuss) at 6/26/08 2:51 am
>>>>>> Hi,
>>>>>>
>>>>>> This does appear to be based on a unique receipiants
>>>>>> address...so sending
>>>>>> to a remote user works after a while and continues to work, but
>>>>>> sending
>>>>>> to
>>>>>> a new user at the same doamin cause a tempfail...
>>>>>>
>>>>>> So how do I fix this please?
>>>>>>
>>>>>> regards
>>>>>>
>>>>>> Steven
>>>>>>
>>>>>> -----Original Message-----
>>>>>> From: greylist-users-bounces at lists.puremagic.com on behalf of
>>>>>> Steven
>>>>>> Jones
>>>>>> Sent: Thu 26/06/2008 19:21
>>>>>> To: greylist-users at lists.puremagic.com
>>>>>> Subject: [Greylist-users] Getting greylisting going on a new
>>>>>> Debian box
>>>>>>
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Just setting up relaydelay and I am finding that relaydelay is
>>>>>> failing
>>>>>> clients on the local LAN.
>>>>>>
>>>>>> I have attempted to put 192.168.1 into the database but to no
>>>>>> avail.
>>>>>>
>>>>>> What should the mysql syntax be for 192.168.1.0/24 not to be
>>>>>> blocked ever
>>>>>> please?
>>>>>>
>>>>>> Does not seem to be,
>>>>>>
>>>>>> INSERT INTO relaytofrom (relay_ip, record_expires, create_time)
>>>>>> VALUES
>>>>>> ('192.168.1', '9999-12-31 23:59:59', NOW());
>>>>>>
>>>>>> ??
>>>>>>
>>>>>> 8><--------
>>>>>> Jun 26 18:50:49 hermes sm-mta[20134]: m5Q6omwx020134: Milter:
>>>>>> to=<greylist-users at lists.puremagic.com>, reject=451 4.7.1
>>>>>> Please try
>>>>>> again
>>>>>> later (TEMPFAIL)
>>>>>> Jun 26 18:50:51 hermes sm-mta[20134]: m5Q6omwx020134:
>>>>>> from=<thing at thing.dyndns.org>, size=1007, class=0, nrcpts=0,
>>>>>> proto=ESMTP,
>>>>>> daemon=MTA-v4, relay=[192.168.1.108]
>>>>>> Jun 26 18:51:23 hermes sm-mta[25218]: m5Q6pMPP025218: Milter:
>>>>>> to=<greylist-users at lists.puremagic.com>, reject=451 4.7.1
>>>>>> Please try
>>>>>> again
>>>>>> later (TEMPFAIL)
>>>>>> Jun 26 18:51:26 hermes sm-mta[25218]: m5Q6pMPP025218:
>>>>>> from=<thing at thing.dyndns.org>, size=1007, class=0, nrcpts=0,
>>>>>> proto=ESMTP,
>>>>>> daemon=MTA-v4, relay=[192.168.1.108]
>>>>>> 8><---------
>>>>>>
>>>>>> regards
>>>>>>
>>>>>> Steven
>>>>>> _______________________________________________
>>>>>> Greylist-users mailing list
>>>>>> Greylist-users at lists.puremagic.com
>>>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-
>>>>>> users
>>>>>>
>>>>>> _______________________________________________
>>>>>> Greylist-users mailing list
>>>>>> Greylist-users at lists.puremagic.com
>>>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-
>>>>>> users
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Greylist-users mailing list
>>>>> Greylist-users at lists.puremagic.com
>>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>>>
>>>>
>>>> _______________________________________________
>>>> Greylist-users mailing list
>>>> Greylist-users at lists.puremagic.com
>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>
>>>
>>> _______________________________________________
>>> Greylist-users mailing list
>>> Greylist-users at lists.puremagic.com
>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>
>>> _______________________________________________
>>> Greylist-users mailing list
>>> Greylist-users at lists.puremagic.com
>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>
>>
>> _______________________________________________
>> Greylist-users mailing list
>> Greylist-users at lists.puremagic.com
>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>
> _______________________________________________
> Greylist-users mailing list
> Greylist-users at lists.puremagic.com
> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>
More information about the Greylist-users
mailing list