[Greylist-users] Getting greylisting going on a new Debian
thing
thing at thing.dyndns.org
Thu Jun 26 15:26:17 PDT 2008
Hi,
Trouble is it is broken, its checking outbound email addresses and
tempfailing them if it has not seen them before so something is wrong
somewhere, even if its me and I have mis-configured it..
I have diff'd files on the old server and the new server and even
swapped in relaydelay.conf off the old server, it still does it....its
quite possible there is a setting in debian's sendmail.cf that is not
agreeing with relaydelay? but who knows I have no way of determining
what the fault is so I cant fix it.
regards
Steven
Paul Venezia wrote:
> *shrug* okay.
>
> This code has been working fine for me for years now. As a consultant,
> I've probably put this into production in 30 different networks.
> Probably more.
>
> If it ain't broke, don't fix it.
>
>
> On Jun 26, 2008, at 5:59 PM, thing wrote:
>
>> Hi,
>>
>> Thanks but I am in the process of ripping it out and will look for
>> something else.
>>
>> regards
>>
>> Steven
>>
>> Paul Venezia wrote:
>>> You can always use my PHP front-end:
>>>
>>> http://www.pvenezia.com/rd-tools.tgz
>>>
>>> -Paul
>>>
>>>
>>> On Jun 26, 2008, at 5:41 PM, Steven Jones wrote:
>>>
>>>> Hi,
>>>>
>>>> I have dropped the database and re-done it, used the xlist.pl
>>>> all to no avail.
>>>>
>>>> regards
>>>>
>>>> Steven
>>>>
>>>> -----Original Message-----
>>>> From: greylist-users-bounces at lists.puremagic.com on behalf of
>>>> Dennis Wynne
>>>> Sent: Fri 27/06/2008 04:44
>>>> To: Greylisting Users and Developers Discuss
>>>> Subject: Re: [Greylist-users] Getting greylisting going on a new
>>>> Debian
>>>>
>>>> It used to be part of the CVS on the puremagic web page, but the
>>>> link is now
>>>> broken. I THINK this copy is unchanged, just fix the user name and
>>>> password
>>>> to access the database and it should be good to go.
>>>>
>>>>
>>>>
>>>>
>>>> #!/usr/bin/perl
>>>>
>>>> ############################################################################
>>>>
>>>> #
>>>> #
>>>> # File: xlist.pl
>>>> #
>>>> # Version: 0.01
>>>> #
>>>> # Programmer: Evan J. Harris <eharris at puremagic.com>
>>>> #
>>>> # Description:
>>>> # Will create manual white or blacklist entries in the greylist
>>>> database,
>>>> # with some basic checking to ensure this isn't a duplicate, and to
>>>> # expire existing rows that would match.
>>>> #
>>>> # References:
>>>> # For Greylisting info, see
>>>> http://projects.puremagic.com/greylisting/
>>>> #
>>>> # Notes:
>>>> # This is a quick and dirty implementation, and no doubt can be made
>>>> # much nicer, but it works pretty good as-is.
>>>> #
>>>> # Bugs:
>>>> # None known.
>>>> #
>>>> #
>>>> # *** Copyright 2003 by Evan J. Harris --- All Rights Reserved ***
>>>> # *** No warranties expressed or implied, use at your own risk ***
>>>> #
>>>> ############################################################################
>>>>
>>>> #
>>>>
>>>> use Errno qw(ENOENT);
>>>> use DBI;
>>>>
>>>> use strict;
>>>>
>>>> ###############################################
>>>> # Our global settings file
>>>> ###############################################
>>>> my $config_file = "/etc/mail/relaydelay.conf";
>>>>
>>>>
>>>> #################################################################
>>>> # Our global settings that may be overridden from the config file
>>>> #################################################################
>>>>
>>>> # If you do/don't want to see debugging messages printed to stdout,
>>>> # then set this appropriately.
>>>> my $verbose = 1;
>>>>
>>>> # Database connection params
>>>> my $database_type = 'mysql';
>>>> my $database_name = 'relaydelay';
>>>> my $database_host = 'localhost';
>>>> my $database_port = 3306;
>>>> my $database_user = 'user_name_here';
>>>> my $database_pass = 'password_here';
>>>>
>>>>
>>>> #############################################################
>>>> # End of options for use in external config file
>>>> #############################################################
>>>>
>>>> # Set this to nonzero if you wish to optimize the active table
>>>> # after deleting the rows moved to the reporting table.
>>>> my $optimize_active_table = 1;
>>>>
>>>> # Global vars that should probably not be in the external config file
>>>> my $global_dbh;
>>>> my $config_loaded;
>>>>
>>>>
>>>> #######################################################################
>>>>
>>>> # Database functions
>>>> #######################################################################
>>>>
>>>>
>>>> sub db_connect($) {
>>>> my $verbose = shift;
>>>>
>>>> return $global_dbh if (defined $global_dbh);
>>>>
>>>> my $dsn =
>>>> "DBI:$database_type:database=$database_name:host=$database_host:port=$databa
>>>>
>>>> se_port";
>>>> print "DBI Connecting to $dsn\n" if $verbose;
>>>>
>>>> # Note: We do all manual error checking for db errors
>>>> my $dbh = DBI->connect($dsn, $database_user, $database_pass,
>>>> { PrintError => 0, RaiseError => 1 });
>>>>
>>>> $global_dbh = $dbh;
>>>> return $global_dbh;
>>>> }
>>>>
>>>> sub db_disconnect {
>>>> $global_dbh->disconnect() if (defined $global_dbh);
>>>> $global_dbh = undef;
>>>> return 0;
>>>> }
>>>>
>>>>
>>>> sub load_config() {
>>>>
>>>> # make sure the config is only loaded once per instance
>>>> return if ($config_loaded);
>>>>
>>>> print "Loading Config File: $config_file\n" if ($verbose);
>>>>
>>>> # Read and setup our configuration parameters from the config file
>>>> my($msg);
>>>> my($errn) = stat($config_file) ? 0 : 0+$!;
>>>> if ($errn == ENOENT) { $msg = "does not exist" }
>>>> elsif ($errn) { $msg = "inaccessible: $!" }
>>>> elsif (! -f _) { $msg = "not a regular file" }
>>>> elsif (! -r _) { $msg = "not readable" }
>>>> if (defined $msg) { die "Config file $config_file $msg" }
>>>>
>>>> open INFILE, "<$config_file";
>>>> while (<INFILE>) {
>>>> my $tstr = $_;
>>>> if ($tstr =~ /\A\s*(\$database_\w+)\s*=/) {
>>>> eval $tstr;
>>>> if ($@ ne '') { die "Error in config file $config_file: $@" }
>>>> }
>>>> }
>>>>
>>>> $config_loaded = 1;
>>>> }
>>>>
>>>> sub usage {
>>>> my $error = shift;
>>>> if (defined $error) {
>>>> print "$error\n\n";
>>>> }
>>>> print "Usage:\n"
>>>> . " $0 <black|white> <ip|from|to> <fromaddr|ip|network>\n\n"
>>>> . "Note: networks must be specified in incomplete form, i.e.
>>>> 10.2 =
>>>> 10.2.0.0/16\n"
>>>> . " NEVER whitelist on the 'from' address, since it is easily
>>>> forged.\n\n"
>>>> . "Examples:\n\n"
>>>> . "$0 white ip 10\n"
>>>> . " -- Whitelist all mail from systems on the private 10.x.x.x
>>>> network\n"
>>>> . "$0 white to sales\@somedomain.com\n"
>>>> . " -- Whitelist mail sent to the sales address to avoid possible
>>>> delays\n"
>>>> . "$0 black from aspamdomain.com\n"
>>>> . " -- Blacklist all mail with a from address at
>>>> aspamdomain.com\n";
>>>> exit;
>>>> }
>>>>
>>>>
>>>> BEGIN:
>>>> {
>>>> my $never = "'0000-00-00 00:00:00'";
>>>> my $always = "'9999-12-31 23:59:59'";
>>>>
>>>>
>>>> # load config file before we start
>>>> load_config();
>>>>
>>>> # parse command line params
>>>> my $direction = lc(shift);
>>>> usage("Error: First parameter must be either black or white.") if
>>>> ($direction !~ /\A(black|white)\Z/);
>>>> my $rectype = lc(shift);
>>>> usage("Error: Second parameter must be a valid field type.") if
>>>> ($rectype
>>>> !~ /\A(ip|from|to|relay_ip|mail_from|rcpt_to)\Z/);
>>>> $rectype = "relay_ip" if ($rectype eq "ip");
>>>> $rectype = "mail_from" if ($rectype eq "from");
>>>> $rectype = "rcpt_to" if ($rectype eq "to");
>>>> my $fieldval = lc(shift);
>>>>
>>>> if (length($fieldval) < 2) {
>>>> print "Error! Field parameter too short!\n";
>>>> exit;
>>>> }
>>>>
>>>> if ($rectype eq "mail_from" and $direction eq "white") {
>>>> print "Whitelisting of from addresses is not allowed!\n";
>>>> exit;
>>>> }
>>>> if ($rectype eq "relay_ip" and $fieldval !~
>>>> /\A(\d+)(|\.(\d+)(|\.(\d+)(|\.(\d+))))\Z/) {
>>>> if ($1 < 1 or $1 > 255 or $2 > 255 or $3 > 255 or $4 > 255) {
>>>> print "IP is invalid format!\n";
>>>> exit;
>>>> }
>>>> }
>>>> my $block_expires = ($direction eq "white" ? $never : $always);
>>>>
>>>> # connect to the database
>>>> my $dbh = db_connect(0);
>>>> die "$DBI::errstr\n" unless($dbh);
>>>>
>>>> # Make sure there isn't a similar manual entry already.
>>>> my $rows = $dbh->selectrow_array("SELECT id FROM relaytofrom WHERE
>>>> record_expires > NOW() AND $rectype = ? "
>>>> . " AND origin_type = 'MANUAL' ", undef, $fieldval);
>>>> if ($rows > 0) {
>>>> print "Similar Record already exists! Aborting.\n";
>>>> exit;
>>>> }
>>>>
>>>> # Insert the wildcard row (blacklist or whitelist)
>>>> my $rows = $dbh->do("INSERT INTO relaytofrom (create_time,
>>>> record_expires,
>>>> block_expires, $rectype) "
>>>> . " VALUES (NOW(), $always, $block_expires, " .
>>>> $dbh->quote($fieldval)
>>>> . ")") or die;
>>>>
>>>> # Make sure it inserted ok
>>>> if ($rows != 1) {
>>>> print "Error inserting record.\n";
>>>> die;
>>>> }
>>>> else {
>>>> my $rowid = $dbh->selectrow_array("SELECT LAST_INSERT_ID()");
>>>> print "Inserted row $rowid\n";
>>>>
>>>> # expire any old records that match
>>>> # - find records that may be similar (do real similarity testing
>>>> later,
>>>> this is wide pass)
>>>> my $sth = $dbh->prepare("SELECT id, $rectype FROM relaytofrom WHERE
>>>> record_expires > NOW() "
>>>> . " AND $rectype LIKE " . $dbh->quote('%' . $fieldval . '%'));
>>>> $sth->execute();
>>>> my $rows = 0;
>>>> while (my @cols = $sth->fetchrow_array()) {
>>>> next if ($cols[0] == $rowid); # Don't expire the row we just
>>>> inserted
>>>> $cols[1] = lc($cols[1]); # Make sure the comparisons are
>>>> lowercase
>>>> my $doexpire = 0;
>>>>
>>>> if ($rectype eq "relay_ip" and substr($cols[1], 0,
>>>> length($fieldval))
>>>> eq $fieldval) {
>>>> $doexpire = 1;
>>>> }
>>>> else {
>>>> # expire if is an exact match, with or without surrounding angle
>>>> brackets
>>>> $doexpire = 1 if ($fieldval =~ /\A.+ at .+\Z/ and ($cols[1] eq
>>>> "<$fieldval>" or $cols[1] eq "$fieldval"));
>>>> # expire if is a username@ match
>>>> $doexpire = 1 if ($fieldval =~ /@\Z/ and substr($cols[1], 0,
>>>> length($fieldval) + 1) eq "<$fieldval");
>>>> # expire if is a partial domain match
>>>> $doexpire = 1 if ($fieldval !~ /@/ and
>>>> ( substr($cols[1], - (length($fieldval) + 2)) eq
>>>> ".$fieldval>"
>>>> or substr($cols[1], - (length($fieldval) + 2)) eq
>>>> "\@$fieldval>"
>>>> or substr($cols[1], - (length($fieldval) + 1)) eq
>>>> ".$fieldval"
>>>> or substr($cols[1], - (length($fieldval) + 1)) eq
>>>> "\@$fieldval"));
>>>> }
>>>> if ($doexpire) {
>>>> $rows += $dbh->do("UPDATE relaytofrom SET record_expires = NOW()
>>>> WHERE id = $cols[0]");
>>>> }
>>>> }
>>>> $sth->finish();
>>>> print "Expired $rows rows\n";
>>>> }
>>>>
>>>> }
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ===== Original Message from greylist-users at lists.puremagic.com
>>>> (Greylisting
>>>> Users and Developers Discuss) at 6/26/08 11:41 am
>>>>> Hi,
>>>>>
>>>>> Where do I find this xlist.pl script ?
>>>>>
>>>>> Regards,
>>>>>
>>>>> Denio
>>>>>
>>>>>> I use the provided xlist.pl script to do all my white and black
>>>>>> listing
>>>>>>
>>>>>> xlist.pl white ip 192.168.1
>>>>>>
>>>>>> should make the proper table entry for you.
>>>>>>
>>>>>>
>>>>>>
>>>>>> ===== Original Message from greylist-users at lists.puremagic.com
>>>>>> (Greylisting
>>>>>> Users and Developers Discuss) at 6/26/08 2:51 am
>>>>>>> Hi,
>>>>>>>
>>>>>>> This does appear to be based on a unique receipiants
>>>>>>> address...so sending
>>>>>>> to a remote user works after a while and continues to work, but
>>>>>>> sending
>>>>>>> to
>>>>>>> a new user at the same doamin cause a tempfail...
>>>>>>>
>>>>>>> So how do I fix this please?
>>>>>>>
>>>>>>> regards
>>>>>>>
>>>>>>> Steven
>>>>>>>
>>>>>>> -----Original Message-----
>>>>>>> From: greylist-users-bounces at lists.puremagic.com on behalf of
>>>>>>> Steven
>>>>>>> Jones
>>>>>>> Sent: Thu 26/06/2008 19:21
>>>>>>> To: greylist-users at lists.puremagic.com
>>>>>>> Subject: [Greylist-users] Getting greylisting going on a new
>>>>>>> Debian box
>>>>>>>
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> Just setting up relaydelay and I am finding that relaydelay is
>>>>>>> failing
>>>>>>> clients on the local LAN.
>>>>>>>
>>>>>>> I have attempted to put 192.168.1 into the database but to no
>>>>>>> avail.
>>>>>>>
>>>>>>> What should the mysql syntax be for 192.168.1.0/24 not to be
>>>>>>> blocked ever
>>>>>>> please?
>>>>>>>
>>>>>>> Does not seem to be,
>>>>>>>
>>>>>>> INSERT INTO relaytofrom (relay_ip, record_expires, create_time)
>>>>>>> VALUES
>>>>>>> ('192.168.1', '9999-12-31 23:59:59', NOW());
>>>>>>>
>>>>>>> ??
>>>>>>>
>>>>>>> 8><--------
>>>>>>> Jun 26 18:50:49 hermes sm-mta[20134]: m5Q6omwx020134: Milter:
>>>>>>> to=<greylist-users at lists.puremagic.com>, reject=451 4.7.1 Please
>>>>>>> try
>>>>>>> again
>>>>>>> later (TEMPFAIL)
>>>>>>> Jun 26 18:50:51 hermes sm-mta[20134]: m5Q6omwx020134:
>>>>>>> from=<thing at thing.dyndns.org>, size=1007, class=0, nrcpts=0,
>>>>>>> proto=ESMTP,
>>>>>>> daemon=MTA-v4, relay=[192.168.1.108]
>>>>>>> Jun 26 18:51:23 hermes sm-mta[25218]: m5Q6pMPP025218: Milter:
>>>>>>> to=<greylist-users at lists.puremagic.com>, reject=451 4.7.1 Please
>>>>>>> try
>>>>>>> again
>>>>>>> later (TEMPFAIL)
>>>>>>> Jun 26 18:51:26 hermes sm-mta[25218]: m5Q6pMPP025218:
>>>>>>> from=<thing at thing.dyndns.org>, size=1007, class=0, nrcpts=0,
>>>>>>> proto=ESMTP,
>>>>>>> daemon=MTA-v4, relay=[192.168.1.108]
>>>>>>> 8><---------
>>>>>>>
>>>>>>> regards
>>>>>>>
>>>>>>> Steven
>>>>>>> _______________________________________________
>>>>>>> Greylist-users mailing list
>>>>>>> Greylist-users at lists.puremagic.com
>>>>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Greylist-users mailing list
>>>>>>> Greylist-users at lists.puremagic.com
>>>>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Greylist-users mailing list
>>>>>> Greylist-users at lists.puremagic.com
>>>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Greylist-users mailing list
>>>>> Greylist-users at lists.puremagic.com
>>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>>
>>>>
>>>> _______________________________________________
>>>> Greylist-users mailing list
>>>> Greylist-users at lists.puremagic.com
>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>>
>>>> _______________________________________________
>>>> Greylist-users mailing list
>>>> Greylist-users at lists.puremagic.com
>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>>
>>>
>>> _______________________________________________
>>> Greylist-users mailing list
>>> Greylist-users at lists.puremagic.com
>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>
>> _______________________________________________
>> Greylist-users mailing list
>> Greylist-users at lists.puremagic.com
>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>
>
> _______________________________________________
> Greylist-users mailing list
> Greylist-users at lists.puremagic.com
> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
More information about the Greylist-users
mailing list