[Greylist-users] Getting greylisting going on a new Debian

Paul Venezia pvenezia at jpj.net
Thu Jun 26 14:45:14 PDT 2008


You can always use my PHP front-end:

http://www.pvenezia.com/rd-tools.tgz

-Paul


On Jun 26, 2008, at 5:41 PM, Steven Jones wrote:

> Hi,
>
> I have dropped the database and re-done it, used the xlist.pl
> all to no avail.
>
> regards
>
> Steven
>
> -----Original Message-----
> From: greylist-users-bounces at lists.puremagic.com on behalf of Dennis  
> Wynne
> Sent: Fri 27/06/2008 04:44
> To: Greylisting Users and Developers Discuss
> Subject: Re: [Greylist-users] Getting greylisting going on a new  
> Debian
>
> It used to be part of the CVS on the puremagic web page, but the  
> link is now
> broken. I THINK this copy is unchanged, just fix the user name and  
> password
> to access the database and it should be good to go.
>
>
>
>
> #!/usr/bin/perl
>
> ############################################################################
> #
> #
> # File: xlist.pl
> #
> # Version: 0.01
> #
> # Programmer: Evan J. Harris <eharris at puremagic.com>
> #
> # Description:
> #   Will create manual white or blacklist entries in the greylist  
> database,
> #   with some basic checking to ensure this isn't a duplicate, and to
> #   expire existing rows that would match.
> #
> # References:
> #   For Greylisting info, see http://projects.puremagic.com/greylisting/
> #
> # Notes:
> #   This is a quick and dirty implementation, and no doubt can be made
> #   much nicer, but it works pretty good as-is.
> #
> # Bugs:
> #   None known.
> #
> #
> # *** Copyright 2003 by Evan J. Harris --- All Rights Reserved ***
> # *** No warranties expressed or implied, use at your own risk ***
> #
> ############################################################################
> #
>
> use Errno qw(ENOENT);
> use DBI;
>
> use strict;
>
> ###############################################
> # Our global settings file
> ###############################################
> my $config_file = "/etc/mail/relaydelay.conf";
>
>
> #################################################################
> # Our global settings that may be overridden from the config file
> #################################################################
>
> # If you do/don't want to see debugging messages printed to stdout,
> #   then set this appropriately.
> my $verbose = 1;
>
> # Database connection params
> my $database_type = 'mysql';
> my $database_name = 'relaydelay';
> my $database_host = 'localhost';
> my $database_port = 3306;
> my $database_user = 'user_name_here';
> my $database_pass = 'password_here';
>
>
> #############################################################
> # End of options for use in external config file
> #############################################################
>
> # Set this to nonzero if you wish to optimize the active table
> #   after deleting the rows moved to the reporting table.
> my $optimize_active_table = 1;
>
> # Global vars that should probably not be in the external config file
> my $global_dbh;
> my $config_loaded;
>
>
> #######################################################################
> # Database functions
> #######################################################################
>
> sub db_connect($) {
>  my $verbose = shift;
>
>  return $global_dbh if (defined $global_dbh);
>
>  my $dsn =
> "DBI:$database_type:database=$database_name:host=$database_host:port= 
> $databa
> se_port";
>  print "DBI Connecting to $dsn\n" if $verbose;
>
>  # Note: We do all manual error checking for db errors
>  my $dbh = DBI->connect($dsn, $database_user, $database_pass,
>                         { PrintError => 0, RaiseError => 1 });
>
>  $global_dbh = $dbh;
>  return $global_dbh;
> }
>
> sub db_disconnect {
>  $global_dbh->disconnect() if (defined $global_dbh);
>  $global_dbh = undef;
>  return 0;
> }
>
>
> sub load_config() {
>
>  # make sure the config is only loaded once per instance
>  return if ($config_loaded);
>
>  print "Loading Config File: $config_file\n" if ($verbose);
>
>  # Read and setup our configuration parameters from the config file
>  my($msg);
>  my($errn) = stat($config_file) ? 0 : 0+$!;
>  if ($errn == ENOENT) { $msg = "does not exist" }
>  elsif ($errn)        { $msg = "inaccessible: $!" }
>  elsif (! -f _)       { $msg = "not a regular file" }
>  elsif (! -r _)       { $msg = "not readable" }
>  if (defined $msg) { die "Config file $config_file $msg" }
>
>  open INFILE, "<$config_file";
>  while (<INFILE>) {
>    my $tstr = $_;
>    if ($tstr =~ /\A\s*(\$database_\w+)\s*=/) {
>      eval $tstr;
>      if ($@ ne '') { die "Error in config file $config_file: $@" }
>    }
>  }
>
>  $config_loaded = 1;
> }
>
> sub usage {
>  my $error = shift;
>  if (defined $error) {
>    print "$error\n\n";
>  }
>  print "Usage:\n"
>    .   "  $0 <black|white> <ip|from|to> <fromaddr|ip|network>\n\n"
>    .   "Note: networks must be specified in incomplete form, i.e.  
> 10.2 =
> 10.2.0.0/16\n"
>    .   "  NEVER whitelist on the 'from' address, since it is easily
> forged.\n\n"
>    .   "Examples:\n\n"
>    .   "$0 white ip 10\n"
>    .   "  -- Whitelist all mail from systems on the private 10.x.x.x
> network\n"
>    .   "$0 white to sales\@somedomain.com\n"
>    .   "  -- Whitelist mail sent to the sales address to avoid  
> possible
> delays\n"
>    .   "$0 black from aspamdomain.com\n"
>    .   "  -- Blacklist all mail with a from address at  
> aspamdomain.com\n";
>  exit;
> }
>
>
> BEGIN:
> {
>  my $never = "'0000-00-00 00:00:00'";
>  my $always = "'9999-12-31 23:59:59'";
>
>
>  # load config file before we start
>  load_config();
>
>  # parse command line params
>  my $direction = lc(shift);
>  usage("Error: First parameter must be either black or white.") if
> ($direction !~ /\A(black|white)\Z/);
>  my $rectype = lc(shift);
>  usage("Error: Second parameter must be a valid field type.") if  
> ($rectype
> !~ /\A(ip|from|to|relay_ip|mail_from|rcpt_to)\Z/);
>  $rectype = "relay_ip" if ($rectype eq "ip");
>  $rectype = "mail_from" if ($rectype eq "from");
>  $rectype = "rcpt_to" if ($rectype eq "to");
>  my $fieldval = lc(shift);
>
>  if (length($fieldval) < 2) {
>    print "Error!  Field parameter too short!\n";
>    exit;
>  }
>
>  if ($rectype eq "mail_from" and $direction eq "white") {
>    print "Whitelisting of from addresses is not allowed!\n";
>    exit;
>  }
>  if ($rectype eq "relay_ip" and $fieldval !~
> /\A(\d+)(|\.(\d+)(|\.(\d+)(|\.(\d+))))\Z/) {
>    if ($1 < 1 or $1 > 255 or $2 > 255 or $3 > 255 or $4 > 255) {
>      print "IP is invalid format!\n";
>      exit;
>    }
>  }
>  my $block_expires = ($direction eq "white" ? $never : $always);
>
>  # connect to the database
>  my $dbh = db_connect(0);
>  die "$DBI::errstr\n" unless($dbh);
>
>  # Make sure there isn't a similar manual entry already.
>  my $rows = $dbh->selectrow_array("SELECT id FROM relaytofrom WHERE
> record_expires > NOW() AND $rectype = ? "
>    . " AND origin_type = 'MANUAL' ", undef, $fieldval);
>  if ($rows > 0) {
>    print "Similar Record already exists!  Aborting.\n";
>    exit;
>  }
>
>  # Insert the wildcard row (blacklist or whitelist)
>  my $rows = $dbh->do("INSERT INTO relaytofrom (create_time,  
> record_expires,
> block_expires, $rectype) "
>      . " VALUES (NOW(), $always, $block_expires, " . $dbh- 
> >quote($fieldval)
> . ")") or die;
>
>  # Make sure it inserted ok
>  if ($rows != 1) {
>    print "Error inserting record.\n";
>    die;
>  }
>  else {
>    my $rowid = $dbh->selectrow_array("SELECT LAST_INSERT_ID()");
>    print "Inserted row $rowid\n";
>
>    # expire any old records that match
>    # - find records that may be similar (do real similarity testing  
> later,
> this is wide pass)
>    my $sth = $dbh->prepare("SELECT id, $rectype FROM relaytofrom WHERE
> record_expires > NOW() "
>      . " AND $rectype LIKE " . $dbh->quote('%' . $fieldval . '%'));
>    $sth->execute();
>    my $rows = 0;
>    while (my @cols = $sth->fetchrow_array()) {
>      next if ($cols[0] == $rowid);  # Don't expire the row we just  
> inserted
>      $cols[1] = lc($cols[1]);   # Make sure the comparisons are  
> lowercase
>      my $doexpire = 0;
>
>      if ($rectype eq "relay_ip" and substr($cols[1], 0,  
> length($fieldval))
> eq $fieldval) {
>        $doexpire = 1;
>      }
>      else {
>        # expire if is an exact match, with or without surrounding  
> angle
> brackets
>        $doexpire = 1 if ($fieldval =~ /\A.+ at .+\Z/ and ($cols[1] eq
> "<$fieldval>" or $cols[1] eq "$fieldval"));
>        # expire if is a username@ match
>        $doexpire = 1 if ($fieldval =~ /@\Z/ and substr($cols[1], 0,
> length($fieldval) + 1) eq "<$fieldval");
>        # expire if is a partial domain match
>        $doexpire = 1 if ($fieldval !~ /@/ and
>          (   substr($cols[1], - (length($fieldval) + 2)) eq ". 
> $fieldval>"
>           or substr($cols[1], - (length($fieldval) + 2)) eq "\@ 
> $fieldval>"
>           or substr($cols[1], - (length($fieldval) + 1)) eq ". 
> $fieldval"
>           or substr($cols[1], - (length($fieldval) + 1)) eq
> "\@$fieldval"));
>      }
>      if ($doexpire) {
>        $rows += $dbh->do("UPDATE relaytofrom SET record_expires =  
> NOW()
> WHERE id = $cols[0]");
>      }
>    }
>    $sth->finish();
>    print "Expired $rows rows\n";
>  }
>
> }
>
>
>
>
>
> ===== Original Message from greylist-users at lists.puremagic.com  
> (Greylisting
> Users and Developers Discuss) at 6/26/08 11:41 am
>> Hi,
>>
>> Where do I find this xlist.pl script ?
>>
>> Regards,
>>
>> Denio
>>
>>> I use the provided xlist.pl script to do all my white and black  
>>> listing
>>>
>>> xlist.pl white ip 192.168.1
>>>
>>> should make the proper table entry for you.
>>>
>>>
>>>
>>> ===== Original Message from greylist-users at lists.puremagic.com
>>> (Greylisting
>>> Users and Developers Discuss) at 6/26/08 2:51 am
>>>> Hi,
>>>>
>>>> This does appear to be based on a unique receipiants address...so  
>>>> sending
>>>> to a remote user works after a while and continues to work, but  
>>>> sending
>>>> to
>>>> a new user at the same doamin cause a tempfail...
>>>>
>>>> So how do I fix this please?
>>>>
>>>> regards
>>>>
>>>> Steven
>>>>
>>>> -----Original Message-----
>>>> From: greylist-users-bounces at lists.puremagic.com on behalf of  
>>>> Steven
>>>> Jones
>>>> Sent: Thu 26/06/2008 19:21
>>>> To: greylist-users at lists.puremagic.com
>>>> Subject: [Greylist-users] Getting greylisting going on a new  
>>>> Debian box
>>>>
>>>>
>>>> Hi,
>>>>
>>>> Just setting up relaydelay and I am finding that relaydelay is  
>>>> failing
>>>> clients on the local LAN.
>>>>
>>>> I have attempted to put 192.168.1 into the database but to no  
>>>> avail.
>>>>
>>>> What should the mysql syntax be for 192.168.1.0/24 not to be  
>>>> blocked ever
>>>> please?
>>>>
>>>> Does not seem to be,
>>>>
>>>> INSERT INTO relaytofrom (relay_ip, record_expires, create_time)  
>>>> VALUES
>>>> ('192.168.1', '9999-12-31 23:59:59', NOW());
>>>>
>>>> ??
>>>>
>>>> 8><--------
>>>> Jun 26 18:50:49 hermes sm-mta[20134]: m5Q6omwx020134: Milter:
>>>> to=<greylist-users at lists.puremagic.com>, reject=451 4.7.1 Please  
>>>> try
>>>> again
>>>> later (TEMPFAIL)
>>>> Jun 26 18:50:51 hermes sm-mta[20134]: m5Q6omwx020134:
>>>> from=<thing at thing.dyndns.org>, size=1007, class=0, nrcpts=0,  
>>>> proto=ESMTP,
>>>> daemon=MTA-v4, relay=[192.168.1.108]
>>>> Jun 26 18:51:23 hermes sm-mta[25218]: m5Q6pMPP025218: Milter:
>>>> to=<greylist-users at lists.puremagic.com>, reject=451 4.7.1 Please  
>>>> try
>>>> again
>>>> later (TEMPFAIL)
>>>> Jun 26 18:51:26 hermes sm-mta[25218]: m5Q6pMPP025218:
>>>> from=<thing at thing.dyndns.org>, size=1007, class=0, nrcpts=0,  
>>>> proto=ESMTP,
>>>> daemon=MTA-v4, relay=[192.168.1.108]
>>>> 8><---------
>>>>
>>>> regards
>>>>
>>>> Steven
>>>> _______________________________________________
>>>> Greylist-users mailing list
>>>> Greylist-users at lists.puremagic.com
>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>>
>>>> _______________________________________________
>>>> Greylist-users mailing list
>>>> Greylist-users at lists.puremagic.com
>>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>
>>>
>>> _______________________________________________
>>> Greylist-users mailing list
>>> Greylist-users at lists.puremagic.com
>>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>>>
>>
>> _______________________________________________
>> Greylist-users mailing list
>> Greylist-users at lists.puremagic.com
>> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>
>
> _______________________________________________
> Greylist-users mailing list
> Greylist-users at lists.puremagic.com
> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>
> _______________________________________________
> Greylist-users mailing list
> Greylist-users at lists.puremagic.com
> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users
>



More information about the Greylist-users mailing list