diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
| commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
| tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /mail-filter/postgrey | |
reinit the tree, so we can have metadata
Diffstat (limited to 'mail-filter/postgrey')
| -rw-r--r-- | mail-filter/postgrey/Manifest | 16 | ||||
| -rw-r--r-- | mail-filter/postgrey/files/postgrey-1.34-perl-5.18.patch | 33 | ||||
| -rw-r--r-- | mail-filter/postgrey/files/postgrey-1.34-r3.rc.new | 100 | ||||
| -rw-r--r-- | mail-filter/postgrey/files/postgrey.conf.new | 55 | ||||
| -rw-r--r-- | mail-filter/postgrey/files/postgrey.service | 17 | ||||
| -rw-r--r-- | mail-filter/postgrey/files/targrey-0.31-postgrey-1.34.patch | 202 | ||||
| -rw-r--r-- | mail-filter/postgrey/metadata.xml | 20 | ||||
| -rw-r--r-- | mail-filter/postgrey/postgrey-1.34-r3.ebuild | 70 | ||||
| -rw-r--r-- | mail-filter/postgrey/postgrey-1.35-r2.ebuild | 71 | ||||
| -rw-r--r-- | mail-filter/postgrey/postgrey-1.36-r1.ebuild | 72 | ||||
| -rw-r--r-- | mail-filter/postgrey/postgrey-1.37.ebuild | 69 |
11 files changed, 725 insertions, 0 deletions
diff --git a/mail-filter/postgrey/Manifest b/mail-filter/postgrey/Manifest new file mode 100644 index 000000000000..86eb51b029b4 --- /dev/null +++ b/mail-filter/postgrey/Manifest @@ -0,0 +1,16 @@ +AUX postgrey-1.34-perl-5.18.patch 952 SHA256 d623dee7e605eb3d29139664a90a0f892d5d5b8ebbcd44a508f0790da2f5d23d SHA512 2145d3d0fff5c993075a3a792adb899a9d28760b43a21daacb4b4a94b5f3a587ecd29700314ae20379d4909bf22d518161e9dcd556963dc185c014351845f6b0 WHIRLPOOL c6be159a72a0dadf140515ad3ca9211f944caa08e47683f69612b645fe78c00d72eb3bc801e2c1d98d79e4a2bd0d2554dc77af049c9ae6e8a8fbde8e91a15f84 +AUX postgrey-1.34-r3.rc.new 2373 SHA256 119ede5d8be2b7b0bf945121c9427946fde73610e447717070d98a2fb42c1961 SHA512 a9f9c841249b303da2bd4c976e2cd2fe85264929e298745e08f684f86659da548d9348c15a5723697835ee44c584405582605792f545eb9b1c097f82fc15720e WHIRLPOOL 8531d04f577f2c5b81a9c17601b05af01e9eb50309627c9ec6ff5e4c4ef08ce37dbe453ede03ecccc57567762d7b11ff7044cf701c4fb0ede646a261688a94e9 +AUX postgrey.conf.new 1914 SHA256 c4c5bfe68b99513152669443ee268186989a89f9846e7fd560841d4cb47fb031 SHA512 07c7bf82fa24486a62701238bc3684e7ed445bceeb54c842eba39b0d83732b704954247978784142ecf20329352dbe698ba2d9a76576d5082315a314278a6740 WHIRLPOOL 5422e62945594fcc3d60bf69883f86a1fa3bc03c8859abf04972665a24ca76931150093756545ed433a53314fcb8377520c421e6ae3f9d4348a6246fc0af36f1 +AUX postgrey.service 345 SHA256 21b17342ae0c00ce4e63d7ceb5437dd20188ee201d0347cffc1f719c197a4474 SHA512 f5f92cae916a8000da460c0c5bd2194b49518cf2bdadf7f6c4512a29dbee73b4a75d530ed0d2049ac46103235246b5b3b88e55216c9ed1a012ed306a4bf7d58c WHIRLPOOL 98639d6ce124d46f7d0cb936c7e57104859678fdbdbc87f1dcc540f7aab41ce295137d0c4268f61c2affb80184fe593d8e945bd97a1921a9acb3220fe95d148f +AUX targrey-0.31-postgrey-1.34.patch 8555 SHA256 efeb57ef7f7140da1ed38efe53da068c207a76618216e28b1de22f43341fa649 SHA512 af4433f08120ae6ab07179f1adb88ca8c86c142b68727657555cef04d84105912e8e67c969c860ea000930196c6046b7b2bef2647f04b202ceecaf163d8515d5 WHIRLPOOL e73cb133e5b9cc41c7061fa7537731e5d36cd7fc2649b140682136d4f46f038d54caf6de60cabc4cbef86d36575f07836e7ef87c9e05909a2f48f06cc4ea47fe +DIST postgrey-1.34.tar.gz 36399 SHA256 9a9ee2f4e3cbbf15642e47802407c810ac5c54f0ad1572ebec3f0f645eb35707 SHA512 df6cf0c3bf6835591aad00bde13330ee4030b965c90a01a27dfafb5eac1f008dcfb9001dbfcf70a6209b91af7a571b38392b69db2212f112d888a565e9b703cb WHIRLPOOL 92eade9af5ac0589ffd0c63b89b36ac8b64b5f862f601cbfa10c66137ea46624ff5af0b96cbcef2f004cb19028fd90c406f4ec164440e53f4f1122c3cdd427e3 +DIST postgrey-1.35.tar.gz 36610 SHA256 f6a6956630803e6f79ebff6ad0cc0d46ba32046ed6cc260e38e6f591de7bbdcf SHA512 fa9844f6ca7395c02cbc1f234d0efbeafb80ebbebc763966d375bb32e7768d9c987d8c95d1e8dc9da933832feb9948b4086cf5a31f24d3764e9678333abe6c8f WHIRLPOOL c969bf93747cb197bd6efef4b4dd7d979f489663a235e7723dc015005c8b059b23d0bde7c8ba08a3ad1da7a5957e98da7170e4405019c633c91aadb3ed016c6c +DIST postgrey-1.36.tar.gz 38797 SHA256 a22bf8c42518d802a32b070332b7ca3aed985ff4f9a59cd04028c56988585f26 SHA512 9b2502b873658c1ef8a86bff091d61b8dc8d66f7395bc0a869f9e6ec60b691a317c084ae326f49ce8dd926f0fa2620a58f3ad76c25e1b1c9606557d2802d1395 WHIRLPOOL 9b8e8e74422608acbf901fa32b69eedea6cb5a8053c1d84d8ecc08c03776ca0805c9b4188de5db5b2d707b48c80a42a9e3a9050305273f159ce2828c80dfe870 +DIST postgrey-1.37.tar.gz 41815 SHA256 ff4d9543f8f5cb0356c30ffe22255d942ac6128da734c376de211c02630fa5f7 SHA512 369968212ea60539efc0d4a7ae84f7c3ce13f5622e6ee070a0089423ef81ca8f7541ebd20289291d0e6a3aec2ca30dbc9c0d9c0a6f0a686adfadb5d0dd7830ca WHIRLPOOL ee61fb579740e24a9fca0ea349401c4b8f9f6a4fe0df3ad57345ecfbf4ba6fb2b3a437fc6c50bf11bc4527aa5b1dca23b8319d22b90888e04b3fd2fab049a13b +EBUILD postgrey-1.34-r3.ebuild 1662 SHA256 ceb0dbdaaa0c9864054aabf386f4eec151a7ef0b653e79a58a102ed966ec4f27 SHA512 3ddb2f66e443f1bf43ffa991f7575c523229589949080d4b37a58f918de73519f9b8d4795533c586dab2029e812c6b67722422ae0def0463c5f0c5a6e6a3b299 WHIRLPOOL 613b9c6ad9274a063cfd5429fb10c517cd374c51f495d05693b4aadd248a3353db02706c7eae2daf9e8828da51d34c6c8ea736d24656259169e8ebfe47994407 +EBUILD postgrey-1.35-r2.ebuild 1722 SHA256 2d3b862a1c2490d519b37ccfe1ff2903449af13446c4efd0a25977d44af1c4c8 SHA512 df2d67554038f1eb9d617dcaaca38bb0a738cdb55b6ab5b2c71cba768edf19d3f96a5974c376de52e3cff890eb03af1a90e01976c7d72b87ba8da6ae4a65868f WHIRLPOOL 6444634d767b67728e5fe92912258f54ad594b4611ff5945d810c47d90fde547af17a8d8828bee36d94f55f8c51f566945aa1ad6bd499b58b412ece4dd0fc059 +EBUILD postgrey-1.36-r1.ebuild 1748 SHA256 298c7af253d7e705dfc225258b00f82e34d16b80f7095ab5634f5bfb4d81e7dd SHA512 0ea4a73933a11d84894bc8a286193a3b1d71f2ecf5ac2513e9c3cf18364479485519839d09fed3a15152a1208c9dd908695c853a2a17a003b295f9842bbf99bb WHIRLPOOL e1eb4380389b99d524eac6cd2c17cc0a5765dd1e69a4c7e9bd6e3cad9a6dd2273fa778acb7ab070d68cfdfbc467a91127dfa846c11926a1ac18f91d60b743dbb +EBUILD postgrey-1.37.ebuild 1662 SHA256 5e7898488b54546acab32d2689c73dd78b1cc99be91ff46c83e8deb06fdaeb6c SHA512 17512115c889bceccc2a8fd09ffc8aa5815b37256b473a7f794c42f4fd561dc625e7d72f6f67b9a1abe2b89a6a14e0f51ecec913029ea7fd12e1fdca8d707790 WHIRLPOOL 0f0fd089df5e7aec4f1282fb6cab33089b443ee012ce4351000b2ea70bbde3f5b4d9a1ad12fbb5a05191e0c4e464dcd61696b44ee40071464b7fda17d2095067 +MISC ChangeLog 4823 SHA256 cba885774a58e5c94cbd704a8f8c6ceb684f8af3e46e705aad8d8e14e13fa9ec SHA512 578ccf290a46d9bcd3ce310c7c6dd8b52978ca972b6b741041da5e525e3c73641e8dee0a31965a6940c31fa36161df438c30f9e1264ce20c278eb9356fe82ac5 WHIRLPOOL 4451c311a6c0f63d2530c3335dba847e9f3f46e5127e1925ca7ad5279ca044f1b75ad6f5b279fdcc1df4a2892cd043f2d551a3e60cf0b55706b0703851612bf9 +MISC ChangeLog-2015 13708 SHA256 7a6925fcf93acda544f03ae8a298fd79f28f7dca9b7a94559a4095698ab1a5ff SHA512 0afe01dc44c31c7ee057b4e1ebc62d5ad338dd98e74280dfaba3f4e952f0ad73741ad611aad9791bc2da7a64267f748af633df793e8f65df4d1878e1a53b28bd WHIRLPOOL 192db3278081eef7c0b61dc090498082ea0931070013459ee008f8848f103b0dc47e481bce3d14638d6ff94691c2ae95804d63e05a40dc8ab764d563e3c7b4df +MISC metadata.xml 682 SHA256 03d5294c396fd05f121b324d5cea037ef360fe5395bd5bfdb76e358989b2b294 SHA512 eb508ce6267543a83ea4db851c7eb1627386f95d749ab581d10472ebb7b7994bae760a3f83c632f586b22fe47698fc86fcfaffc2d1c24093de146e7954e685be WHIRLPOOL c34937c3a6f237ceb265980a45cd77ea379f3ba5f9767fba7bcbcbcc8e470e7bc659e17ca2ad911614fd7a2b1b584c4ba6a635c84151f3f8bb2b7bb770162f0b diff --git a/mail-filter/postgrey/files/postgrey-1.34-perl-5.18.patch b/mail-filter/postgrey/files/postgrey-1.34-perl-5.18.patch new file mode 100644 index 000000000000..615c6e5b77d1 --- /dev/null +++ b/mail-filter/postgrey/files/postgrey-1.34-perl-5.18.patch @@ -0,0 +1,33 @@ +From 9673b54064691a5b9c295ffea340d8a1f9ee1cb8 Mon Sep 17 00:00:00 2001 +From: Yasuhiro KIMURA <yasu@utahime.org> +Date: Sat, 17 Aug 2013 22:05:27 +0900 +Subject: [PATCH] Make postgrey work with Perl 5.18 + +--- + postgrey | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/postgrey b/postgrey +index 7cb0352..37f69bd 100755 +--- a/postgrey ++++ b/postgrey +@@ -557,6 +557,16 @@ sub main() + if($opt{dbdir}) { + $opt{dbdir} =~ /^(.*)$/; $opt{dbdir} = $1; + } ++ # untaint what is given on --pidfile. It is not security sensitive since ++ # it is provided by the admin ++ if($opt{pidfile}) { ++ $opt{pidfile} =~ /^(.*)$/; $opt{pidfile} = $1; ++ } ++ # untaint what is given on --inet. It is not security sensitive since ++ # it is provided by the admin ++ if($opt{inet}) { ++ $opt{inet} =~ /^(.*)$/; $opt{inet} = $1; ++ } + + # determine proper "logsock" for Sys::Syslog + my $syslog_logsock; +-- +2.0.3 + diff --git a/mail-filter/postgrey/files/postgrey-1.34-r3.rc.new b/mail-filter/postgrey/files/postgrey-1.34-r3.rc.new new file mode 100644 index 000000000000..74256f7e987a --- /dev/null +++ b/mail-filter/postgrey/files/postgrey-1.34-r3.rc.new @@ -0,0 +1,100 @@ +#!/sbin/openrc-run +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +conf="/etc/conf.d/postgrey" + +extra_started_commands="reload" + +depend() { + need net + before postfix + provide postfix_greylist +} + +conf_error() { + eerror "You need to setup ${conf} first" + return 1 +} + +checkconfig() { +if [ -z "${POSTGREY_TYPE}" ] + then + einfo "You need to choose the server type you want" + einfo "by setting the POSTGREY_TYPE variable in ${conf}." + else + if [ "x${POSTGREY_TYPE}" = "xinet" ] + then + if [ -z "${POSTGREY_PORT}" ] || [ -z "${POSTGREY_HOST}" ] + then + einfo "The following entries are missing in ${conf}:" + [ -z "${POSTGREY_HOST}" ] && einfo " - POSTGREY_HOST" + [ -z "${POSTGREY_PORT}" ] && einfo " - POSTGREY_PORT" + conf_error + fi + POSTGREY_ADDR="${POSTGREY_TYPE}=${POSTGREY_HOST}:${POSTGREY_PORT}" + else + if [ -z "${POSTGREY_SOCKET}" ] + then + einfo "The following entries are missing in ${conf}:" + [ -z "${POSTGREY_SOCKET}" ] && einfo " - POSTGREY_SOCKET" + conf_error + fi + POSTGREY_ADDR="${POSTGREY_TYPE}=${POSTGREY_SOCKET}" + fi +fi + + if [ -z "${POSTGREY_PID}" ] + then + einfo "The following entries are missing in ${conf}:" + [ -z "${POSTGREY_PID}" ] && einfo " - POSTGREY_PID" + conf_error + fi +} + +start() { + checkconfig || return 1 + ebegin "Starting Postgrey" + + # HACK -- start a subshell and corrects perms on the socket... + if [ "x${POSTGREY_TYPE}" = "xunix" ]; then + rm -f ${POSTGREY_SOCKET} + ( while ! test -S ${POSTGREY_SOCKET}; do sleep 1; done; chmod a+rw,a-x ${POSTGREY_SOCKET} ) & + fi + + if [ -z ${POSTGREY_DELAY} ] ; then + POSTGREY_DELAY_ARG="" + else + POSTGREY_DELAY_ARG="--delay=${POSTGREY_DELAY}" + fi + + if [ -z "${POSTGREY_TEXT}" ] ; then + POSTGREY_TEXT_ARG="" + else + POSTGREY_TEXT_ARG="--greylist-text=${POSTGREY_TEXT}" + fi + + start-stop-daemon --start --quiet --background \ + --pidfile=${POSTGREY_PID} \ + --name postgrey \ + --exec /usr/sbin/postgrey -- \ + --${POSTGREY_ADDR} \ + --daemonize \ + --pidfile=${POSTGREY_PID} \ + ${POSTGREY_DELAY_ARG} \ + ${POSTGREY_OPTS} \ + "${POSTGREY_TEXT_ARG}" + eend ${?} +} + +stop() { + ebegin "Stopping Postgrey" + start-stop-daemon --stop --quiet --pidfile ${POSTGREY_PID} + eend ${?} +} + +reload() { + ebegin "Reloading Postgrey" + start-stop-daemon --stop --signal HUP --oknodo --pidfile ${POSTGREY_PID} + eend $? +} diff --git a/mail-filter/postgrey/files/postgrey.conf.new b/mail-filter/postgrey/files/postgrey.conf.new new file mode 100644 index 000000000000..58db73440bd4 --- /dev/null +++ b/mail-filter/postgrey/files/postgrey.conf.new @@ -0,0 +1,55 @@ +# Config file for /etc/init.d/postgrey + +# LISTEN TYPE +# Set to 'inet' if you want to use a TCP socket. +# Set to 'unix' if you want to use a UNIX socket. +POSTGREY_TYPE="inet" + +# HOST +# What IP should postgrey bind to? +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_HOST="127.0.0.1" + +# PORT +# What TCP port should postgrey listen on? +# (ignored if POSTGREY_TYPE is set to 'unix') +POSTGREY_PORT="10030" + +# SOCKET +# Unix socket to listen on, if POSTGREY_TYPE is set to 'unix'. +# Leave unchanged unless you know what you are doing. +# (ignored if POSTGREY_TYPE is set to 'inet') +POSTGREY_SOCKET="/var/spool/postfix/private/postgrey" + +# PID +# Postgrey pid file. +# Do not change, if you don't know what this is! +POSTGREY_PID="/var/run/postgrey.pid" + +# DELAY +# How long to delay mail that is greylisted in seconds. +POSTGREY_DELAY=300 + +# TEXT +# The response we'll send back with delayed mail. +POSTGREY_TEXT="Greylisted for %s seconds" + +# Additional Postgrey options +# +# -v, --verbose increase verbosity level +# --max-age=N delete entries older than N days since the last time +# that they have been seen (default: 30) +# --retry-window=N allow only N days for the first retrial (default: 2) +# append 'h' if you want to specify it in hours +# --greylist-action=A if greylisted, return A to Postfix (default: DEFER_IF_PERMIT) +# --lookup-by-subnet strip the last 8 bits from IP addresses (default) +# --lookup-by-host do not strip the last 8 bits from IP addresses +# --whitelist-clients=FILE default: /etc/postfix/postgrey_whitelist_clients +# --whitelist-recipients=FILE default: /etc/postfix/postgrey_whitelist_recipients +# +# Note that the --whitelist-x options can be specified multiple times, and that +# per default /etc/postfix/postgrey_whitelist_clients.local is also read, so +# that you can put there local entries. +# +POSTGREY_OPTS="" diff --git a/mail-filter/postgrey/files/postgrey.service b/mail-filter/postgrey/files/postgrey.service new file mode 100644 index 000000000000..7321eee13adb --- /dev/null +++ b/mail-filter/postgrey/files/postgrey.service @@ -0,0 +1,17 @@ +[Unit] +Description=Postfix Greylisting Service +Before=postfix.service + +[Service] +Type=simple +ExecStart=/usr/sbin/postgrey --inet=127.0.0.1:10030 \ + --pidfile=/var/run/postgrey.pid \ + --group=postgrey --user=postgrey \ + --greylist-text="Greylisted for %%s seconds" +Restart=always +RestartSec=5 +TimeoutSec=10 + +[Install] +WantedBy=multi-user.target + diff --git a/mail-filter/postgrey/files/targrey-0.31-postgrey-1.34.patch b/mail-filter/postgrey/files/targrey-0.31-postgrey-1.34.patch new file mode 100644 index 000000000000..a17b6457d39a --- /dev/null +++ b/mail-filter/postgrey/files/targrey-0.31-postgrey-1.34.patch @@ -0,0 +1,202 @@ +--- postgrey.orig 2011-05-04 22:54:15.000000000 +0200 ++++ postgrey 2011-10-17 10:10:21.000000000 +0200 +@@ -309,6 +309,22 @@ + $self->mylog(1, "cleaning clients database finished. before: $nr_keys_before, after: $nr_keys_after"); + } + ++ if($self->{postgrey}{targrey}) { ++ # cleanup tarpit blacklist database ++ my $tarpit_db = $self->{postgrey}{db_tarpit}; ++ ($nr_keys_before, $nr_keys_after) = (0, 0); ++ while (my ($key, $tarpit_last_seen) = each %$tarpit_db) { ++ $nr_keys_before++; ++ if($now - $tarpit_last_seen > $retry_window) { ++ delete $tarpit_db->{$key}; ++ } ++ else { ++ $nr_keys_after++; ++ } ++ } ++ $self->mylog(1, "cleaning tarpit blacklist database finished. before: $nr_keys_before, after: $nr_keys_after"); ++ } ++ + $self->{postgrey}{last_maint_keys}=$now; + } + } +@@ -383,7 +399,7 @@ + # whitelist if count is enough + if(defined $cawl_count and $cawl_count >= $self->{postgrey}{awl_clients}) + { +- if(($now >= $cawl_last+3600) or ($cawl_last > $now)) { ++ if(($now >= $cawl_last + $self->{postgrey}{awl_delay}) or ($cawl_last > $now)) { + $cawl_count++; # for statistics + $cawl_db->{$cawl_key}=$cawl_count.','.$now; + } +@@ -392,6 +408,28 @@ + } + } + ++ # check tarpit passed if targrey mode ++ if ($self->{postgrey}{targrey} && $attr->{protocol_state} eq 'DATA') { # passed tarpit ++ # remove tarpit blacklist ++ my $tarpit_db = $self->{postgrey}{db_tarpit}; ++ my $tarpit_key = $attr->{client_address}; ++ delete $tarpit_db->{$tarpit_key}; ++ ++ # auto whitelist clients by tarpit ++ if ($self->{postgrey}{awl_clients}) { ++ # enough time has passed (record only one attempt per hour) ++ if (! defined $cawl_last or $now >= $cawl_last + $self->{postgrey}{awl_delay}) { ++ # ok, increase count ++ $cawl_count++; ++ $cawl_db->{$cawl_key}=$cawl_count.','.$now; ++ $self->mylog(1, "tarpit whitelisted: $attr->{client_name}"."[".$attr->{client_address}."]") ++ if $cawl_count==$self->{postgrey}{awl_clients}; ++ } ++ } ++ ++ return 'DUNNO'; ++ } ++ + # lookup + my $sender = $self->do_sender_substitutions($attr->{sender}); + my ($client_net, $client_host) = +@@ -402,10 +440,11 @@ + } + my $val = $db->{$key}; + my $first; ++ my $retry_count=0; + my $last_was_successful=0; + if(defined $val) { + my $last; +- ($first, $last) = split(/,/,$val); ++ ($first, $last, $retry_count) = split(/,/,$val); + # find out if the last time was unsuccessful, so that we can add a header + # to say how much had to be waited + if($last - $first >= $self->{postgrey}{delay}) { +@@ -426,16 +465,19 @@ + $first = $now; + } + ++ my $diff = $self->{postgrey}{delay} - ($now - $first); ++ ++ # enough waited? -> increase retry_count ++ $retry_count++ if($diff <= 0); ++ + # update (put as last element stripped host-part if it was stripped) + if(defined $client_host) { +- $db->{$key}="$first,$now,$client_host"; ++ $db->{$key}="$first,$now,$retry_count,$client_host"; + } + else { +- $db->{$key}="$first,$now"; ++ $db->{$key}="$first,$now,$retry_count"; + } + +- my $diff = $self->{postgrey}{delay} - ($now - $first); +- + # auto whitelist clients + # algorithm: + # - on successful entry in the greylist db of a triplet: +@@ -443,23 +485,41 @@ + # - client whitelisted already? -> update last-seen timestamp + if($self->{postgrey}{awl_clients}) { + # greylisting succeeded +- if($diff <= 0 and !$last_was_successful) { ++ if($retry_count >= $self->{postgrey}{retry_count} and !$last_was_successful) { + # enough time has passed (record only one attempt per hour) +- if(! defined $cawl_last or $now >= $cawl_last + 3600) { ++ if(! defined $cawl_last or $now >= $cawl_last + $self->{postgrey}{awl_delay}) { + # ok, increase count + $cawl_count++; + $cawl_db->{$cawl_key}=$cawl_count.','.$now; + my $client = $attr->{client_name} ? + $attr->{client_name}.'['.$attr->{client_address}.']' : + $attr->{client_address}; +- $self->mylog(1, "whitelisted: $client") ++ $self->mylog(1, "whitelisted: $attr->{client_name}"."[".$attr->{client_address}."]") + if $cawl_count==$self->{postgrey}{awl_clients}; + } + } + } + +- # not enough waited? -> greylist +- if ($diff > 0 ) { ++ # not enough retry? -> greylist ++ if ($retry_count < $self->{postgrey}{retry_count}) { ++ if($self->{postgrey}{tarpit} && ! $self->{postgrey}{targrey}) { ++ # do tarpit and greylist if tarpit option only ++ # don't add message after greylist_action ++ return "SLEEP $self->{postgrey}{tarpit}, $self->{postgrey}{greylist_action}"; ++ } ++ if($self->{postgrey}{targrey}) { ++ # do tarpit if targrey option ++ # add tarpit blacklist ++ my $tarpit_db = $self->{postgrey}{db_tarpit}; ++ my $tarpit_key = $attr->{client_address}; ++ my $tarpit_last = $tarpit_db->{$tarpit_key}; ++ $tarpit_last = 0 unless (defined $tarpit_last); ++ $tarpit_db->{$tarpit_key} = "$now" if ($now >= $tarpit_last+300); # update if 5min ago ++ ++ # return sleep if not tarpit blacklisted ++ return "SLEEP $self->{postgrey}{tarpit}" if ($tarpit_last == 0); ++ # greylist if tarpit blacklisted ++ } + my $msg = $self->{postgrey}{greylist_text}; + # Workaround for an Exchange bug related to Greylisting: + # use DSN 4.2.0 instead of the default 4.7.1. This works +@@ -517,6 +577,7 @@ + 'syslogfacility|syslog-facility|facility=s', + 'retry-window=s', 'greylist-action=s', 'greylist-text=s', 'privacy', + 'hostname=s', 'exim', 'listen-queue-size=i', 'x-greylist-header=s', ++ 'tarpit:s', 'targrey', 'retry-count=i', 'auto-whitelist-delay=i', + ) or exit(1); + # note: lookup-by-subnet can be given for compatibility, but it is default + # so do not do nothing with it... +@@ -606,7 +667,9 @@ + awl_clients => defined $opt{'auto-whitelist-clients'} ? + ($opt{'auto-whitelist-clients'} ne '' ? + $opt{'auto-whitelist-clients'} : 5) : 5, ++ awl_delay => $opt{'auto-whitelist-delay'} || 3600, + retry_window => $retry_window, ++ retry_count => $opt{'retry-count'} || 1, + greylist_action => $opt{'greylist-action'} || 'DEFER_IF_PERMIT', + greylist_text => $opt{'greylist-text'} || 'Greylisted, see http://postgrey.schweikert.ch/help/%r.html', + whitelist_clients_files => $opt{'whitelist-clients'} || +@@ -618,6 +681,10 @@ + hostname => defined $opt{hostname} ? $opt{hostname} : hostname, + exim => defined $opt{'exim'}, + x_greylist_header => $opt{'x-greylist-header'} || 'X-Greylist: delayed %t seconds by postgrey-%v at %h; %d', ++ tarpit => defined $opt{'tarpit'} ? ++ ($opt{'tarpit'} ne '' ? ++ $opt{'tarpit'} : 65) : undef, ++ targrey => defined $opt{'targrey'}, + }, + }, 'postgrey'; + +@@ -633,6 +700,11 @@ + require Digest::SHA; + } + ++ # --targrey needs tarpit sec ++ if(defined $opt{'targrey'} && ! defined $opt{'tarpit'}) { ++ $server->{postgrey}{tarpit} = 125; ++ } ++ + $0 = join(' ', @{$server->{server}{commandline}}); + $server->run; + +@@ -711,6 +783,13 @@ + -Env => $self->{postgrey}{db_env} + ) or die "ERROR: can't create database $self->{server}{dbdir}/postgrey_clients.db: $!\n"; + } ++ if($self->{postgrey}{targrey}) { # use targrey ++ tie(%{$self->{postgrey}{db_tarpit}}, 'BerkeleyDB::Btree', ++ -Filename => 'tarpit_clients.db', ++ -Flags => DB_CREATE, ++ -Env => $self->{postgrey}{db_env} ++ ) or die "ERROR: can't create database $self->{server}{dbdir}/tarpit_clients.db: $!\n"; ++ } + } + + sub mux_input() diff --git a/mail-filter/postgrey/metadata.xml b/mail-filter/postgrey/metadata.xml new file mode 100644 index 000000000000..7c7830fef769 --- /dev/null +++ b/mail-filter/postgrey/metadata.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>lists@xunil.at</email> + <name>Stefan Weichinger</name> + </maintainer> +<maintainer type="project"> + <email>net-mail@gentoo.org</email> + <name>Net-Mail</name> + </maintainer> +<maintainer type="project"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> +<longdescription>Postgrey is a Postfix policy server implementing greylisting developed by David Schweikert at the ISG.EE.</longdescription> +<use> + <flag name="targrey">Enables the targrey patch</flag> +</use> +</pkgmetadata> diff --git a/mail-filter/postgrey/postgrey-1.34-r3.ebuild b/mail-filter/postgrey/postgrey-1.34-r3.ebuild new file mode 100644 index 000000000000..f39af79c82e5 --- /dev/null +++ b/mail-filter/postgrey/postgrey-1.34-r3.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils user + +DESCRIPTION="Postgrey is a Postfix policy server implementing greylisting" +HOMEPAGE="http://postgrey.schweikert.ch/" +SRC_URI="http://postgrey.schweikert.ch/pub/${P}.tar.gz + http://postgrey.schweikert.ch/pub/old/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 hppa ~ppc ppc64 x86" +IUSE="targrey" + +DEPEND="" +RDEPEND=">=dev-lang/perl-5.6.0 + dev-perl/Net-Server + dev-perl/IO-Multiplex + dev-perl/BerkeleyDB + dev-perl/Net-DNS + dev-perl/Parse-Syslog + dev-perl/Net-RBLClient + >=sys-libs/db-4.1" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /dev/null ${PN} +} + +src_prepare() { + if use targrey ; then + epatch "${FILESDIR}"/targrey-0.31-postgrey-1.34.patch + fi + epatch "${FILESDIR}"/${P}-perl-5.18.patch + # bug 479400 + sed -i 's@#!/usr/bin/perl -T -w@#!/usr/bin/perl -w@' postgrey || die "sed failed" +} + +src_install() { + # postgrey data/DB in /var + diropts -m0770 -o ${PN} -g ${PN} + dodir /var/spool/postfix/${PN} + keepdir /var/spool/postfix/${PN} + fowners postgrey:postgrey /var/spool/postfix/${PN} + fperms 0770 /var/spool/postfix/${PN} + + # postgrey binary + dosbin ${PN} + dosbin contrib/postgreyreport + + # policy-test script + dosbin policy-test + + # postgrey data in /etc/postfix + insinto /etc/postfix + insopts -o root -g ${PN} -m 0640 + doins postgrey_whitelist_clients postgrey_whitelist_recipients + + # documentation + dodoc Changes README + + # init.d + conf.d files + insopts -o root -g root -m 755 + newinitd "${FILESDIR}"/${PF}.rc.new ${PN} + insopts -o root -g root -m 640 + newconfd "${FILESDIR}"/${PN}.conf.new ${PN} +} diff --git a/mail-filter/postgrey/postgrey-1.35-r2.ebuild b/mail-filter/postgrey/postgrey-1.35-r2.ebuild new file mode 100644 index 000000000000..e96a63720ea3 --- /dev/null +++ b/mail-filter/postgrey/postgrey-1.35-r2.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils systemd user + +DESCRIPTION="Postgrey is a Postfix policy server implementing greylisting" +HOMEPAGE="http://postgrey.schweikert.ch/" +SRC_URI="http://postgrey.schweikert.ch/pub/${P}.tar.gz +http://postgrey.schweikert.ch/pub/old/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~hppa ~ppc ~ppc64 ~x86" +IUSE="targrey" + +DEPEND="" +RDEPEND=">=dev-lang/perl-5.6.0 + dev-perl/Net-Server + dev-perl/IO-Multiplex + dev-perl/BerkeleyDB + dev-perl/Net-DNS + dev-perl/Parse-Syslog + dev-perl/Net-RBLClient + virtual/perl-Digest-SHA + >=sys-libs/db-4.1" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /dev/null ${PN} +} + +src_prepare() { + if use targrey ; then + epatch "${FILESDIR}"/targrey-0.31-postgrey-1.34.patch + fi + # bug 479400 + sed -i 's@#!/usr/bin/perl -T -w@#!/usr/bin/perl -w@' postgrey || die "sed failed" +} + +src_install() { + # postgrey data/DB in /var + diropts -m0770 -o ${PN} -g ${PN} + dodir /var/spool/postfix/${PN} + keepdir /var/spool/postfix/${PN} + fowners postgrey:postgrey /var/spool/postfix/${PN} + fperms 0770 /var/spool/postfix/${PN} + + # postgrey binary + dosbin ${PN} + dosbin contrib/postgreyreport + + # policy-test script + dosbin policy-test + + # postgrey data in /etc/postfix + insinto /etc/postfix + insopts -o root -g ${PN} -m 0640 + doins postgrey_whitelist_clients postgrey_whitelist_recipients + + # documentation + dodoc Changes README README.exim + + # init.d + conf.d files + insopts -o root -g root -m 755 + newinitd "${FILESDIR}"/${PN}-1.34-r3.rc.new ${PN} + insopts -o root -g root -m 640 + newconfd "${FILESDIR}"/${PN}.conf.new ${PN} + systemd_dounit "${FILESDIR}"/postgrey.service +} diff --git a/mail-filter/postgrey/postgrey-1.36-r1.ebuild b/mail-filter/postgrey/postgrey-1.36-r1.ebuild new file mode 100644 index 000000000000..b86f673b9997 --- /dev/null +++ b/mail-filter/postgrey/postgrey-1.36-r1.ebuild @@ -0,0 +1,72 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils systemd user + +DESCRIPTION="Postgrey is a Postfix policy server implementing greylisting" +HOMEPAGE="http://postgrey.schweikert.ch/" +SRC_URI="http://postgrey.schweikert.ch/pub/${P}.tar.gz +http://postgrey.schweikert.ch/pub/old/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 hppa ~ppc ppc64 x86" +IUSE="targrey" + +DEPEND="" +RDEPEND=">=dev-lang/perl-5.6.0 + dev-perl/Net-Server + dev-perl/IO-Multiplex + dev-perl/BerkeleyDB + dev-perl/Net-DNS + dev-perl/NetAddr-IP + dev-perl/Net-RBLClient + dev-perl/Parse-Syslog + virtual/perl-Digest-SHA + >=sys-libs/db-4.1" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /dev/null ${PN} +} + +src_prepare() { + if use targrey ; then + epatch "${FILESDIR}"/targrey-0.31-postgrey-1.34.patch + fi + # bug 479400 + sed -i 's@#!/usr/bin/perl -T -w@#!/usr/bin/perl -w@' postgrey || die "sed failed" +} + +src_install() { + # postgrey data/DB in /var + diropts -m0770 -o ${PN} -g ${PN} + dodir /var/spool/postfix/${PN} + keepdir /var/spool/postfix/${PN} + fowners postgrey:postgrey /var/spool/postfix/${PN} + fperms 0770 /var/spool/postfix/${PN} + + # postgrey binary + dosbin ${PN} + dosbin contrib/postgreyreport + + # policy-test script + dosbin policy-test + + # postgrey data in /etc/postfix + insinto /etc/postfix + insopts -o root -g ${PN} -m 0640 + doins postgrey_whitelist_clients postgrey_whitelist_recipients + + # documentation + dodoc Changes README README.exim + + # init.d + conf.d files + insopts -o root -g root -m 755 + newinitd "${FILESDIR}"/${PN}-1.34-r3.rc.new ${PN} + insopts -o root -g root -m 640 + newconfd "${FILESDIR}"/${PN}.conf.new ${PN} + systemd_dounit "${FILESDIR}"/postgrey.service +} diff --git a/mail-filter/postgrey/postgrey-1.37.ebuild b/mail-filter/postgrey/postgrey-1.37.ebuild new file mode 100644 index 000000000000..37e2c1011e8c --- /dev/null +++ b/mail-filter/postgrey/postgrey-1.37.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils systemd user + +DESCRIPTION="Postgrey is a Postfix policy server implementing greylisting" +HOMEPAGE="http://postgrey.schweikert.ch/" +SRC_URI="http://postgrey.schweikert.ch/pub/${P}.tar.gz +http://postgrey.schweikert.ch/pub/old/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~hppa ~ppc ~ppc64 ~x86" +IUSE="" + +DEPEND="" +RDEPEND=">=dev-lang/perl-5.6.0 + dev-perl/Net-Server + dev-perl/IO-Multiplex + dev-perl/BerkeleyDB + dev-perl/Net-DNS + dev-perl/NetAddr-IP + dev-perl/Net-RBLClient + dev-perl/Parse-Syslog + virtual/perl-Digest-SHA + >=sys-libs/db-4.1" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /dev/null ${PN} +} + +src_prepare() { + # bug 479400 + sed -i 's@#!/usr/bin/perl -T -w@#!/usr/bin/perl -w@' postgrey || die "sed failed" +} + +src_install() { + # postgrey data/DB in /var + diropts -m0770 -o ${PN} -g ${PN} + dodir /var/spool/postfix/${PN} + keepdir /var/spool/postfix/${PN} + fowners postgrey:postgrey /var/spool/postfix/${PN} + fperms 0770 /var/spool/postfix/${PN} + + # postgrey binary + dosbin ${PN} + dosbin contrib/postgreyreport + + # policy-test script + dosbin policy-test + + # postgrey data in /etc/postfix + insinto /etc/postfix + insopts -o root -g ${PN} -m 0640 + doins postgrey_whitelist_clients postgrey_whitelist_recipients + + # documentation + dodoc Changes README README.exim + + # init.d + conf.d files + insopts -o root -g root -m 755 + newinitd "${FILESDIR}"/${PN}-1.34-r3.rc.new ${PN} + insopts -o root -g root -m 640 + newconfd "${FILESDIR}"/${PN}.conf.new ${PN} + systemd_dounit "${FILESDIR}"/postgrey.service +} |