1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

[HowTo] Install Greylisting with Plesk and Qmail

Discussion in 'Plesk for Linux - 8.x and Older' started by ClausVB, Jan 29, 2007.

  1. ClausVB

    ClausVB Guest

    0
     
    I installed Greylisting in 2006. I have translated Brent Meshier HowTo: Adding Greylisting support to qmail on Plesk 8 into german.

    deutsche Uebersetzung: Greylisting mit Plesk und Qmail

    I tested it on:
    Plesk: 8.0
    SuSE: 10.1
    Kernel: 2.6.13-15.11-default (installed by strato.de)

    There some small mistakes in Brent's guide. He uses three different users to access MySQL. I fixed this in my translation. But there are major bugs in his Tarball. I fixed some of them.

    Updates
    • Bugfix 2007-09-22: »error: conflicting types for 'write' readwrite.h:5: error: previous declaration of 'write' was here
      make: *** [qmail-pw2u.o] Error 1«
    • Bugfix 2007-08-16: Fixed »warning: pointer targets in initialization differ in signedness«
    • Bugfix 2007-08-03: Fixed »warning: conflicting types for built-in function "malloc"«
    • Bugfix 2007-07-24: Fixed »warning: pointer/integer type mismatch in conditional expression«
    • 2007-07-22: Tarball 1.05 released
    • Bugfix 2007-07-15: Created missing "ssl.lib"
      Bugfix 2007-06-23: Fixed »warning: conflicting types for built-in function "puts"«
    • Bugfix 2007-06-02: Fixed »return type of `main' is not `int'«
    Changed the installation guide: September 22, 2007

    Here is a short installation guide, after I installed "mysql-devel" and "openssl-devel" with YaST. Create backups first!

    Download qmail-1.05_greylisting_plesk8.tar.gz and copy it to "/usr/src".
    Code:
    strato:~ # cd /usr/src
    strato:/usr/src # tar xvfz qmail-1.05_greylisting_plesk8.tar.gz
    qmail-1.05/
    qmail-1.05/BLURB
    qmail-1.05/BLURB2
    qmail-1.05/BLURB3
    (...)
    qmail-1.05/qmail-smtpd.c.rej
    qmail-1.05/qmail-spp.o
    vi "local_scan.c" and change defaults:
    Code:
    strato:/usr/src # cd qmail-1.05
    strato:/usr/src/qmail-1.05 # vi local_scan.c
    
    ---
    #define MYSQLHOST "localhost"
    #define MYSQLUSER "greylist"
    #define MYSQLPASS "topSecret"
    #define MYSQLDB   "qmail"
    #define BLOCK_EXPIRE 5 /* minutes until email is accepted */
    #define RECORD_EXPIRE 1500 /* minutes until record expires */
    #define RECORD_EXPIRE_GOOD 36 /* days until record expires after accepting email */
    ---
    Edit "qmail.sql", create database and table "relaytofrom":
    Code:
    strato:/usr/src/qmail-1.05 # vi qmail.sql
    strato:/usr/src/qmail-1.05 # mysql -u admin -p < qmail.sql
    Enter password:
    strato:/usr/src/qmail-1.05 #
    Check your installation:
    Code:
    strato:/usr/src/qmail-1.05 # mysql -u admin -p
    Enter password:
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 8974 to server version: 4.1.13
    Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
    
    mysql> USE mysql;
    Database changed
    mysql> SELECT User, Password FROM user WHERE User = 'greylisting';
    +-------------+-------------------------------------------+
    | User        | Password                                  |
    +-------------+-------------------------------------------+
    | greylist    | *930DAB011CE31AB33910A8A1F011CE98AA9D40FB |
    +-------------+-------------------------------------------+
    1 row in set (0.00 sec)
    
    mysql> SHOW COLUMNS FROM qmail.relaytofrom;
    +----------------+-----------------------+------+-----+---------------------+----------------+
    | Field          | Type                  | Null | Key | Default             | Extra          |
    +----------------+-----------------------+------+-----+---------------------+----------------+
    | id             | bigint(20)            |      | PRI | NULL                | auto_increment |
    | relay_ip       | varchar(16)           | YES  | MUL | NULL                |                |
    | mail_from      | varchar(255)          | YES  | MUL | NULL                |                |
    | rcpt_to        | varchar(255)          | YES  | MUL | NULL                |                |
    | block_expires  | datetime              |      |     | 0000-00-00 00:00:00 |                |
    | record_expires | datetime              |      |     | 0000-00-00 00:00:00 |                |
    | blocked_count  | bigint(20)            |      |     | 0                   |                |
    | passed_count   | bigint(20)            |      |     | 0                   |                |
    | aborted_count  | bigint(20)            |      |     | 0                   |                |
    | origin_type    | enum('MANUAL','AUTO') |      |     | MANUAL              |                |
    | create_time    | datetime              |      |     | 0000-00-00 00:00:00 |                |
    | last_update    | timestamp             | YES  |     | CURRENT_TIMESTAMP   |                |
    +----------------+-----------------------+------+-----+---------------------+----------------+
    12 rows in set (0.00 sec)
    
    mysql> quit
    Bye
    Use "install.sh" to check for missing RPMs and execute "make":
    Code:
    strato-server-germany:/usr/src/qmail-1.05 # ./install.sh
    ( cat warn-auto.sh; \
    echo CC=\'`head -1 conf-cc`\'; \
    echo LD=\'`head -1 conf-ld`\' \
    ) > auto-ccld.sh
    cat auto-ccld.sh make-load.sh > make-load
    (...)
    ./load spfquery spf.o ip.o ipme.o ipalloc.o strsalloc.o \
    now.o dns.o datetime.a stralloc.a alloc.a str.a substdio.a \
    case.a error.a fs.a `cat dns.lib` `cat socket.lib`
    ###################################
    'make' finished. Please check for critical errors!
    ###################################
    Most warnings are ok, but it's better to take a closer look and google all warnings and errors.

    Afterwards I activated CATCH-ALL for my domain. You should send some short messages to your (mail)accounts. After a short while you should get:
    Code:
    strato-server-germany:~ # tail /tmp/greylist_dbg.txt
    ---
    protocol = notneeded4qmail increase at blindsz.com
    increase at blindsz.com -> cloidtd at clausvb.de (62.227.194.124) Doesn't Exists Block
    ---
    protocol = notneeded4qmail Scott at blueskyimages.co.uk
    Scott at blueskyimages.co.uk -> christo at clausvb.de (86.196.215.34) Doesn't Exists Block
    ---
    strato-server-germany:~ #
    Done! Greylisting is working! My mails from "Yahoo -> clausvb.de -> Gmail" are greylisted within in seconds and successfully delivered in about 7 minutes. (Unknown providers like "xemail.de" need about 45 to 60 minutes.)

    I activated CATCH-ALL to get a lot of SPAM. If you have a new server, I suggest you send a lot of mails from different servers (GMX, hotmail, GMAIL, Yahoo, etc.) to your new domain.

    Best regards,
    Claus
     
  2. ClausVB

    ClausVB Guest

    0
     
    Please make backups of all your qmail binaries, because I somehow managed to change the file permissions or some whitelist entries had the following result:

    This reply was sent to all senders and every mail address on my system delivered this error.

    Only solution: New server installation. Deleting everything, new install using Plesk-Backup to get everything back online.

    So be careful and use Greylisting at your own risk.

    Regards,
    Claus
     
  3. ClausVB

    ClausVB Guest

    0
     
    New Tarball created ...

    I fixed some bugs, which related in errors:

    Code:
    ./compile spfquery.c
    spfquery.c: In function `main'
    spfquery.c:30: warning: incompatible implicit declaration of built-in function strdup
    spfquery.c:24: warning: return type of `main' is not `int'
    Download qmail-1.04_greylisting_plesk8.tar.gz

    Regards,
    Claus
     
  4. ClausVB

    ClausVB Guest

    0
     
    I found an old post by Brujo:
    This is not possible (without knowing C very, very well). All White- and Blacklist entries are working with MySQL. See
    Brent Meshier: Using Whitelist & Blacklist with Greylisting
    for all examples.

    Whitelist by IP
    Code:
    INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time)
    VALUES ('147.202.34.223', NULL, NULL, NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())
    Blacklist Subnet
    Code:
    INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time)
    VALUES ('147.202.34', NULL, NULL, '2099-12-31 23:59:59', '2099-12-31 23:59:59', 'MANUAL', NOW())
    Blacklist Sender Domain
    Code:
    INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time)
    VALUES (NULL, 'spammer.com', NULL, '2099-12-31 23:59:59', '2099-12-31 23:59:59', 'MANUAL', NOW())
    As you can see Blacklisting is working for domains, but Whitelist not. It wouldn't be too hard though, to see which IP address is used and to whitelist them. Even big ISPs are using only 5 to 10 IPs for Mail-Relays (perhaps GMAIL, GMX and AOL are using more ...). My advice: Whitelist them all!

    Regards,
    Claus
     
  5. Lonesome Walker

    Lonesome Walker Guest

    0
     
    gibbed dat auch für Debian :D
     
  6. ClausVB

    ClausVB Guest

    0
     
    Wenn es Provider gibt, die Debian, Plesk und qmail einsetzen ... dann ja.

    Gruß
    Claus
     
  7. Lonesome Walker

    Lonesome Walker Guest

    0
     
    Und wo krieg' ich dann die gepatchten Files her?
    (Source wo mit wget suagen?)

    Obrige Anleitung is ja nur für SuSe, das ich persönlich verabscheue.
    Die Pakete heißen unter Debian ebenfalls nicht so, aber ähnlich ;)

    Außerdem müßte man bei Debian im Source ein paar Pfade anders setzen...

    Ich hab' halt irgendwie keine Lust, ein funktionierendes Debian, das ich eh' schon mit PLESK 8 zwangsverseuchen mußte, jetzt noch vollends durch eine nicht funktionierende qmail-Patch-Aktion zu killen.

    Hoffe, das ist verständlich :p


    Danke
     
  8. ClausVB

    ClausVB Guest

    0
     
    Der Patch von Brent ist tauglich f?SuSE
    - Fedora Core 5
    wie die Anleitung von TJ beweist.

    Das musst Du dann selber machen. Denn wenn der "make" oder die erstellten Binaries aufgrund von Debian-Strukturen nicht funktionieren, könnte es Probleme geben.

    Der programmierte C-Code ist alles andere als sauber (viele Warnings). Du hast also keine Sicherheit, dass Dein System danach noch läuft.

    Gruß
    Claus
     
  9. ClausVB

    ClausVB Guest

    0
     
    Updates
    • Bugfix 2007-08-03: Fixed »warning: conflicting types for built-in function "malloc"«
    • Bugfix 2007-07-24: Fixed »warning: pointer/integer type mismatch in conditional expression«
    • 2007-07-22: Tarball 1.05 released
    • Bugfix 2007-07-15: Created missing "ssl.lib"
      Bugfix 2007-06-23: Fixed »warning: conflicting types for built-in function "puts"«
    • Bugfix 2007-06-02: Fixed »return type of `main' is not `int'«
     
  10. Icke

    Icke Guest

    0
     
    Datenbank füllt sich nicht / Keine ergebnis für 'Tail'

    Hallo,
    also gut dann nochmal auf diesem Wege :), hatte irgendwie schon geahnt das du streng sein würdest.

    Also, ich habe deine Installationsanleitung Schritt für Schritt befolgt und der einzige Fehler den ich am Anfang gemacht habe, war folgender.

    1. Datenbank anlegen per phpmyadmin UND KEIN Passwort für meinen user 'greylisting' einstellen
    2. local_scan.c umschreiben MIT Passwort drin, von dem ich DACHTE ich hätte es auch für meinen user 'greylisting' eingestellt. Dann den ./install.sh (make) ausführen.
    3. Im anschluss habe ich meinen fehler bemerkt, per phpmyadmin für meinen user 'greylisting' das pw wie im local_scan.c eingestellt.
    4. Den cron-job eingestellt und getestet. Das skript läuft ohne zu meckern durch.

    Nun scheint noch alles zu funktionieren, Mails können verschickt und empfangen werden, Spam kommt allerdings nach wie vor und die Datenbank füllt sich nicht.

    Hoffe du kannst mir helfen (und es liegt nicht an meinem kleinen Fehler zu Anfang) und schonmal vielen Dank!

    Viele Grüße
    Benjamin

    P.S.: Plesk 8.2.0 mit SUSE Enterprise
     
  11. ClausVB

    ClausVB Guest

    0
     
    Theoretisch musst Du eigentlich nur neu kompilieren und die Dateien neu kopieren.

    Wichtig ist, dass Du vor dem Kompilieren, dass eingegeben Passwort testest und diese Kennung + Passwort dann in die "local_scan.c" einträgst und neu kompilierst.

    Cronjob bitte erst einmal abschalten, bis sich die DB füllt.

    Noch ein Wort zum streng sein: Ich helfe freiwillig. Sobald Du anfängst, mir Geld zu bezahlen, kannst Du die Bedingungen bestimmen. Vorher bestimme ich, wie und wo ich anderen Menschen helfe.

    Siehe auch
    Fragen richtig stellen

    Gruß
    Claus
     
  12. Icke

    Icke Guest

    0
     
    Klar, dazu hast du natürlich jedes Recht! Aber versuchen kann manns ja mal ;). Ich werd das Ganze demnächst ausprobieren. Im Moment fasse ich den Server lieber nicht an, sind grad völlig unterbesetzt und wenn was ausfällt bin ich dran...

    Auf jeden Fall nochmal vielen Dank und Gruß
    Benjamin
     
  13. zooming

    zooming Regular Pleskian

    25
    57%
    Joined:
    Jul 12, 2006
    Messages:
    112
    Likes Received:
    0
    Try SpamDyke.

    Doesn't need to recompile qmail, you just need to change the Xinetd script that starts smtp.

    http://www.spamdyke.org
     
  14. Brujo

    Brujo Regular Pleskian

    28
    57%
    Joined:
    Mar 4, 2006
    Messages:
    278
    Likes Received:
    2
    Location:
    Germany
    Hi Claus,

    i tried to compile your latest Tarball but it stops with an error:

    ./compile qmail-pw2u.c
    In file included from qmail-pw2u.c:21:
    /usr/include/unistd.h:325: error: conflicting types for âreadâ
    readwrite.h:4: error: previous declaration of âreadâ was here
    /usr/include/unistd.h:331: error: conflicting types for âwriteâ
    readwrite.h:5: error: previous declaration of âwriteâ was here
    make: *** [qmail-pw2u.o] Error 1

    Suse 10.1 / 64
    i allready changed the 2 entrys from /usr/lib -> /usr/lib64

    grep -cv '\..\{1,12\}$\|conf-\|make-\|Makefile\|warn-\|[[:upper:]].$'
    30

    any hint ?

    thanks
    Brujo
     
  15. ClausVB

    ClausVB Guest

    0
     
    Edit "Makefile" line 804:

    Change
    Code:
    qmail-pw2u qmail-qread qmail-qstat qmail-tcpto qmail-tcpok \
    to
    Code:
    qmail-qread qmail-qstat qmail-tcpto qmail-tcpok \
    Does this work?

    It's just a workaround, until I find the real error.

    Best regards,
    Claus
     
  16. Brujo

    Brujo Regular Pleskian

    28
    57%
    Joined:
    Mar 4, 2006
    Messages:
    278
    Likes Received:
    2
    Location:
    Germany
    Hi Claus,

    i have to delete also qmail-qmqpd wich have the same error. after this it works...

    BTW. it seems SWsoft has updatet the source package with more patches. Which Source do you use for your Version ?

    with best regards
    Brujo
     
  17. ClausVB

    ClausVB Guest

    0
     
    The patches which Brent used. I did only bugfixes and cleared warnings.

    Please post a link to the patches. I will try to use them and release a new version.

    Best regards,
    Claus
     
  18. Brujo

    Brujo Regular Pleskian

    28
    57%
    Joined:
    Mar 4, 2006
    Messages:
    278
    Likes Received:
    2
    Location:
    Germany
  19. ClausVB

    ClausVB Guest

    0
     
    Thanks.

    I am reading the source code right now. There is more than one Makefile ... looks more complicated than I thought.

    Regards,
    Claus
     
  20. Icke

    Icke Guest

    0
     
    Hi,
    hab grad nochmal neu kompilliert, es liegt definitiv nicht am passwort. Weder fehler noch warnungen tauchen auf. Emailen (empfangen/senden) scheint noch zu funktionieren, aber keine Filterung, Datenbank füllt sich nicht. Keine Ahnung was los ist :/

    Gruß

    Benjamin
     
Loading...