qmail & greylisting spam control

[JD Austin]

Originally posted by bmeshier
Prerequisites

mysql-devel
openssl-devel

Step 1
wget http://carbonblock.net/files/qmail-1.03-psa-greylist.tar.gz

The source contains patches by SW Soft, please do not distribute.

Step 2
tar xvfz qmail-1.03-psa-greylist.tar.gz
cd qmail-1.03

Step 3
edit local_scan.c and change values as appropriate.

#define MYSQLHOST "localhost"
#define MYSQLUSER "greylist"
#define MYSQLPASS "password"
#define MYSQLDB   "qmail"
#define BLOCK_EXPIRE  4   /* minutes until email is accepted */
#define RECORD_EXPIRE 1500  /* minutes until record expires */
#define RECORD_EXPIRE_GOOD  36 /* days until record expires after accepting email */

Step 4
Setup MySQL

mysql -u root -p

CREATE DATABASE qmail;
GRANT ALL ON qmail.* TO 'greylisting'@'localhost' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;

-- 
-- Table structure for table `relaytofrom`
-- 

CREATE TABLE relaytofrom (
  id bigint(20) NOT NULL auto_increment,
  relay_ip varchar(16) default NULL,
  mail_from varchar(255) default NULL,
  rcpt_to varchar(255) default NULL,
  block_expires datetime NOT NULL default '0000-00-00 00:00:00',
  record_expires datetime NOT NULL default '0000-00-00 00:00:00',
  blocked_count bigint(20) NOT NULL default '0',
  passed_count bigint(20) NOT NULL default '0',
  aborted_count bigint(20) NOT NULL default '0',
  origin_type enum('MANUAL','AUTO') NOT NULL default 'MANUAL',
  create_time datetime NOT NULL default '0000-00-00 00:00:00',
  last_update timestamp(14) NOT NULL,
  PRIMARY KEY  (id),
  KEY relay_ip (relay_ip),
  KEY mail_from (mail_from(20)),
  KEY rcpt_to (rcpt_to(20))
) TYPE=MyISAM;

Step 5
make

Step 6
/etc/rc.d/init.d/qmail stop

Step 7
cp qmail-envelope-scanner /var/qmail/bin/.
cp -f qmail-smtpd /var/qmail/bin/.
chown root.qmail /var/qmail/bin/qmail-envelope-scanner
chown root.qmail /var/qmail/bin/qmail-smtpd

Step 8
/etc/rc.d/init.d/qmail start

Step 9
Create a quick perl script to clean up the database and place in /etc/cron.daily

#!/usr/bin/perl
use strict;
use warnings;

use constant DBD => 'DBI:mysql:qmail:localhost:3306';
use constant DBUSER => 'milter';
use constant DBPASS => 'greylist';

use DBI;

system ("cat /dev/null > /tmp/greylist_dbg.txt");

my $dbh = DBI->connect(DBD,DBUSER,DBPASS) or die "can't connect to db ", $DBI::errstr, ":$!";

$dbh->do("DELETE FROM relaytofrom WHERE record_expires < NOW() - INTERVAL 1 HOUR AND origin_type = 'AUTO'");
$dbh->do("OPTIMIZE TABLE relaytofrom");

$dbh->disconnect;

exit;

---

Much of these instructions have been simplified and anyone attempting this should have a firm understanding of MySQL and compiling binaries from source.

I had greylisting working and it was working great.. then I tried to fix an issue where headers exist without a message body for a particular mailbox by reinstalling qmail/spamassassin/etc..
Now when I try to compile, it won't finish compilation.


/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0x58d): In function `ne
w_VioSSLAcceptorFd':
: undefined reference to `OPENSSL_add_all_algorithms_noconf'
collect2: ld returned 1 exit status
make: *** [qmail-envelope-scanner] Error 1

Do you have any idea what's missing? ( have openssl-devel installed, kind of stumped

 

[rvdmeer]

did you install both?

mysql-devel
openssl-devel

Because that openssh is a function which is in the openssl-devel package.

 

[kelnt]

"reject mail to non-existent user"

Originally posted by rtwick
thanks bmeshier for this post.
However, it seems you don't have all plesk patches. One patch missing is the qmail-spp pathc without which "reject mail to non-existent user" feature doesn't work

I found out from some other thread where to look for all plesk patches and now trying to patch your tarball with the spp patch from there. Hopefully, I'll get it to work. here's thread that gives link to pplesk qmail patches
http://forum.plesk.com/showthread.php?threadid=20668

Did you succeed in this? Was it fairly simple to patch? I too find great value in the "reject mail to non-existent user" feature.

thanks,
keln


[edit] In the mean time I created a "nobody" account that dumps to /dev/null and configured my mail domains to forward any mail to non-existant users to [email protected]
At least it keeps mail from building up.
some info here: http://www.technocage.com/~caskey/qmail/

[edit]

 

[rtwick]

Re: "reject mail to non-existent user"

Originally posted by kelnt
Did you succeed in this? Was it fairly simple to patch? I too find great value in the "reject mail to non-existent user" feature.

thanks,
keln

I did though it needed some manual modifications. However, it did compile and built properly. I'm testing it right now on a test server and after few days of running, if I'm happy with it, will post a patch here. Please remind me in two-three days if in case I forget.

-R'twick

 

[Hal9000]

It would be nice if this howto could be updated for Plesk 8, as the qmail sources seem to have changed a bit i can't compile the greylisting support for plesk 8 as i don't have the sources yet...
hal

 

[rtwick]

bmeshier,
will it be possible for you to publish a diff between the qmail you published and a copy of the qmail before you patched it with greylisting?

That will help me patch it with the new qmail patches posted by sw-soft.

thanks
-R'twick

 

[f0rd42]

anyone tested this with Plesk 8?
I just upgrade and everything went fine, apart from:

- mssing picture for the new "Desktop" link is PSA
- changed safemode to on again for all domains
- still no server wide greylisting support.

as greylistung is much better than all the other stuff, I'd like to implement it asap, but I'm not sure about the changes in qmail for Plesk 8 ....

Anyone any ideas?

Andre

 

[Philippe@]

Hi,

I already followed all the procedure to install it on my server Plesk 7.5.4 reloaded Suse 9.3 x86_64 and everything is working perfectly.

I also did exactly the same on a new server Plesk 8. After testing, everything works fine. This new server is also a Suse 9.3 x86_64.

 

[Hal9000]

i wonder if SPF is going to work on your system, because the qmail binary changed and is quite bigger in plesk 8, so if you're replacing it you're probably losing some features and perhaps creating problems...

 

[Philippe@]

Hi,

For SPF I will inform you when I activate this function. It wasn't available with the Plesk 7.5.4 version.

I can manage without it for the time being.

Concerning the Panel, I start-restart, and I did some tests on sending and receiving e-mails.

For now everything is fine.

We'll see what will come next.

Philippe

 

[rtwick]

I finally got greylisting patched with all plesk patches. Get it from here here

Disclaimer: This has been tested on a CentOS 3.3 server. It may or may not work on other systems. Look at conf-cc and conf-spawn to suit your server. These two are changed for my server.

-R'twick

 

[Hal9000]

the patches available from swsoft http://kb.swsoft.com/article_22_1088_en.html are for the 7.5.4 version, not for the 8.0.0
perhaps swsoft should publish their patches for their newest qmail implementation.

 

[gmuer]

Fallback Server

Hello

Is it right? We have to do it for the fallback mailserver as well?

Greets
Marcel

 

[f0rd42]

Hi

has anyone implemented it successfully with Plesk 8.0 on SuSE? (running on 1&1 V-Server).

Andre

 

[f0rd42]

Done it, works great, thanks a lot for the how-to.

But:

I send a test email from my company account. According to the mysql table, the triplet expires @ 14:50:41

I see connect @ 15:00 and later still with the following in mail.info:

Apr 5 15:05:13 marvin relaylock: /var/qmail/bin/relaylock: mail from xxx.xxx.xxx.xxx:3068 (mail.damain.de)

So it seems that my greylisting is working too good, nothing comes through .....

ANdre

 

[f0rd42]

hmm, while trying to further investigate this i did the following:

/etc/init.d/qmail stop
rm /tmp/greylist.dbg
deleted all entries from the mysql table
/etc/init.d/qmail start

tail -f on greylist.dbg
tail -f on mail.info

it sems that greylisting is missing some stuff!
I see relaylock from IP Addresses which doesn't show up in he debug file nor in the database.
Is there a way to figure out WHY it's blocked?
Could be open relay protection, then it makes sense that it doesn't show up, but how to be sure?

Andre

 

[funat120mph]

Upgrading to Plesk 8

I have this implemented successfully with 7.5.4.

I want to upgrade to Plesk 8. Will my greylisting install be erased?

Thanks,
Adam

 

[Philippe@]

Hi,

If you reinstall RPM'S Qmail it could be necessary to do the procedure all over again.

I already did the procedure given on the forum on a new server with Plesk 8.0 already installed.

For a month now, I have never had any problem.

I have 130 clients on that server, better work fine!!

 

[atomicturtle]

Just an FYI, I put out an update to qgreylist rpms a few days ago in the [atomic] channel:
yum install qgreylist

 

[netdias]

Art, is your qgreylist compatible with smtp-auth ?