Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Thread

milter-greylist 4.1.6 is available

milter-greylist 4.1.6 is available

2008-09-28 by manu@netbsd.org

Here is milter-greylist 4.1.6:

http://ftp.espci.fr/pub/milter-greylist/milter-greylist-4.1.6.tgz
MD5 (milter-greylist-4.1.6.tgz) = 654b30650291ecf5bd9cda50e9455f2d

Changelog since 4.1.5:
        Fix parse bug for "domain no" clause
        Spamassassin support (Manuel Badzong)
        Support for DATA-stage greylisting (Manuel Badzong)
        Allow syslog facility to be configured (Joe Pruett)
        Allow logging to be disabled on a per-ACL basis (Joe Pruett)
        Honour $CPPFLAGS in Makefile (Greg Troxel)
        p0f support
        Experimental DKIM support (nobody tested it)
        libspf2 support in .spec file, for RPM generation (Joe Pruett)
        status support in Debian startup script (Bernhard Schneider)

This release contains a nice set of new feature. Please note that DKIM
is highly experimental, as nobody managed to test it.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-28 by Jack L. Stone

At 02:30 PM 9.28.2008 +0200, you wrote: 

>>>>

  Here is milter-greylist 4.1.6:


<<http://ftp.espci.fr/pub/milter-greylist/milter-greylist-4.1.6.tgz>http://ftp.espci.fr/pub/milter-greylist/milter-greylist-4.1.6.tgz

MD5 (milter-greylist-4.1.6.tgz) = 654b30650291ecf5bd9cda50e9455f2d



<<<<<<<<


Have just tried the new ver-4.1.6 and have one problem as a result of a
change in the milter-greylist.c file in this line 1451:


openlog("milter-greylist", 0, conf.c_logfac);


It used to read:

openlog("milter-greylist", 0, LOG_MAIL);

...which I would change to:

openlog("milter-greylist", 0, LOG_LOCAL2);


in order to separate the GL log to another facility to tail.

Now, with the new change, what should I do to make it log separately like
before?


Thanks for your help!


Jack


>>>>





(^_^)

Happy trails,

Jack L. Stone


System Admin

Sage-american

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-28 by Petar Bogdanovic

On Sun, Sep 28, 2008 at 11:31:12AM -0500, Jack L. Stone wrote:
> At 02:30 PM 9.28.2008 +0200, you wrote:  
> >>>> 
>   Here is milter-greylist 4.1.6: 
> 
> 
> <http://ftp.espci.fr/pub/milter-greylist/milter-greylist-4.1.6.tgz>http://ftp.espci.fr/pub/milter-greylist/milter-greylist-4.1.6.tgz 
> 
> MD5 (milter-greylist-4.1.6.tgz) = 654b30650291ecf5bd9cda50e9455f2d 
> 
> 
> <<<< 
> 
> Have just tried the new ver-4.1.6 and have one problem as a result of a 
> change in the milter-greylist.c file in this line 1451: 
> 
> openlog("milter-greylist", 0, conf.c_logfac); 
> 
> It used to read: 
> openlog("milter-greylist", 0, LOG_MAIL); 
> ...which I would change to: 
> openlog("milter-greylist", 0, LOG_LOCAL2); 
> 
> in order to separate the GL log to another facility to tail. 
> Now, with the new change, what should I do to make it log separately 
> like before? 

	On Sun, Sep 28, 2008 at 02:30:26PM +0200, manu@... wrote:
	>
	> Changelog since 4.1.5:
	>         (...)
	>         Allow syslog facility to be configured (Joe Pruett)

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-28 by Joe Pruett

> Have just tried the new ver-4.1.6 and have one problem as a result of a change in the milter-greylist.c file in this line 1451:
> 
> openlog("milter-greylist", 0, conf.c_logfac);
> 
> It used to read:
> openlog("milter-greylist", 0, LOG_MAIL);
> ...which I would change to:
> openlog("milter-greylist", 0, LOG_LOCAL2);
> 
> in order to separate the GL log to another facility to tail.
> Now, with the new change, what should I do to make it log separately like before?
> 
> Thanks for your help!

in the config file:

logfac local2

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-28 by manu@netbsd.org

Jack L. Stone <jacks@...> wrote:

> in order to separate the GL log to another facility to tail.
> Now, with the new change, what should I do to make it log separately like
> before?

What about a quick search for syslog in greylist.conf(5) man page?

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-28 by Jack L. Stone

At 10:34 AM 9.28.2008 -0700, Joe Pruett wrote: 

>>>>

  


> Have just tried the new ver-4.1.6 and have one problem as a result of a
change in the milter-greylist.c file in this line 1451:

> 

> openlog("milter-greylist", 0, conf.c_logfac);

> 

> It used to read:

> openlog("milter-greylist", 0, LOG_MAIL);

> ...which I would change to:

> openlog("milter-greylist", 0, LOG_LOCAL2);

> 

> in order to separate the GL log to another facility to tail.

> Now, with the new change, what should I do to make it log separately
like before?

> 

> Thanks for your help!


in the config file:


logfac local2



<<<<<<<<

Sorry I was such a helpless baby. This one caught me by surprised and
didn't think of the obvious.


Many thanks again!


Jack

>>>>

<excerpt>

</excerpt>



(^_^)

Happy trails,

Jack L. Stone


System Admin

Sage-american

Re: [milter-greylist] build fails on NetBSD 4.0 (was: milter-greylist 4.1.6 is available)

2008-09-29 by Petar Bogdanovic

On Sun, Sep 28, 2008 at 02:30:26PM +0200, manu@... wrote:
> Here is milter-greylist 4.1.6:
> 
> http://ftp.espci.fr/pub/milter-greylist/milter-greylist-4.1.6.tgz
> MD5 (milter-greylist-4.1.6.tgz) = 654b30650291ecf5bd9cda50e9455f2d
> 
> Changelog since 4.1.5:
>         Fix parse bug for "domain no" clause
>         Spamassassin support (Manuel Badzong)
>         Support for DATA-stage greylisting (Manuel Badzong)
>         Allow syslog facility to be configured (Joe Pruett)
>         Allow logging to be disabled on a per-ACL basis (Joe Pruett)
>         Honour $CPPFLAGS in Makefile (Greg Troxel)
>         p0f support
>         Experimental DKIM support (nobody tested it)
>         libspf2 support in .spec file, for RPM generation (Joe Pruett)
>         status support in Debian startup script (Bernhard Schneider)
> 
> This release contains a nice set of new feature. Please note that DKIM
> is highly experimental, as nobody managed to test it.

	# uname -a
	#
	NetBSD starling.smokva.net 4.0 NetBSD 4.0 (STARLING) #0: Thu Jan 24
	14:30:56 UTC 2008  root@...:/tmp/netbsd/STARLING i386

	# gcc -v
	#
	Using built-in specs.
	Target: i386--netbsdelf
	Configured with: /usr/src/tools/gcc/../../gnu/dist/gcc4/configure
	--enable-long-long --disable-multilib --enable-threads --disable-symvers
	--build=i386-unknown-netbsdelf4.99.3 --host=i386--netbsdelf
	--target=i386--netbsdelf
	Thread model: posix
	gcc version 4.1.2 20061021 prerelease (NetBSD nb3 20061125)

	# ./configure \
	#	--with-user=smmsp \
	#	--enable-dnsrbl \
	#	--with-thread-safe-resolver \
	#	--disable-drac \
	#	--with-libspf_alt=/usr/pkg \
	#	--enable-spamassassin \
	#	--without-libintl-prefix \
	#	--without-libiconv-prefix \
	#	--prefix=/usr/pkg \
	#	--host=i386--netbsdelf \
	#	--mandir=/usr/pkg/man
	#
	(...)

	# make
	#
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c milter-greylist.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c pending.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c sync.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c dnsrbl.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c list.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c macro.c
	yacc -p`echo conf_yacc.c|sed 's/^\([^_]\{1,\}_\).*$/\1/'` conf_yacc.y
	mv y.tab.c conf_yacc.c
	flex -oconf_lex.c conf_lex.l
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c conf_yacc.c
	yacc -p`echo dump_yacc.c|sed 's/^\([^_]\{1,\}_\).*$/\1/'` dump_yacc.y
	mv y.tab.c dump_yacc.c
	flex -odump_lex.c dump_lex.l
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c dump_yacc.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c conf.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c autowhite.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c dump.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c spf.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c acl.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c urlcheck.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c stat.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c clock.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c geoip.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c fd_pool.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c prop.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c ldapcheck.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c dkimcheck.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c p0f.c
	gcc -g -O2 -Wall -I/usr/pkg/include -DUSE_SPAMD -DUSE_DNSRBL -D_BSD_SOURCE -I. -I.  -c spamd.c
	In file included from acl.h:120,
			 from spamd.c:55:
	spf.h:57: error: expected ')' before '*' token
	spf.h:58: error: expected ')' before '*' token
	spf.h:59: error: expected ')' before '*' token
	*** Error code 1

	Stop.
	make: stopped in /tmp/milter-greylist-4.1.6


including spf.h in spamd.c makes it build again, but I don't think that
spamd.c should contain that line:

	# diff -u spamd.c.orig spamd.c
	#
	--- spamd.c.orig        2008-09-29 11:47:41.000000000 +0200
	+++ spamd.c     2008-09-29 11:47:57.000000000 +0200
	@@ -52,6 +52,7 @@
	 #include <sysexits.h>
	 #include <syslog.h>
	 
	+#include "spf.h"
	 #include "acl.h"
	 #include "conf.h"
	 #include "queue.h"


Any ideas? It seems to work on Debian..


Petar

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-29 by Greg Troxel

I've updated to CVS from this morning, both to get up to date and to
continue trying to get p0f to work (with postfix).

The code built fine on NetBSD/i386 4.0_STABLE configured as:

CPPFLAGS=-I/usr/pkg/include \
LDFLAGS="-L/usr/pkg/lib -R/usr/pkg/lib" \
./configure \
--prefix=/usr/pkg \
--enable-postfix \
--enable-spamassassin \
--enable-dnsrbl \
--enable-p0f

So I'm not getting the same error as Petar.

I am getting what seems to be spurious log messages. This seems to
happen every time the whitelist acl fires:

Sep 29 08:40:26 fnord milter-greylist: (unknown id): skipping greylist because address 204.152.190.11 is whitelisted, (from==ir.bbn.com@...>, rcpt=<gdt@...>, addr=mail.netbsd.org[204.152.190.11]) ACL 173
Sep 29 08:40:26 fnord milter-greylist: (unknown id): skipping greylist because this is the default action, (from==ir.bbn.com@...>, rcpt=(nil), addr=mail.netbsd.org[204.152.190.11]) ACL 0

ACL 173 is simply:

racl whitelist list "known senders"

with known senders being a long list of IP addresses of places I don't
want to greylist.

Could this be the default dacl? It seems like it would be nice not to
log again, but I'm not quite sure what the rule should be.

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-29 by Emmanuel Dreyfus

On Mon, Sep 29, 2008 at 09:12:49AM -0400, Greg Troxel wrote:
> Sep 29 08:40:26 fnord milter-greylist: (unknown id): skipping greylist because address 204.152.190.11 is whitelisted, (from==ir.bbn.com@...>, rcpt=<gdt@...>, addr=mail.netbsd.org[204.152.190.11]) ACL 173
> Sep 29 08:40:26 fnord milter-greylist: (unknown id): skipping greylist because this is the default action, (from==ir.bbn.com@...>, rcpt=(nil), addr=mail.netbsd.org[204.152.190.11]) ACL 0
> 
> ACL 173 is simply:
> 
> racl whitelist list "known senders"
> 
> with known senders being a long list of IP addresses of places I don't
> want to greylist.
> 
> Could this be the default dacl?  It seems like it would be nice not to
> log again, but I'm not quite sure what the rule should be.


I think this is introduced by Manuel Badzong's contribution. I guess that
if you add a 
dacl whitelist default nolog 

You'll get it fixed for free. Perhaps the implicit default rules should
always be nolog...


-- 
Emmanuel Dreyfus
manu@...

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-29 by Petar Bogdanovic

On Mon, Sep 29, 2008 at 09:12:49AM -0400, Greg Troxel wrote:
> 
> I've updated to CVS from this morning, both to get up to date and to
> continue trying to get p0f to work (with postfix).
> 
> The code built fine on NetBSD/i386 4.0_STABLE configured as:
> 
>   CPPFLAGS=-I/usr/pkg/include \
>   LDFLAGS="-L/usr/pkg/lib -R/usr/pkg/lib" \
>   ./configure \
>     --prefix=/usr/pkg \
>     --enable-postfix \
>     --enable-spamassassin \
>     --enable-dnsrbl \
>     --enable-p0f
> 
> So I'm not getting the same error as Petar.

Eh, yes, thanks for the info. Removing --with-libspf_alt=/usr/pkg did
the trick without any need for additional patching.

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-29 by Greg Troxel

I think this is introduced by Manuel Badzong's contribution. I guess that
if you add a
dacl whitelist default nolog

You'll get it fixed for free. Perhaps the implicit default rules should
always be nolog...

I think the implicit whitelist rule should be nolog - it's not really
news or interesting. I added nolog, and then found that I had to
suppress logging if nolog was set. So even if you don't want to apply
the first hunk, the second is a bugfix - I think your suggestion
wouldn't work without it.


Index: acl.c
===================================================================
RCS file: /milter-greylist/milter-greylist/acl.c,v
retrieving revision 1.81
diff -u -p -r1.81 acl.c
--- acl.c 26 Sep 2008 23:35:44 -0000 1.81
+++ acl.c 29 Sep 2008 14:09:24 -0000
@@ -1953,8 +1953,10 @@ acl_filter(stage, ctx, priv)
/*
* No match: use the default action
*/
- if (testmode || stage == AS_DATA)
+ if (testmode)
retval = EXF_WHITELIST;
+ else if (stage == AS_DATA)
+ retval = EXF_WHITELIST | EXF_NOLOG;
else
retval = EXF_GREYLIST;
retval |= EXF_DEFAULT;
@@ -1963,7 +1965,7 @@ acl_filter(stage, ctx, priv)
priv->priv_sr.sr_autowhite = conf.c_autowhite_validity;
}

- if (retval & EXF_WHITELIST) {
+ if ((retval & EXF_NOLOG) == 0 && retval & EXF_WHITELIST) {
whystr[0] = '\0';
if (retval & EXF_ADDR) {
iptostring(sa, salen, addrstr, sizeof(addrstr));

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-29 by Petar Bogdanovic

On Mon, Sep 29, 2008 at 09:12:49AM -0400, Greg Troxel wrote:
> 
> I've updated to CVS from this morning, both to get up to date and to
> continue trying to get p0f to work (with postfix).
> 
> The code built fine on NetBSD/i386 4.0_STABLE configured as:
> 
>   CPPFLAGS=-I/usr/pkg/include \
>   LDFLAGS="-L/usr/pkg/lib -R/usr/pkg/lib" \
>   ./configure \
>     --prefix=/usr/pkg \
>     --enable-postfix \
>     --enable-spamassassin \
>     --enable-dnsrbl \
>     --enable-p0f
> 
> So I'm not getting the same error as Petar.

Well, I confused some stuff here. You can't get the same error, since
you excluded the spf-support (like I did, when I trumpeted in my
previous mail that it works). Could you please try to compile your
version with `--with-libspf_alt=/path/to/libspf'?

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-09-29 by Greg Troxel

Petar Bogdanovic <petar@...> writes:

> Well, I confused some stuff here. You can't get the same error, since
> you excluded the spf-support (like I did, when I trumpeted in my
> previous mail that it works). Could you please try to compile your
> version with `--with-libspf_alt=/path/to/libspf'?

I get the same error, and the code seems wrong. acl.h includes spf.h,
and spf.h includes acl.h. Because of inclusion protection, the
definitions of acl types aren't in effect at the end of spf.h.

The problem seems to be unrelated to NetBSD.

I would suggest moving the spf.h enum definition into acl.h, and then
drop the include of spf.h in acl.h.

Re: [milter-greylist] milter-greylist 4.1.6 is available

2008-10-01 by manu@netbsd.org

Greg Troxel <gdt@...> wrote:

> I think the implicit whitelist rule should be nolog - it's not really
> news or interesting.  I added nolog, and then found that I had to
> suppress logging if nolog was set.  So even if you don't want to apply
> the first hunk, the second is a bugfix - I think your suggestion
> wouldn't work without it.

Checked in.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.