From ca5ae11e85a3e3eb6436ed12125bfaa863faaca6 Mon Sep 17 00:00:00 2001 From: markd Date: Sun, 7 Mar 2004 11:18:33 +0000 Subject: Update mimedefang to 2.40. pkgsrc changes - add rc scripts and runtime checks for virus checkers from Eric Schnoebelen in PR pkg/24295 - require native pthread library as pth doesnt work Major changes from 2.39 to 2.40: If multiple virus scanners are installed, they are all used. Default action for viruses is now discard. Added a new "notification" facility to allow external software to react to changes in multiplexor state. We now pass both the raw input message and the unpacked, decoded parts to the virus scanner. This makes virus detection much more reliable. Major changes from 2.38 to 2.39: The multiplexor can be compiled with an embedded Perl interpreter to significantly reduce the cost of starting a new slave A memory leak in the status command was fixed. A histo command was added so you can see how busy your installation Major changes from 2.37 to 2.38: The internal SMALLBUF constant was increased to handle larger SpamAssassin reports produced by SpamAssassin version 2.60. If a virus is found, action_notify_sender is disabled. Major changes from 2.36 to 2.37: Pure bug-fix release: A file descriptor leak was fixed, and we set the close-on-exec flag on most file descriptors. Major changes from 2.35 to 2.36: Scalability enhancements for very busy servers. Support for BitDefender's "bdc" virus scanner. Other minor bug fixes. --- mail/mimedefang/Makefile | 23 +++++++--- mail/mimedefang/PLIST | 4 +- mail/mimedefang/distinfo | 7 +-- mail/mimedefang/files/mimedefang-multiplexor.sh | 57 +++++++++++++++++++++++++ mail/mimedefang/files/mimedefang.sh | 53 +++++++++++++++++++++++ mail/mimedefang/patches/patch-ac | 45 +++++++++++++++++++ 6 files changed, 180 insertions(+), 9 deletions(-) create mode 100644 mail/mimedefang/files/mimedefang-multiplexor.sh create mode 100644 mail/mimedefang/files/mimedefang.sh create mode 100644 mail/mimedefang/patches/patch-ac (limited to 'mail') diff --git a/mail/mimedefang/Makefile b/mail/mimedefang/Makefile index 6e0d7b7d9fd..7e9a86ef6f8 100644 --- a/mail/mimedefang/Makefile +++ b/mail/mimedefang/Makefile @@ -1,11 +1,11 @@ -# $NetBSD: Makefile,v 1.12 2003/09/02 12:39:12 markd Exp $ +# $NetBSD: Makefile,v 1.13 2004/03/07 11:18:33 markd Exp $ -DISTNAME= mimedefang-2.35 +DISTNAME= mimedefang-2.40 CATEGORIES= mail -MASTER_SITES= http://www.roaringpenguin.com/mimedefang/ +MASTER_SITES= http://www.mimedefang.org/static/ MAINTAINER= markd@NetBSD.org -HOMEPAGE= http://www.roaringpenguin.com/mimedefang/ +HOMEPAGE= http://www.mimedefang.org/ COMMENT= To inspect/modify e-mail as it passes through your mail relay DEPENDS+= p5-Digest-SHA1>=2.00:../../security/p5-Digest-SHA1 @@ -37,6 +37,9 @@ SHAREDIR= ${PREFIX}/share/mimedefang FILES_SUBST+= SHAREDIR=${SHAREDIR} FILES_SUBST+= DEFANG_USER=${DEFANG_USER} +FILES_SUBST+= DEFANG_SPOOLDIR=${DEFANG_SPOOLDIR} + +RCD_SCRIPTS= mimedefang-multiplexor mimedefang OWN_DIRS_PERMS+= ${DEFANG_SPOOLDIR} ${DEFANG_USER} ${DEFANG_GROUP} 0700 @@ -49,7 +52,17 @@ CONFIGURE_ARGS+= --with-milterinc=${BUILDLINK_PREFIX.libmilter}/include CONFIGURE_ARGS+= --with-milterlib=${BUILDLINK_PREFIX.libmilter}/lib CONFIGURE_ARGS+= --with-spooldir=${DEFANG_SPOOLDIR} CONFIGURE_ARGS+= --with-quarantinedir=${DEFANG_SPOOLDIR} -CONFIGURE_ARGS+= --disable-anti-virus +# CONFIGURE_ARGS+= --disable-anti-virus +# list the paths where they _would_ be installed, so they +# can be found at runtime. -- they have to be listed +# in the environment, as the --enable-<> flags don't work +CONFIGURE_ENV+= CLAMD=${PREFIX}/sbin/clamd +CONFIGURE_ENV+= CLAMSCAN=${PREFIX}/sbin/clamscan +CONFIGURE_ENV+= FPROT=${PREFIX}/bin/f-prot +CONFIGURE_ENV+= NAI=${PREFIX}/bin/uvscan + +# Doesn't work with pth +PTHREAD_OPTS+= require native do-install: ${INSTALL_DATA_DIR} ${PKG_SYSCONFDIR} diff --git a/mail/mimedefang/PLIST b/mail/mimedefang/PLIST index 78f07bc6fc1..3550289b5fb 100644 --- a/mail/mimedefang/PLIST +++ b/mail/mimedefang/PLIST @@ -1,9 +1,11 @@ -@comment $NetBSD: PLIST,v 1.3 2003/03/11 14:12:49 markd Exp $ +@comment $NetBSD: PLIST,v 1.4 2004/03/07 11:18:33 markd Exp $ bin/md-mx-ctrl bin/mimedefang bin/mimedefang-multiplexor bin/mimedefang.pl bin/watch-mimedefang +etc/rc.d/mimedefang +etc/rc.d/mimedefang-multiplexor man/man5/mimedefang-filter.5 man/man7/mimedefang-protocol.7 man/man8/md-mx-ctrl.8 diff --git a/mail/mimedefang/distinfo b/mail/mimedefang/distinfo index ce2fbd3d134..e3b2f09871e 100644 --- a/mail/mimedefang/distinfo +++ b/mail/mimedefang/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.6 2003/07/10 11:29:06 markd Exp $ +$NetBSD: distinfo,v 1.7 2004/03/07 11:18:33 markd Exp $ -SHA1 (mimedefang-2.35.tar.gz) = d4fabba9a4c208059bdfc98c806df6183f244159 -Size (mimedefang-2.35.tar.gz) = 233710 bytes +SHA1 (mimedefang-2.40.tar.gz) = f90b6c4a44b8039c1d5134be7640f869905ed36a +Size (mimedefang-2.40.tar.gz) = 271543 bytes SHA1 (patch-ab) = d3aad74681427dc30a851ce9bd1708b61d0f7529 +SHA1 (patch-ac) = e76247df9baf66737d4343db4ce8bb072d26d95b diff --git a/mail/mimedefang/files/mimedefang-multiplexor.sh b/mail/mimedefang/files/mimedefang-multiplexor.sh new file mode 100644 index 00000000000..0f3b5112630 --- /dev/null +++ b/mail/mimedefang/files/mimedefang-multiplexor.sh @@ -0,0 +1,57 @@ +#!@RCD_SCRIPTS_SHELL@ +# +# $NetBSD: mimedefang-multiplexor.sh,v 1.1 2004/03/07 11:18:33 markd Exp $ +# +# mimedefang-multiplexor handles communications between sendmail and +# the real processor +# +## only for NetBSD +# PROVIDE: mimedefang-multiplexor +# REQUIRE: LOGIN +# BEFORE: mail +# KEYWORD: shutdown +## + +PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/pkg/bin +export PATH + +if [ -f /etc/rc.subr ] +then + . /etc/rc.subr +fi + + +name="mimedefang_multiplexor" +rcvar="$name" +mimedefang_multiplexor_user=${mimedefang_multiplexor_user-"@DEFANG_USER@"} + +defangdir="@DEFANG_SPOOLDIR@" +command="@PREFIX@/bin/mimedefang-multiplexor" +pidfile="${defangdir}/${name}.pid" +command_args="-p ${pidfile}" + +# default values, may be overridden on NetBSD by setting them in /etc/rc.conf +mimedefang_multiplexor_flags=${mimedefang_multiplexor_flags-\ + "-s ${defangdir}/mimedefang-multiplexor.sock"} +mimedefang_multiplexor=${mimedefang_multiplexor:-NO} +mimedefang_multiplexor_fdlimit=${mimedefang_multiplexor_fdlimit-"128"} + +sig_stop="TERM" +sig_reload="INT" +extra_commands="reload" + +# A default limit of 64 (at least on NetBSD) may be too low for many +# people (eg with addional RBL rules) +SOFT_FDLIMIT=`ulimit -S -n` +HARD_FDLIMIT=`ulimit -H -n` + +if [ ${mimedefang_multiplexor_fdlimit} -gt ${SOFT_FDLIMIT} ]; then + if [ ${mimedefang_multiplexor_fdlimit} -le ${HARD_FDLIMIT} ]; then + ulimit -S -n ${mimedefang_multiplexor_fdlimit} + else + ulimit -S -n ${HARD_FDLIMIT} + fi +fi + +load_rc_config $name +run_rc_command "$1" diff --git a/mail/mimedefang/files/mimedefang.sh b/mail/mimedefang/files/mimedefang.sh new file mode 100644 index 00000000000..50a01568d48 --- /dev/null +++ b/mail/mimedefang/files/mimedefang.sh @@ -0,0 +1,53 @@ +#!@RCD_SCRIPTS_SHELL@ +# +# $NetBSD: mimedefang.sh,v 1.1 2004/03/07 11:18:33 markd Exp $ +# +# mimedefang does "in-stream" spam and virus checking using +# sendmail's MailFilter interfaces. +# +## only for NetBSD +# PROVIDE: mimedefang +# REQUIRE: LOGIN mimedefang-multiplexor +# BEFORE: mail +# KEYWORD: shutdown +## + +PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/pkg/bin +export PATH + +if [ -f /etc/rc.subr ] +then + . /etc/rc.subr +fi + +defangdir="@DEFANG_SPOOLDIR@" + +name="mimedefang" +rcvar=$name +command="@PREFIX@/bin/mimedefang" +pidfile="${defangdir}/${name}.pid" +mimedefang_user=${mimedefang_user-"@DEFANG_USER@"} +command_args="-P ${pidfile}" + +# default values, may be overridden on NetBSD by setting them in /etc/rc.conf +mimedefang_flags=${mimedefang_flags-"-p ${defangdir}/mimedefang.sock \ + -m ${defangdir}/mimedefang-multiplexor.sock"} + +mimedefang=${mimedefang:-NO} +mimedefang_fdlimit=${mimedefang_fdlimit-"128"} + +# A default limit of 64 (at least on NetBSD) may be too low for many +# people (eg with addional RBL rules) +SOFT_FDLIMIT=`ulimit -S -n` +HARD_FDLIMIT=`ulimit -H -n` + +if [ ${mimedefang_fdlimit} -gt ${SOFT_FDLIMIT} ]; then + if [ ${mimedefang_fdlimit} -le ${HARD_FDLIMIT} ]; then + ulimit -S -n ${mimedefang_fdlimit} + else + ulimit -S -n ${HARD_FDLIMIT} + fi +fi + +load_rc_config $name +run_rc_command "$1" diff --git a/mail/mimedefang/patches/patch-ac b/mail/mimedefang/patches/patch-ac new file mode 100644 index 00000000000..5d0bb5a30e4 --- /dev/null +++ b/mail/mimedefang/patches/patch-ac @@ -0,0 +1,45 @@ +$NetBSD: patch-ac,v 1.1 2004/03/07 11:18:33 markd Exp $ + +--- mimedefang.pl.in.orig 2004-03-06 04:35:35.000000000 +1300 ++++ mimedefang.pl.in +@@ -89,25 +89,25 @@ $VirusScannerRoutinesInitialized = 0; + + $SALocalTestsOnly = 1; + +-$Features{'Virus:AVP'} = ('@AVP@' ne '/bin/false' ? '@AVP@' : 0); +-$Features{'Virus:AVP5'} = ('@AVP5@' ne '/bin/false' ? '@AVP5@' : 0); +-$Features{'Virus:CLAMAV'} = ('@CLAMSCAN@' ne '/bin/false' ? '@CLAMSCAN@' : 0); +-$Features{'Virus:CLAMD'} = ('@CLAMD@' ne '/bin/false' ? '@CLAMD@' : 0); +-$Features{'Virus:FPROT'} = ('@FPROT@' ne '/bin/false' ? '@FPROT@' : 0); +-$Features{'Virus:FSAV'} = ('@FSAV@' ne '/bin/false' ? '@FSAV@' : 0); ++$Features{'Virus:AVP'} = ((('@AVP@' ne '/bin/false') and (-x '@AVP@')) ? '@AVP@' : 0); ++$Features{'Virus:AVP5'} = ((('@AVP5@' ne '/bin/false') and (-x '@AVP5@')) ? '@AVP5@' : 0); ++$Features{'Virus:CLAMAV'} = ((('@CLAMSCAN@' ne '/bin/false') and (-x '@CLAMSCAN@')) ? '@CLAMSCAN@' : 0); ++$Features{'Virus:CLAMD'} = ((('@CLAMD@' ne '/bin/false') and (-x '@CLAMD@')) ? '@CLAMD@' : 0); ++$Features{'Virus:FPROT'} = ((('@FPROT@' ne '/bin/false') and (-x '@FPROT@')) ? '@FPROT@' : 0); ++$Features{'Virus:FSAV'} = ((('@FSAV@' ne '/bin/false') and (-x '@FSAV@')) ? '@FSAV@' : 0); + $Features{'Virus:FileScan'} = $Features{'File::Scan'}; +-$Features{'Virus:HBEDV'} = ('@HBEDV@' ne '/bin/false' ? '@HBEDV@' : 0); +-$Features{'Virus:VEXIRA'} = ('@VEXIRA@' ne '/bin/false' ? '@VEXIRA@' : 0); +-$Features{'Virus:NAI'} = ('@NAI@' ne '/bin/false' ? '@NAI@' : 0); +-$Features{'Virus:BDC'} = ('@BDC@' ne '/bin/false' ? '@BDC@' : 0); +-$Features{'Virus:NVCC'} = ('@NVCC@' ne '/bin/false' ? '@NVCC@' : 0); ++$Features{'Virus:HBEDV'} = ((('@HBEDV@' ne '/bin/false') and (-x '@HBEDV@')) ? '@HBEDV@' : 0); ++$Features{'Virus:VEXIRA'} = ((('@VEXIRA@' ne '/bin/false') and (-x '@VEXIRA@')) ? '@VEXIRA@' : 0); ++$Features{'Virus:NAI'} = ((('@NAI@' ne '/bin/false') and (-x '@NAI@')) ? '@NAI@' : 0); ++$Features{'Virus:BDC'} = ((('@BDC@' ne '/bin/false') and (-x '@BDC@')) ? '@BDC@' : 0); ++$Features{'Virus:NVCC'} = ((('@NVCC@' ne '/bin/false') and (-x '@NVCC@')) ? '@NVCC@' : 0); + $Features{'Virus:OpenAV'} = 0; # Not a good idea but we need a test! + $Features{'Virus:SymantecCSS'} = 0; # Ditto + $Features{'Virus:FPROTD'} = 0; +-$Features{'Virus:SOPHIE'} = ('@SOPHIE@' ne '/bin/false' ? '@SOPHIE@' : 0); +-$Features{'Virus:SOPHOS'} = ('@SOPHOS@' ne '/bin/false' ? '@SOPHOS@' : 0); +-$Features{'Virus:TREND'} = ('@TREND@' ne '/bin/false' ? '@TREND@' : 0); +-$Features{'Virus:TROPHIE'} = ('@TROPHIE@' ne '/bin/false' ? '@TROPHIE@' : 0); ++$Features{'Virus:SOPHIE'} = ((('@SOPHIE@' ne '/bin/false') and (-x '@SOPHIE@')) ? '@SOPHIE@' : 0); ++$Features{'Virus:SOPHOS'} = ((('@SOPHOS@' ne '/bin/false') and (-x '@SOPHOS@')) ? '@SOPHOS@' : 0); ++$Features{'Virus:TREND'} = ((('@TREND@' ne '/bin/false') and (-x '@TREND@')) ? '@TREND@' : 0); ++$Features{'Virus:TROPHIE'} = ((('@TROPHIE@' ne '/bin/false') and (-x '@TROPHIE@')) ? '@TROPHIE@' : 0); + + $Features{'Path:SENDMAIL'} = '@SENDMAILPROG@'; + $Features{'Path:QUARANTINEDIR'} = '@QDIR@'; -- cgit v1.2.3