diff options
| author | Martin Schulze <joey@infodrom.org> | 2004-09-13 09:07:18 +0200 |
|---|---|---|
| committer | Andreas Beckmann <debian@abeckmann.de> | 2012-10-01 19:58:43 +0200 |
| commit | ae03fe5d926a63cab418207f760d62a947957123 (patch) | |
| tree | aa48cfe56ac7c47fb9b0abce4d4689033d3098d6 /debian/examples | |
| parent | dd994db23cb7f88732be927fad3a7039bd6301db (diff) | |
| download | sendmail-debian/8.12.3-7.1.tar.gz | |
Imported Debian patch 8.12.3-7.1debian/8.12.3-7.1
Diffstat (limited to 'debian/examples')
35 files changed, 2857 insertions, 0 deletions
diff --git a/debian/examples/Makefile.in b/debian/examples/Makefile.in new file mode 100644 index 0000000..aef3815 --- /dev/null +++ b/debian/examples/Makefile.in @@ -0,0 +1,124 @@ +#!/usr/bin/make -f +#------------------------------------------------------------------------------ +# vim: syntax=make +# +# $Sendmail: Makefile,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 1998-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# Rules file for Sendmail @sm_version@@sm_revision@(@sm_version_math@) +# on @sm_dist_name@ @sm_dist_vers@ +# via Debhelper V@DEBIAN_DH@ +# +# Note: the .in file supports Sendmail @SM_MINVERS@ - @SM_MAXVERS@ +# on Debian slink, potato, woody, testing, sid, ... +# but the generated file is customized to the version noted above. +# +# Richard Nelson <cowboy@debian.org> @sm_date@ @sm_time@ (@sm_utc@) +#------------------------------------------------------------------------------ +#SHELL=/bin/sh -x + +# Include Debian Autoconf settings +-include ../build/autoconf.mk + +ALL_SUBDIRS = . amavis db dialup ldap logcheck milter pam sasl tls +DATA_SUBDIRS = amavis db ldap pam sasl tls +SCRIPT_SUBDIRS = dialup + +all: + +clean: + for subdir in ${ALL_SUBDIRS}; do \ + rm -rf $${subdir}/core $${subdir}/*~; \ + done; + +setup: + +build-indep: +build-arch: + # + # Debian Local additions / changes + # + # examples/ldap/sendmail.schema.v2 - conditional + # + if (grep -qEe "^#LDAP:[[:space:]]*yes" ../build/site.config.m4); then \ + if [ -e ../../${buildtree}/cf/sendmail.schema ]; then \ + $(INSTALL_DATA) ../../${buildtree}/cf/sendmail.schema \ + ldap/sendmail.schema.v2; \ + fi; \ + fi; + +install-indep: build-indep +install-arch: build-arch + # + # Debian Local additions / changes + # + # ${sysconfdir}/ppp/ip-{up,down}.d - unconditional + # + $(INSTALL) -d ${sysconfdir}/ppp/ip-up.d; + $(INSTALL_SCRIPT) dialup/ip-up.d \ + ${sysconfdir}/ppp/ip-up.d/sendmail; + $(INSTALL) -d ${sysconfdir}/ppp/ip-down.d; + $(INSTALL_SCRIPT) dialup/ip-down.d \ + ${sysconfdir}/ppp/ip-down.d/sendmail; + # + # ${sysconfdir}/pam.d - unconditional + # + $(INSTALL) -d ${sysconfdir}/pam.d; + $(INSTALL_DATA) pam/* \ + ${sysconfdir}/pam.d; + # + # ${sysconfdir}/logcheck - unconditional + # + (cd logcheck && \ + for file in $$(find . -type d); do \ + $(INSTALL) -d ../${sysconfdir}/logcheck/$$file; \ + done;); + for file in $$(find logcheck -type f -name '*sendmail'); do \ + $(INSTALL_DATA) $$file \ + ${sysconfdir}/logcheck/$$(echo "$$file" \ + | sed -e 's?^.*logcheck/??'); \ + done; + # + # ${datadir}/sendmail/examples - unconditional + # + for subdir in ${DATA_SUBDIRS}; do \ + $(INSTALL) -d ${datadir}/sendmail/examples/$$subdir; \ + find $$subdir -type f ! -name '*.in' | xargs -ri \ + $(INSTALL_DATA) '{}' ${datadir}/sendmail/examples/$$subdir; \ + done; + for subdir in ${SCRIPT_SUBDIRS}; do \ + $(INSTALL) -d ${datadir}/sendmail/examples/$$subdir; \ + find $$subdir -type f ! -name '*.in' | xargs -ri \ + $(INSTALL_SCRIPT) '{}' ${datadir}/sendmail/examples/$$subdir; \ + done; + # Can't simply $(INSTALL) logcheck, has subdirs... + $(INSTALL) -d ${datadir}/sendmail/examples/logcheck; + cp -a logcheck/* \ + ${datadir}/sendmail/examples/logcheck; + # + # ${datadir}/sendmail/examples - conditional + # + if (grep -qEe "^#MILTER:[[:space:]]*yes" ../build/site.config.m4); then \ + $(INSTALL) -d ${datadir}/sendmail/examples/milter; \ + $(INSTALL_DATA) milter/* \ + ${datadir}/sendmail/examples/milter; \ + chmod a+x \ + ${datadir}/sendmail/examples/milter/Makefile; \ + fi; + +#------------- +# Below here is fairly generic really + +source diff: + @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false + +build: build-indep build-arch +install: install-indep install-arch +.PHONY: all +.PHONY: setup +.PHONY: clean build build-indep build-arch +.PHONY: install install-indep install-arch +.PHONY: source diff diff --git a/debian/examples/amavis-doc/README b/debian/examples/amavis-doc/README new file mode 100644 index 0000000..c2e3d86 --- /dev/null +++ b/debian/examples/amavis-doc/README @@ -0,0 +1,8 @@ +The files herein are from Jean-Paul Stewart <jps@maxlingua.com> + +To add to the sendmail/examples directory: + 1) place new amavis-doc.tar.gz in this directory + 2) tar -xzf amavis-doc.tar.gz + 3) mv amavis-doc/amavis-doc.lyx ./ + 4) rm ../amavis/* + 5) mv amavis-doc/* ../amavis/ diff --git a/debian/examples/amavis-doc/amavis-doc.lyx b/debian/examples/amavis-doc/amavis-doc.lyx new file mode 100644 index 0000000..180015b --- /dev/null +++ b/debian/examples/amavis-doc/amavis-doc.lyx @@ -0,0 +1,904 @@ +#LyX 1.1 created this file. For more info see http://www.lyx.org/ +\lyxformat 218 +\textclass linuxdoc +\language english +\inputencoding default +\fontscheme default +\graphics default +\paperfontsize 10 +\spacing single +\papersize Default +\paperpackage a4 +\use_geometry 0 +\use_amsmath 0 +\paperorientation portrait +\secnumdepth 3 +\tocdepth 3 +\paragraph_separation indent +\defskip medskip +\quotes_language english +\quotes_times 2 +\papercolumns 1 +\papersides 1 +\paperpagestyle default + +\layout Title +\added_space_top vfill \added_space_bottom vfill +How to Install Amavis-milter for Debian Sendmail +\layout Author + +Jean-Paul Stewart <jps@maxlingua.com> +\layout Date + +23.10.2001 +\layout Abstract + +This document provides a step-by-step guide to the installation and configuratio +n of the Amavis antivirus software available from +\begin_inset LatexCommand \url{http://www.amavis.org/} + +\end_inset + + on the Debian GNU/Linux operating system. + It has been adapted from the documentation available there. + Amavis supports many different methods of implementation. + I have chosen to implement Amavis-libmilter as the interface between Amavis + and Sendmail. + Another option with Amavis + Sendmail, which I am not describing here, + involves employing Amavis as a sort of intermediate local delivery agent. + Please be advised that this software requires an existing CLI antivirus + scanning engine and database. + The selection and procurement of such software is not discussed in this + document. + There is ample information available at the amavis.org site. + These installation examples make extensive use of the outstanding Sendmail + and libmilter-dev Debian packages maintained by Richard +\begin_inset Quotes eld +\end_inset + +cowboy +\begin_inset Quotes erd +\end_inset + + Nelson. + Thanks Cowboy! Thank you Amavis developers! +\layout Standard + + +\begin_inset LatexCommand \tableofcontents{} + +\end_inset + + +\layout Section + +Software Dependencies +\layout Enumerate + +At a minimum you need to be running the Debian 3.0 (Woody) distribution from + +\begin_inset LatexCommand \url{http://www.debian.org/} + +\end_inset + +. + Older versions of Debian do not provide an adequate sendmail package (they + lack the libmilter API). +\layout Enumerate + +Obviously, sendmail needs to be installed on your system. +\layout Enumerate + +As mentioned in the abstract, you will have to obtain your own antiviral + engine from an independent vendor. +\layout Enumerate + +The +\begin_inset Quotes eld +\end_inset + +file +\begin_inset Quotes erd +\end_inset + + package. +\layout Enumerate + +The +\begin_inset Quotes eld +\end_inset + +arc +\begin_inset Quotes erd +\end_inset + + utility. + It is not available as a Debian package. + You can obtain the source code for this program at +\begin_inset LatexCommand \url{ftp://metalab.unc.edu/pub/Linux/utils/compress/arc521.tar.Z} + +\end_inset + +. + +\layout Enumerate + +The +\begin_inset Quotes eld +\end_inset + +bzip2 +\begin_inset Quotes erd +\end_inset + + package. +\layout Enumerate + +The +\begin_inset Quotes eld +\end_inset + +lha +\begin_inset Quotes erd +\end_inset + + package. +\layout Enumerate + +The +\begin_inset Quotes eld +\end_inset + +unarj +\begin_inset Quotes erd +\end_inset + + package. +\layout Enumerate + +The +\begin_inset Quotes eld +\end_inset + +unrar +\begin_inset Quotes erd +\end_inset + + package. +\layout Enumerate + +The +\begin_inset Quotes eld +\end_inset + +zoo +\begin_inset Quotes erd +\end_inset + + package. +\layout Enumerate + +You may need to install a few perl modules. + The required modules are +\layout Itemize + +IO-stringy +\layout Itemize + +Syslog +\layout Itemize + +MailTools +\layout Itemize + +MIME-Base64 +\layout Itemize + +MIME-tools +\layout Itemize + +Convert-UUlib +\layout Itemize + +Convert-TNEF +\layout Itemize + +Compress-Zlib +\layout Itemize + +Archive-Tar +\layout Itemize + +Archive-Zip +\layout Itemize + +libnet +\layout Section + +Installing the Software Dependencies +\layout Standard + +Update your distribution files with the usual: +\layout Verbatim + +apt-get update +\layout Standard + +and install file, bzip2, lha, unarj, unrar, and zoo in one shot with: +\layout Verbatim + +apt-get install file bzip2 lha unarj unrar zoo +\layout Standard + +Install all the perl modules in one shot with: +\layout Verbatim + +apt-get install libio-stringy-perl libunix-syslog-perl libmailtools-perl + libmime-base64-perl libmime-perl libconvert-uulib-perl libconvert-tnef-perl + libcompress-zlib-perl libarchive-tar-perl libarchive-zip-perl libnet-perl +\layout Standard + +Installing the +\begin_inset Quotes eld +\end_inset + +arc +\begin_inset Quotes erd +\end_inset + + utility is much more of a hassle. + Furthermore, it is an unmaintained old MS-DOS port with a non-free license. + I will describe what I did to compile it on a Intel platform (suggestions + on better ways to do this are appreciated). + The next few steps assume that you have the GNU +\begin_inset Quotes eld +\end_inset + +make +\begin_inset Quotes erd +\end_inset + + and +\begin_inset Quotes eld +\end_inset + +gcc +\begin_inset Quotes erd +\end_inset + + packges installed on your system. + If this is not the case then try: +\layout Verbatim + +apt-get install make gcc +\layout Standard + +Let's create a temporary directory somewhere so that we can make a mess + in it. + Since my login is +\begin_inset Quotes eld +\end_inset + +jps +\begin_inset Quotes erd +\end_inset + +, I made a directory named +\begin_inset Quotes eld +\end_inset + +/home/jps/tmp/ +\begin_inset Quotes erd +\end_inset + +. + Copy the arc521.tar.Z file into your new temporary diretory and type: +\layout Verbatim + +uncompress arc521.tar.Z; tar xf arc521.tar +\layout Standard + +or something equivalent to uncompress and untar the archive. + This will create a bunch of files. + We need to delete some lines from the file named +\begin_inset Quotes eld +\end_inset + +arcdos.c +\begin_inset Quotes erd +\end_inset + +. + It is probably set to be read-only, so type: +\layout Verbatim + +chmod u+w arcdos.c +\layout Standard + +Open arcdos.c for editing and delete (or comment out) lines 35-38 inclusive. + (It is the definition of a structure that begins with +\begin_inset Quotes eld +\end_inset + +struct timeval +\begin_inset Quotes erd +\end_inset + + on line 35 and ends with +\begin_inset Quotes eld +\end_inset + +}; +\begin_inset Quotes erd +\end_inset + + on line 38). + We are done with that, so close the file. + Now type: +\layout Verbatim + +make +\layout Standard + +This command WILL FAIL with a bunch of warnings and an error message complaining + about +\begin_inset Quotes eld +\end_inset + +tmclock.o +\begin_inset Quotes erd +\end_inset + +, but it accomplished some necessary things anyway. + Now open the file named +\begin_inset Quotes eld +\end_inset + +Makefile +\begin_inset Quotes erd +\end_inset + + for editing. + Go to the line that says +\begin_inset Quotes eld +\end_inset + +System = -DBSD=1 +\begin_inset Quotes erd +\end_inset + +. + It should be on line 31. + Change the line so that it says: +\layout Verbatim + +System = -DSYSV=1 +\layout Standard + +Close the Makefile and run make again by typing: +\layout Verbatim + +make +\layout Standard + +That should compile the +\begin_inset Quotes eld +\end_inset + +arc +\begin_inset Quotes erd +\end_inset + + utility successfully. + You can ignore the warnings about +\begin_inset Quotes eld +\end_inset + +mktemp +\begin_inset Quotes erd +\end_inset + + and +\begin_inset Quotes eld +\end_inset + +mkstemp +\begin_inset Quotes erd +\end_inset + +. + There should now be an executable program with the name of +\begin_inset Quotes eld +\end_inset + +arc +\begin_inset Quotes erd +\end_inset + + in your temporary directory. + As root, copy this file to +\begin_inset Quotes eld +\end_inset + +/usr/local/bin +\begin_inset Quotes erd +\end_inset + + or the usual place where you keep home-cooked binaries. + Just make sure that it is in your path. + Test this by typing +\begin_inset Quotes eld +\end_inset + +arc +\begin_inset Quotes erd +\end_inset + + and see if the arc usage guide scrolls up your terminal. + You can delete all the files in your temporary directory now, but leave + the directory itself because we will be using it later. + Aren't .deb packages so much easier? +\layout Section + +Example Installation of an Antivirus Scanner +\layout Standard + +I am using a Linux commandline scanner from NAI Associates, Inc. + You will have to avail yourself of the documentation at +\begin_inset LatexCommand \url{http://www.amavis.org/} + +\end_inset + + if you don't know where to obtain a scanner. + For example, you could place your scanner binary along with its' data files + in a directory named +\begin_inset Quotes eld +\end_inset + +/usr/local/share/av +\begin_inset Quotes erd +\end_inset + +. + Then create a symlink to the binary in the +\begin_inset Quotes eld +\end_inset + +/usr/local/bin +\begin_inset Quotes erd +\end_inset + + directory. + This way, the command to execute the scanner is in your path, and the Amavis + configure script will find it. + For a more advanced configuration (once you have the easy stuff out of + the way), take a look at the example start-stop script at the end of this + document. +\layout Section + +Obtaining the Libmilter Sourcecode and Libraries +\layout Standard + +In order to be able to build Amavis with the libmilter interface, you need + to have the Sendmail's libmilter sourcecode and libraries available. + Don't worry, this is very easy with Debian. + The following command will dowload everything required to your system: +\layout Verbatim + +apt-get install libmilter-dev +\layout Section + +Obtaining the Amavis Sourcecode +\layout Subsection + +Checking the latest copy out of CVS +\layout Standard + +\begin_float footnote +\layout Standard + +As of October 23, 2001; the CVS copy might not compile. + Skip to the next section if you don't want to fool around. +\end_float +Now that we have extracted the libmilter files, the next step is to obtain + the latest copy of the Amavis sourcecode. + We will retrieve this code from the Amavis CVS repository at +\begin_inset LatexCommand \url{http://sourceforge.net/} + +\end_inset + +. + If you do not already have the CVS package installed on your system, you + can obtain it with the command: +\layout Verbatim + +apt-get install cvs +\layout Verbatim + +cvs -d:pserver:anonymous@cvs.amavis.sourceforge.net:/cvsroot/amavis login +\layout Standard + +You will be logging in anonymously, so just press enter at the password + prompt. + If CVS gives you a hard time about +\begin_inset Quotes eld +\end_inset + +$HOME/.cvspass +\begin_inset Quotes erd +\end_inset + + not existing, then simply type: +\layout Verbatim + +touch $HOME/.cvspass +\layout Standard + +and issue the command once more. + With these preliminaries out of the way we can download the actual source + with: +\layout Verbatim + +cvs -z3 -d:pserver:anonymous@cvs.amavis.sourceforge.net:/cvsroot/amavis co + amavis +\layout Standard + +This will create a subdirectory named +\begin_inset Quotes eld +\end_inset + +amavis +\begin_inset Quotes erd +\end_inset + + in your temporary directory. + Please skip to section titled +\begin_inset Quotes eld +\end_inset + +Building Amavis +\begin_inset Quotes erd +\end_inset + +. +\layout Subsection + +If the CVS copy blows chunks +\layout Standard + +If you are like me, and the CVS copy died hideously during +\begin_inset Quotes eld +\end_inset + +./configure +\begin_inset Quotes erd +\end_inset + +, then download the the +\begin_inset Quotes eld +\end_inset + +official +\begin_inset Quotes erd +\end_inset + + CVS snapshot from +\begin_inset LatexCommand \url{http://sourceforge.net/projects/amavis/} + +\end_inset + +. + The available version at the time of this writing was +\begin_inset Quotes eld +\end_inset + +amavisd-snaphot-20010714 +\begin_inset Quotes erd +\end_inset + +. + You can dowload this as a tarball. + Copy this file into your temporary directory and run: +\layout Verbatim + +tar zxf <filename> +\layout Standard + +That should give you a nice directory of sourcecode. +\layout Section + +Building Amavis +\layout Standard + +Regardless of the method you used to obtain it, please change to your new + amavis sourcecode directory and type the following command to build Amavis + with libmilter: +\layout Verbatim + +LDFLAGS= +\begin_inset Quotes erd +\end_inset + +-L/usr/lib/libmilter +\begin_inset Quotes erd +\end_inset + + ./configure --with-amavisuser=amavis --prefix=/usr/local --with-runtime-dir=/var +/local/amavis --enable-milter --with-sendmail-source=/usr/include/libmilter +\layout Standard + +Then simply run make by typing: +\layout Verbatim + +make +\layout Standard + +This will create, among other things, the amavisd perl script and the amavis-mil +ter binary in your +\begin_inset Quotes eld +\end_inset + +<amavis-sourcecode-directory>/amavis/ +\begin_inset Quotes erd +\end_inset + + directory. + If the previous steps failed for any reason, go to the section titled +\begin_inset Quotes eld +\end_inset + +If the CVS copy blows chunks +\begin_inset Quotes erd +\end_inset + + and rerun the +\begin_inset Quotes eld +\end_inset + +Building Amavis +\begin_inset Quotes erd +\end_inset + + section from the beginning. +\layout Section + +Installing and Running Amavis +\layout Standard + +Hopefully we passed the correct options to the Amavis configure script so + that when we install it, the Debian file system policy won't be violated. + That would be bad karma. + Create a user named +\begin_inset Quotes eld +\end_inset + +amavis +\begin_inset Quotes erd +\end_inset + + with: +\layout Verbatim + +useradd amavis +\layout Standard + +From the amavis-sourcecode-directory type: +\layout Verbatim + +make install +\layout Standard + +If everythiny worked, the install script should have +\layout Itemize + +copied the amavisd perl script to /usr/local/sbin +\layout Itemize + +copied the amavis-milter binary to /usr/local/sbin +\layout Itemize + +created the /var/local/amavis directory with owner amavis and mode 2700 + or 0700 +\layout Itemize + +created a file named /etc/amavisd.conf +\layout Standard + +Now you will need to create an alias in /etc/aliases or /etc/mail/aliases + (or wherever you keep your mail aliases) for the +\begin_inset Quotes eld +\end_inset + +virusalert +\begin_inset Quotes erd +\end_inset + + email address that Amavis will try and send virus reports to. + Generally, this should be the system administrator. +\layout Standard + +Don't forget to rebuild the aliases file by issuing: +\layout Verbatim + +newaliases +\layout Standard + +Finally, open up the /etc/mail/sendmail.mc file for editing and insert the + following two lines anywhere after the line the begins with +\begin_inset Quotes eld +\end_inset + +## Custom configurations +\begin_inset Quotes erd +\end_inset + + (it is near the bottom): +\layout Verbatim + +define(`_FFR_MILTER', `1')dnl +\layout Verbatim + +INPUT_MAIL_FILTER(`milter-amavis', `S=local:/var/local/amavis/amavis-milter.sock, + T=S:10m;R:10m;E:10m')dnl +\layout Standard + +After you close the /etc/mail/sendmail.mc file, start-up amavis-milter and + amavisd with the following three commands: +\layout Verbatim + +rm -rf /var/local/amavis/amavis-milter.sock +\layout Verbatim + +nohup /usr/local/sbin/amavis-milter -p /var/local/amavis/amavis-milter.sock + & +\layout Verbatim + +/usr/local/sbin/amavisd +\layout Standard + +Now that Amavis is ready and running, you can fire-up your new sendmail + configuration with: +\layout Verbatim + +sendmailconfig +\layout Standard + +This command will recreate the /etc/mail/sendmail.cf file from the /etc/mail/send +mail.mc file and reload the sendmail daemon. + An alternate approach is to delete the /etc/mail/sendmail.cf file, run +\begin_inset Quotes eld +\end_inset + +make +\begin_inset Quotes erd +\end_inset + + in the /etc/mail directory, and restart sendmail with +\begin_inset Quotes eld +\end_inset + +/etc/init.d/sendmail restart +\begin_inset Quotes erd +\end_inset + + (or whatever it is that you use). +\layout Section + +An Example Startup script +\layout Code + +#!/bin/sh +\layout Code + +# /etc/init.d/amavis-ramdisk +\layout Code + +# Script to run Amavis from a ram disk. +\layout Code + +\layout Code + +# I keep my antiviral scanner and data files on a ramdisk for speed. +\layout Code + +AVDIR="/usr/local/share/av.original" +\layout Code + +RAMDISK="/usr/local/share/av.ramdisk" +\layout Code + +AMAVISBIN="/usr/local/sbin" +\layout Code + +AMAVISSOCK="/var/local/amavis" +\layout Code + +[ -d $AVDIR -a -d $RAMDISK ] || exit 0 +\layout Code + +case "$1" in +\layout Code + +start) +\layout Code + + mke2fs /dev/ram0 > /dev/null 2>&1 +\layout Code + + mount /dev/ram0 $RAMDISK +\layout Code + + cp $AVDIR/* $RAMDISK +\layout Code + + if [ -S $AMAVISSOCK/amavis-milter.sock ]; then +\layout Code + + rm -rf $AMAVISSOCK/amavis-milter.sock +\layout Code + + fi +\layout Code + + if [ -S $AMAVISSOCK/amavisd.sock ]; then +\layout Code + + rm -rf $AMAVISSOCK/amavisd.sock +\layout Code + + fi +\layout Code + + nohup $AMAVISBIN/amavis-milter -p $AMAVISSOCK/amavis-milter.sock & +\layout Code + + $AMAVISBIN/amavisd +\layout Code + +;; +\layout Code + +stop) +\layout Code + + kill -9 `ps x | grep amavisd | grep -v grep | awk '{print $1}'`2> /dev/null +\layout Code + + kill -9 `ps x | grep amavis-milter | grep -v grep | awk '{print $1}'` + 2> /dev/null +\layout Code + + # I need to sleep for some reason :( +\layout Code + + sleep 2umount /dev/ram0 +\layout Code + +;; +\layout Code + +*) +\layout Code + + echo "Usage: /etc/init.d/amavis-ramdisk {start|stop}" +\layout Code + + exit 1 +\layout Code + +;; +\layout Code + +esac +\layout Code + +exit 0 +\layout Standard + +Don't forget to update your antivirus data files regularly. + +\layout Quote + +Send all comments and corrections to <jps@maxlingua.com>. + Support free software! +\the_end diff --git a/debian/examples/amavis/amavis-doc-1.html b/debian/examples/amavis/amavis-doc-1.html new file mode 100644 index 0000000..f893635 --- /dev/null +++ b/debian/examples/amavis/amavis-doc-1.html @@ -0,0 +1,75 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<HTML> +<HEAD> + <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.10"> + <TITLE>How to Install Amavis-milter for Debian Sendmail: Software Dependencies</TITLE> + <LINK HREF="amavis-doc-2.html" REL=next> + + <LINK HREF="amavis-doc.html#toc1" REL=contents> +</HEAD> +<BODY> +<A HREF="amavis-doc-2.html">Next</A> +Previous +<A HREF="amavis-doc.html#toc1">Contents</A> +<HR> +<H2><A NAME="s1">1.</A> <A HREF="amavis-doc.html#toc1">Software Dependencies</A></H2> + +<P> +<OL> +<LI>At a minimum you need to be running the Debian 3.0 (Woody) distribution +from +<A HREF="http://www.debian.org/"></A> +. Older versions of Debian do not provide an adequate sendmail +package (they lack the libmilter API).</LI> +<LI>Obviously, sendmail needs to be installed on your system.</LI> +<LI>As mentioned in the abstract, you will have to obtain your own +antiviral engine from an independent vendor.</LI> +<LI>The " +file" +package.</LI> +<LI>The " +arc" +utility. It is not available as a Debian package. You +can obtain the source code for this program at +<A HREF="ftp://metalab.unc.edu/pub/Linux/utils/compress/arc521.tar.Z"></A> +. </LI> +<LI>The " +bzip2" +package.</LI> +<LI>The " +lha" +package.</LI> +<LI>The " +unarj" +package.</LI> +<LI>The " +unrar" +package.</LI> +<LI>The " +zoo" +package.</LI> +<LI>You may need to install a few perl modules. The required modules +are</LI> +</OL> +</P> +<P> +<UL> +<LI>IO-stringy</LI> +<LI>Syslog</LI> +<LI>MailTools</LI> +<LI>MIME-Base64</LI> +<LI>MIME-tools</LI> +<LI>Convert-UUlib</LI> +<LI>Convert-TNEF</LI> +<LI>Compress-Zlib</LI> +<LI>Archive-Tar</LI> +<LI>Archive-Zip</LI> +<LI>libnet</LI> +</UL> +</P> +<HR> +<A HREF="amavis-doc-2.html">Next</A> +Previous +<A HREF="amavis-doc.html#toc1">Contents</A> +</BODY> +</HTML> diff --git a/debian/examples/amavis/amavis-doc-2.html b/debian/examples/amavis/amavis-doc-2.html new file mode 100644 index 0000000..17d2694 --- /dev/null +++ b/debian/examples/amavis/amavis-doc-2.html @@ -0,0 +1,138 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<HTML> +<HEAD> + <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.10"> + <TITLE>How to Install Amavis-milter for Debian Sendmail: Installing the Software Dependencies</TITLE> + <LINK HREF="amavis-doc-3.html" REL=next> + <LINK HREF="amavis-doc-1.html" REL=previous> + <LINK HREF="amavis-doc.html#toc2" REL=contents> +</HEAD> +<BODY> +<A HREF="amavis-doc-3.html">Next</A> +<A HREF="amavis-doc-1.html">Previous</A> +<A HREF="amavis-doc.html#toc2">Contents</A> +<HR> +<H2><A NAME="s2">2.</A> <A HREF="amavis-doc.html#toc2">Installing the Software Dependencies</A></H2> + +<P>Update your distribution files with the usual:</P> +<P> +<PRE> +apt-get update +</PRE> +</P> +<P>and install file, bzip2, lha, unarj, unrar, and zoo in one shot +with:</P> +<P> +<PRE> +apt-get install file bzip2 lha unarj unrar zoo +</PRE> +</P> +<P>Install all the perl modules in one shot with:</P> +<P> +<PRE> +apt-get install libio-stringy-perl libunix-syslog-perl libmailtools-perl libmime-base64-perl libmime-perl libconvert-uulib-perl libconvert-tnef-perl libcompress-zlib-perl libarchive-tar-perl libarchive-zip-perl libnet-perl +</PRE> +</P> +<P>Installing the " +arc" +utility is much more of a hassle. Furthermore, +it is an unmaintained old MS-DOS port with a non-free license. I +will describe what I did to compile it on a Intel platform (suggestions +on better ways to do this are appreciated). The next few steps assume +that you have the GNU " +make" +and " +gcc" +packges installed on your +system. If this is not the case then try:</P> +<P> +<PRE> +apt-get install make gcc +</PRE> +</P> +<P>Let's create a temporary directory somewhere so that we can make +a mess in it. Since my login is " +jps" +, I made a directory named " +/home/jps/tmp/" +. +Copy the arc521.tar.Z file into your new temporary diretory and type:</P> + +<P> +<PRE> +uncompress arc521.tar.Z; tar xf arc521.tar +</PRE> +</P> +<P>or something equivalent to uncompress and untar the archive. +This will create a bunch of files. We need to delete some lines from +the file named " +arcdos.c" +. It is probably set to be read-only, so +type:</P> +<P> +<PRE> +chmod u+w arcdos.c +</PRE> +</P> +<P>Open arcdos.c for editing and delete (or comment out) lines 35-38 +inclusive. (It is the definition of a structure that begins with +" +struct timeval" +on line 35 and ends with " +};" +on line 38). +We are done with that, so close the file. Now type:</P> +<P> +<PRE> +make +</PRE> +</P> +<P>This command WILL FAIL with a bunch of warnings and an error +message complaining about " +tmclock.o" +, but it accomplished some necessary +things anyway. Now open the file named " +Makefile" +for editing. Go +to the line that says " +System = -DBSD=1" +. It should be on line 31. +Change the line so that it says:</P> +<P> +<PRE> +System = -DSYSV=1 +</PRE> +</P> +<P>Close the Makefile and run make again by typing:</P> +<P> +<PRE> +make +</PRE> +</P> +<P>That should compile the " +arc" +utility successfully. You can ignore +the warnings about " +mktemp" +and " +mkstemp" +. There should now be an +executable program with the name of " +arc" +in your temporary directory. +As root, copy this file to " +/usr/local/bin" +or the usual place where +you keep home-cooked binaries. Just make sure that it is in your +path. Test this by typing " +arc" +and see if the arc usage guide scrolls +up your terminal. You can delete all the files in your temporary +directory now, but leave the directory itself because we will be +using it later. Aren't .deb packages so much easier? </P> +<HR> +<A HREF="amavis-doc-3.html">Next</A> +<A HREF="amavis-doc-1.html">Previous</A> +<A HREF="amavis-doc.html#toc2">Contents</A> +</BODY> +</HTML> diff --git a/debian/examples/amavis/amavis-doc-3.html b/debian/examples/amavis/amavis-doc-3.html new file mode 100644 index 0000000..eeb89d1 --- /dev/null +++ b/debian/examples/amavis/amavis-doc-3.html @@ -0,0 +1,38 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<HTML> +<HEAD> + <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.10"> + <TITLE>How to Install Amavis-milter for Debian Sendmail: Example Installation of an Antivirus Scanner</TITLE> + <LINK HREF="amavis-doc-4.html" REL=next> + <LINK HREF="amavis-doc-2.html" REL=previous> + <LINK HREF="amavis-doc.html#toc3" REL=contents> +</HEAD> +<BODY> +<A HREF="amavis-doc-4.html">Next</A> +<A HREF="amavis-doc-2.html">Previous</A> +<A HREF="amavis-doc.html#toc3">Contents</A> +<HR> +<H2><A NAME="s3">3.</A> <A HREF="amavis-doc.html#toc3">Example Installation of an Antivirus Scanner</A></H2> + +<P>I am using a Linux commandline scanner from NAI Associates, Inc. +You will have to avail yourself of the documentation at +<A HREF="http://www.amavis.org/"></A> +if you +don't know where to obtain a scanner. For example, you could place +your scanner binary along with its' data files in a directory named +" +/usr/local/share/av" +. Then create a symlink to the binary in the +" +/usr/local/bin" +directory. This way, the command to execute the +scanner is in your path, and the Amavis configure script will find +it. For a more advanced configuration (once you have the easy stuff +out of the way), take a look at the example start-stop script at +the end of this document.</P> +<HR> +<A HREF="amavis-doc-4.html">Next</A> +<A HREF="amavis-doc-2.html">Previous</A> +<A HREF="amavis-doc.html#toc3">Contents</A> +</BODY> +</HTML> diff --git a/debian/examples/amavis/amavis-doc-4.html b/debian/examples/amavis/amavis-doc-4.html new file mode 100644 index 0000000..c9e338e --- /dev/null +++ b/debian/examples/amavis/amavis-doc-4.html @@ -0,0 +1,31 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<HTML> +<HEAD> + <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.10"> + <TITLE>How to Install Amavis-milter for Debian Sendmail: Obtaining the Libmilter Sourcecode and Libraries</TITLE> + <LINK HREF="amavis-doc-5.html" REL=next> + <LINK HREF="amavis-doc-3.html" REL=previous> + <LINK HREF="amavis-doc.html#toc4" REL=contents> +</HEAD> +<BODY> +<A HREF="amavis-doc-5.html">Next</A> +<A HREF="amavis-doc-3.html">Previous</A> +<A HREF="amavis-doc.html#toc4">Contents</A> +<HR> +<H2><A NAME="s4">4.</A> <A HREF="amavis-doc.html#toc4">Obtaining the Libmilter Sourcecode and Libraries</A></H2> + +<P>In order to be able to build Amavis with the libmilter interface, +you need to have the Sendmail's libmilter sourcecode and libraries +available. Don't worry, this is very easy with Debian. The following +command will dowload everything required to your system:</P> +<P> +<PRE> +apt-get install libmilter-dev +</PRE> +</P> +<HR> +<A HREF="amavis-doc-5.html">Next</A> +<A HREF="amavis-doc-3.html">Previous</A> +<A HREF="amavis-doc.html#toc4">Contents</A> +</BODY> +</HTML> diff --git a/debian/examples/amavis/amavis-doc-5.html b/debian/examples/amavis/amavis-doc-5.html new file mode 100644 index 0000000..7d5186c --- /dev/null +++ b/debian/examples/amavis/amavis-doc-5.html @@ -0,0 +1,85 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<HTML> +<HEAD> + <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.10"> + <TITLE>How to Install Amavis-milter for Debian Sendmail: Obtaining the Amavis Sourcecode</TITLE> + <LINK HREF="amavis-doc-6.html" REL=next> + <LINK HREF="amavis-doc-4.html" REL=previous> + <LINK HREF="amavis-doc.html#toc5" REL=contents> +</HEAD> +<BODY> +<A HREF="amavis-doc-6.html">Next</A> +<A HREF="amavis-doc-4.html">Previous</A> +<A HREF="amavis-doc.html#toc5">Contents</A> +<HR> +<H2><A NAME="s5">5.</A> <A HREF="amavis-doc.html#toc5">Obtaining the Amavis Sourcecode</A></H2> + +<H2><A NAME="ss5.1">5.1</A> <A HREF="amavis-doc.html#toc5.1">Checking the latest copy out of CVS</A> +</H2> + +<P> +<BLOCKQUOTE>As of October 23, 2001; the CVS copy might not compile. Skip +to the next section if you don't want to fool around. </BLOCKQUOTE> +Now that we have extracted the libmilter files, the next step +is to obtain the latest copy of the Amavis sourcecode. We will retrieve +this code from the Amavis CVS repository at +<A HREF="http://sourceforge.net/"></A> +. If you do not already +have the CVS package installed on your system, you can obtain it +with the command:</P> +<P> +<PRE> +apt-get install cvs +cvs -d:pserver:anonymous@cvs.amavis.sourceforge.net:/cvsroot/amavis login +</PRE> +</P> +<P>You will be logging in anonymously, so just press enter at the +password prompt. If CVS gives you a hard time about " +$HOME/.cvspass"</P> +<P>not existing, then simply type:</P> +<P> +<PRE> +touch $HOME/.cvspass +</PRE> +</P> +<P>and issue the command once more. With these preliminaries out +of the way we can download the actual source with:</P> +<P> +<PRE> +cvs -z3 -d:pserver:anonymous@cvs.amavis.sourceforge.net:/cvsroot/amavis co amavis +</PRE> +</P> +<P>This will create a subdirectory named " +amavis" +in your temporary +directory. Please skip to section titled " +Building Amavis" +.</P> +<H2><A NAME="ss5.2">5.2</A> <A HREF="amavis-doc.html#toc5.2">If the CVS copy blows chunks</A> +</H2> + +<P>If you are like me, and the CVS copy died hideously during " +./configure" +, +then download the the " +official" +CVS snapshot from +<A HREF="http://sourceforge.net/projects/amavis/"></A> +. The available +version at the time of this writing was " +amavisd-snaphot-20010714" +. +You can dowload this as a tarball. Copy this file into your temporary +directory and run:</P> +<P> +<PRE> +tar zxf <filename> +</PRE> +</P> +<P>That should give you a nice directory of sourcecode.</P> +<HR> +<A HREF="amavis-doc-6.html">Next</A> +<A HREF="amavis-doc-4.html">Previous</A> +<A HREF="amavis-doc.html#toc5">Contents</A> +</BODY> +</HTML> diff --git a/debian/examples/amavis/amavis-doc-6.html b/debian/examples/amavis/amavis-doc-6.html new file mode 100644 index 0000000..f3c2041 --- /dev/null +++ b/debian/examples/amavis/amavis-doc-6.html @@ -0,0 +1,48 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<HTML> +<HEAD> + <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.10"> + <TITLE>How to Install Amavis-milter for Debian Sendmail: Building Amavis</TITLE> + <LINK HREF="amavis-doc-7.html" REL=next> + <LINK HREF="amavis-doc-5.html" REL=previous> + <LINK HREF="amavis-doc.html#toc6" REL=contents> +</HEAD> +<BODY> +<A HREF="amavis-doc-7.html">Next</A> +<A HREF="amavis-doc-5.html">Previous</A> +<A HREF="amavis-doc.html#toc6">Contents</A> +<HR> +<H2><A NAME="s6">6.</A> <A HREF="amavis-doc.html#toc6">Building Amavis</A></H2> + +<P>Regardless of the method you used to obtain it, please change +to your new amavis sourcecode directory and type the following command +to build Amavis with libmilter:</P> +<P> +<PRE> +LDFLAGS=" +-L/usr/lib/libmilter" + ./configure --with-amavisuser=amavis --prefix=/usr/local --with-runtime-dir=/var/local/amavis --enable-milter --with-sendmail-source=/usr/include/libmilter +</PRE> +</P> +<P>Then simply run make by typing:</P> +<P> +<PRE> +make +</PRE> +</P> +<P>This will create, among other things, the amavisd perl script +and the amavis-milter binary in your " +<amavis-sourcecode-directory>/amavis/"</P> +<P>directory. If the previous steps failed for any reason, go to the +section titled " +If the CVS copy blows chunks" +and rerun the " +Building +Amavis" +section from the beginning.</P> +<HR> +<A HREF="amavis-doc-7.html">Next</A> +<A HREF="amavis-doc-5.html">Previous</A> +<A HREF="amavis-doc.html#toc6">Contents</A> +</BODY> +</HTML> diff --git a/debian/examples/amavis/amavis-doc-7.html b/debian/examples/amavis/amavis-doc-7.html new file mode 100644 index 0000000..5997841 --- /dev/null +++ b/debian/examples/amavis/amavis-doc-7.html @@ -0,0 +1,96 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<HTML> +<HEAD> + <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.10"> + <TITLE>How to Install Amavis-milter for Debian Sendmail: Installing and Running Amavis</TITLE> + <LINK HREF="amavis-doc-8.html" REL=next> + <LINK HREF="amavis-doc-6.html" REL=previous> + <LINK HREF="amavis-doc.html#toc7" REL=contents> +</HEAD> +<BODY> +<A HREF="amavis-doc-8.html">Next</A> +<A HREF="amavis-doc-6.html">Previous</A> +<A HREF="amavis-doc.html#toc7">Contents</A> +<HR> +<H2><A NAME="s7">7.</A> <A HREF="amavis-doc.html#toc7">Installing and Running Amavis</A></H2> + +<P>Hopefully we passed the correct options to the Amavis configure +script so that when we install it, the Debian file system policy +won't be violated. That would be bad karma. Create a user named " +amavis"</P> +<P>with:</P> +<P> +<PRE> +useradd amavis +</PRE> +</P> +<P>From the amavis-sourcecode-directory type:</P> +<P> +<PRE> +make install +</PRE> +</P> +<P>If everythiny worked, the install script should have</P> +<P> +<UL> +<LI>copied the amavisd perl script to /usr/local/sbin</LI> +<LI>copied the amavis-milter binary to /usr/local/sbin</LI> +<LI>created the /var/local/amavis directory with owner amavis and +mode 2700 or 0700</LI> +<LI>created a file named /etc/amavisd.conf</LI> +</UL> +</P> +<P>Now you will need to create an alias in /etc/aliases or /etc/mail/aliases +(or wherever you keep your mail aliases) for the " +virusalert" +email +address that Amavis will try and send virus reports to. Generally, +this should be the system administrator.</P> +<P>Don't forget to rebuild the aliases file by issuing:</P> +<P> +<PRE> +newaliases +</PRE> +</P> +<P>Finally, open up the /etc/mail/sendmail.mc file for editing and +insert the following two lines anywhere after the line the begins +with " +## Custom configurations" +(it is near the bottom):</P> +<P> +<PRE> +define(`_FFR_MILTER', `1')dnl +INPUT_MAIL_FILTER(`milter-amavis', `S=local:/var/local/amavis/amavis-milter.sock, T=S:10m;R:10m;E:10m')dnl +</PRE> +</P> +<P>After you close the /etc/mail/sendmail.mc file, start-up amavis-milter +and amavisd with the following three commands:</P> +<P> +<PRE> +rm -rf /var/local/amavis/amavis-milter.sock +nohup /usr/local/sbin/amavis-milter -p /var/local/amavis/amavis-milter.sock & +/usr/local/sbin/amavisd +</PRE> +</P> +<P>Now that Amavis is ready and running, you can fire-up your new +sendmail configuration with:</P> +<P> +<PRE> +sendmailconfig +</PRE> +</P> +<P>This command will recreate the /etc/mail/sendmail.cf file from +the /etc/mail/sendmail.mc file and reload the sendmail daemon. An +alternate approach is to delete the /etc/mail/sendmail.cf file, run +" +make" +in the /etc/mail directory, and restart sendmail with " +/etc/init.d/sendmail +restart" +(or whatever it is that you use).</P> +<HR> +<A HREF="amavis-doc-8.html">Next</A> +<A HREF="amavis-doc-6.html">Previous</A> +<A HREF="amavis-doc.html#toc7">Contents</A> +</BODY> +</HTML> diff --git a/debian/examples/amavis/amavis-doc-8.html b/debian/examples/amavis/amavis-doc-8.html new file mode 100644 index 0000000..6d36780 --- /dev/null +++ b/debian/examples/amavis/amavis-doc-8.html @@ -0,0 +1,72 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<HTML> +<HEAD> + <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.10"> + <TITLE>How to Install Amavis-milter for Debian Sendmail: An Example Startup script</TITLE> + <LINK HREF="amavis-doc-7.html" REL=previous> + <LINK HREF="amavis-doc.html#toc8" REL=contents> +</HEAD> +<BODY> +Next +<A HREF="amavis-doc-7.html">Previous</A> +<A HREF="amavis-doc.html#toc8">Contents</A> +<HR> +<H2><A NAME="s8">8.</A> <A HREF="amavis-doc.html#toc8">An Example Startup script</A></H2> + +<P> +<HR> +<PRE> +#!/bin/sh +# /etc/init.d/amavis-ramdisk +# Script to run Amavis from a ram disk. + +# I keep my antiviral scanner and data files on a ramdisk for speed. +AVDIR="/usr/local/share/av.original" +RAMDISK="/usr/local/share/av.ramdisk" +AMAVISBIN="/usr/local/sbin" +AMAVISSOCK="/var/local/amavis" +[ -d $AVDIR -a -d $RAMDISK ] || exit 0 +case "$1" in +start) + mke2fs /dev/ram0 > /dev/null 2>&1 + mount /dev/ram0 $RAMDISK + cp $AVDIR/* $RAMDISK + if [ -S $AMAVISSOCK/amavis-milter.sock ]; then + rm -rf $AMAVISSOCK/amavis-milter.sock + fi + if [ -S $AMAVISSOCK/amavisd.sock ]; then + rm -rf $AMAVISSOCK/amavisd.sock + fi + nohup $AMAVISBIN/amavis-milter -p $AMAVISSOCK/amavis-milter.sock & + $AMAVISBIN/amavisd +;; +stop) + kill -9 `ps x | grep amavisd | grep -v grep | awk '{print $1}'`2> /dev/null + kill -9 `ps x | grep amavis-milter | grep -v grep | awk '{print $1}'` 2> /dev/null + # I need to sleep for some reason :( + sleep 2umount /dev/ram0 +;; +*) + echo "Usage: /etc/init.d/amavis-ramdisk {start|stop}" + exit 1 +;; +esac +exit 0 +</PRE> +<HR> +</P> +<P>Don't forget to update your antivirus data files regularly. </P> +<P> +<BLOCKQUOTE> +Send all comments and corrections to <jps@maxlingua.com>. +Support free software! +</BLOCKQUOTE> +</P> + + +<HR> +Next +<A HREF="amavis-doc-7.html">Previous</A> +<A HREF="amavis-doc.html#toc8">Contents</A> +</BODY> +</HTML> diff --git a/debian/examples/amavis/amavis-doc.html b/debian/examples/amavis/amavis-doc.html new file mode 100644 index 0000000..181738d --- /dev/null +++ b/debian/examples/amavis/amavis-doc.html @@ -0,0 +1,72 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> +<HTML> +<HEAD> + <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.10"> + <TITLE>How to Install Amavis-milter for Debian Sendmail</TITLE> + <LINK HREF="amavis-doc-1.html" REL=next> + + +</HEAD> +<BODY> +<A HREF="amavis-doc-1.html">Next</A> +Previous +Contents +<HR> +<H1>How to Install Amavis-milter for Debian Sendmail</H1> + +<H2>Jean-Paul Stewart <jps@maxlingua.com></H2>23.10.2001 +<HR> +<EM>This document provides a step-by-step guide to the installation + and configuration of the Amavis antivirus software available from + +<A HREF="http://www.amavis.org/"></A> + on the Debian GNU/Linux operating system. It has been adapted from + the documentation available there. Amavis supports many different + methods of implementation. I have chosen to implement Amavis-libmilter + as the interface between Amavis and Sendmail. Another option with + Amavis + Sendmail, which I am not describing here, involves employing + Amavis as a sort of intermediate local delivery agent. Please be + advised that this software requires an existing CLI antivirus scanning + engine and database. The selection and procurement of such software + is not discussed in this document. There is ample information available + at the amavis.org site. These installation examples make extensive + use of the outstanding Sendmail and libmilter-dev Debian packages + maintained by Richard " +cowboy" + Nelson. Thanks Cowboy! Thank you Amavis + developers!</EM> +<HR> +<P> +<H2><A NAME="toc1">1.</A> <A HREF="amavis-doc-1.html">Software Dependencies</A></H2> + +<P> +<H2><A NAME="toc2">2.</A> <A HREF="amavis-doc-2.html">Installing the Software Dependencies</A></H2> + +<P> +<H2><A NAME="toc3">3.</A> <A HREF="amavis-doc-3.html">Example Installation of an Antivirus Scanner</A></H2> + +<P> +<H2><A NAME="toc4">4.</A> <A HREF="amavis-doc-4.html">Obtaining the Libmilter Sourcecode and Libraries</A></H2> + +<P> +<H2><A NAME="toc5">5.</A> <A HREF="amavis-doc-5.html">Obtaining the Amavis Sourcecode</A></H2> + +<UL> +<LI><A NAME="toc5.1">5.1</A> <A HREF="amavis-doc-5.html#ss5.1">Checking the latest copy out of CVS</A> +<LI><A NAME="toc5.2">5.2</A> <A HREF="amavis-doc-5.html#ss5.2">If the CVS copy blows chunks</A> +</UL> +<P> +<H2><A NAME="toc6">6.</A> <A HREF="amavis-doc-6.html">Building Amavis</A></H2> + +<P> +<H2><A NAME="toc7">7.</A> <A HREF="amavis-doc-7.html">Installing and Running Amavis</A></H2> + +<P> +<H2><A NAME="toc8">8.</A> <A HREF="amavis-doc-8.html">An Example Startup script</A></H2> + +<HR> +<A HREF="amavis-doc-1.html">Next</A> +Previous +Contents +</BODY> +</HTML> diff --git a/debian/examples/db/access b/debian/examples/db/access new file mode 100644 index 0000000..9eea701 --- /dev/null +++ b/debian/examples/db/access @@ -0,0 +1,88 @@ +# /etc/mail/access +# Copyright (c) 1998, Richard Nelson <cowboy@debian.org>. +# Time-stamp: <1998/10/27 10:00:00 cowboy> +# GPL'd config file, please feed any gripes, suggestions, etc. to me +# +# Function: +# Access Control for this smtp server - determines: +# * Who we accept mail from +# * Who we accept relaying from +# * Who we will not send to +# +# Usage: +# FEATURE(access_db[, type [-o] /etc/mail/access])dnl +# makemap hash access < access +# +# Format: +# lhs: +# email addr <user@[host.domain]> +# domain name unless FEATURE(relay_hosts_only) is used, +# then this is a fqdn - and relay-domains ($=R) +# must also be fqdns. +# network number must end on an octet boundary, or +# you're stuck going the longwinded way ;-{ +# rhs: +# OK accept mail even if other rules in the +# running ruleset would reject it. +# RELAY Allow domain to relay through your SMTP +# server. RELAY also serves an implicit +# OK for the other checks. +# REJECT reject the sender/recipient with a general +# purpose message that can be customized. +# confREJECT_MSG [550 Access denied] will be issued +# DISCARD discard the message completely using +# the $#discard mailer. +# ### any text where ### is an RFC 821 compliant error code +# and "any text" is a message to return for +# the command +# Examples: +# spammer@aol.com REJECT +# FREE.STEALTH.MAILER@ 550 Spam not accepted +# +# Notes: +# With FEATURE(blacklist_recipients) this is also possible: +# badlocaluser 550 Mailbox disabled for this username +# host.mydomain.com 550 That host does not accept mail +# user@otherhost.mydomain.com 550 Mailbox disabled for this recipient +# +# Related: +# define(`confREJECT_MSG', `550 Access denied')dnl +# define(`confCR_FILE', `-o /etc/mail/relay-domains')dnl <<- $=R +# FEATURE(relay_hosts_only)dnl +# FEATURE(relay_entire_domain)dnl <<- relays any host in the $=m class +# FEATURE(relay_based_on_MX)dnl <<- relaying for boxes MX'd to you +# FEATURE(blacklist_recipients)dnl +# FEATURE(rbl[,alternate server])dnl +# FEATURE(orbs[,alternate server])dnl <<- Debian addition +# FEATURE(orca[,alternate server])dnl <<- Debian addition +# FEATURE(accept_unqualified_senders)dnl +# FEATURE(accept_unresolvable_domains)dnl +# +# Local addresses 10.x.x.x, 127.x.x.x, 172.16-31.x.x 192.168.x.x can relay +# Note Well! You *must* make sure these address can't be spoofed externally +10 RELAY +127 RELAY +172.16 RELAY +172.17 RELAY +172.18 RELAY +172.19 RELAY +172.20 RELAY +172.21 RELAY +172.22 RELAY +172.23 RELAY +172.24 RELAY +172.25 RELAY +172.26 RELAY +172.27 RELAY +172.28 RELAY +172.29 RELAY +172.30 RELAY +172.31 RELAY +192.168 RELAY +# +# Hosts that are allowed to talk to me +# +# +# Blacklisted users +# +reject@ REJECT diff --git a/debian/examples/db/aliases b/debian/examples/db/aliases new file mode 100644 index 0000000..8e99427 --- /dev/null +++ b/debian/examples/db/aliases @@ -0,0 +1,15 @@ +# +# Mail aliases for sendmail +# +# You must run newaliases(1) after making changes to this file. +# + +# Required aliases +postmaster: root +MAILER-DAEMON: postmaster + +# Common aliases +abuse: postmaster +spam: postmaster + +# Other aliases diff --git a/debian/examples/db/domaintable b/debian/examples/db/domaintable new file mode 100644 index 0000000..82b3ff7 --- /dev/null +++ b/debian/examples/db/domaintable @@ -0,0 +1,26 @@ +# /etc/mail/domaintable +# Copyright (c) 1998, Richard Nelson <cowboy@debian.org>. +# Time-stamp: <1998/10/27 10:00:00 cowboy> +# GPL'd config file, please feed any gripes, suggestions, etc. to me +# +# Function: +# Specify a mapping from old host name to new host name. +# Commonly used to support old (or merged) domain names. +# The host name in the lhs will be rewritten to that in the rhs +# +# Usage: +# FEATURE(domaintable[, type [-o] /etc/mail/domaintable])dnl +# makemap hash domaintable < domaintable +# +# Format: +# old fqdn new fqdn +# +# Examples: +# debian.com debian.org +# .debian.com %0.debian.org +# +# Notes: +# +# Related: +# +#.cv.lexington.ibm.com %0.lexington.ibm.com diff --git a/debian/examples/db/genericstable b/debian/examples/db/genericstable new file mode 100644 index 0000000..44bf03c --- /dev/null +++ b/debian/examples/db/genericstable @@ -0,0 +1,36 @@ +# /etc/mail/genericstable +# Copyright (c) 1998, Richard Nelson <cowboy@debian.org>. +# Time-stamp: <1998/10/27 10:00:00 cowboy> +# GPL'd config file, please feed any gripes, suggestions, etc. to me +# +# Function: +# Cause certain addresses originating locally (unqualified), or +# from a domain in $=G to be rewritten based upon the map below. +# This mapping may change both the user and domain name. +# +# Usage: +# FEATURE(genericstable[, type [-o] /etc/mail/genericstable])dnl +# makemap hash genericstable < genericstable +# +# Format: +# localuser realuser@realdomain <<- implied $j or masq domain +# user@host realuser@realhost <<- tried first +# user[@host] realuser[@realhost] +# +# Examples: +# +# Notes: +# * Masquerading is *required* for genericstable support! +# * Then genericstable should only be enabled if needed as it +# causes every sender to be looked up in the database +# * Members of $=w are *not* automatically placed in $=G +# * For local mail, FEATURE(always_add_domain) is necessary +# +# Related: +# EXPOSED_USER(root uucp)dnl <<- these are exempt from masquerading +# FEATURE(allmasquerade)dnl <<- rewrite recipient addrs too +# FEATURE(always_add_domain)dnl <<- add domain to unqualified names +# FEATURE(limited_masquerade)dnl <<- only masq domains in $=M +# FEATURE(masquerade_envelope)dnl <<- rewrite envelope return address too +# GENERICS_DOMAIN_FILE(`/etc/mail/sendmail.cG')dnl <<- masq From: +# diff --git a/debian/examples/db/mailertable b/debian/examples/db/mailertable new file mode 100644 index 0000000..79d950f --- /dev/null +++ b/debian/examples/db/mailertable @@ -0,0 +1,50 @@ +# /etc/mail/mailertable +# Copyright (c) 1998, Richard Nelson <cowboy@debian.org>. +# Time-stamp: <1998/10/27 10:00:00 cowboy> +# GPL'd config file, please feed any gripes, suggestions, etc. to me +# +# Function: +# Specify a mapping from old host name to new host name. +# Commonly used to support old (or merged) domain names. +# The host name in the lhs will be rewritten to that in the rhs +# +# Usage: +# FEATURE(mailertable[, type [-o] /etc/mail/mailertable])dnl +# makemap hash mailertable < mailertable +# +# Format: +# Local recipients: +# <address> local:user +# <address> local: <<- will use same user +# Error messages: +# badhost error:nohost mail to %0 is prohibited +# .baddomain error:nohost mail to %1%0 is prohibited +# +# Examples: +# Local recipients: +# <address> local:user +# <address> local: <<- will use same user +# Error messages: +# badhost error:nohost mail to %0 is prohibited +# .baddomain error:nohost mail to %1%0 is prohibited +# +# Notes: +# +# Related: +# +# Address rewrites for hosts *NOT IN* class $w +# Direct delivery, %0 is left side +# friend.dom smtp:[%0]:[some.smart.host] +# Direct deliver of domain, smarthost as second choice +# .friend.dom smtp:[%1%0]:[some.smart.host] +# Default route, via smarthost +# . smtp:[some.smart.host] +# +badhost error:nohost mail to %0 is prohibited +.baddomain error:nohost mail to %1%0 is prohibited +# +# Sites we deliver directly to, bypassing SMARTHOST: +# +# Sites that use DUL: Dialup User Lists (or equivalent) +#aol.com esmtp:[relay] +#primenet.com esmtp:[relay] diff --git a/debian/examples/db/relay-domains b/debian/examples/db/relay-domains new file mode 100644 index 0000000..393f65d --- /dev/null +++ b/debian/examples/db/relay-domains @@ -0,0 +1,34 @@ +# /etc/mail/relay-domains +# Copyright (c) 1998, Richard Nelson <cowboy@debian.org>. +# Time-stamp: <1998/10/27 10:00:00 cowboy> +# GPL'd config file, please feed any gripes, suggestions, etc. to me +# +# Function: +# Control what hosts are allowed to relay (or be a relay) +# +# Usage: +# define(`confCR_FILE', `[-o ]/etc/mail/relay-domains')dnl +# +# Format: +# lhs: +# +# Notes: +# Class $=R +# These are domains unless FEATURE(relay_hosts_only) is used, +# then these names must be fully qualified host names! +# +# Related: +# FEATURE(relay_hosts_only)dnl +# FEATURE(relay_entire_domain)dnl <<- relays any host in the $=m class +# FEATURE(relay_based_on_MX)dnl <<- relaying for boxes MX'd to you +# FEATURE(access_db)dnl +# EATURE(blacklist_recipients)dnl +# FEATURE(rbl[,alternate server])dnl +# FEATURE(orbs[,alternate server])dnl <<- Debian addition +# FEATURE(accept_unqualified_senders)dnl +# FEATURE(accept_unresolvable_domains)dnl +# +# Hosts that I will relay to: +# +# Hosts that can relay to me: +# diff --git a/debian/examples/db/sendmail.cM b/debian/examples/db/sendmail.cM new file mode 100644 index 0000000..8806f3b --- /dev/null +++ b/debian/examples/db/sendmail.cM @@ -0,0 +1,32 @@ +# /etc/mail/sendmail.cM +# Copyright (c) 1998, Richard Nelson <cowboy@debian.org>. +# Time-stamp: <1998/10/27 10:00:00 cowboy> +# GPL'd config file, please feed any gripes, suggestions, etc. to me +# +# Function: +# Specify mail domains, which when relayed, will be rewritten +# to appear as the MASQUERADE_AS address +# +# Usage: +# MASQUERADE_DOMAIN_FILE(`[-o ]/etc/mail/sendmail.cM')dnl +# +# Format: +# fqdn +# +# Examples: +# debian.org +# +# Notes: +# Class=$M +# +# Related: +# EXPOSED_USER(root uucp)dnl <<- these are exempt from masquerading +# FEATURE(allmasquerade)dnl <<- rewrite recipient addrs too +# FEATURE(always_add_domain)dnl <<- add domain to unqualified names +# FEATURE(limited_masquerade)dnl <<- only masq domains in $=M +# FEATURE(masquerade_entire_domain)dnl <<- masq all hosts under domain +# FEATURE(masquerade_envelope)dnl <<- rewrite envelope return address too +# GENERICS_DOMAIN_FILE(`/etc/mail/sendmail.cG')dnl <<- masq From: +# +# Local names +# diff --git a/debian/examples/db/virtusertable b/debian/examples/db/virtusertable new file mode 100644 index 0000000..3512635 --- /dev/null +++ b/debian/examples/db/virtusertable @@ -0,0 +1,8 @@ +# Address rewrites for incomming mail +# user@realdomain (must be in $w) localuser (may be an alias) +# info@foo.com foo-info +# info@bar.com bar-info +# @baz.org jane@elsewhere.net +# @foo.org %1@elsewhere.com +# @bar.org error:nouser User unknown +# diff --git a/debian/examples/dialup/ip-down.d b/debian/examples/dialup/ip-down.d new file mode 100644 index 0000000..88e719e --- /dev/null +++ b/debian/examples/dialup/ip-down.d @@ -0,0 +1,57 @@ +#!/bin/sh +# +# This script is called when ppp disconnects from the network. +# +# Here is where we'll stop sendmail if needed +# +# Written By Richard Nelson <cowboy@debian.org> +# +# NOTE: The following lines (without the #) must be in /etc/mail/sendmail.mc: +# include(`/etc/mail/dialup.m4')dnl +# include(`/etc/mail/provider.m4')dnl +# +# Exit by default, check for validity before commenting out the next line: +exit 0; + +# Purge any latent host status that might cause us to *NOT* send mail +AM='-Am'; +if [ ! -f /usr/share/sendmail/cf/feature/msp.m4 ]; then + AM=''; + fi; +sendmail $AM -bH -O Timeout.hoststatus=1s; + +# New mail will only be queued +file="/etc/mail/dialup.m4"; +if [ -f "$file" ]; then + cat <<-EOT > $file; + LOCAL_CONFIG + #------------------------------------------------------------ + # + # Dynamic updates from $0 + # + # NOTE: the following line *MUST* be in /etc/mail/sendmail.mc + dnl include(\`/etc/mail/dialup.m4')dnl + # + # sendmail is to only queue messages until connected again + define(\`confDELIVERY_MODE', \`deferred')dnl + # + # Allow the queue to age without carping every four hours + define(\`confTO_QUEUEWARN',\`1d')dnl + # + # Don't keep host status while the network is down + define(\`confHOST_STATUS_DIRECTORY')dnl + #------------------------------------------------------------ + EOT + fi; + +# Build a new sendmail.cf from sendmail.mc, including our address. +# NOTE: The following line (without the #) must be in /etc/mail/sendmail.mc: +# include(`/etc/mail/dialup.m4') +m4 /etc/mail/sendmail.mc \ + > /etc/mail/sendmail.cf.pnew; +chmod 0644 /etc/mail/sendmail.cf.pnew; +chown mail:mail /etc/mail/sendmail.cf.pnew; +mv -f /etc/mail/sendmail.cf.pnew /etc/mail/sendmail.cf; + +# Stop/reload sendmail daemon as needed +/etc/init.d/sendmail reload; diff --git a/debian/examples/dialup/ip-up.d b/debian/examples/dialup/ip-up.d new file mode 100644 index 0000000..cae3e1f --- /dev/null +++ b/debian/examples/dialup/ip-up.d @@ -0,0 +1,130 @@ +#!/bin/sh +# +# This script is called when ppp connects to the network. +# +# Here is where we'll start sendmail if needed, and will +# run the queue in either case. +# +# Written By Richard Nelson <cowboy@debian.org> +# +# NOTE: The following lines (without the #) must be in /etc/mail/sendmail.mc: +# include(`/etc/mail/dialup.m4')dnl +# include(`/etc/mail/provider.m4')dnl +# +# ALSO: make sure ipparam is specified somewhere in the ppp options; +# it will be used as the name of a file in /etc/mail/peers +# +# Exit by default, check for validity before commenting out the next line: +exit 0; + +# Define our domain name (from PPP) for sendmail. + +# These variables are for the use of the scripts run by run-parts +#PPP_IFACE="$1"; +#PPP_TTY="$2"; +#PPP_SPEED="$3"; +#PPP_LOCAL="$4"; +#PPP_REMOTE="$5"; +#PPP_IPPARAM="$6"; + +if [ ! -z "$PPP_LOCAL" ]; then + addr=$PPP_LOCAL; + provider=$PPP_IPPARAM; +else + addr=$1; + provider=$2; + fi; + +# Determine our fqdn from our ISP +maxloop=20; +cntr=0; +name=""; +until (test ! -z "$name"); do + cntr=$(($cntr+1)); + rev=$(host $addr); + name=$(echo "$rev" | grep '^Name:' | awk '{print $2}'); + if [ -z "$name" ]; then + name=${rev##*domain name pointer }; + name=${name%.}; + fi; + test=$(echo $name | cut -d ' ' -f 1); + if [ "$name" != "**" ]; then + break; + elif (($cntr > $maxloop)); then + name=''; + break; + fi; + done; +echo "addr=$addr, name=$name"; + +file="/etc/mail/dialup.m4"; +#file="dialup.m4"; +if [ ! -z "$name" ]; then + cat <<-EOT > $file; + LOCAL_CONFIG + #------------------------------------------------------------ + # + # Dynamic updates from $0 + # + # NOTE: the following line *MUST* be in /etc/mail/sendmail.mc + dnl include(\`/etc/mail/dialup.m4')dnl + # + # Chose one of the following options: + # * Add our true hostname as a Virtual Host (we'll accept + # mail for it, but keep our local name for SMTP AUTH, etc) + dnl C{VirtHost}$name + # * Define our true hostname (from our ISP) becomes \$j + dnl define(\`confDOMAIN_NAME', \`$name')dnl + # + # Make sure we accept mail as this name (for bounces, etc) + Cw$name + # Add our hostname to class G for genericstable support + CG$name + #------------------------------------------------------------ + EOT + fi; + +# Add smarthost information (if any)... But not if provider.m4 is a link ! +file="/etc/mail/provider.m4"; +#file="provider.m4"; +if [ -f /etc/mail/peers/$provider -a ! -L $file ]; then + cat <<-EOT > $file; + LOCAL_CONFIG + #------------------------------------------------------------ + # + # Dynamic updates from $0 + # + # NOTE: the following line *MUST* be in /etc/mail/sendmail.mc + dnl include(\`/etc/mail/provider.m4')dnl + # + # Provider information from /etc/mail/peers/$provider + EOT + cat /etc/mail/peers/$provider >> $file; + cat <<-EOT >> $file; + #------------------------------------------------------------ + EOT + fi; +#exit 0 + +# Build a new sendmail.cf from sendmail.mc, including our address. +# NOTE: The following lines (without the #) must be in /etc/mail/sendmail.mc: +# include(`/etc/mail/dialup.m4')dnl +# include(`/etc/mail/provider.m4')dnl +m4 /etc/mail/sendmail.mc \ + > /etc/mail/sendmail.cf.pnew; +chmod 0644 /etc/mail/sendmail.cf.pnew; +chown mail:mail /etc/mail/sendmail.cf.pnew; +mv -f /etc/mail/sendmail.cf.pnew /etc/mail/sendmail.cf; + +# Purge any latent host status that might cause us to *NOT* send mail +AM='-Am'; +if [ ! -f /usr/share/sendmail/cf/feature/msp.m4 ]; then + AM=''; + fi; +sendmail $AM -bH -O Timeout.hoststatus=1s; + +# Start/reload sendmail as needed +/etc/init.d/sendmail reload; # may be up, or down + +# Process the sendmail queue (background so as to not defer other ip-up work) +runq & diff --git a/debian/examples/ldap/sendmail.schema.v1 b/debian/examples/ldap/sendmail.schema.v1 new file mode 100644 index 0000000..a1cf73e --- /dev/null +++ b/debian/examples/ldap/sendmail.schema.v1 @@ -0,0 +1,60 @@ +# Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. +# All rights reserved. +# +# By using this file, you agree to the terms and conditions set +# forth in the LICENSE file which can be found at the top level of +# the sendmail distribution. +# +# $Id: sendmail.schema,v 8.6 2001/02/14 05:03:22 gshapiro Exp $ +# +# sendmail specific schemas +# + +attribute sendmailMTAMapName cis +attribute sendmailMTAMapHost cis +attribute sendmailMTAMapDescription cis + +attribute sendmailMTAMapKey cis +attribute sendmailMTAMapValue cis +attribute sendmailMTAMapObjectDescription cis + +objectClass sendmailMTAMap + requires + objectClass, + sendmailMTAMapName, + sendmailMTAMapHost, + allows + sendmailMTAMapDescription + +objectClass sendmailMTAMapObject + requires + objectClass, + sendmailMTAMapKey, + sendmailMTAMapValue + allows + sendmailMTAMapObjectDescription + +# +# The default aliases LDAP schema is used when the AliasFile option is set +# to something like: +# +# O AliasFile=ldap: +# +# That schema is simply: +# + +attribute sendmailMTAAliasHost cis +attribute sendmailMTAAliasDescription cis + +attribute sendmailMTAAliasKey cis +attribute sendmailMTAAliasValue cis + +objectClass sendmailMTAAlias + requires + objectClass, + sendmailMTAAliasHost, + sendmailMTAAliasKey, + sendmailMTAAliasValue + allows + sendmailMTAAliasDescription + diff --git a/debian/examples/ldap/sendmail.schema.v2 b/debian/examples/ldap/sendmail.schema.v2 new file mode 100644 index 0000000..bab47e8 --- /dev/null +++ b/debian/examples/ldap/sendmail.schema.v2 @@ -0,0 +1,216 @@ +# Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. +# All rights reserved. +# +# By using this file, you agree to the terms and conditions set +# forth in the LICENSE file which can be found at the top level of +# the sendmail distribution. +# +# $Id: sendmail.schema,v 8.14 2001/08/31 17:18:18 gshapiro Exp $ + +# Note that this schema is experimental at this point as it has had little +# public review. Therefore, it may change in future versions. Feedback +# via sendmail@sendmail.org is encouraged. + +# OID arcs for Sendmail +# enterprise: 1.3.6.1.4.1 +# sendmail: enterprise.6152 +# sendmail-at: sendmail.3.1 +# sendmail-oc: sendmail.3.2 + +########################################################################### +# +# The Sendmail MTA attributes and objectclass +# +########################################################################### + +# attribute sendmailMTACluster cis +attributetype ( 1.3.6.1.4.1.6152.10.3.1.10 + NAME 'sendmailMTACluster' + DESC 'cluster name associated with a set of MTAs' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# attribute sendmailMTAHost cis +attributetype ( 1.3.6.1.4.1.6152.10.3.1.11 + NAME 'sendmailMTAHost' + DESC 'host name associated with a MTA cluster' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +#objectClass sendmailMTA +# requires +# objectClass +# allows +# sendmailMTACluster, +# sendmailMTAHost, +# Description + +objectclass ( 1.3.6.1.4.1.6152.10.3.2.10 + NAME 'sendmailMTA' + SUP top STRUCTURAL + DESC 'Sendmail MTA definition' + MAY ( sendmailMTACluster $ sendmailMTAHost $ Description ) ) + +########################################################################### +# +# The Sendmail MTA shared attributes +# +########################################################################### + +# attribute sendmailMTAKey cis +attributetype ( 1.3.6.1.4.1.6152.10.3.1.13 + NAME 'sendmailMTAKey' + DESC 'key (left hand side) of an aliases or map entry' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +########################################################################### +# +# The Sendmail MTA Map attributes and objectclasses +# +########################################################################### + +# attribute sendmailMTAMapName cis +attributetype ( 1.3.6.1.4.1.6152.10.3.1.14 + NAME 'sendmailMTAMapName' + DESC 'identifier for the particular map' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE ) + +# attribute sendmailMTAMapValue cis +attributetype ( 1.3.6.1.4.1.6152.10.3.1.16 + NAME 'sendmailMTAMapValue' + DESC 'value (right hand side) of a map entry' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +#objectClass sendmailMTAMap +# requires +# objectClass, +# sendmailMTAMapName, +# allows +# sendmailMTACluster, +# sendmailMTAHost, +# Description + +objectclass ( 1.3.6.1.4.1.6152.10.3.2.11 + NAME 'sendmailMTAMap' + SUP sendmailMTA STRUCTURAL + DESC 'Sendmail MTA map definition' + MUST sendmailMTAMapName + MAY ( sendmailMTACluster $ sendmailMTAHost $ Description ) ) + +#objectClass sendmailMTAObject +# requires +# objectClass, +# sendmailMTAMapName, +# sendmailMTAKey, +# sendmailMTAMapValue, +# allows +# sendmailMTACluster, +# sendmailMTAHost, +# Description + +objectclass ( 1.3.6.1.4.1.6152.10.3.2.12 + NAME 'sendmailMTAMapObject' + SUP sendmailMTAMap STRUCTURAL + DESC 'Sendmail MTA map object' + MUST ( sendmailMTAMapName $ sendmailMTAKey $ sendmailMTAMapValue ) + MAY ( sendmailMTACluster $ sendmailMTAHost $ Description ) ) + + +########################################################################### +# +# The Sendmail MTA Alias attributes and objectclasses +# +########################################################################### + +# attribute sendmailMTAAliasGrouping cis +attributetype ( 1.3.6.1.4.1.6152.10.3.1.18 + NAME 'sendmailMTAAliasGrouping' + DESC 'name that identifies a particular aliases grouping' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +# attribute sendmailMTAAliasValue cis +attributetype ( 1.3.6.1.4.1.6152.10.3.1.20 + NAME 'sendmailMTAAliasValue' + DESC 'value (right hand side) of an alias' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +#objectClass sendmailMTAAlias +# requires +# objectClass, +# allows +# sendmailMTAAliasGrouping, +# sendmailMTACluster, +# sendmailMTAHost, +# Description + +objectclass ( 1.3.6.1.4.1.6152.10.3.2.13 + NAME 'sendmailMTAAlias' + SUP sendmailMTA STRUCTURAL + DESC 'Sendmail MTA alias definition' + MAY ( sendmailMTAAliasGrouping $ + sendmailMTACluster $ sendmailMTAHost $ Description ) ) + +#objectClass sendmailMTAAliasObject +# requires +# objectClass, +# sendmailMTAKey, +# sendmailMTAAliasValue, +# allows +# sendmailMTAAliasGrouping, +# sendmailMTACluster, +# sendmailMTAHost, +# Description + +objectclass ( 1.3.6.1.4.1.6152.10.3.2.14 + NAME 'sendmailMTAAliasObject' + SUP sendmailMTAAlias STRUCTURAL + DESC 'Sendmail MTA alias object' + MUST ( sendmailMTAKey $ sendmailMTAAliasValue ) + MAY ( sendmailMTAAliasGrouping $ + sendmailMTACluster $ sendmailMTAHost $ Description ) ) + +########################################################################### +# +# The Sendmail MTA Class attributes and objectclass +# +########################################################################### + +# attribute sendmailMTAClassName cis +attributetype ( 1.3.6.1.4.1.6152.10.3.1.22 + NAME 'sendmailMTAClassName' + DESC 'identifier for the class' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE ) + +# attribute sendmailMTAClassValue cis +attributetype ( 1.3.6.1.4.1.6152.10.3.1.23 + NAME 'sendmailMTAClassValue' + DESC 'member of a class' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +#objectClass sendmailMTAClass +# requires +# objectClass, +# sendmailMTAClassName, +# sendmailMTAClassValue, +# allows +# sendmailMTACluster, +# sendmailMTAHost, +# Description + +objectclass ( 1.3.6.1.4.1.6152.10.3.2.15 + NAME 'sendmailMTAClass' + SUP sendmailMTA STRUCTURAL + DESC 'Sendmail MTA class definition' + MUST ( sendmailMTAClassName $ sendmailMTAClassValue ) + MAY ( sendmailMTACluster $ sendmailMTAHost $ Description ) ) diff --git a/debian/examples/logcheck/ignore.d.paranoid/sendmail b/debian/examples/logcheck/ignore.d.paranoid/sendmail new file mode 100644 index 0000000..e0781dd --- /dev/null +++ b/debian/examples/logcheck/ignore.d.paranoid/sendmail @@ -0,0 +1,21 @@ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: starting daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: restarting +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: rejecting connections on daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: accepting connections again for daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* User unknown +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: alias database .* rebuilt +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* aliases, longest +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: from= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: split: +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* lost input channel +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* message-id= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* return to sender +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* stat= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* timeout waiting +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: Milter add: +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: Milter: data, discard +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: discarded +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: AUTH= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: (PLAIN|CRAM-MD5|DIGEST-MD5) set secret +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: DIGEST-MD5: failed .* later in exchange +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: STARTTLS=(server|client), .* verify=(OK|NO) diff --git a/debian/examples/logcheck/ignore.d.server/sendmail b/debian/examples/logcheck/ignore.d.server/sendmail new file mode 100644 index 0000000..dfc4984 --- /dev/null +++ b/debian/examples/logcheck/ignore.d.server/sendmail @@ -0,0 +1,21 @@ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: starting daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: restarting +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: rejecting connections on daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: accepting connections again for daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* User unknown +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: alias database .* rebuilt +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* aliases, longest +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: from= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: split: +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* lost input channel +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* message-id= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* return to sender +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* stat= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* timeout waiting +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: Milter add: +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: Milter: data, discard +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: discarded +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: AUTH= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: (PLAIN|CRAM-MD5|DIGEST-MD5) set secret +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: DIGEST-MD5: failed .* later in exchange +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: STARTTLS=(server|client), .* verify=(OK|NO) diff --git a/debian/examples/logcheck/ignore.d.workstation/sendmail b/debian/examples/logcheck/ignore.d.workstation/sendmail new file mode 100644 index 0000000..2374b71 --- /dev/null +++ b/debian/examples/logcheck/ignore.d.workstation/sendmail @@ -0,0 +1,21 @@ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: starting daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: restarting +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: rejecting connections on daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: accepting connections again for daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* User unknown +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: alias database .* rebuilt +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* aliases, longest +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: from= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: split: +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* lost input channel +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* message-id= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* return to sender +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* stat= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .* timeout waiting +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: Milter add: +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: Milter: data, discard +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*: discarded +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: AUTH= +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: (PLAIN|CRAM-MD5|DIGEST-MD5) set secret +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: DIGEST-MD5: failed .* later in exchange +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: STARTTLS= diff --git a/debian/examples/logcheck/violations.ignore.d/logcheck-sendmail b/debian/examples/logcheck/violations.ignore.d/logcheck-sendmail new file mode 100644 index 0000000..9518e7d --- /dev/null +++ b/debian/examples/logcheck/violations.ignore.d/logcheck-sendmail @@ -0,0 +1,12 @@ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: alias database .* rebuilt +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*stat=(Refused|Deferred) +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: gethostbyaddr\(.*\) failed: +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: rejecting connections on daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: DIGEST-MD5: failed .* later in exchange +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=450 4\.7\.1 <[^>]+>... Relaying temporarily denied. Cannot resolve PTR record for [0-9\.]+$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=451 4\.1\.8 Domain of sender address [^ ]+ does not resolve$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=550 5\.7\.1 Access denied$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=550 5\.7\.1 <[^>]+>... Relaying denied. Proper authentication required.$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=550 5\.7\.1 <[^>]+>... Relaying denied. IP name lookup failed \[[0-9\.]+\]$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=550 5\.7\.1 <[^>]+>... Relaying denied. IP name lookup possibly forged \[[0-9\.]+\]$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=553 5\.1\.8 <[^>]+>... Relaying temporarily denied. Cannot resolve PTR record for [0-9\.]+$ diff --git a/debian/examples/logcheck/violations.ignore.d/sendmail b/debian/examples/logcheck/violations.ignore.d/sendmail new file mode 100644 index 0000000..9518e7d --- /dev/null +++ b/debian/examples/logcheck/violations.ignore.d/sendmail @@ -0,0 +1,12 @@ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: alias database .* rebuilt +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*stat=(Refused|Deferred) +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: gethostbyaddr\(.*\) failed: +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: rejecting connections on daemon +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: DIGEST-MD5: failed .* later in exchange +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=450 4\.7\.1 <[^>]+>... Relaying temporarily denied. Cannot resolve PTR record for [0-9\.]+$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=451 4\.1\.8 Domain of sender address [^ ]+ does not resolve$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=550 5\.7\.1 Access denied$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=550 5\.7\.1 <[^>]+>... Relaying denied. Proper authentication required.$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=550 5\.7\.1 <[^>]+>... Relaying denied. IP name lookup failed \[[0-9\.]+\]$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=550 5\.7\.1 <[^>]+>... Relaying denied. IP name lookup possibly forged \[[0-9\.]+\]$ +(sendmail|sm-(mta|msp|que))\[[0-9]+\]: .*reject=553 5\.1\.8 <[^>]+>... Relaying temporarily denied. Cannot resolve PTR record for [0-9\.]+$ diff --git a/debian/examples/milter/Makefile b/debian/examples/milter/Makefile new file mode 100644 index 0000000..69f5e93 --- /dev/null +++ b/debian/examples/milter/Makefile @@ -0,0 +1,25 @@ +#!/usr/bin/make -f +SHELL= /bin/sh + +# Define standard compile/install flags +CC = gcc +CFLAGS = -O2 -Wall +INSTALL = install +INCLS = -I. +DEFS = +CFLAGS += $(DEFS) $(INCLS) +LDFLAGS = +LIBS = /usr/lib/libmilter/libmilter.a \ + /usr/lib/libmilter/libsm.a \ + -lldap -llber \ + -lbind \ + -pthread + +all: sample + +sample: sample.c + @rm -f $@ + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $? $(LIBS) + +clean: + rm -rf sample *~ diff --git a/debian/examples/milter/sample.c b/debian/examples/milter/sample.c new file mode 100644 index 0000000..4e063ad --- /dev/null +++ b/debian/examples/milter/sample.c @@ -0,0 +1,236 @@ + +/* A trivial filter that logs all email to a file. */ + +#include <sys/types.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sysexits.h> +#include <unistd.h> + +#include "libmilter/mfapi.h" +#include "strl.h" /*RAN*/ + +typedef int bool; + +#ifndef FALSE +# define FALSE 0 +#endif /* ! FALSE*/ +#ifndef TRUE +# define TRUE 1 +#endif /* ! TRUE*/ + +struct mlfiPriv +{ + char *mlfi_fname; + FILE *mlfi_fp; +}; + +#define MLFIPRIV ((struct mlfiPriv *) smfi_getpriv(ctx)) + +extern sfsistat mlfi_cleanup(SMFICTX *, bool); + +sfsistat +mlfi_envfrom(ctx, envfrom) + SMFICTX *ctx; + char **envfrom; +{ + struct mlfiPriv *priv; + int fd; + + /* allocate some private memory */ + priv = malloc(sizeof *priv); + if (priv == NULL) + { + /* can't accept this message right now */ + return SMFIS_TEMPFAIL; + } + memset(priv, '\0', sizeof *priv); + + /* open a file to store this message */ + priv->mlfi_fname = strdup("/tmp/msg.XXXXXXXX"); + if (priv->mlfi_fname == NULL) + { + free(priv); + return SMFIS_TEMPFAIL; + } + if ((fd = mkstemp(priv->mlfi_fname)) < 0 || + (priv->mlfi_fp = fdopen(fd, "w+")) == NULL) + { + free(priv->mlfi_fname); + free(priv); + return SMFIS_TEMPFAIL; + } + + /* save the private data */ + smfi_setpriv(ctx, priv); + + /* continue processing */ + return SMFIS_CONTINUE; +} + +sfsistat +mlfi_header(ctx, headerf, headerv) + SMFICTX *ctx; + char *headerf; + char *headerv; +{ + /* write the header to the log file */ + fprintf(MLFIPRIV->mlfi_fp, "%s: %s\r\n", headerf, headerv); + + /* continue processing */ + return SMFIS_CONTINUE; +} + +sfsistat +mlfi_eoh(ctx) + SMFICTX *ctx; +{ + /* output the blank line between the header and the body */ + fprintf(MLFIPRIV->mlfi_fp, "\r\n"); + + /* continue processing */ + return SMFIS_CONTINUE; +} + +sfsistat +mlfi_body(ctx, bodyp, bodylen) + SMFICTX *ctx; + u_char *bodyp; + size_t bodylen; +{ + /* output body block to log file */ + if (fwrite(bodyp, bodylen, 1, MLFIPRIV->mlfi_fp) <= 0) + { + /* write failed */ + (void) mlfi_cleanup(ctx, FALSE); + return SMFIS_TEMPFAIL; + } + + /* continue processing */ + return SMFIS_CONTINUE; +} + +sfsistat +mlfi_eom(ctx) + SMFICTX *ctx; +{ + return mlfi_cleanup(ctx, TRUE); +} + +sfsistat +mlfi_close(ctx) + SMFICTX *ctx; +{ + return SMFIS_ACCEPT; +} + +sfsistat +mlfi_abort(ctx) + SMFICTX *ctx; +{ + return mlfi_cleanup(ctx, FALSE); +} + +sfsistat +mlfi_cleanup(ctx, ok) + SMFICTX *ctx; + bool ok; +{ + sfsistat rstat = SMFIS_CONTINUE; + struct mlfiPriv *priv = MLFIPRIV; + char *p; + char host[512]; + char hbuf[1024]; + + if (priv == NULL) + return rstat; + + /* close the archive file */ + if (priv->mlfi_fp != NULL && fclose(priv->mlfi_fp) == EOF) + { + /* failed; we have to wait until later */ + rstat = SMFIS_TEMPFAIL; + (void) unlink(priv->mlfi_fname); + } + else if (ok) + { + /* add a header to the message announcing our presence */ + if (gethostname(host, sizeof host) < 0) + strlcpy(host, "localhost", sizeof host); + p = strrchr(priv->mlfi_fname, '/'); + if (p == NULL) + p = priv->mlfi_fname; + else + p++; + snprintf(hbuf, sizeof hbuf, "%s@%s", p, host); + smfi_addheader(ctx, "X-Archived", hbuf); + } + else + { + /* message was aborted -- delete the archive file */ + (void) unlink(priv->mlfi_fname); + } + + /* release private memory */ + free(priv->mlfi_fname); + free(priv); + smfi_setpriv(ctx, NULL); + + /* return status */ + return rstat; +} + +struct smfiDesc smfilter = +{ + "SampleFilter", /* filter name */ + SMFI_VERSION, /* version code -- do not change */ + SMFIF_ADDHDRS, /* flags */ + NULL, /* connection info filter */ + NULL, /* SMTP HELO command filter */ + mlfi_envfrom, /* envelope sender filter */ + NULL, /* envelope recipient filter */ + mlfi_header, /* header filter */ + mlfi_eoh, /* end of header */ + mlfi_body, /* body block filter */ + mlfi_eom, /* end of message */ + mlfi_abort, /* message aborted */ + mlfi_close /* connection cleanup */ +}; + + +int +main(argc, argv) + int argc; + char *argv[]; +{ + int c; + const char *args = "p:"; + + /* Process command line options */ + while ((c = getopt(argc, argv, args)) != -1) + { + switch (c) + { + case 'p': + if (optarg == NULL || *optarg == '\0') + { + (void) fprintf(stderr, "Illegal conn: %s\n", + optarg); + exit(EX_USAGE); + } + (void) smfi_setconn(optarg); + break; + + } + } + if (smfi_register(smfilter) == MI_FAILURE) + { + fprintf(stderr, "smfi_register failed\n"); + exit(EX_UNAVAILABLE); + } + return smfi_main(); +} + +/* eof */ + diff --git a/debian/examples/milter/strl.h b/debian/examples/milter/strl.h new file mode 100644 index 0000000..f3c8cdb --- /dev/null +++ b/debian/examples/milter/strl.h @@ -0,0 +1,17 @@ +/*-------------------------------------------------------------------*/ +/* strl.h: include file for functions in strl.c */ +/* buried in the bottom of include/sendmail/sendmail.h */ +/* extracted and placed herein. */ +/* */ +/* referenced by: ./sample.c */ +/* defined by: /usr/lib/libmilter/libsm.a */ +/* */ +/* Richard Nelson <cowboy@debian.org> */ +/*-------------------------------------------------------------------*/ + +#define strlcpy sm_strlcpy +#define strlcat sm_strlcat + +extern size_t sm_strlcpy __P((char *, const char *, size_t)); +extern size_t sm_strlcat __P((char *, const char *, size_t)); + diff --git a/debian/examples/pam/smtp b/debian/examples/pam/smtp new file mode 100644 index 0000000..645535c --- /dev/null +++ b/debian/examples/pam/smtp @@ -0,0 +1,14 @@ +#%PAM-1.0 +#------------------------------------------------------------------------ +# +# /etc/pam.d/smtp +# +# Copyright (c) 2000-2001 Richard Nelson. All Rights Reserved. +# Version: 2.0.0 +# Time-stamp: <2001/05/29 12:00:00 cowboy> +# +# PAM configuration file used by SASL to authenticate a PLAIN password. +# +#------------------------------------------------------------------------ +#auth sufficient pam_ldap.so +auth required pam_unix.so nullok try_first_pass diff --git a/debian/examples/sasl/Sendmail.conf b/debian/examples/sasl/Sendmail.conf new file mode 100644 index 0000000..b41887b --- /dev/null +++ b/debian/examples/sasl/Sendmail.conf @@ -0,0 +1,18 @@ +#Currently configurable parameters: +#- srvtab (for KERBEROS_V4): [/etc/srvtab] path +# where to find the srvtab +# +#- pwcheck_method: [PAM] one of {PAM, kerberos_v4, passwd, shadow, sasldb} +# how to check plaintext passwords. +# +#- auto_transition: [false] +# if true, automatically add secrets to the secret database when +# PLAIN or check_password is used, so in the future the user can +# use the more secure mechanisms. +# +#*** For a more detailed guide on configuring SASL, please look at +#doc/sysadmin.html. +# +#pwcheck_method: sasldb +pwcheck_method: PAM +auto_transition: true diff --git a/debian/examples/sasl/saslpasswd.conf b/debian/examples/sasl/saslpasswd.conf new file mode 100644 index 0000000..dfcc7b7 --- /dev/null +++ b/debian/examples/sasl/saslpasswd.conf @@ -0,0 +1,17 @@ +#Currently configurable parameters: +#- srvtab (for KERBEROS_V4): [/etc/srvtab] path +# where to find the srvtab +# +#- pwcheck_method: [PAM] one of {PAM, kerberos_v4, passwd, shadow, sasldb} +# how to check plaintext passwords. +# +#- auto_transition: [false] +# if true, automatically add secrets to the secret database when +# PLAIN or check_password is used, so in the future the user can +# use the more secure mechanisms. +# +#*** For a more detailed guide on configuring SASL, please look at +#doc/sysadmin.html. +# +pwcheck_method: sasldb +auto_transition: true |