-FreeBSD 4.8 postgrey 導入-

   
 greylisting

 spam対策としてpostgreyを導入してみました。
   完全に自分用のメモ〆(゚▽゚*)

 全てのメールを一時的に拒否する事は少々過激な気もするけど( ̄∇ ̄)
 詳細はここらへんを参考にして頂けたらと思います。

   日本語ポータルサイト:SPAMメール対策ツールPostgrey(Postfix Greylisting Policy Server)


 ※portsを最新版にしていなかったのは・・・かなり致命的だったと後から気付きました(汗

# cd /usr/ports/mail/postgrey/ && sub2# make install clean
===> Vulnerability check disabled
=> postgrey-1.17.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch from http://isg.ee.ethz.ch/tools/postgrey/pub/.
fetch: http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.17.tar.gz: Multiple C hoices
=> Attempting to fetch from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/.
fetch: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/postgrey-1.17.tar.gz: F ile unavailable (e.g., file not found, no access)
=> Couldn't fetch it - please try to retrieve this
=> port manually into /usr/ports/distfiles/ and try again.
*** Error code 1

===> postgrey-1.17 Needs perl 5.6.1 or higher, install lang/perl5.8 and try again.
===> Cleaning for db3-3.3.11_2,1
===> Cleaning for p5-BerkeleyDB-0.26
===> Cleaning for libtool-1.3.5_2
===> Cleaning for p5-IO-1.20
===> Cleaning for p5-IO-Multiplex-1.08
===> Cleaning for p5-Time-HiRes-1.66,1
===> Cleaning for p5-Net-Server-0.87
===> Cleaning for rc_subr-1.31
===> Cleaning for postgrey-1.1

perlのバージョンが古い様です。
# perl -v
This is perl, version 5.005_03 built for i386-freebsd
Copyright 1987-1999, Larry Wall

perl5.8を入れてみる(;一_一)
# cd /usr/ports/lang/perl5.8
# make install clean
===> Cleaning for perl-5.8.5
# rehash
# use.perl port
# perl -v
This is perl, v5.8.5 built for i386-freebsd-64int
Copyright 1987-2004, Larry Wall

postgrey-1.24.tar.gzをWget(*^^)v
# wget http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.24.tar.gz
--13:23:23-- http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.24.tar.gz
=> `postgrey-1.24.tar.gz'
Resolving isg.ee.ethz.ch... done.
Connecting to isg.ee.ethz.ch[129.132.2.198]:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 27,444 [application/x-tar]
100%[=======================================>] 27,444 30.52K/s ETA 00:00
13:23:24 (30.52 KB/s) - `postgrey-1.24.tar.gz' saved [27444/27444]

# cd /usr/ports/net/p5-Net-Server/ && make install clean
===> Vulnerability check disabled
=> Net-Server-0.87.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch from http://www.seamons.com/net_server/.
fetch: http://www.seamons.com/net_server/Net-Server-0.87.tar.gz: Not Found
=> Attempting to fetch from http://www.cpan.dk/CPAN/modules/by-module/Net/.
fetch: http://www.cpan.dk/CPAN/modules/by-module/Net/Net-Server-0.87.tar.gz: Not Found
=> Attempting to fetch from ftp://ftp.funet.fi/pub/languages/perl/CPAN/modules/by-module/Net/.
Receiving Net-Server-0.87.tar.gz (69235 bytes): 100%
69235 bytes transferred in 2.1 seconds (32.13 kBps)
===> Extracting for p5-Net-Server-0.87
=> Checksum OK for Net-Server-0.87.tar.gz.
===> p5-Net-Server-0.87 depends on file: /usr/local/bin/perl5.8.5 - found
===> Patching for p5-Net-Server-0.87
===> p5-Net-Server-0.87 depends on file: /usr/local/bin/perl5.8.5 - found
===> p5-Net-Server-0.87 depends on file: /usr/local/bin/perl5.8.5 - found
===> Configuring for p5-Net-Server-0.87
Checking if your kit is complete...
Looks good
Writing Makefile for Net::Server
===> Building for p5-Net-Server-0.87
cp lib/Net/Server/Proto/UDP.pm blib/lib/Net/Server/Proto/UDP.pm
cp lib/Net/Server/Proto/UNIX.pm blib/lib/Net/Server/Proto/UNIX.pm
  省略
# wget http://downloads.sleepycat.com/db-4.4.20.tar.gz
--13:50:27-- http://downloads.sleepycat.com/db-4.4.20.tar.gz
=> `db-4.4.20.tar.gz'
Resolving downloads.sleepycat.com... done.
Connecting to downloads.sleepycat.com[209.235.214.1]:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 7,952,742 [application/x-tar]

100%[=======================================================>] 7,952,742 133.58K/s ETA 00:00

13:51:26 (133.58 KB/s) - `db-4.4.20.tar.gz' saved [7952742/7952742]
  省略
cpan> install Net::Server
Writing /usr/local/lib/perl5/site_perl/5.8.5/mach/auto/Net/Server/.packlist
FreeBSD: Registering installation in the package database
Appending installation info to /usr/local/lib/perl5/5.8.5/mach/perllocal.pod
/usr/bin/make install -- OK

cpan> install IO::Multiplex
Running make install
Installing /usr/local/lib/perl5/site_perl/5.8.5/IO/Multiplex.pm
Installing /usr/local/lib/perl5/5.8.5/man/man3/IO::Multiplex.3
Writing /usr/local/lib/perl5/site_perl/5.8.5/mach/auto/IO/Multiplex/.packlist
FreeBSD: Registering installation in the package database
Appending installation info to /usr/local/lib/perl5/5.8.5/mach/perllocal.pod
/usr/bin/make install -- OK

cpan> install BerkeleyDB

# wget http://k2net.hakuba.jp/pub/postgrey-namecheck.tar.gz
--15:23:00-- http://k2net.hakuba.jp/pub/postgrey-namecheck.tar.gz
=> `postgrey-namecheck.tar.gz'
Resolving k2net.hakuba.jp... done.
Connecting to k2net.hakuba.jp[210.188.204.245]:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3,518 [application/x-tar]

100%[=======================================================>] 3,518 137.42K/s ETA 00:00
15:23:00 (137.42 KB/s) - `postgrey-namecheck.tar.gz' saved [3518/3518]

起動させてみる( ̄∇ ̄)

# cd /var/spool/postfix/postgrey
Mar 26 08:15:29 sub2 postgrey[20457]: Process Backgrounded
Mar 26 08:15:29 sub2 postgrey[20457]: 2006/03/26-08:15:29 postgrey (type Net::Server::Multiplex) starting! pid(20457)
Mar 26 08:15:29 sub2 postgrey[20457]: Binding to TCP port 10023 on host localhost
Mar 26 08:15:29 sub2 postgrey[20457]: Setting gid to "65533 65533"
Mar 26 08:15:29 sub2 postgrey[20457]: Setting uid to "1006"
Mar 26 08:15:29 sub2 postgrey[20457]: warning: WARNING: disabling DB_AUTO_COMMIT because you are using BerkeleyDB version 3.3. Version 4.1 is required for DB_AUTO_COMMIT. You might have problems in case of system failures to recover the database.

# ls -l
total 520
-rw------- 1 postgrey postgrey 8192 Mar 26 08:15 __db.001
-rw------- 1 postgrey postgrey 270336 Mar 26 08:15 __db.002
-rw------- 1 postgrey postgrey 98304 Mar 26 08:15 __db.003
-rw------- 1 postgrey postgrey 16384 Mar 26 08:15 __db.004
-rw------- 1 postgrey postgrey 242907 Mar 26 08:15 log.0000000001
-rw------- 1 postgrey postgrey 65536 Mar 26 08:15 postgrey.db
-rw------- 1 postgrey postgrey 0 Mar 19 16:41 postgrey.lock
-rw------- 1 postgrey postgrey 32768 Mar 26 08:15 postgrey_clients.db

メールのログを見てみる。
ostfix/smtpd[9111]: NOQUEUE: reject: RCPT from unknown[60.24.137.**]: 450 <○○@yumidon.com>: Recipient address rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/help/yumidon.com.html); from=<c_pugh_yk@△△.com> to=<○○@yumidon.com> proto=ESMTP helo=<artware.com>

postfix/smtpd[9111]: NOQUEUE: reject: RCPT from unknown[211.196.109.**]: 450 <○○@yumidon.com>: Recipient address rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/help/yumidon.com.html); from=<napoleon.rodriguesuc@□□.com> to=<○○@yumidon.com> proto=ESMTP helo=<☆☆.com>