[NEW] mail/opensmtpd-filter-dnsbl

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

[NEW] mail/opensmtpd-filter-dnsbl

Martijn van Duren-7
$ cat pkg/DESCR
filter-dnsbl is an opensmtpd filter that checks the sender's IP address
against one or more dnsbl lists to flag or reject spam messages at session time.
$

Since I'm not too familiar with ports I would like to pay special
attention to the Makefile of both the port as well as the source.

Also, I currently host the release tarballs at my personal server, which
I also use for generic other stuff and might not always be available.
If someone from the ports team has a more stable location to host the
release tarballs let me know.

martijn@


opensmtpd-filter-dnsbl.tar.gz (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [NEW] mail/opensmtpd-filter-dnsbl

Martijn van Duren-7
On 8/24/19 6:31 AM, Martijn van Duren wrote:

> $ cat pkg/DESCR
> filter-dnsbl is an opensmtpd filter that checks the sender's IP address
> against one or more dnsbl lists to flag or reject spam messages at session time.
> $
>
> Since I'm not too familiar with ports I would like to pay special
> attention to the Makefile of both the port as well as the source.
>
> Also, I currently host the release tarballs at my personal server, which
> I also use for generic other stuff and might not always be available.
> If someone from the ports team has a more stable location to host the
> release tarballs let me know.
>
> martijn@
>
Ping.

Slightly modified version based on move of libopensmtpd to
mail/opensmtpd-filters.

Same questions still remain.

opensmtpd-filter-dnsbl.tar.gz (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [NEW] mail/opensmtpd-filter-dnsbl

Martijn van Duren-7
ping

No one interested in filtering on DNSBL anymore?

On 9/5/19 3:15 PM, Martijn van Duren wrote:

> On 8/24/19 6:31 AM, Martijn van Duren wrote:
>> $ cat pkg/DESCR
>> filter-dnsbl is an opensmtpd filter that checks the sender's IP address
>> against one or more dnsbl lists to flag or reject spam messages at session time.
>> $
>>
>> Since I'm not too familiar with ports I would like to pay special
>> attention to the Makefile of both the port as well as the source.
>>
>> Also, I currently host the release tarballs at my personal server, which
>> I also use for generic other stuff and might not always be available.
>> If someone from the ports team has a more stable location to host the
>> release tarballs let me know.
>>
>> martijn@
>>
> Ping.
>
> Slightly modified version based on move of libopensmtpd to
> mail/opensmtpd-filters.
>
> Same questions still remain.
>

Reply | Threaded
Open this post in threaded view
|

Re: [NEW] mail/opensmtpd-filter-dnsbl

Martijn van Duren-7
Updated for CC flag.

On 9/12/19 9:09 AM, Martijn van Duren wrote:

> ping
>
> No one interested in filtering on DNSBL anymore?
>
> On 9/5/19 3:15 PM, Martijn van Duren wrote:
>> On 8/24/19 6:31 AM, Martijn van Duren wrote:
>>> $ cat pkg/DESCR
>>> filter-dnsbl is an opensmtpd filter that checks the sender's IP address
>>> against one or more dnsbl lists to flag or reject spam messages at session time.
>>> $
>>>
>>> Since I'm not too familiar with ports I would like to pay special
>>> attention to the Makefile of both the port as well as the source.
>>>
>>> Also, I currently host the release tarballs at my personal server, which
>>> I also use for generic other stuff and might not always be available.
>>> If someone from the ports team has a more stable location to host the
>>> release tarballs let me know.
>>>
>>> martijn@
>>>
>> Ping.
>>
>> Slightly modified version based on move of libopensmtpd to
>> mail/opensmtpd-filters.
>>
>> Same questions still remain.
>>
>

dnsbl.tar.gz (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [NEW] mail/opensmtpd-filter-dnsbl

Mikolaj Kucharski-3
On Tue, Sep 17, 2019 at 07:21:45AM +0200, Martijn van Duren wrote:
> Updated for CC flag.

Compilartion fails with:

main.c:32:10: fatal error: 'opensmtpd.h' file not found
#include "opensmtpd.h"
         ^~~~~~~~~~~~~

below change fixes it:


--- Makefile Tue Sep 17 05:06:55 2019
+++ Makefile Tue Sep 17 05:39:50 2019
@@ -16,13 +16,12 @@
 
 LIB_DEPENDS= mail/opensmtpd-filters/libopensmtpd
 
-MAKE_FLAGS+= CFLAGS=-I${LOCALBASE}/include LDFLAGS=-L${LOCALBASE}/lib
+MAKE_FLAGS= CC="${CC}" CFLAGS=-I${LOCALBASE}/include LDFLAGS=-L${LOCALBASE}/lib
 
 # ISC
 PERMIT_PACKAGE= Yes
 
 WANTLIB= c pthread event opensmtpd
 NO_TEST= Yes
-MAKE_FLAGS= CC="${CC}"
 
 .include <bsd.port.mk>

--
Regards,
 Mikolaj

Reply | Threaded
Open this post in threaded view
|

Re: [NEW] mail/opensmtpd-filter-dnsbl

Martijn van Duren-7
On 9/17/19 7:42 AM, Mikolaj Kucharski wrote:

> On Tue, Sep 17, 2019 at 07:21:45AM +0200, Martijn van Duren wrote:
>> Updated for CC flag.
>
> Compilartion fails with:
>
> main.c:32:10: fatal error: 'opensmtpd.h' file not found
> #include "opensmtpd.h"
>          ^~~~~~~~~~~~~
>
> below change fixes it:
>
>
> --- Makefile Tue Sep 17 05:06:55 2019
> +++ Makefile Tue Sep 17 05:39:50 2019
> @@ -16,13 +16,12 @@
>  
>  LIB_DEPENDS= mail/opensmtpd-filters/libopensmtpd
>  
> -MAKE_FLAGS+= CFLAGS=-I${LOCALBASE}/include LDFLAGS=-L${LOCALBASE}/lib
> +MAKE_FLAGS= CC="${CC}" CFLAGS=-I${LOCALBASE}/include LDFLAGS=-L${LOCALBASE}/lib
>  
>  # ISC
>  PERMIT_PACKAGE= Yes
>  
>  WANTLIB= c pthread event opensmtpd
>  NO_TEST= Yes
> -MAKE_FLAGS= CC="${CC}"
>  
>  .include <bsd.port.mk>
>
Thanks. Apparently I had a opensmtpd.h still lingering in /usr/include
on this machine.

dnsbl.tar.gz (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [NEW] mail/opensmtpd-filter-dnsbl

Mikolaj Kucharski-3
On Tue, Sep 17, 2019 at 08:04:47AM +0200, Martijn van Duren wrote:
> Thanks. Apparently I had a opensmtpd.h still lingering in /usr/include
> on this machine.

I got rusty with OpenBSD ports, so I don't have anything to comment
regards the port itself, but dnsbl filter works (started with options
-vm and runs as _smtpd user):

2019-09-18T20:34:45.388Z ks28975 smtpd[62206]: info: OpenSMTPD 6.6.0 starting
2019-09-18T20:36:40.396Z ks28975 smtpd[53386]: 7f750e1df82c8768 smtp connected address=209.85.222.169 host=mail-qk1-f169.google.com
2019-09-18T20:36:40.519Z ks28975 smtpd[37832]: spamcop: 7f750e1df82c8768 not listed
2019-09-18T20:36:40.538Z ks28975 smtpd[37832]: spamhaus: 7f750e1df82c8768 not listed
2019-09-18T20:36:40.692Z ks28975 smtpd[37832]: blocklist: 7f750e1df82c8768 not listed
2019-09-18T20:36:40.742Z ks28975 smtpd[37832]: megarbl: 7f750e1df82c8768 not listed
2019-09-18T20:36:41.137Z ks28975 smtpd[53386]: 7f750e1df82c8768 smtp tls ciphers=TLSv1.2:ECDHE-RSA-CHACHA20-POLY1305:256


Note from myself, not related to the port itself. I found that spamd(8)
in front of smtpd(8) and periodic `smtpctl spf walk` on Big Mail Corps
domains to white list their SPF exposed subnets via <nospamd> pf table
gives very good results, so I never felt a need to reach for additional
filtering signal via DNSBLs. In other words, I'm not sure will I stick
to above filters in long run. Nonetheless, thanks Martijn for this
additional tool.

--
Regards,
 Mikolaj

Reply | Threaded
Open this post in threaded view
|

Re: [NEW] mail/opensmtpd-filter-dnsbl

Martijn van Duren-7
On 9/18/19 10:49 PM, Mikolaj Kucharski wrote:

> On Tue, Sep 17, 2019 at 08:04:47AM +0200, Martijn van Duren wrote:
>> Thanks. Apparently I had a opensmtpd.h still lingering in /usr/include
>> on this machine.
>
> I got rusty with OpenBSD ports, so I don't have anything to comment
> regards the port itself, but dnsbl filter works (started with options
> -vm and runs as _smtpd user):
>
> 2019-09-18T20:34:45.388Z ks28975 smtpd[62206]: info: OpenSMTPD 6.6.0 starting
> 2019-09-18T20:36:40.396Z ks28975 smtpd[53386]: 7f750e1df82c8768 smtp connected address=209.85.222.169 host=mail-qk1-f169.google.com
> 2019-09-18T20:36:40.519Z ks28975 smtpd[37832]: spamcop: 7f750e1df82c8768 not listed
> 2019-09-18T20:36:40.538Z ks28975 smtpd[37832]: spamhaus: 7f750e1df82c8768 not listed
> 2019-09-18T20:36:40.692Z ks28975 smtpd[37832]: blocklist: 7f750e1df82c8768 not listed
> 2019-09-18T20:36:40.742Z ks28975 smtpd[37832]: megarbl: 7f750e1df82c8768 not listed
> 2019-09-18T20:36:41.137Z ks28975 smtpd[53386]: 7f750e1df82c8768 smtp tls ciphers=TLSv1.2:ECDHE-RSA-CHACHA20-POLY1305:256

You did saw that you can specify multiple blacklists in a single filter right?
Saves quite a lot of time, since queries can be done parallel, instead of
sequential with chaining.

>
>
> Note from myself, not related to the port itself. I found that spamd(8)
> in front of smtpd(8) and periodic `smtpctl spf walk` on Big Mail Corps
> domains to white list their SPF exposed subnets via <nospamd> pf table
> gives very good results, so I never felt a need to reach for additional
> filtering signal via DNSBLs. In other words, I'm not sure will I stick
> to above filters in long run. Nonetheless, thanks Martijn for this
> additional tool.
>

Reply | Threaded
Open this post in threaded view
|

Re: [NEW] mail/opensmtpd-filter-dnsbl

Mikolaj Kucharski-3
On Thu, Sep 19, 2019 at 05:59:52AM +0200, Martijn van Duren wrote:
> You did saw that you can specify multiple blacklists in a single filter right?
> Saves quite a lot of time, since queries can be done parallel, instead of
> sequential with chaining.

Oh, yeah. I've missed that. Thanks :)

--
Regards,
 Mikolaj