Yet Another Greylisting Daemon for qmail and netqmail

popowich

EQ Forum Admin
Staff member
qmail-greyd is yet another implementation of greylisting for qmail,
netqmail and indimail. The qmail-greyd code is licensed under GPLV3

Most of the ideas come from greydaemon written by John Levine and the
greycheck() function written by Andrew Richards as described at

Announce: greydaemon, a new greylisting package for netqmail | Qmail | users

Using Andrew's code makes it possible to have minimal changes to
qmail-smtpd. qmail-greyd is compatible with Andrew's code and uses
almost the same logic as in greydaemon.

qmail-greyd can be downloaded from
https://sourceforge.net/projects/in...ns/qmail-greyd/greylist-1.0.patch.gz/download

qmail-greyd is written in C and uses extensively the functions written
by djb. qmail-greyd maintains an in-memory linked-list of triplets of
IP, from, recipients. It reads the entire recipient list in one
operation by figuring out the data size using MSG_PEEK
parameter to recvfrom(). During startup, qmail-grey can read a list of
IPs from a file. The entries in the file can be in CIDR format, range
format, wildcards or exact IPs. The whitelist file can have a .cdb
extension for fast cdb lookup. Once qmail-greyd is running, it can
re-read the whitelist on receipt of SIGHUP. (I also have a version which
does MySQL lookup, in case anyone in this list is interested).

To have the in-memory database as small as possible, qmail-greyd
continously expires entries in the linked list and frees the expired
entries periodically. qmail-greyd periodically flushes the in-memory
database to a file. This context file can be read during startup (say
after a reboot). qmail-greyd also flushes the database to a file on
receipt of signal SIGTERM or SIGUSR1.

qmail-greyd can be started under supervise. A typical command line I am
using currently is

/var/qmail/bin/qmail-greyd -w greydaemon.white -t 30 -g 24 -m 2 \
-s 5 127.0.0.1 greydaemon.context

qmail-greyd is still being worked on. I expect there would be few
glitches in the code. Other than my own laptop, I have no means to test
the code from different sources.

I will be glad to work with any volunteer(s) who have time to make this
better.

Enabling greylisting in qmail-smtpd:
------------------------------------

Greylisting is enabled using the GREYIP environment variable.
This specifies the IP address and/or port on which qmail-greyd is
listening.

Specifying an empty string, GREYIP="" disables greylisting;
or you can specify the IPaddress:port where qmail-greyd is listening
for example GREYIP="127.0.0.1:1999".

* Assuming you've setup your qmail-smtpd service with tcpserver and the
-x option (as in LWQ), you just need to update the cdb file referenced
by this -x option. The source for this file is typically /etc/tcp.smtp.
For example,

127.:allow,RELAYCLIENT=""
192.168.:allow,RELAYCLIENT=""
:allow

could become,

127.:allow,RELAYCLIENT=""
192.168.:allow,RELAYCLIENT=""
:allow,GREYIP=":"

* If you've setup qmail-greyd on a non-default address (perhaps you're
running qmail-greyd on a separate machine), you'll also need to specify
the address it's listening on - adjust the above to include
GREYIP="192.168.5.5:", for example.

* Finally, don't forget to update the cdb file corresponding to the
source file you've just edited. If you have a LWQ setup that's,

qmailctl cdb

otherwise (assuming /etc/tcp.smtp, /etc/tcp.smtp.cdb),

tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp

* Alternatively (and particularly if you're not using the -x option to
tcpserver) you can enable greylisting for all SMTP connections by
setting GREYIP in the environment in which qmail-smtpd is started - for
example your startup script might now contain the line

exec env GREYIP=":" /usr/local/bin/tcpserver ...


-- Manvendra Bhangui
 
Top