Index of /SPF

[ICO]NameLast modifiedSizeDescription

[DIR]Parent Directory  -  
[DIR]DEB/06-Dec-2011 02:21 -  
[TXT]README.html03-Apr-2012 23:48 9.3K 
[DIR]RPMS/21-Oct-2007 08:22 -  
[TXT]build.sh09-Nov-2007 00:13 2.7K 
[   ]control.tar.gz21-Oct-2007 07:37 933  
[DIR]control/21-Oct-2007 07:15 -  
[DIR]images/23-Oct-2007 20:31 -  
[TXT]juno.com.txt21-Oct-2007 08:42 20K 
[   ]lwq-v2000-09-23.pdf21-Oct-2007 09:23 205K 
[   ]qmail-aliases.pdf02-Dec-2011 05:49 309K 
[   ]qmail-tmpl.tgz20-Nov-2007 01:03 438K 
[TXT]qmail-tmpl.txt29-Jul-2010 15:04 785  
[   ]qmail.init03-Oct-2003 21:03 2.7K 
[   ]rc21-Oct-2007 21:50 309  
[   ]spf1.tar.gz22-Oct-2007 02:21 9.8K 
[DIR]spf1/22-Oct-2007 02:15 -  
[   ]srs1-spf1.tar.gz22-Oct-2007 02:21 15K 
[DIR]srs1-spf1/22-Oct-2007 02:15 -  
[   ]srs2-spf1.tar.gz22-Oct-2007 02:21 15K 
[DIR]srs2-spf1/22-Oct-2007 02:15 -  

Perl-less Sender Policy Framework SPF on Qmail 1.03

Perl-less Sender Policy Framework SPF on Qmail 1.03


Although Perl is a nice tool inside UNIX/Linux, why should it be fired up 10.000 times a day as part of a UNIX/Linux email server system? The peoples from Amavis, Spamassasin, and also OpenSPF.org however seem to ignore this, as they only implement and test their reference software as a Perl package. Why, why should one add a Perl plugin into Qmail ?? After short thoughts i rejected this approach, and created my own gear for running SPF1, SRS1, SRS2 on Qmail 1.03.

Sender Rewriting Scheme SRS on Qmail 1.03
Sender Policy Framework SPF on Qmail 1.03

SRS1, SRS2 and SPF1
SPF1 Version 1.0.0-RC6
SRS1 version 0.3.1
SRS2 version 1.0.18
October 2007
compiled for Mandrake 10.1 i586/x86_64,
RedHat Linux 7.3 i386
by Robert M. Stockmann (stock@stokkie.net)
http://crashrecovery.org/SPF/

It's a SPF, SPF1 SRS1/SRS2 implementation using C source code only, using libspf1 and libsrs1 or libsrs2 for qmail 1.03. It seems to work allright on my dual P3 500MHz machine here :) The reason for doing this was the following usenet posting which i also made a webpage for :

"The Anti Spam Controversy"
http://crashrecovery.org/internet/#spf

Robert
--
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
crashrecovery.org stock@stokkie.net




Requirements/Recipy of building Qmail 1.03 with SPF1, SRS1 or SRS2
on Mandrake 10.1 i586/x86_64 or RedHat 7.3 i386 :

1. Move your qmail gear to a BUILDHOME directory, e.g. /usr/local/src/qmail .
   And build a bare bones qmail installation using a sane qmail
   Documentation Document. I always use this old Life With Qmail version
   lwq-v2000-09-23.pdf. If this is your first qmail trip on Linux, take your
   time for this. Make sure everything is running like expected.

2. Next download the following also into this BUILDHOME :

   - build.sh
   - control.tar.gz
   - spf1.tar.gz
   - srs1-spf1.tar.gz
   - srs2-spf1.tar.gz

Unpack the tar balls :

   # tar xvzf control.tar.gz
   # tar xvzf spf1.tar.gz
   # tar xvzf srs1-spf1.tar.gz
   # tar xvzf srs2-spf1.tar.gz


3. Install the SPF1 library, libspf1-1.0.0-RC6 on your Linux system.
   Next you need to make up your mind, whether or not to add
   a SRS Library, SRS1 or SRS2 to your qmail setup ( After some first
   tests on a high volume traffic email server, the combination
   of SRS2 with SPF1 seems to work best ). Locate the needed
   RPM packages for your PLATFORM, ARCH and DISTRO above from the
   RPM directory. When installing SRS1 (i.e. libsrs-0.3.1) on RedHat 73
   you will also need to upgrade openssl to version 0.9.7d, for which
   packages are offered in the same directory.

4. After installing libspf1 and libsrs version 1 or 2 on your system
   simply run the build.sh script which should be placed inside the
   BUILDHOME  directory :

   # cd /usr/local/src/qmail
   # chmod 750 build.sh


5. Edit the build script, by selecting the right DIST, ARCH and BUILD
   variables. Also add build routines for the packages you previously
   added into your existing qmail installation. Next build your SPF
   qmail gear by running :

   # ./build.sh

6. Next fire up qmail, and check if your version is correct :

  # telnet smtp 25
  Trying 10.0.18.72...
  Connected to smtp.foobar.net (10.0.18.72).
  Escape character is '^]'.
  220 smtp.foobar.net ESMTP SPF1
  quit
  221 smtp.foobar.net
  Connection closed by foreign host.
  #

  # telnet smtp 25
  Trying 10.0.18.72...
  Connected to smtp.foobar.net (10.0.18.72).
  Escape character is '^]'.
  220 smtp.foobar.net ESMTP SRS1 SPF1
  quit
  221 smtp.foobar.net
  Connection closed by foreign host
  #

  # telnet smtp 25
  Trying 10.0.18.72...
  Connected to smtp.foobar.net (10.0.18.72).
  Escape character is '^]'.
  220 smtp.foobar.net ESMTP SRS2 SPF1
  quit
  221 smtp.foobar.net
  Connection closed by foreign host
  #


7. Please note that adding SPF1 and SRS1 or SRS2 will have your qmail
   installation use more memory. Increase the softlimit appropriately :

   /var/qmail/supervise/qmail-smtpd/run :

#!/bin/sh
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 20000000 \
        /usr/local/bin/tcpserver -v -p -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
        -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd 2>&1

   Normally, bare bones qmail installations start with a soflimit on 2000000.

8. Configure spf1 records for your DNS zone domain files. A good starting point
   is The SPF Setup Wizard. After you are finished setting up SPF1 records,
   you might wanna validate them. A nice SPF1 DNS records validator can be found at
   http://www.kitterman.com/spf/validate.html. The old website of James Couzens
   http://www.libsrs.org/ seems offline today. A copy of this site can be
   found at http://libspf.userfriendly.net/ which is still updated. It contains
   good information and numerous references and published stories of how SPF/SRS
   came about.

9. Check your qmail current log file. Here's how a incoming email
   header looks like for SRS2 SPF1 :


From SRS0=2DAF=PP=juno.com=Scharlapaur_aeeejq@srs.stokkie.net Sun Oct 21 02:38:33 2007
Return-Path: <SRS0=2DAF=PP=juno.com=Scharlapaur_aeeejq@srs.stokkie.net>
Delivered-To: stock@hubble.stokkie.net
Received: (qmail 30527 invoked by alias); 21 Oct 2007 02:38:32 -0000
Delivered-To: info@stockit.nl
Received: (qmail 30303 invoked from network); 21 Oct 2007 02:38:29 -0000
Received: from p7247-ipad69marunouchi.tokyo.ocn.ne.jp (HELO juno.com) (220.97.24.247)
  by dmz.stokkie.net with SMTP; 21 Oct 2007 02:38:29 -0000
Received-SPF: neutral (dmz.stokkie.net: domain of Scharlapaur_aeeejq@juno.com
 is neutral about designating 220.97.24.247 as permitted sender)
Message-ID: <8AF62BF7.7A1118B0@juno.com>
Date: Sun, 21 Oct 2007 04:21:36 +0100
Reply-To: "Schedlbauer" <Scharlapaur_aeeejq@juno.com>
From: "Schedlbauer" <Scharlapaur_aeeejq@juno.com>
MIME-Version: 1.0
To: <info@stockit.nl>
Subject: Duft in der Boutique
Content-Type: multipart/related;
	boundary="------------650583166628183851162374"
X-AntiVirus: scanned for viruses by AMaViS 0.2.4 (ftp://crashrecovery.org/pub/linux/amavis/)
X-AntiVirus: scanned for viruses by AMaViS 0.2.4 (ftp://crashrecovery.org/pub/linux/amavis/)
X-DSPAM-Result: Spam
X-DSPAM-Processed: Sun Oct 21 04:38:37 2007
X-DSPAM-Confidence: 0.9997
X-DSPAM-Probability: 1.0000
X-DSPAM-Signature: 471abbad307561600820893
X-DSPAM-Factors: 15,
	Handhabung+font, 0.99990,
	zu+unserem, 0.99990,
	Ueberhitzungsschutzschalter, 0.99990,
	vunversand, 0.99990,
	ru+subject, 0.99990,
	Firma+%20Name, 0.99990,
	Qualitaetsthermostate+font, 0.99990,
	zum+Superpreis, 0.99990,
	V+AC, 0.99990,
	Infoschreiben+Abmeldungen, 0.99990,
	bitte+die, 0.99990,
	auch+f, 0.99990,
	erfolgte, 0.99990,
	Sie+werden, 0.99990,
	ebegdyehcmelemehdvedebembuegee, 0.99990
Status: RO
X-Status: A
X-Keywords: