qmail-1.03-32.2 src rpm?

[Griffith]

Scott: is it possible to download the source rpm for the current version? (qmail-1.03-32.2.el4.art) In sources I've found many src.rpms, but not the current one?

I've tried to add validrcptto, but don't want to modify much from the exisiting version. (have also tried the rpms you provided with validrcptto). Are there any reasons why you didn't make a stable version with validrcptto? It would have been really nice if the qmail rpm was patched, but disabled validrcptto by default.

[scott]

yeah we did do one years back, but at the time because it required a full list of valid accounts it was too much overhead to support for a PG server.

[Griffith]

Did you have the src.rpm for download? (if you've got the src.rpm I could try to implement validrcptto)

I would be nice to have it patched into the qmail rpm.

[scott]

if its not in the sources tree, then no. Thats the only place it would get saved

[Griffith]

Do you know which spec file that is closest to the one in production now? Is it this one: http://3es.atomicrocketturtle.com/chann ... qmail.spec ?

I've managed to build rpms from qmail-1.03-33.art.src.rpm which includes both qmail-smtpd-auth-0.31 and validrcptto.cdb.2.patch. Do you want the spec file and patch?

This means I can now choose if I want to use validrcptto or not.

With validrcptto admin can allow email to all users in a domain, or specify valid email accounts.

[scott]

Absolutely!

[Griffith]

Tried to upload the src.rpm, but this forum denied it :O

qmail spec file:

Patch201:validrcptto.cdb.3.patch

tar -xzvf %{SOURCE5}
mv qmail-smtpd-auth-0.31/*.[ch] .
patch -p0 <qmail-smtpd-auth-0.31/auth.patch

%patch201 -p0



validrcptto.cdb.3.patch

Code: Select all

--- Makefile     2010-10-20 23:23:13.000000000 +0200
+++ Makefile.new 2010-10-20 23:44:56.000000000 +0200
@@ -1514,13 +1514,13 @@
 load qmail-smtpd.o rcpthosts.o commands.o timeoutread.o \
 timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o received.o \
 date822fmt.o now.o qmail.o cdb.a fd.a wait.a datetime.a getln.a \
-open.a sig.a case.a env.a stralloc.a alloc.a substdio.a error.a str.a \
+open.a sig.a case.a env.a stralloc.a alloc.a strerr.a substdio.a error.a str.a \
 fs.a auto_qmail.o base64.o socket.lib
        ./load qmail-smtpd rcpthosts.o commands.o timeoutread.o \
        timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o \
        received.o date822fmt.o now.o qmail.o cdb.a fd.a wait.a \
        datetime.a getln.a open.a sig.a case.a env.a stralloc.a \
-       alloc.a substdio.a error.a str.a fs.a auto_qmail.o base64.o  `cat \
+       alloc.a strerr.a substdio.a error.a str.a fs.a auto_qmail.o base64.o  `cat \
        socket.lib`

 qmail-smtpd.0: \
@@ -1532,7 +1532,7 @@
 substdio.h alloc.h auto_qmail.h control.h received.h constmap.h \
 error.h ipme.h ip.h ipalloc.h ip.h gen_alloc.h ip.h qmail.h \
 substdio.h str.h fmt.h scan.h byte.h case.h env.h now.h datetime.h \
-exit.h rcpthosts.h timeoutread.h timeoutwrite.h commands.h wait.h \
+exit.h rcpthosts.h timeoutread.h timeoutwrite.h commands.h cdb.h uint32.h wait.h \
 fd.h base64.h
        ./compile qmail-smtpd.c

--- /root/makefile_qmail/1/qmail-smtpd.c        2010-10-20 23:45:59.000000000 +0200
+++ /root/makefile_qmail/1/qmail-smtpd.c.new    2010-10-20 23:52:55.000000000 +0200
@@ -23,6 +23,8 @@
 #include "timeoutread.h"
 #include "timeoutwrite.h"
 #include "commands.h"
+#include "strerr.h"
+#include "cdb.h"
 #include "wait.h"
 #include "fd.h"

@@ -63,6 +65,9 @@
 void err_vrfy() { out("252 send some mail, i'll try my best\r\n"); }
 void err_qqt() { out("451 qqt failure (#4.3.0)\r\n"); }

+void err_vrt() { out("553 sorry, this recipient is not in my validrcptto list (#5.7.1)\r\n"); }
+void die_vrt() { out("421 too many invalid addresses, goodbye (#4.3.0)\r\n"); flush(); _exit(1); }
+
 int err_child() { out("454 oops, problem with child and I can't auth (#4.3.0)\r\n"); return -1; }
 int err_fork() { out("454 oops, child won't start and I can't auth (#4.3.0)\r\n"); return -1; }
 int err_pipe() { out("454 oops, unable to open pipe and I can't auth (#4.3.0)\r\n"); return -1; }
@@ -110,6 +115,11 @@
 stralloc bmf = {0};
 struct constmap mapbmf;

+int vrtfd = -1;
+int vrtcount = 0;
+int vrtlimit = 10;
+int vrtlog_do = 0;
+
 void setup()
 {
   char *x;
@@ -129,6 +139,12 @@
   if (bmfok == -1) die_control();
   if (bmfok)
     if (!constmap_init(&mapbmf,bmf.s,bmf.len,0)) die_nomem();
+
+  x = env_get("VALIDRCPTTO_CDB");
+  if(x && *x) {
+    vrtfd = open_read(x);
+    if (-1 == vrtfd) die_control();
+  }

   if (control_readint(&databytes,"control/databytes") == -1) die_control();
   x = env_get("DATABYTES");
@@ -221,6 +237,71 @@
   return 0;
 }

+void vrtlog(a,b)
+const char *a;
+const char *b;
+{
+  if (vrtlog_do) strerr_warn2(a,b,0);
+}
+
+int vrtcheck()
+{
+  static char *rcptto = "qmail-smtpd: validrcptto RCPT TO: ";
+  static char *found = "qmail-smtpd: validrcptto found: ";
+  int j,k,r;
+  uint32 dlen;
+  stralloc laddr = {0};
+
+  stralloc user = {0};
+  stralloc adom = {0};
+  stralloc utry = {0};
+
+  if (-1 == vrtfd) return 1;
+
+  /* lowercase whatever we were sent */
+  if (!stralloc_copy(&laddr,&addr)) die_nomem() ;
+  case_lowerb(laddr.s,laddr.len);
+
+  vrtlog(rcptto,laddr.s,0);
+
+  /* exact match? */
+  r = cdb_seek(vrtfd,laddr.s,laddr.len-1,&dlen) ;
+  if (r>0) { vrtlog(found,laddr.s,0); return r; }
+
+  j = byte_rchr(laddr.s,laddr.len,'@');
+  if (j < laddr.len)
+  {
+    /* start "-default" search loop */
+    stralloc_copyb(&user,laddr.s,j) ;
+    stralloc_copyb(&adom,laddr.s+j,laddr.len-j-1);
+
+    while(1)
+    {
+      k = byte_rchr(user.s,user.len,'-');
+      if (k >= user.len) break ;
+
+      user.len = k+1;
+      stralloc_cats(&user,"default");
+
+      stralloc_copy(&utry,&user);
+      stralloc_cat (&utry,&adom);
+      stralloc_0(&utry);
+
+      r = cdb_seek(vrtfd,utry.s,utry.len-1,&dlen);
+      if (r>0) { vrtlog(found,utry.s,0); return r; }
+
+      user.len = k ;
+    }
+
+    /* try "@domain" */
+
+    r = cdb_seek(vrtfd,laddr.s+j,laddr.len-j-1,&dlen) ;
+    if (r>0) { vrtlog(found,laddr.s+j,0); return r; }
+  }
+
+  return 0;
+}
+
 int addrallowed()
 {
   int r;
@@ -295,6 +376,17 @@
   }
   else
     if (!addrallowed()) { err_nogateway(); return; }
+  if (!env_get("RELAYCLIENT") && !vrtcheck()) {
+    strerr_warn4("qmail-smtpd: not in validrcptto: ",addr.s,
+      " at ",remoteip,0);
+    if(vrtlimit && (++vrtcount >= vrtlimit)) {
+      strerr_warn2("qmail-smtpd: excessive validrcptto violations,"
+        " hanging up on ",remoteip,0);
+      die_vrt();
+    }
+    err_vrt();
+    return;
+  }
   if (!stralloc_cats(&rcptto,"T")) die_nomem();
   if (!stralloc_cats(&rcptto,addr.s)) die_nomem();
   if (!stralloc_0(&rcptto)) die_nomem();
@@ -667,9 +759,16 @@
 {
   hostname = argv[1];
   childargs = argv + 2;
-
+  char *x ;
+  uint32 u;
   sig_pipeignore();
   if (chdir(auto_qmail) == -1) die_control();
+
+  x = env_get("VALIDRCPTTO_LIMIT");
+  if(x) { scan_ulong(x,&u); vrtlimit = (int) u; }
+  x = env_get("VALIDRCPTTO_LOG");
+  if(x) { scan_ulong(x,&u); vrtlog_do = (int) u; }
+
   setup();
   if (ipme_init() != 1) die_ipme();
   smtp_greet("220 ");

[Griffith]

http://github.com/downloads/rpms/qmail/ ... rt.src.rpm

[scott]

Hey actually something the interworx guys wanted to collaborate on, this is their version of qmail:

http://updates.interworx.com/iworx/SRPM ... oc.src.rpm

Might be handy to poke through their implementation to see if there are any other things to add in.

[Griffith]

At first sight this one looks REALLY nice. I noticed it uses the combined patch (http://qmail.jms1.net/patches/combined-details.shtml) which also includes validrcptto and a whole lot more. So, I were you I would use this in the gamera project

I haven't tested it yet, but do you think it needs some tweeking before it works in the gamera project?

[scott]

I havent had a chance to go over it much yet, but the real main difference with PG has been that it uses tcpserver & supervise scripts. I always wanted to bridge it with the one in plesk, but there really wasnt the demand for it. With interworx I know for a fact that their users were having problems because of overlap between the 2 (I did a very bad thing with Epochs early on...), so they asked me if I could help out by making our projects more compatible. They're definitely in the lead on maintaining the package for features so I think its just a matter of bringing the atomic one into parity with theirs.

[Griffith]

I've rebuilt the qmail src rpm like this:

Patches included:
Patch0: qmail-1.03-jms1-7.10.patch (http://qmail.jms1.net/patches/combined-details.shtml includes alot)
Patch1: qmail-1.03-syncdir.patch
Patch4: http://www.qmail.org/big-todo.103.patch
Patch16: http://andreas.hanssen.name/software/ex ... todo.patch
Patch5: qmail-1.03-install-path-big-todo.patch
Patch6: qmail-1.03-autouidgid.patch
Patch8: qmail-1.03-pop3d-stat.patch
Patch19: qmail-1.03-jms1.7.08-ipv6.patch


Not included yet:
Patch2: qmail-1.03-showctl.patch
Patch12: http://www.almqvist.net/johan/qmail/qma ... -1.5.patch

Are the last two needed? Do you know if qmail-1.03-qmtpc-mailroutes-1.5.patch is needed for the gamera-project specially? I haven't done much testing yet, but it seems to work though

[scott]

Nope not needed by PG. It uses the internal smtproutes files, interworx might need it though.

[Griffith]

I've installed it (+ jgreylist) in production now and it seems to work very nice. The load fell dramatically on the gamera servers I'm also using the validrcptto patch and that rocks To avoid a lot of work maintaining the validrcptto.cdb I created a script witch builds it automatically. (Includes mailnames, domainaliases, mailaliases etc from plesk to)

Rpms and src.rpms can be found here:
http://github.com/rpms

(I have not attached the scripts for building the validrcptto automatically)