changeset 5:793ac9cc114d stable-1-0

updates to use dcc conf files
author carl
date Wed, 21 Apr 2004 16:09:07 -0700
parents 15a7e942adec
children cea50d98a6cf
files install.bash src/dnsbl src/dnsbl.cpp src/package src/update test.bash xml/dnsbl.in xml/sample.conf
diffstat 8 files changed, 61 insertions(+), 37 deletions(-) [+]
line wrap: on
line diff
--- a/install.bash	Wed Apr 21 12:52:29 2004 -0700
+++ b/install.bash	Wed Apr 21 16:09:07 2004 -0700
@@ -21,7 +21,7 @@
 # install the milter
 DST=/var/dnsbl
 mkdir -p $DST
-cp    *.conf $DST
+cp    dnsbl.conf $DST
 mv -f dnsbl  $DST
 cp dnsbl.rc /etc/rc.d/init.d/dnsbl
 chmod 755 /etc/rc.d/init.d/dnsbl
Binary file src/dnsbl has changed
--- a/src/dnsbl.cpp	Wed Apr 21 12:52:29 2004 -0700
+++ b/src/dnsbl.cpp	Wed Apr 21 16:09:07 2004 -0700
@@ -495,6 +495,9 @@
 
 static void dumpit(CONFIG &dc);
 static void dumpit(CONFIG &dc) {
+    dumpit(dc.env_from);
+    dumpit("envelope to (dnsbl list)", dc.env_to_dnsbll);
+    dumpit("envelope to (from map)", dc.env_to_chkfrom);
     fprintf(stderr, "\ndnsbls\n");
     for (dnsblp_map::iterator i=dc.dnsbls.begin(); i!=dc.dnsbls.end(); i++) {
         fprintf(stderr, "%s %s %s\n", (*i).first, (*i).second->suffix, (*i).second->message);
@@ -858,6 +861,13 @@
                 exit(EX_USAGE);
         }
     }
+
+    if (check) {
+        CONFIG &dc = *new_conf();
+        dumpit(dc);
+        return 0;
+    }
+
     if (!setconn) {
         fprintf(stderr, "%s: Missing required -p argument\n", argv[0]);
         usage(argv[0]);
@@ -868,15 +878,6 @@
         exit(EX_UNAVAILABLE);
     }
 
-    if (check) {
-        CONFIG &dc = *new_conf();
-        dumpit(dc.env_from);
-        dumpit("envelope to (dnsbl list)", dc.env_to_dnsbll);
-        dumpit("envelope to (from map)", dc.env_to_chkfrom);
-        dumpit(dc);
-        return 0;
-    }
-
     // switch to background mode
     if (daemon(1,0) < 0) {
         fprintf(stderr, "daemon() call failed\n");
--- a/src/package	Wed Apr 21 12:52:29 2004 -0700
+++ b/src/package	Wed Apr 21 16:09:07 2004 -0700
@@ -2,7 +2,7 @@
 
 target1=/home/httpd/html/510sg/util/dnsbl.tar.gz
 target2=/home/httpd/html/510sg/dnsbl.conf
-target2=/home/httpd/html/510sg/dnsbl.html
+target3=/home/httpd/html/510sg/dnsbl.html
 
 mv -f dnsbl.conf dnsbl.conf.save
 mv sample.conf dnsbl.conf
--- a/src/update	Wed Apr 21 12:52:29 2004 -0700
+++ b/src/update	Wed Apr 21 16:09:07 2004 -0700
@@ -1,18 +1,16 @@
 #!/bin/bash
 
 targets="ns1 davd"
-if [ "$1" == "conf" ]; then
     DST=/var/dnsbl
-    mkdir -p $DST
-    cp *.conf $DST
+cp $DST/dnsbl.conf .
     for i in $targets; do
-        scp *.conf $i:$DST
+    scp $DST/*.conf $i:$DST
     done
-else
+
     sh install.bash
     for i in $targets; do
         DST=/usr/src/rh8/dnsbl
+    ssh $i "mkdir -p $DST"
         scp * $i:$DST
         ssh $i "cd $DST; sh install.bash"
     done
-fi
--- a/test.bash	Wed Apr 21 12:52:29 2004 -0700
+++ b/test.bash	Wed Apr 21 16:09:07 2004 -0700
@@ -16,6 +16,7 @@
 chmod 700 /var/run/dnsbl
 mv -f $pid $pid.save
 rm -f /var/run/dnsbl/dnsbl.sock
+cp /var/dnsbl/*conf .
 ./dnsbl -c -p local:/var/run/dnsbl/dnsbl.sock >check.txt 2>&1
 #sleep 5
 #P2=`cat $pid`
--- a/xml/dnsbl.in	Wed Apr 21 12:52:29 2004 -0700
+++ b/xml/dnsbl.in	Wed Apr 21 16:09:07 2004 -0700
@@ -28,11 +28,7 @@
 bulk detector, or from the DNS based lists.  Those are two very
 different reasons for whitelisting.  The former is done thru the DCC
 whiteclnt config file, the later is done thru the DNSBL milter config
-file.  There is an option to reference the DCC whiteclnt file (via an
-include_dcc line) in the DNSBL milter config.  This will import the
-(env_to, env_from, and substitute mail_host) entries from the DCC config
-into the DNSBL config.  This allows using the DCC config as the single
-point for white/blacklisting.
+file.
 
 <p>You may want to blacklist some specific senders or sending domains.
 This could be done thru either the DCC (on a global basis, or for a
@@ -43,6 +39,23 @@
 feature that the mail is rejected earlier (at RCPT TO time), and the
 sending machine just gets a generic "550 5.7.1 no such user" message.
 
+<p>There is an option to reference the DCC whiteclnt file (via an
+include_dcc line) in the DNSBL milter config.  This will import the
+(env_to, env_from, and substitute mail_host) entries from the DCC config
+into the DNSBL config.  This allows using the DCC config as the single
+point for white/blacklisting.
+
+<p>Consider the case where you have multiple clients, each with their
+own mail servers, and each running their own DCC milters.  Each client
+is using the DCC facilities for envelope from/to white/blacklisting.
+Presumably you can use rsync or scp to fetch copies of these clients DCC
+whiteclnt files on a regular basis.  Your mail server, acting as a
+backup MX for your clients, can use the DNSBL milter, and include those
+client DCC config files.  The envelope to white/blacklisting will be
+global for your system, but the envelope from white/blacklisting will be
+appropriately tagged and used only for the domains controlled by each of
+those clients.
+
 <p>Definitions:
 
 <p>DNSBL - a named DNS based blocking list is defined by a dns suffix
--- a/xml/sample.conf	Wed Apr 21 12:52:29 2004 -0700
+++ b/xml/sample.conf	Wed Apr 21 16:09:07 2004 -0700
@@ -62,8 +62,8 @@
 #       entries from the dcc config are mapped as:
 #           ok -> WHITE
 #           many -> BLACK
+#           env_to               -> env_to xxx
 #           env_from -> env_from EMAP xxx
-#           env_to   -> env_to
 #           substitute mail_host -> env_from EMAP xxx
 #
 #
@@ -123,4 +123,14 @@
 # file names are single tokens, no embedded blanks
 #
 include dnsbl.conf      # this will generate a recursive include file syslog error message
-include_dcc  DEFAULT /var/dcc/whitecommon   # this includes the default dcc whitelist file
+
+
+##############################################
+# fetch the normal dcc whitelist file and put the entries into the DEFAULT
+# envelope-from-map.  The ok/many tags in the DCC file turn into
+# WHITE/BLACK entries when imported.  The env_to entries from the DCC
+# config turn into env_to entries here, and are therefore global to all
+# domains.  The env_from and substitute mail_host entries turn into
+# env_from entries in the named (DEFAULT in this case) envelope-from-map.
+#
+include_dcc  DEFAULT /var/dcc/whitecommon