diff --git a/mail/smtpd/Makefile b/mail/smtpd/Makefile new file mode 100644 index 000000000000..d45778afa73a --- /dev/null +++ b/mail/smtpd/Makefile @@ -0,0 +1,70 @@ +# Ports collection makefile for: smtpd +# Version required: 2.0 +# Date created: 06 Feb 1998 +# Whom: Joao Carlos Mendes Luis +# +# $Id$ +# + +DISTNAME= smtpd-2.0 +CATEGORIES= mail security +MASTER_SITES= ftp://ftp.obtuse.com/pub/smtpd/ + +PATCH_SITES= ${MASTER_SITES} +PATCHFILES= patch-smtpd-2.0-RBL.gz + +MAINTAINER= jonny@coppe.ufrj.br + +# Directory where smtpd will chroot to, and put the received mail +# If you change it here, change also patches/patch-aa +SPOOLBASE= /var/smtpd + +post-patch: + @mv ${WRKSRC}/Makefile ${WRKSRC}/Makefile.tmp + @sed s+!!SPOOLBASE!!+${SPOOLBASE}+g < ${WRKSRC}/Makefile.tmp \ + > ${WRKSRC}/Makefile + +post-install: + @${MKDIR} ${PREFIX}/share/doc/smtpd + @${INSTALL_MAN} ${WRKSRC}/README ${PREFIX}/share/doc/smtpd + + @${ECHO} "Creating spool directories..." + @${MKDIR} ${SPOOLBASE} + @chown root.uucp ${SPOOLBASE} + @chmod 0710 ${SPOOLBASE} + + @${MKDIR} ${SPOOLBASE}/mqueue + @chown uucp.uucp ${SPOOLBASE}/mqueue + @chmod 0700 ${SPOOLBASE}/mqueue + + @${MKDIR} ${SPOOLBASE}/etc + @chown root.uucp ${SPOOLBASE}/etc + @chmod 0710 ${SPOOLBASE}/etc +.if !defined(BATCH) + @${CP} -p /etc/resolv.conf ${SPOOLBASE}/etc + @${CP} -p /etc/localtime ${SPOOLBASE}/etc +.endif + + @${ECHO} "Copying examples..." + @${INSTALL} ${COPY} -g uucp -o root -m 0640 \ + ${WRKSRC}/antirelay_check_rules_example \ + ${SPOOLBASE}/etc/antirelay_check_rules.example + @${INSTALL} ${COPY} -g uucp -o root -m 0640 \ + ${WRKSRC}/antispam_check_rules.example \ + ${SPOOLBASE}/etc + @${INSTALL} ${COPY} -g uucp -o root -m 0640 \ + ${WRKSRC}/smtpd_check_rules.example \ + ${SPOOLBASE}/etc + + @${ECHO} "Creating startup file..." + @sed s+!!PREFIX!!+${PREFIX}+ \ + < ${FILESDIR}/smtpd.sh \ + > ${PREFIX}/etc/rc.d/smtpd.sh + @chmod 0700 ${PREFIX}/etc/rc.d/smtpd.sh + @chown 0.0 ${PREFIX}/etc/rc.d/smtpd.sh + + @${ECHO} "Done!" + + @${CAT} ${PKGDIR}/MESSAGE + +.include diff --git a/mail/smtpd/distinfo b/mail/smtpd/distinfo new file mode 100644 index 000000000000..1022cd686f21 --- /dev/null +++ b/mail/smtpd/distinfo @@ -0,0 +1,2 @@ +MD5 (smtpd-2.0.tar.gz) = c1b4e15db9bd7f6fd2ef846fd2e22d4b +MD5 (patch-smtpd-2.0-RBL.gz) = 5c54365520f439db27d5ed428139429c diff --git a/mail/smtpd/files/patch-aa b/mail/smtpd/files/patch-aa new file mode 100644 index 000000000000..f12359a1b459 --- /dev/null +++ b/mail/smtpd/files/patch-aa @@ -0,0 +1,86 @@ +--- Makefile.orig Sun Oct 12 23:40:34 1997 ++++ Makefile Fri Feb 6 22:21:46 1998 +@@ -1,7 +1,7 @@ + ########################################################## + ## Where do I get installed? ############################# + ########################################################## +-INSTALL_PREFIX = /usr/local/ ++INSTALL_PREFIX = ${PREFIX}/ + INSTALL_BIN = sbin/ + INSTALL_MAN = man/ + +@@ -41,9 +41,9 @@ + # in SMTP_USER above. + # + # The chroot directory +-SPOOLDIR = /usr/spool/smtpd ++SPOOLDIR = !!SPOOLBASE!! + # Where to store messages, relative to SPOOLDIR above. +-SPOOLSUBDIR = . ++SPOOLSUBDIR = mqueue + #Use below instead of above if you don't want smtpd to chroot. This + #isn't normally a good idea if security is your main goal. A nice + #chroot jail may be a pain to build but should give you enough of a +@@ -143,8 +143,8 @@ + # indicating a DNS spoof of misconfiguration. + # If PARANOID_DNS is 0, smtpd will replace any evil characters it sees + # continue. +-# PARANOID_DNS = 1 +-PARANOID_DNS = 0 ++PARANOID_DNS = 1 ++# PARANOID_DNS = 0 + + # The check above will clobber stuff in the headers from some + # non north-american localizations. +@@ -181,8 +181,8 @@ + # seem to have a bug in which they simply try the EHLO again. Sigh. + # setting EHLO_KLUDGE to 1 will make smtpd accept a second EHLO as a helo, + # thereby kludging around this bug in Communicator. +-#EHLO_KLUDGE=1 +-EHLO_KLUDGE=0 ++EHLO_KLUDGE=1 ++#EHLO_KLUDGE=0 + + + # smtpd can check FROM and RCPT addresses, along with the connecting +@@ -206,8 +206,8 @@ + # build with CHECK_ADDRESS set to 1. You will get an error about + # juniper_firewall.h not existing if you forget this. + # +-JUNIPER_SUPPORT=1 +-#JUNIPER_SUPPORT=0 ++#JUNIPER_SUPPORT=1 ++JUNIPER_SUPPORT=0 + + # Use regexp's in patterns? If you have a POSIX and friends, + # and you trust the regex lib enough for use, you can set USE_REGEX to +@@ -245,7 +245,7 @@ + # + #NS_MATCH=0 + NS_MATCH=1 +-LD_LIBS=-lresolv # you may or may not need this. ++#LD_LIBS=-lresolv # you may or may not need this. + + # The rules file for address checking, if enabled, remember this file + # will be in the chroot jail, so the line below probably means +@@ -325,7 +325,8 @@ + #################################################### + + # The Source is with you (*BSD 4.4, Linux) +-CFLAGS = -g -O -Wall -DUSE_FLOCK -DUSE_MKSTEMP $(OPTIONS) ++#CFLAGS = -g -O -Wall -DUSE_FLOCK -DUSE_MKSTEMP $(OPTIONS) ++CFLAGS += -Wall -DUSE_FLOCK -DUSE_MKSTEMP $(OPTIONS) + + + #SunOS 5.X +@@ -362,8 +363,8 @@ + indent $(INDENT_ARGS) address_check.c + + install: smtpd smtpfwdd +- install -m 500 smtpd $(INSTALL_PREFIX)$(INSTALL_BIN)smtpd +- install -m 500 smtpfwdd $(INSTALL_PREFIX)$(INSTALL_BIN)smtpfwdd ++ install -cs -g 0 -o 0 -m 500 smtpd $(INSTALL_PREFIX)$(INSTALL_BIN)smtpd ++ install -cs -g 0 -o 0 -m 500 smtpfwdd $(INSTALL_PREFIX)$(INSTALL_BIN)smtpfwdd + + clean: + /bin/rm -f *.o diff --git a/mail/smtpd/files/smtpd.sh b/mail/smtpd/files/smtpd.sh new file mode 100644 index 000000000000..a902971eb00d --- /dev/null +++ b/mail/smtpd/files/smtpd.sh @@ -0,0 +1,11 @@ +#! /bin/sh + +if [ $# -eq 0 -o "$1" = "start" ]; then + if [ -x !!PREFIX!!/sbin/smtpfwdd ] ; then + !!PREFIX!!/sbin/smtpfwdd + echo " smtpfwdd" + fi +fi +if [ "$1" = "stop" ]; then + killall smtpfwdd +fi diff --git a/mail/smtpd/pkg-comment b/mail/smtpd/pkg-comment new file mode 100644 index 000000000000..a5ed580b5094 --- /dev/null +++ b/mail/smtpd/pkg-comment @@ -0,0 +1 @@ +Obtuse smtpd/smtpfwdd, part of the Juniper firewall toolkit diff --git a/mail/smtpd/pkg-descr b/mail/smtpd/pkg-descr new file mode 100644 index 000000000000..ddec966fcfe7 --- /dev/null +++ b/mail/smtpd/pkg-descr @@ -0,0 +1,20 @@ +The smtpd daemon talks the Simple Mail Transfer Protocol (SMTP) with other +SMTP daemons to receive mail from them, and saves it into a spool directory +for later processing. It is the store portion of an SMTP store and forward +proxy. The symbiotic companion program smtpfwdd is used to forward the +spooled mail on to its eventual destination. + +smtpd is invoked from a super-server such as inetd or juniperd. + +There is a patch available to do MAPS RBL style lookups at +ftp://ftp.obtuse.com/pub/smtpd/patch-smtpd-2.0-RBL.gz. + +Documentation is avaialble online with the juniper documentation. +See the docs for smtpd as a starting point, at +http://www.obtuse.com/juniper-docs/man/smtpd.html + +Access control rules based on the connecting host, and the smtp envelope are +supported. It contains some powerful features for stopping inbound or +outbound SPAM. + +Source: http://www.obtuse.com/smtpd.html diff --git a/mail/smtpd/pkg-message b/mail/smtpd/pkg-message new file mode 100644 index 000000000000..c993abfb7783 --- /dev/null +++ b/mail/smtpd/pkg-message @@ -0,0 +1,33 @@ + +You must follow the next steps, as root, in order to finish the installation: + +1) Make sure uucp is a trusted user to sendmail. + To do this, check if your sendmail.cf has a line with "Tuucp" + +2) Disable sendmail from answering smtp requests, but make sure it + handles queue delivering. You have two choices: + + a) Start sendmail without the "-bd" flag, but with the "-q30m" one. + b) Do not start sendmail as a daemon, and add an entry in /etc/crontab + to run sendmail -q when needed. For example, add the following line + to your /etc/crontab: +*/30 * * * * root /usr/sbin/sendmail -q + + In any case, you'll most likely have to edit /etc/rc.conf to change + sendmail configuration. + +3) Add smtpd to your inetd.conf: + smtp stream tcp nowait root /usr/local/sbin/smtpd smtpd + +4) smtpd runs in a chrooted environment, so you must feed this environment + with any configuration file it needs. Make a copy of /etc/resolv.conf + and /etc/localtime to /var/smtpd/etc. If you ever change any of these + files, remember to change the copies also. Do not make a symbolic + link, as it will not work in the chrooted environment. + +5) Create your own /var/smtpd/etc/smtpd_check_rules. There are some + examples in that directory. If have any problem, take a look at + http://www.obtuse.com/juniper-docs/man/smtpd_address_check.html. + +6) Reboot ! (Or restart all those daemons manually, if you know how :^) ) + diff --git a/mail/smtpd/pkg-plist b/mail/smtpd/pkg-plist new file mode 100644 index 000000000000..3148b7557213 --- /dev/null +++ b/mail/smtpd/pkg-plist @@ -0,0 +1,20 @@ +sbin/smtpd +sbin/smtpfwdd +etc/rc.d/smtpd.sh +share/doc/smtpd/README +@exec mkdir /var/smtpd +@exec chown root.uucp /var/smtpd +@exec chmod 0710 /var/smtpd +@cwd /var/smtpd +@exec mkdir mqueue +@exec chown uucp.uucp mqueue +@exec chmod 0700 mqueue +@exec mkdir etc +@exec chown root.uucp etc +@exec chmod 0710 etc +@exec cp -p /etc/resolv.conf etc +@exec cp -p /etc/localtime etc +etc/antirelay_check_rules.example +etc/antispam_check_rules.example +etc/smtpd_check_rules.example +@unexec echo "You may want to remove /var/smtpd manually"