Prerequisites
Requirements for Policyd v2
- MySQL
- Net::Server >= 0.96
- Net::CIDR
- Config::IniFiles (Debian based: libconfig-inifiles-perl, RPM based: perl-Config-IniFiles)
- Cache::FastMmap (Debian based: libcache-fastmmap-perl, RPM based: perl-Cache-FastMmap)
- Mail::SPF (Required for SPF)
Requirements for webui
- PHP v5+
Download policyd v2
# wget http://downloads.sourceforge.net/project/policyd/2.0.x%20%28Stable%29/v2.0.7/cluebringer-2.0.7.tar.bz2?use_mirror=biznetnetworks
Build rpm from source tarball
# rpmbuild -ta cluebringer-2.0.7.tar.bz2
Install the rpm
# rpm -ivh /usr/src/redhat/RPMS/cluebringer-2.0.7-1.noarch.rpm
In database/ run…
# for i in core.tsql access_control.tsql quotas.tsql amavis.tsql checkhelo.tsql checkspf.tsql greylisting.tsql <- press enter > do <- press enter > ./convert-tsql mysql $i <- press enter > done > policyd.mysql <- press enter
This will build policyd.mysql, be sure to ALWAYS load core.tsql first, you only really need the
schema for the modules you plan to use, no harm in adding all of them though.
Create policyd database
# mysqladmin -u root -ppassword create policyd
Load policyd.mysql into MySQL
# mysql -u root -p policyd < database/policyd.mysql Enter password:
Press enter
Edit cluebringer.conf and adjust the MySQL server details
#vi /etc/policyd/cluebringer.conf find the [database] section DSN=DBI:mysql:database=policyd;host=localhost Username=root Password=your-root-password
Start cbpolicyd service
# /etc/init.d/cbpolicyd start
Make sure the service is started
# ps ax | grep policyd 7888 ? Ss 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf 7891 ? S 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf 7892 ? S 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf 7893 ? S 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf 7894 ? S 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
# netstat -pln | grep :10031 tcp 0 0 0.0.0.0:10031 0.0.0.0:* LISTEN 7888/perl
By default cbpolicyd not starting automatically at every runlevel.
# chkconfig --list cbpolicyd cbpolicyd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
We should add it manualy to runlevel
# chkconfig --level 2345 cbpolicyd on
Edit webui config and adjust the MySQL server details
# /etc/policyd/webui.conf $DB_DSN="mysql:host=localhost;dbname=policyd"; $DB_USER="root"; $DB_PASS="your-root-password";
Setup Postfix to use cbpolicyd
Add the following Postfix config…
check_policy_service inet:127.0.0.1:10031
in BOTH smtpd_recipient_restrictions and smtpd_end_of_data_restrictions.
Now configuring httpd part
if you have already working website just create symlink for Poilcyd webui
# ln -s /usr/share/cluebringer/webui/ /path/to/www/webui
Seems like Policyd webui does not protecting the web interface with authentication?
We can create .htaccess/.htpasswd
Create .htaccess file in /usr/share/cluebringer/webui/
# /usr/share/cluebringer/webui/.htaccess AuthUserFile /usr/share/cluebringer/webui/.htpasswd AuthGroupFile /dev/null AuthName "user and password" AuthType Basic <LIMIT GET> require valid-user </LIMIT>
Create user with htpasswd
# htpasswd -c /usr/share/cluebringer/webui/.htpasswd your-user
httpasswd will asked for password
Don’t forget to modify httpd config
<Directory "/var/www/html/cabal/policyd"> AllowOverride AuthConfig Order allow,deny Allow from all </Directory>
Point your browser to http://www.yourdomain.tld/policyd/
That’s it for now
Source: INSTALL file cluebringer-2.0.7.tar.bz2
Hi my installation is complete. i am facing this error please me
Error connecting to Policyd v2 DB: SQLSTATE[28000] [1045] Access denied for user ‘root’@’localhost’ (using password: NO)
it’s your mysql acl disallowed you accesing localhost, try substitute localhost with 127.0.0.1
Sir i have a problem. I have a postfix and using gmail as a relay without authentication,the problem is this postfix is just
using for sending email .I need your help i want to restrict the postfix send a 10 emails in a 1min , i have tried my setting but its not
working my server ip is blacklisted on RBL level-1 so i want to restrict it. i have also use a policy daemon but i dont how to use it if you have any idea about this please help me out
Can plz sent me step by step guide line
i am very greatfull to you if email me with snapshot how to configure this thing
email id is
ali.ramzan@hotmail.com
i am stuck 🙁 please help me out .i want to restric the postfix to sedn 10email in 60 second
Are you there?
Please post your email id or your skype id?
i want to contact with you personally
i still not get what you want to achieve, i don’t have skype, but you can contact me at hari.h -at- kutukupret.com
my question is simple
how to restrict postfix server send just 10 emails in 1 min clear ?
whole postfix server send just 10emails in 1min.
hold every your outgoing email (by setting your default transport to hold) then release it using cronjob for 10 emails every 1 minute.that can be done using script by accessing postfix queue selecting each 10 mails on top of the queue for example, here’s a perl script example how to enumerate postfix queue and release the queue, you can modify the script as you expect. but it’s not tested.smtp transaction depend on bot sender and receiver, you cannot expected your mail would be accepted once you have sent at destination/receiver site. IMHO just let postfix queueing/scheduling algorithm handle that, and fix the real problem.
#!/usr/bin/perl $REGEXP = shift || die "no email-adress given (regexp-style, e.g. bl.*\@yahoo.com)!"; @data = qx</usr/sbin/postqueue -p>; for (@data) { if (/^(\w+)(\*|\!)?\s/) { $queue_id = $1; } if($queue_id) { if (/$REGEXP/i) { $Q{$queue_id} = 1; $queue_id = ""; } } } open(POSTSUPER,"|postsuper -H -") || die "couldn't open postsuper" ; foreach (keys %Q) { print POSTSUPER "$_\n"; }; close(POSTSUPER);I have one more question.
i have set this script run every after 1 min Right?
I have no idea about perl. You just guide me how can i run this script.I am using Red Hat Enterprise Linux Server release 5.5 (Tikanga).
i just set this script every 1min in crontab?
I have no idea about perl. You just guide me how can i run this script.I am using Red Hat Enterprise Linux Server release 5.5 (Tikanga).
i set this perl script with cronjob same as you mentioned.
I have no idea about perl.
How can i do this with policy daemon any idea you have? i am sorry for my multiple post
Please reply my last post?
I got following error after running:-
service cbpolicyd start
Starting cbpolicyd: Bad name after server’ at /usr/sbin/cbpolicyd line 49.
line 49 of /usr/sbin/cbpolicyd is:-my $server = $self->{‘server’}
sir can you please resolve this issue.
Hi guys,
I have installed policyd on centos 6.5 64-bit. I am unable to start cbpolicyd. It gives the following error:-
tarting cbpolicyd: Can’t locate List/MoreUtils.pm in @INC (@INC contains: /usr/local/lib/policyd-2.0 /usr/lib/policyd-2.0 /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/share/perl5/vendor_perl/Config/IniFiles.pm line 14.
BEGIN failed–compilation aborted at /usr/share/perl5/vendor_perl/Config/IniFiles.pm line 14.
Compilation failed in require at /usr/sbin/cbpolicyd line 32.
BEGIN failed–compilation aborted at /usr/sbin/cbpolicyd line 32.
[FAILED]
Can you please help me out on this issue.
Great post Leenoux, thank you.