Posted inmta postfix smtp

Compiling Postfix-2.7.0 As RPM Package

I used to have Simon J. Mudd when building postfix rpm package, but seems he’s not releasing official postfix 2.7.0 yet, here’s a way for impatient one

First make RedHat Linux the standard directory structure in our homedir

$ mkdir rpmbuild
$ mkdir -p rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS,tmp}

Create .rpmmacros file

$ vi .rpmmacros

%_topdir                %(echo $HOME)/rpmbuild
%_tmppath               %(echo $HOME)/rpmbuild/tmp

Create tempoerary working directory for postfix

$ mkdir postfix
$ cd postfix
Tags: , , 2
Posted inc programing

Counting Directory Size Recursively Using C Part 2

Even there’s an easier way calculating directory size ftw syscall/API

NAME
ftw, nftw - file tree walk

DESCRIPTION
ftw() walks through the directory tree that is located under the directory dirpath, and calls fn() once for each entry in the tree.
By default, directories are handled before the files and subdirectories they contain (pre-order traversal).

CONFORMING TO
POSIX.1-2001, SVr4, SUSv1.

example code size.c

Tags: , No Comments
Posted inc programing

Counting Directory Size Recursively Using C

I’ve just found this great articles at Jim Plank website. I know, it was lots easier using linux du command

Without any further nonsense talk, here we go. First we need download some source code at Jim Plank website

# mkdir prsize
# cd prsize
# wget http://www.cs.utk.edu/~plank/plank/classes/cs360/360/notes/Prsize/prsize8.c
# wget http://www.cs.utk.edu/~plank/plank/classes/cs360/360/src/dllist.c
# wget http://www.cs.utk.edu/~plank/plank/classes/cs360/360/notes/Dllists/dllist.h
# wget http://www.cs.utk.edu/~plank/plank/classes/cs360/360/src/jrb.c
# wget http://www.cs.utk.edu/~plank/plank/classes/cs360/360/include/jrb.h
# wget http://www.cs.utk.edu/~plank/plank/classes/cs360/360/src/jval.c
# wget http://www.cs.utk.edu/~plank/plank/classes/cs360/360/include/jval.h

prsize8.c is the main program, while dllist.c/h jrb.c/h jval.c/h is library that prsize8 statically linked in.

Now we need to create some static library.(Original website doesn’t explain how to create the libs)

# gcc -c dllist.c -o dllist.o
# gcc -c jrb.c -o jrb.o
# gcc -c jval.c -o jval.o

# ar rcs libdllist.a dllist.o
# ar rcs libjrb.a jrb.o
# ar rcs libjval.a jval.o
Tags: , No Comments
Posted inmaildrop

Maildroprc Automatically Delete quotawarn File in Maildir

This is the Ugly workaround

Postfix master.cf setting

maildrop  unix  -       n       n       -       -       pipe
  flags=ODRhu user=vmail argv=/usr/bin/maildrop -w 90 -d ${recipient} ${user} ${domain}

With this setting maildrop wil warn user if their Maildir reach 90% of quota and send warning to user

The problem is, even if user emptying their maildir, users wil always get warning because quotawarn is still in Maildir

[vchkpw] quotawarn question

#
MAILHOME="/var/data/postfix"
DOMAIN="$2"
USER="$1"

QUOTA=`echo "$MAILDIRQUOTA" | cut -f 1 -d S`
USAGE=`du -sb "$MAILHOME/$DOMAIN/$USER/" | awk '{print $1}'`
PERCENT=`echo "$QUOTA * 90/100" | bc`

if ( "$USAGE" < "$PERCENT" )
{
        `/bin/rm -f "$MAILHOME/$DOMAIN/$USER/quotawarn"`
}
Tags: , , No Comments
Posted inpostfix

Postfix Bind Sender Domain To Dedicated Outgoing IP Address

Recently there have been requests for sending mail with source IP addresses that depend on the envelope sender, it’s very usefull to protect IP-based domain reputations of different customers.

New Feature in postfix postfix-2.7-20091209 is sender_dependent_default_transport_maps

sender_dependent_default_transport_maps (default: empty)

    A sender-dependent override for the global default_transport parameter setting.
    The tables are searched by the envelope sender address and @domain.
    A lookup result of DUNNO terminates the search without overriding the global default_transport parameter setting.
    This information is overruled with the transport(5) table.

    Note: this overrides default_transport, not transport_maps, and therefore the expected syntax is that of default_transport.
          This feature does not support the transport_maps syntax for null transport, null nexthop, or null email addresses.

    For safety reasons, this feature does not allow $number substitutions in regular expression maps.

    This feature is available in Postfix 2.7 and later.

Create file called sdd_transport_maps.regexp:

/@customer1-dom\.tld$/		customer1:
/@customer2-dom\.tld$/		customer2:
/@customer3-dom\.tld$/		customer3:
..... next .....
Tags: 35
Posted inpostfix

Postfix Selective Sender Addresss Verification

The idea is selectively probe valid email sender for certain domain that frequently forged by spammer, we should use sender access verification carefully. Much better if we noticing postmaster/admin that we conducting SAv/probing their server for valid user, or otherwise we’ll end up in backscatterer.org list hehehe…

Create smtpd_restriction_class call verify_sender

smtpd_restriction_classes = verify_sender

Define verify_sender so it should reject all unverified email sender, verified one will be permit/pass

verify_sender = reject_unverified_sender, permit

Create has table called frequently_forged_senders to define sender domain that going to be in verification list

check_sender_access hash:/etc/postfix/frequently_forged_senders

frequently_forged_senders contains

domain1.tld		verify_sender
domain2.tld		verify_sender
domain3.tld		verify_sender
Tags: , No Comments
Posted infedora postfix tls

Postfix TLS Support On Fedora 12

It’s time to make our SMTP transactions encrypted using TLS. TLS itself stands for Transport Layer Security. it encrypts the communication between two hosts.

As usual when building postfix RPM package, i recommended using tutorial on how to compile postfix rpm source at Simon J Mudd’s website

When you’ve done with compiling postyfix with TLS support, continue to these how to create self signed postfix tls certificates

  • Certificates part
    • # cd /etc/postfix
# mkdir ssl
# cd ssl
# mkdir certs crl newcerts private
# echo "01" > serial
# cp /dev/null index.txt
# cat /etc/pki/tls/openssl.cnf | sed -e 's/\/etc\/pki\/CA/\./' | sed -e 's/\.\/demoCA/\./' > openssl.cnf

# openssl req -new -x509 -keyout private/cakey.pem -out cacert.pem -days 3650 -config openssl.cnf
# openssl req -nodes -new -x509 -keyout newreq.pem -out newreq.pem -days 3650 -config openssl.cnf
# openssl x509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem

# openssl ca -config openssl.cnf -policy policy_anything -out newcert.pem -infiles tmp.pem

# cp cacert.pem /etc/postfix
# grep -B 100 "END PRIVATE KEY" newreq.pem > /etc/postfix/key.pem
# chmod 400 /etc/postfix/key.pem
# cp newcert.pem /etc/postfix/cert.pem
Tags: , , 1
Posted infedora mysql pam

Postfix Smtp Auth using pam_mysql On Fedora 12

First of all, of course we need to compile postfix for supporting sasl.the easiest way is read tutorial how to compile postfix rpm source at Simon J Mudd’s website

Since i’m using mysql database for storing username/password, i’m gonna show you how to create smtp authentication/SASL.

Install pam_mysql:

# yum -y install pam_mysql

Edit /etc/pam.d/smtp file :

auth required pam_mysql.so user=postfix passwd=password host=localhost db=postfixdb table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqlLog=0
account sufficient pam_mysql.so user=postfix passwd=password host=localhost db=postfixdb table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqlLog=0
Tags: , , , No Comments
Posted inmysql programing

How To Use LIKE In MYSQL Stored Procedure Select Statement?

I write a stored procedure as below but always result nothing/incorect. [text] DELIMITER // DROP PROCEDURE IF EXISTS get_domain // CREATE PROCEDURE get_domain (IN domin VARCHAR(64)) BEGIN SELECT * FROM domain_senders WHERE domain LIKE '%domin%'; END// DELIMITER ; [/text] The procedure itself is successfully created.After looking around with google i've…
Tags: , 3