字體:  

新增安裝 pop-before-smtp 的設定

adj 發表於: 2007-11-29 21:33 來源: ADJ網路控股集團


pop-before-smtp Howto (RedHat linux + vm-pop3d)

1. install pop-before-smtp
    % wget http://www.adj.idv.tw/download/d ... p-1.33-1.noarch.rpm
    % rpm -ivh pop-before-smtp-1.33-1.noarch.rpm
2. install perl modules
    % perl -MCPAN -e shell;
    % install Time::HiRes
    % install File::Tail
    % install Net::Netmask
    % install Date:arse
    % install DB_File
3. modify /etc/pop-before-smtp-conf.pl for vm-pop3d
在最底下那行 1; 之前...加上

CODE:

# For vm-pop3d -- needs to match 2 log entries (uncomment all 3 "my" lines).
my $PID_pat = '^(... .. ..:..:..) \S+ (?:vm-pop3d)\[(\d+)\]: ';
my $IP_pat = $PID_pat . 'Connect from (\d+\.\d+\.\d+\.\d+)$';
my $OK_pat = $PID_pat . 'User .+ logged in$';

############################## Support Routines ############################

# This section takes care of defining a multi-line-match custom_match()
# subroutine, but only if the user configured our 3 required patterns.

if (defined($PID_pat) && defined($IP_pat) && defined($OK_pat)) {
    eval <<'EOT';
# Some pop services don't put the IP on the line that lets us know that a
# user was properly authenticated.  For these programs, we scan the IP off
# an earlier line and the check the validation by comparing the PID values.

    my %popIPs;

    # The maillog line to match is in $_.
    sub custom_match
    {
        if (/$PID_pat/o) {
            my($ts, $pid) = ($1, $2);
            if (/$IP_pat/o) {
                $popIPs{$pid} = $3;
            }
            else {
                foreach my $key (keys %popIPs) {
                    if ($pid == $key) {
                        my $ip = $popIPs{$pid};
                        delete $popIPs{$pid};
                        if (/$OK_pat/o) {
                            return ($ts, $ip);
                        }
                        last;
                    }
                }
            }
        }
        ( );
    }
EOT
}
4. start pop-before-smtp
    service pop-before-smtp start
5. test pop-before-smtp
    i) perform a successful POP login from your IP
    ii) % postmap -q xxx.xxx.xxx.xxx hash:/etc/postfix/pop-before-smtp (xxx.xxx.xxx.xxx is your IP)
        should return "OK"
6. Integrate into postfix
    % vi /etc/postfix/main.cf
    before : smtpd_recipient_restrictions = permit_mynetworks,check_relay_domains
    after : smtpd_recipient_restrictions = permit_mynetworks,check_client_access hash:/etc/postfix/pop-before-smtp,check_relay_domains
    % postfix reload


預設...只要有收過信....30 分鐘內就可以由該 ip 透過伺服器發信.