My Grey Cells Burning
Tuesday, December 12, 2006
Integrating rhost-check and rblsmtpd with tcpserver in Qmail Environment.

I solved this after few hours reading and playing with run file located in /var/qmailsupervise/qmail-smtpd. Most howto found on Net doesnt really tell how to properly setting up rhost-check and rblsmtpd with tcpserver such as here and here. Most howto does not tell how to execute those mission properly.

So here the step.

1. I use qmailrocks to set up Qmail systems (not using Qtrap other than SpamAssassin which only TAG spam mail as :SPAM: joined together with ClamAV and Qmail-Scanner). Assuming you too have already running Qmail server, therefore I created scripts directory in /downloads.

# mkdir /downloads/scripts && cd /downloads/scripts

2. Get rhost-check.c from the site.
# wget http://www.zentus.com/rhost-check.c

3. Open rhost-check.c.
# vim rhost-check.c

4. Look for putenv(“RBLSMTPD=bad reverse DNS”);
and change it to putenv(“RBLSMTPD=-bad reverse DNS”);

5. Save and exit. Compile according to the site here and copy the bin file into /usr/local/bin.

6. This that most howto doesnt deal with.

# vim /etc/tcp.smtp

and it will show : 127.:allow,RELAYCLIENT=""

put it RELAYCLIENT="/usr/local/bin/rhost-check" or maybe if you are using qqrbl, you can put qqrbl path into the RELAYCLIENT like example above. Save and exit.

7. Open /var/qmail/supervise/qmail-smtpd/run. Look for nearly at the end of the line that show 0 smtp. You will start do some changes below.

8. You will see this:
/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \

put -p in front "$LOCAL" and before -x. p is for paranoid.

Under 0 smtp \ put: /usr/local/bin/rblsmtpd -r sbl-xbl.spamhaus.org \

and the rest below we did not touch:

/var/qmail/bin/qmail-smtpd testbox.zarxcom.org \
/var/qmail/bin/vchkpw /usr/bin/true 2>&1

Save and exit.

9. Execute this command.
# qmailctl cdb /* reloading etc/tcp.smtp to take on new config*/
# qmailctl stop
# qmailctl start

Check the start process by doing a ps -ef | grep qmail.

10. Test the filter by using this line :

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

use your yahoo.com or gmail.com or inbox.com or whatever, put those line shown above into the message
put the subject as FREE VIAGRA or something spammy like that and send to the email server that you had set up the rhost-check-rblsmtpd filter.

You should NOT get this email.

(Test send before install rhost-check+rblsmtpd shows that test mail arrived with no attempt of rejecting other than tagging).

Note:
test sending 'normal' mail first before sending spam-infected mail shown above in order to see the differences (between receiving and NOT receiving).

Try also do tail -f on /var/log/maillog and /var/log/qmail/qmail-smtpd/current.


Labels:

posted by zarxcky @ 12/12/2006 06:09:00 PM  
0 Comments:
Post a Comment
<< Home
 
About Me

Name: zarxcky
Home: Malaysia
About Me: I am crazy person living in this crazy world where a lot of crazy people (more crazier than me) living in this crazy world as well. Either this crazy world or the crazy people makes me a crazy man or the reverse side of it. Dont believe me? Just look at the pic.
See my complete profile

Previous Post
Archives
Links

    goowy | your personal webtop

Comrades
Syndicates