head 1.5; access; symbols pkgsrc-2026Q1:1.5.0.60 pkgsrc-2026Q1-base:1.5 pkgsrc-2025Q4:1.5.0.58 pkgsrc-2025Q4-base:1.5 pkgsrc-2025Q3:1.5.0.56 pkgsrc-2025Q3-base:1.5 pkgsrc-2025Q2:1.5.0.54 pkgsrc-2025Q2-base:1.5 pkgsrc-2025Q1:1.5.0.52 pkgsrc-2025Q1-base:1.5 pkgsrc-2024Q4:1.5.0.50 pkgsrc-2024Q4-base:1.5 pkgsrc-2024Q3:1.5.0.48 pkgsrc-2024Q3-base:1.5 pkgsrc-2024Q2:1.5.0.46 pkgsrc-2024Q2-base:1.5 pkgsrc-2024Q1:1.5.0.44 pkgsrc-2024Q1-base:1.5 pkgsrc-2023Q4:1.5.0.42 pkgsrc-2023Q4-base:1.5 pkgsrc-2023Q3:1.5.0.40 pkgsrc-2023Q3-base:1.5 pkgsrc-2023Q2:1.5.0.38 pkgsrc-2023Q2-base:1.5 pkgsrc-2023Q1:1.5.0.36 pkgsrc-2023Q1-base:1.5 pkgsrc-2022Q4:1.5.0.34 pkgsrc-2022Q4-base:1.5 pkgsrc-2022Q3:1.5.0.32 pkgsrc-2022Q3-base:1.5 pkgsrc-2022Q2:1.5.0.30 pkgsrc-2022Q2-base:1.5 pkgsrc-2022Q1:1.5.0.28 pkgsrc-2022Q1-base:1.5 pkgsrc-2021Q4:1.5.0.26 pkgsrc-2021Q4-base:1.5 pkgsrc-2021Q3:1.5.0.24 pkgsrc-2021Q3-base:1.5 pkgsrc-2021Q2:1.5.0.22 pkgsrc-2021Q2-base:1.5 pkgsrc-2021Q1:1.5.0.20 pkgsrc-2021Q1-base:1.5 pkgsrc-2020Q4:1.5.0.18 pkgsrc-2020Q4-base:1.5 pkgsrc-2020Q3:1.5.0.16 pkgsrc-2020Q3-base:1.5 pkgsrc-2020Q2:1.5.0.14 pkgsrc-2020Q2-base:1.5 pkgsrc-2020Q1:1.5.0.10 pkgsrc-2020Q1-base:1.5 pkgsrc-2019Q4:1.5.0.12 pkgsrc-2019Q4-base:1.5 pkgsrc-2019Q3:1.5.0.8 pkgsrc-2019Q3-base:1.5 pkgsrc-2019Q2:1.5.0.6 pkgsrc-2019Q2-base:1.5 pkgsrc-2019Q1:1.5.0.4 pkgsrc-2019Q1-base:1.5 pkgsrc-2018Q4:1.5.0.2 pkgsrc-2018Q4-base:1.5; locks; strict; comment @# @; 1.5 date 2018.12.14.06.49.31; author schmonz; state Exp; branches; next 1.4; commitid F28Hd8C6neKqzJ3B; 1.4 date 2018.12.11.17.49.41; author schmonz; state Exp; branches; next 1.3; commitid 8GHwlSznKkaTjp3B; 1.3 date 2018.11.14.16.46.59; author schmonz; state Exp; branches; next 1.2; commitid 8CO7kB1bLmmbQVZA; 1.2 date 2018.11.13.16.34.58; author schmonz; state Exp; branches; next 1.1; commitid UwsgKCL57hu3ONZA; 1.1 date 2018.11.10.15.31.18; author schmonz; state Exp; branches; next ; commitid W9839M5ReVscypZA; desc @@ 1.5 log @Extract most of MESSAGE to README.pkgsrc. (MESSAGE was getting too long.) Comment out qmail-qfilter-viruscan in control/smtpfilters. It's not a very precise tool, so the cost (false positives) probably outweighs the benefit (blocked malware attachments) for many users. Also not a sensible default: rejecting incoming mail on SPF explicit-fail. This needs to be an admin decision because, among other reasons, it would also reject messages forwarded through servers that haven't configured SRS. Document SPF setup, including how to reject (with this caveat) and how to greylist SPF explicit-pass (which would otherwise be exempted from greylisting). Rename greylisting-spp-with-exemptions to greylisting-spp-wrapper. Add a feature: to effectively omit IP from the (IP,sender,recipient) tuple, add GL_WRAPPER_TCPREMOTEIP="127.127.127.127" to control/tcprules/smtp. rc.d scripts: - Location of tcprules file is configurable - By default, CDB is auto-rebuilt as needed on service start - CDB auto-rebuilding can be configured off Bump version. @ text @# qmail-spp configuration file # plugins to execute on client's connection [connection] # plugins to execute on HELO/EHLO commands [helo] # plugins to execute on MAIL command [mail] @@PREFIX@@/bin/qmail-spp-spf # plugins to execute on RCPT command [rcpt] @@PREFIX@@/bin/qmail-rcptcheck #@@PREFIX@@/bin/greylisting-spp-wrapper # plugins to execute on DATA command [data] @ 1.4 log @Add SPF checks via qmail-spp-spf (new dependency): - On "fail", reject - On "pass", skip any greylisting - Else, accept mail as we otherwise would. qmail-spp-spf adds a `Received-SPF:` header to all incoming messages. Migrate ${PKG_SYSCONFDIR}/tcp.* to ${PKG_SYSCONFDIR}/control/tcprules. Bump version. @ text @d16 1 a16 1 #@@PREFIX@@/bin/greylisting-spp-with-exemptions @ 1.3 log @On second thought, greylisting isn't a sensible default. Comment it out in control/smtpplugins. Extract a "Greylisting" stanza in MESSAGE. Merge "Local non-root users to see the queue" into previous section (and provide qmail-qread-client in example mailer.conf to begin with). Mention port numbers where applicable. Enable defaults that are sensible: realrcptto in control/rcptchecks and viruscan in control/smtpfilters. Add fixsmtpio rules to make greylisting-spp's tempfails look more like qmail's other messages. Bump dependency on qmail for config-fast-pkgsrc, which is like config-fast but lets us simulate CONF_FILES-like behavior. As before, we install these minimal config files, and won't deinstall them. (But the updated qmail package will.) Bump version. @ text @d11 1 @ 1.2 log @Enable greylisting by default via mail/greylisting-spp. To make this a sensible default, we wrap it in "greylisting-spp-with-exemptions", which lets recipient addresses and domains be exempted from greylisting by editing control/greylist/exemptrcpt{s,hosts}. qmailofmipd: enable user CDB by default and remove the verbiage. qmailsmtpd: bump datalimit (seeing occasional "fixsmtpio: out of memory" in production). Improve MESSAGE a bit more. Bump version. @ text @d15 1 a15 1 @@PREFIX@@/bin/greylisting-spp-with-exemptions @ 1.1 log @Bump dependency on qmail for SPP support and on rejectutils for an SPP-compatible qmail-rcptcheck. Create control/smtpplugins so that the RCPTCHECK-compatible programs continue to run as before. No functional change intended. Bump version. @ text @d15 1 @