What is Greylisting?
“Greylisting is a new method of blocking significant amounts of spam at the mailserver level, but without resorting to heavyweight statistical analysis or other heuristical (and error-prone) approaches. Consequently, implementations are fairly lightweight, and may even decrease network traffic and processor load on your mailserver. “
The original implementation and whitepaper by Evan Harris can be found here.
I’ve rolled together SWsoft Plesk 8 Qmail Patches and Qmail with my own patches to add greylisting support using MySQL based on Evan’s greylisting for sendmail.
Prerequisites
mysql-devel
openssl-devel
Installation
Download qmail-1.03-greylist-psa8.tar.gz
tar xvfz qmail-1.03-psa-greylist.tar.gz cd qmail-1.03
vi local_scan.c
#define MYSQLHOST "localhost" #define MYSQLUSER "greylist" #define MYSQLPASS "password" #define MYSQLDB "qmail" #define BLOCK_EXPIRE 4 /* minutes until email is accepted */ #define RECORD_EXPIRE 1500 /* minutes until record expires */ #define RECORD_EXPIRE_GOOD 36 /* days until record expires after accepting email */
Configure MySQL database
mysql -u root -p
CREATE DATABASE qmail;
GRANT ALL ON qmail.* TO 'greylisting'@'localhost' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
--
-- Table structure for table `relaytofrom`
--
CREATE TABLE relaytofrom (
id bigint(20) NOT NULL auto_increment,
relay_ip varchar(16) default NULL,
mail_from varchar(255) default NULL,
rcpt_to varchar(255) default NULL,
block_expires datetime NOT NULL default '0000-00-00 00:00:00',
record_expires datetime NOT NULL default '0000-00-00 00:00:00',
blocked_count bigint(20) NOT NULL default '0',
passed_count bigint(20) NOT NULL default '0',
aborted_count bigint(20) NOT NULL default '0',
origin_type enum('MANUAL','AUTO') NOT NULL default 'MANUAL',
create_time datetime NOT NULL default '0000-00-00 00:00:00',
last_update timestamp(14) NOT NULL,
PRIMARY KEY (id),
KEY relay_ip (relay_ip),
KEY mail_from (mail_from(20)),
KEY rcpt_to (rcpt_to(20))
) TYPE=MyISAM;
make
/etc/rc.d/init.d/qmail stop
cp qmail-envelope-scanner /var/qmail/bin/.
cp -f qmail-smtpd /var/qmail/bin/.
chown root.qmail /var/qmail/bin/qmail-envelope-scanner
chown root.qmail /var/qmail/bin/qmail-smtpd
/etc/rc.d/init.d/qmail start
Create a PERL script to clean up the database and place in /etc/cron.daily
#!/usr/bin/perl
use strict;
use warnings;
use constant DBD => 'DBI:mysql:qmail:localhost:3306';
use constant DBUSER => 'milter';
use constant DBPASS => 'greylist';
use DBI;
system ("cat /dev/null > /tmp/greylist_dbg.txt");
my $dbh = DBI->connect(DBD,DBUSER,DBPASS) or die "can't connect to db ", $DBI::errstr, ":$!";
$dbh->do("DELETE FROM relaytofrom WHERE record_expires < NOW() - INTERVAL 1 HOUR AND origin_type = 'AUTO'");
$dbh->do("OPTIMIZE TABLE relaytofrom");
$dbh->disconnect;
exit;
To verify that qmail is working with greylisting, run
tail -f /tmp/greylist_dbg.txt
White & Blacklist Entries
See my post here to create the proper SQL entries.
Help
If you have problems with the compile or installation, please comment below.
I also offer professional services to install greylisting for you at a flat rate of $50 / server. Click here to get started and email brent@meshier.com with the IP & root password for the server and MySQL.
Testimonial
“We hired Brent to increase the security of our servers, implement his greylisting solution and more. Brent was able to exactly pinpoint our vulnerabilities and come up with the best solution to solve these issues. Brent did a great job and went the extra mile for us. I would recommend Brent to anyone looking for server security and consulting services.”
Tem Balanco
President, OneWebHosting.com
have you tested this package for Plesk 7.5.4??
Guybrush
September 21st, 2006
Yes, it works with Plesk 7.5.x and 8.x series.
brent
September 21st, 2006
First off… thanks for this info.
I have a couple questions if you have the time.
When tailing the greylist_dbg.txt file, all I see is this.
——–
protocol = notneeded4qmail apache@host.upbeat.com
——–
protocol = notneeded4qmail consumereparcel@emptorrewardaids.com
——–
protocol = notneeded4qmail info@dudtub.com
——–
I’m getting no entries in the relaytofrom table.
What is the expected behaviour?
When do entries get placed into the relaytofrom table?
daniel
September 25th, 2006
I have tried this installation a lot of times but never generated it the file in /tmp.I have fc1 and Plesk 7.5.4 .can u help me?
Guybrush
September 25th, 2006
If you have an 64bit System you need to modify the Makefile:
search for libmysqlclient.a
change
load qmail-envelope-scanner.o local_scan.o /usr/lib/mysql/libmysqlclient.a
./load qmail-envelope-scanner -lz -lm local_scan.o /usr/lib/mysql/libmysqlclient.a
to
load qmail-envelope-scanner.o local_scan.o /usr/lib64/mysql/libmysqlclient.a
./load qmail-envelope-scanner -lz -lm local_scan.o /usr/lib64/mysql/libmysqlclient.a
Thorsten
September 28th, 2006
Thank you for posting this — I’m very interested in trying it out!
There’s an interesting discussion (and some noise) at http://www.merakmailserver.com/forum/Greylisting/m_1897/tm.htm
The White Paper mentions this problem, too, and suggests using only the /24 part of the IP address as a work around. Merak seems to offer an all or none choice only, i.e. drop the IP address completely.
What’s your opinion on this? Have you implemented /32 checking?
Hans
September 28th, 2006
many warnings during compile on fed4/plesk8 the
warnings all show ‘ I think these are funny quotes,
like the ones surrounding optimize table in the cron script above.
I think i am missing qmail functionality because of the warnings during
make, (I will look closer). But the one thing I am absolutly missing
is spam, the DB is filling up quick, and the legit mail is going through.
My hats off to you. Thank-you very much.
I would recommend adding extra step in your howto:
mv /var/qmail/bin/qmail-smtpd /var/qmail/bin/qmail-smtpd.orig
after stoping qmail, then drop the -f in the next cp command.
mike
October 3rd, 2006
I can not name all patches I have already applied to my qmail. However it took only to add three routines and one condition to qmail-smtpd.c to get it working with qmail-envelope-scanner. I do not use Plesk. So far greylisting works … perfectly!
Blablacz
October 6th, 2006
I get a compilation error. Can you help?
make
( cat warn-auto.sh; \
echo CC=\’`head -1 conf-cc`\’; \
echo LD=\’`head -1 conf-ld`\’ \
) > auto-ccld.sh
cat auto-ccld.sh make-load.sh > make-load
chmod 755 make-load
cat auto-ccld.sh find-systype.sh > find-systype
chmod 755 find-systype
./find-systype > systype
( cat warn-auto.sh; ./make-load “`cat systype`” ) > load
chmod 755 load
cat auto-ccld.sh make-compile.sh > make-compile
chmod 755 make-compile
( cat warn-auto.sh; ./make-compile “`cat systype`” ) > \
compile
chmod 755 compile
( ( ./compile tryvfork.c && ./load tryvfork ) >/dev/null \
2>&1 \
&& cat fork.h2 || cat fork.h1 ) > fork.h
rm -f tryvfork.o tryvfork
./compile qmail-local.c
qmail-local.c: In function `main’:
qmail-local.c:760: warning: return type of `main’ is not `int’
./compile qsutil.c
./compile qmail.c
./compile quote.c
./compile now.c
./compile gfrom.c
./compile myctime.c
./compile slurpclose.c
cat auto-ccld.sh make-makelib.sh > make-makelib
chmod 755 make-makelib
( cat warn-auto.sh; ./make-makelib “`cat systype`” ) > \
makelib
chmod 755 makelib
./compile case_diffb.c
./compile case_diffs.c
./compile case_lowerb.c
./compile case_lowers.c
./compile case_starts.c
./makelib case.a case_diffb.o case_diffs.o case_lowerb.o \
case_lowers.o case_starts.o
./compile getln.c
./compile getln2.c
./makelib getln.a getln.o getln2.o
./compile subgetopt.c
./compile sgetopt.c
./makelib getopt.a subgetopt.o sgetopt.o
./compile sig_alarm.c
( ( ./compile trysgprm.c && ./load trysgprm ) >/dev/null \
2>&1 \
&& echo \#define HASSIGPROCMASK 1 || exit 0 ) > hassgprm.h
rm -f trysgprm.o trysgprm
./compile sig_block.c
( ( ./compile trysgact.c && ./load trysgact ) >/dev/null \
2>&1 \
&& echo \#define HASSIGACTION 1 || exit 0 ) > hassgact.h
rm -f trysgact.o trysgact
./compile sig_catch.c
./compile sig_pause.c
./compile sig_pipe.c
./compile sig_child.c
./compile sig_hup.c
./compile sig_term.c
./compile sig_bug.c
./compile sig_misc.c
./makelib sig.a sig_alarm.o sig_block.o sig_catch.o \
sig_pause.o sig_pipe.o sig_child.o sig_hup.o sig_term.o \
sig_bug.o sig_misc.o
./compile open_append.c
./compile open_excl.c
./compile open_read.c
./compile open_trunc.c
./compile open_write.c
./makelib open.a open_append.o open_excl.o open_read.o \
open_trunc.o open_write.o
./compile seek_cur.c
./compile seek_end.c
./compile seek_set.c
./compile seek_trunc.c
./makelib seek.a seek_cur.o seek_end.o seek_set.o \
seek_trunc.o
( ( ./compile tryflock.c && ./load tryflock ) >/dev/null \
2>&1 \
&& echo \#define HASFLOCK 1 || exit 0 ) > hasflock.h
rm -f tryflock.o tryflock
./compile lock_ex.c
./compile lock_exnb.c
./compile lock_un.c
./makelib lock.a lock_ex.o lock_exnb.o lock_un.o
./compile fd_copy.c
./compile fd_move.c
./makelib fd.a fd_copy.o fd_move.o
( ( ./compile trywaitp.c && ./load trywaitp ) >/dev/null \
2>&1 \
&& echo \#define HASWAITPID 1 || exit 0 ) > haswaitp.h
rm -f trywaitp.o trywaitp
./compile wait_pid.c
./compile wait_nohang.c
./makelib wait.a wait_pid.o wait_nohang.o
./compile env.c
./compile envread.c
./makelib env.a env.o envread.o
./compile stralloc_eady.c
./compile stralloc_pend.c
./compile stralloc_copy.c
./compile stralloc_opys.c
./compile stralloc_opyb.c
./compile stralloc_cat.c
./compile stralloc_cats.c
./compile stralloc_catb.c
./compile stralloc_arts.c
./makelib stralloc.a stralloc_eady.o stralloc_pend.o \
stralloc_copy.o stralloc_opys.o stralloc_opyb.o \
stralloc_cat.o stralloc_cats.o stralloc_catb.o \
stralloc_arts.o
./compile alloc.c
./compile alloc_re.c
./makelib alloc.a alloc.o alloc_re.o
./compile strerr_sys.c
./compile strerr_die.c
./makelib strerr.a strerr_sys.o strerr_die.o
./compile substdio.c
./compile substdi.c
./compile substdo.c
./compile subfderr.c
./compile subfdout.c
./compile subfdouts.c
./compile subfdin.c
./compile subfdins.c
./compile substdio_copy.c
./makelib substdio.a substdio.o substdi.o substdo.o \
subfderr.o subfdout.o subfdouts.o subfdin.o subfdins.o \
substdio_copy.o
./compile error.c
./compile error_str.c
./compile error_temp.c
./makelib error.a error.o error_str.o error_temp.o
./compile str_len.c
./compile str_diff.c
./compile str_diffn.c
./compile str_cpy.c
./compile str_cpyb.c
./compile str_chr.c
./compile str_rchr.c
./compile str_start.c
./compile byte_chr.c
./compile byte_rchr.c
./compile byte_cspn.c
./compile byte_rcspn.c
./compile byte_diff.c
./compile byte_copy.c
./compile byte_cr.c
./compile byte_zero.c
./makelib str.a str_len.o str_diff.o str_diffn.o str_cpy.o str_cpyb.o \
str_chr.o str_rchr.o str_start.o byte_chr.o byte_rchr.o byte_cspn.o \
byte_rcspn.o byte_diff.o byte_copy.o byte_cr.o byte_zero.o
./compile fmt_str.c
./compile fmt_strn.c
./compile fmt_uint.c
./compile fmt_uint0.c
./compile fmt_ulong.c
./compile scan_ulong.c
./compile scan_8long.c
./makelib fs.a fmt_str.o fmt_strn.o fmt_uint.o fmt_uint0.o \
fmt_ulong.o scan_ulong.o scan_8long.o
./compile datetime.c
./compile datetime_un.c
./makelib datetime.a datetime.o datetime_un.o
./compile auto-str.c
auto-str.c: In function `main’:
auto-str.c:17: warning: return type of `main’ is not `int’
./load auto-str substdio.a error.a str.a
./auto-str auto_qmail `head -1 conf-qmail` > auto_qmail.c
./compile auto_qmail.c
./compile auto-int8.c
auto-int8.c: In function `main’:
auto-int8.c:19: warning: return type of `main’ is not `int’
./load auto-int8 substdio.a error.a str.a fs.a
./auto-int8 auto_patrn `head -1 conf-patrn` > auto_patrn.c
./compile auto_patrn.c
( ( ./compile trylsock.c && \
./load trylsock -lsocket -lnsl ) >/dev/null 2>&1 \
&& echo -lsocket -lnsl || exit 0 ) > socket.lib
rm -f trylsock.o trylsock
./load qmail-local qsutil.o qmail.o quote.o now.o gfrom.o myctime.o \
slurpclose.o case.a getln.a getopt.a sig.a open.a seek.a \
lock.a fd.a wait.a env.a stralloc.a alloc.a strerr.a \
substdio.a error.a str.a fs.a datetime.a auto_qmail.o \
auto_patrn.o `cat socket.lib`
( ( ./compile tryulong32.c && ./load tryulong32 && \
./tryulong32 ) >/dev/null 2>&1 \
&& cat uint32.h2 || cat uint32.h1 ) > uint32.h
rm -f tryulong32.o tryulong32
./compile qmail-lspawn.c
( ./compile trysysel.c >/dev/null 2>&1 \
&& cat select.h2 || cat select.h1 ) > select.h
rm -f trysysel.o trysysel
./compile chkspawn.c
chkspawn.c: In function `main’:
chkspawn.c:12: warning: return type of `main’ is not `int’
./compile auto-int.c
auto-int.c: In function `main’:
auto-int.c:19: warning: return type of `main’ is not `int’
./load auto-int substdio.a error.a str.a fs.a
./auto-int auto_spawn `head -1 conf-spawn` > auto_spawn.c
./compile auto_spawn.c
./load chkspawn substdio.a error.a str.a fs.a auto_spawn.o
./chkspawn
./compile spawn.c
spawn.c: In function `main’:
spawn.c:186: warning: return type of `main’ is not `int’
./compile chkshsgr.c
chkshsgr.c: In function `main’:
chkshsgr.c:3: warning: return type of `main’ is not `int’
./load chkshsgr
./chkshsgr || ( cat warn-shsgr; exit 1 )
( ( ./compile tryshsgr.c \
&& ./load tryshsgr && ./tryshsgr ) >/dev/null 2>&1 \
&& echo \#define HASSHORTSETGROUPS 1 || exit 0 ) > \
hasshsgr.h
rm -f tryshsgr.o tryshsgr
./compile prot.c
./compile coe.c
./compile cdb_hash.c
./compile cdb_unpack.c
./compile cdb_seek.c
./makelib cdb.a cdb_hash.o cdb_unpack.o cdb_seek.o
./compile auto-uid.c
auto-uid.c: In function `main’:
auto-uid.c:21: warning: return type of `main’ is not `int’
./load auto-uid substdio.a error.a str.a fs.a
./compile auto-gid.c
auto-gid.c: In function `main’:
auto-gid.c:21: warning: return type of `main’ is not `int’
./load auto-gid substdio.a error.a str.a fs.a
( ./auto-uid auto_uida `head -1 conf-users` \
&&./auto-uid auto_uidd `head -2 conf-users | tail -1` \
&&./auto-uid auto_uidl `head -3 conf-users | tail -1` \
&&./auto-uid auto_uido `head -4 conf-users | tail -1` \
&&./auto-uid auto_uidp `head -5 conf-users | tail -1` \
&&./auto-uid auto_uidq `head -6 conf-users | tail -1` \
&&./auto-uid auto_uidr `head -7 conf-users | tail -1` \
&&./auto-uid auto_uids `head -8 conf-users | tail -1` \
&&./auto-gid auto_gidq `head -1 conf-groups` \
&&./auto-gid auto_gidn `head -2 conf-groups | tail -1` \
) > auto_uids.c.tmp && mv auto_uids.c.tmp auto_uids.c
./compile auto_uids.c
./load qmail-lspawn spawn.o prot.o slurpclose.o coe.o \
sig.a wait.a case.a cdb.a fd.a open.a stralloc.a alloc.a \
substdio.a error.a str.a fs.a auto_qmail.o auto_uids.o \
auto_spawn.o
./compile qmail-getpw.c
qmail-getpw.c: In function `main’:
qmail-getpw.c:61: warning: return type of `main’ is not `int’
./auto-str auto_break \
“`head -1 conf-break`” > auto_break.c
./compile auto_break.c
./auto-str auto_usera `head -1 conf-users` > auto_usera.c
./compile auto_usera.c
./load qmail-getpw case.a substdio.a error.a str.a fs.a \
auto_break.o auto_usera.o
./compile qmail-remote.c
In file included from /usr/include/openssl/ssl.h:179,
from tls.h:4,
from qmail-remote.c:53:
/usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory
In file included from /usr/include/openssl/ssl.h:179,
from tls.h:4,
from qmail-remote.c:53:
/usr/include/openssl/kssl.h:134: syntax error before “krb5_enctype”
/usr/include/openssl/kssl.h:136: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:137: syntax error before ‘}’ token
/usr/include/openssl/kssl.h:149: syntax error before “kssl_ctx_setstring”
/usr/include/openssl/kssl.h:149: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:150: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:151: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:151: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:152: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:153: syntax error before “kssl_ctx_setprinc”
/usr/include/openssl/kssl.h:153: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:155: syntax error before “kssl_cget_tkt”
/usr/include/openssl/kssl.h:155: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:157: syntax error before “kssl_sget_tkt”
/usr/include/openssl/kssl.h:157: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:159: syntax error before “kssl_ctx_setkey”
/usr/include/openssl/kssl.h:159: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:161: syntax error before “context”
/usr/include/openssl/kssl.h:162: syntax error before “kssl_build_principal_2″
/usr/include/openssl/kssl.h:162: syntax error before “context”
/usr/include/openssl/kssl.h:165: syntax error before “kssl_validate_times”
/usr/include/openssl/kssl.h:165: syntax error before “atime”
/usr/include/openssl/kssl.h:167: syntax error before “kssl_check_authent”
/usr/include/openssl/kssl.h:167: syntax error before ‘*’ token
/usr/include/openssl/kssl.h:169: syntax error before “enctype”
In file included from tls.h:4,
from qmail-remote.c:53:
/usr/include/openssl/ssl.h:909: syntax error before “KSSL_CTX”
/usr/include/openssl/ssl.h:931: syntax error before ‘}’ token
qmail-remote.c: In function `quit’:
qmail-remote.c:269: dereferencing pointer to incomplete type
qmail-remote.c: In function `main’:
qmail-remote.c:663: warning: return type of `main’ is not `int’
make: *** [qmail-remote.o] Error 1
Carling
October 6th, 2006
thanks for the nice tutorial
but ther eis one error:
those “protocol = notneeded4qmail” messages in /tmp/greylist_dbg.txt are, because the mysql access rights of the greylist user aren’t sufficient to write and select from the database.
i recreated the user with phpmyadmin, and now it works :)
so there is something wrong with the grant line.
but since i always use phpmyadmin for mysql administrational purposes i can’t say what :)
angelone
October 10th, 2006
Unbelievable! My clients went from receiving 300+ SPAMS a day to virtually zero. Tried SpamAssassin first and it did virtually nothing to stop the SPAM. Thank you for making this so easy. Using Plesk 8.01.
mike
October 11th, 2006
I’ve followed the instructions precisely (making the 64-bit library path modification) but nothing happens. The /tmp/greylist.dbg file is not written. No other errors and the e-mail system is still working 100% as before. Please could someone provide some clues how to troubleshoot further.
Eugene van der Merwe
October 15th, 2006
HI, you mentioned here: that youve tested this on PLESK 7.5x boxes: http://forum.swsoft.com/showthread.php?s=20779fa777e2ac6328e51f0db92dd160&threadid=28645&highlight=email+nonexistant+user
Is the qmail tarball listed above qmail-1.03-greylist-psa8.tar.gz compatible with 7.5x PLESK installs?
Thanks
Jeremy
October 16th, 2006
woops, sorry for the last question. i see it in the comments at bottom of page. ANyway, i have an error with make. can you help?
[root@*******.com qmail-1.03]# make
( cat warn-auto.sh; \
echo CC=\’`head -1 conf-cc`\’; \
echo LD=\’`head -1 conf-ld`\’ \
) > auto-ccld.sh
cat auto-ccld.sh make-load.sh > make-load
chmod 755 make-load
cat auto-ccld.sh find-systype.sh > find-systype
chmod 755 find-systype
./find-systype > systype
( cat warn-auto.sh; ./make-load “`cat systype`” ) > load
chmod 755 load
cat auto-ccld.sh make-compile.sh > make-compile
chmod 755 make-compile
( cat warn-auto.sh; ./make-compile “`cat systype`” ) > \
compile
chmod 755 compile
( ( ./compile tryvfork.c && ./load tryvfork ) >/dev/null \
2>&1 \
&& cat fork.h2 || cat fork.h1 ) > fork.h
rm -f tryvfork.o tryvfork
./compile qmail-local.c
./compile: line 3: exec: cc: not found
make: *** [qmail-local.o] Error 127
Jeremy
October 16th, 2006
the problem was gcc was not installed. yum install gcc
Jeremy
October 17th, 2006
I was having the openssl syntax error issue.
It has to do with /usr/kerberos/includes - these files are necessary, but not found during the compilation.
I tried to find other ways like including the actual kerberos path in the “path” but after banging my head on the wall for a while I simply copied the contents of /usr/kerberos/includes to /usr/includes assuming that as long as I wouldn’t be overwriting anything, it’d work well.
And it did. Compilation done.
Now I’m continuing the process, let’s see.
Oxygen
October 17th, 2006
I’d like to ask for two wonderful features:
- Ability to let the last octet of the IP be a wildcard, to prevent the issue discussed here http://forums.whirlpool.net.au/forum-replies.cfm?t=314617&r=4543625#r4543625
- Ability to enable or disable greylisting dependent on the particular user.
Any luck? :)
Thanks… this seems to be working wonderfully!
Oxygen
October 17th, 2006
hey,
i’ve got a short question: plesk 8.0.X supports spf. is this still possibe if i use greylisting?
chris
Chris
October 17th, 2006
I was able to complete the whole installation process without any errors but the /tmp/greylist_dbg.txt is not getting populatec neither the relaytofrom table logs any e-mail address. I have tried it on Plesk 8.0.1 with RHEL 4(update 3). The prerequiste packages “mysql-devel & openssl-devel” are installed.
Anirban
October 20th, 2006
Hey, I was just wondering if this works on Plesk 7.0.4?
Nalum
October 26th, 2006
The qmail I provide above is for PSA 8, however I do have older versions that use the patches from PSA 7 and 7.5.
brent
October 26th, 2006
Is there anyway to whitelist certain domains using this?
tom
October 29th, 2006
I would appreciate if you could provide help to set up the greylisting for 7.5.4. I currently have the greylist working but for a previous qmail source, which won’t include the “reject mail to non-existent user” feature.
While trying to build the new version, I have a lot of the following and similar messages:
/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0×200): In function `vio_verify_callback’:
: undefined reference to `X509_NAME_oneline’
Packages:
mysql-4.1.21-2.rhel4.art
mysql-devel-4.1.21-2.rhel4.art
psa-7.5.4-rhel4.build75050824.12
CentOS release 4.3
Thanks,
Tomislav
http://www.somethingforit.com/ - Linux, security and programming.
Tomislav
November 10th, 2006
can’t install on freebsd 4.9 plesk 7.5.4
/usr/lib/libssl.so: undefined reference to `HMAC_CTX_init’
/usr/lib/libssl.so: undefined reference to `EVP_get_digestbyname’
*** Error code 1
Stop in /root/qmail-1.03.
how do install openssl-devel on freebsd?
Thanks,
Cyber
November 12th, 2006
Did anyone figure out how to whitelist with this yet????
Jeremy
November 14th, 2006
Hello,
thanks for nice tutorial. Everything works fine. Just one question. I compiled qmail by default. And there is 2 minutes interval while mail is accepted, but in real life it tooks much longer ~ 10 minutes. In other times 15 or 20 minutes. How can i decrease this time ?
Egidijus
November 16th, 2006
What about when Plesk is upgraded? What are some things we can do to assure a smooth upgrade.
I have learned on thing about plesk, it’s a nightmare. I used another Greylisting solution which requires no patching. It’s a perl script that you install, (no compiling necessary) then you just put it in your smtp-psa script in x.inetd or whatever directory.
It can block by /24 or /32 subnets respectively and it had a whitelist feature. It did not require SQL. It just stores the ip address in a file format (touches a file name which is the ip address) and then uses that as the database. EXTREMELY simple and straight forward. Does not interfere with upgrades.
http://www.jonatkins.com/page/software/qgreylist
Now on the other hand, this solutions seems to be more exotic, but with that comes pain, so I am still going to try it, but with fear.
I messed with non-standard solutions before on atomicrocketturtle.com’s website, and it ended up blowing up my system and i have learned to stay 100% Plesk, or be prepared to spend ours figuring out errors for which you will receive very little support. Especially from 1and1 if you use them.
That’s my 1.50. Thanks for this contribution, looking forward to playing with it ON MY TEST SERVER!! lol.
CrackGoogle
November 20th, 2006
Is there anyway to whitelist certain domains using this?
Please help!!
Shepherd
November 21st, 2006
Great ! Thanks for your work. I want to install it asap but is ok on a debian sarge 3 with plesk 8.0.1 ?
With this does the latency of emails is not too big ?
Thanks,
Jérôme
d:fuzion
November 25th, 2006
I’m getting compiling errors:
s15233830:/home/sources/qmail-1.03 # make
./load qmail-envelope-scanner -lz -lm local_scan.o /usr/lib64/mysql/libmysqlclient.a
/usr/lib64/gcc-lib/x86_64-suse-linux/3.3.5/../../../../x86_64-suse-linux/bin/ld: cannot find -lz
collect2: ld returned 1 exit status
make: *** [qmail-envelope-scanner] Error 1
Tobias Glasow
November 28th, 2006
Forget my last post. After i bit more of trying i finally got it working:
- needed zlib-devel for compiling
- had wrong mysql-username so inserting in db doesn’t work
now, it runs perfectly and i have now on qmail what i was used to have on postfix :-) great work. thanks a lot.
Tobias Glasow
November 28th, 2006
What is included in the “please retry” message? What would a system administrator see?
Merlin
November 28th, 2006
Is this patch bypassing greylist for smtp auth or pop before smtp ?
End user won’t understand the errors they see in their client.
Tolriq
December 2nd, 2006
Does anyone know how a domain can be whitelisted if your use this greylisting system?
Merlin
December 6th, 2006
To whitelist an IP
+# Example wildcard whitelists for subnets
+insert into relaytofrom values (0,”127.0.0.1″ ,NULL,NULL,”0000-00-00 00:00:00″,”9999-12-31 23:59:59″,0,0,0,”MANUAL”,NOW(),NOW());
+insert into relaytofrom values (0,”192.168″ ,NULL,NULL,”0000-00-00 00:00:00″,”9999-12-31 23:59:59″,0,0,0,”MANUAL”,NOW(),NOW());
blake
December 9th, 2006
I’m getting this error when I run make:
./compile local_scan.c
local_scan.c:9:25: mysql/mysql.h: No such file or directory
local_scan.c:27: error: syntax error before ‘*’ token
local_scan.c: In function `mysql_query_wrapper’:
local_scan.c:31: error: `mysql’ undeclared (first use in this function)
local_scan.c:31: error: (Each undeclared identifier is reported only once
local_scan.c:31: error: for each function it appears in.)
local_scan.c:31: error: `sqltext’ undeclared (first use in this function)
local_scan.c: At top level:
local_scan.c:57: error: syntax error before ‘*’ token
local_scan.c: In function `checkWhiteListIP’:
local_scan.c:59: error: `MYSQL_RES’ undeclared (first use in this function)
local_scan.c:59: error: `myres’ undeclared (first use in this function)
local_scan.c:60: error: syntax error before “myrow”
local_scan.c:72: error: `mysql’ undeclared (first use in this function)
local_scan.c:74: error: `myrow’ undeclared (first use in this function)
local_scan.c:86: error: `action’ undeclared (first use in this function)
local_scan.c: At top level:
local_scan.c:100: error: syntax error before ‘*’ token
local_scan.c: In function `checkWhiteListRcpt’:
local_scan.c:102: error: `MYSQL_RES’ undeclared (first use in this function)
local_scan.c:102: error: `myres’ undeclared (first use in this function)
local_scan.c:103: error: syntax error before “myrow”
local_scan.c:108: error: `i’ undeclared (first use in this function)
local_scan.c:112: error: `mysql’ undeclared (first use in this function)
local_scan.c:114: error: `myrow’ undeclared (first use in this function)
local_scan.c:127: error: `action’ undeclared (first use in this function)
local_scan.c: At top level:
local_scan.c:140: error: syntax error before ‘*’ token
local_scan.c: In function `checkWhiteListFrom’:
local_scan.c:142: error: `MYSQL_RES’ undeclared (first use in this function)
local_scan.c:142: error: `myres’ undeclared (first use in this function)
local_scan.c:143: error: syntax error before “myrow”
local_scan.c:152: error: `mysql’ undeclared (first use in this function)
local_scan.c:154: error: `myrow’ undeclared (first use in this function)
local_scan.c:167: error: `action’ undeclared (first use in this function)
local_scan.c: At top level:
local_scan.c:202: error: syntax error before ‘*’ token
local_scan.c: In function `checkGreylist’:
local_scan.c:204: error: `MYSQL_RES’ undeclared (first use in this function)
local_scan.c:204: error: `myres’ undeclared (first use in this function)
local_scan.c:205: error: syntax error before “myrow”
local_scan.c:211: error: `i’ undeclared (first use in this function)
local_scan.c:212: error: `mysql’ undeclared (first use in this function)
local_scan.c:214: error: `myrow’ undeclared (first use in this function)
local_scan.c:229: error: `action’ undeclared (first use in this function)
local_scan.c: In function `local_scan’:
local_scan.c:255: error: `MYSQL’ undeclared (first use in this function)
local_scan.c:255: error: `mysql’ undeclared (first use in this function)
*** Error code 1
Stop in /root/qmail-1.03.
Any thoughts?
Ryan
December 14th, 2006
Hello,
would it be possible for greylist to use the plesk-entered spamassassin whitelist?
Alexandre Plennevaux
December 15th, 2006
This thing works well, too well in fact. It definitely needs a whitelist feature. Brent, do you plan to add this in the future?
Alexandre Plennevaux
December 15th, 2006
Hi, thanks for this tuto but i really nned help to install as i get this error after “make” :
….
chmod 755 compile
( ( ./compile tryvfork.c && ./load tryvfork ) >/dev/null \
2>&1 \
&& cat fork.h2 || cat fork.h1 ) > fork.h
rm -f tryvfork.o tryvfork
./compile qmail-local.c
./compile: line 3: exec: cc: not found
make: *** [qmail-local.o] Erreur 127
Can you give a help to a newbie in compilation ??? Thanks.
d:fuzion
December 19th, 2006
I installed Greylisting today successfully.
Root-Server powered by Strato (http://strato.de/)
Plesk: 8.0
SuSE: 10.1
Kernel: 2.6.13-15.11-default
If you get error
—
./load auto-str substdio.a error.a str.a
/usr/lib/gcc/i586-suse-linux/4.0.2/../../../../i586-suse-linux/bin/ld: cannot find -lssl
collect2: ld returned 1 exit status
make: *** [auto-str] Error 1
—
you did not install “openssl-devel”.
If you get error
—
./compile local_scan.c
local_scan.c:9:25: mysql/mysql.h: No such file or directory
(…)
local_scan.c:255: error: `mysql’ undeclared (first use in this function)
*** Error code 1
—
you did not install “mysql-devel”.
=> Install “openssl-devel” and “mysql-devel” (see “Prerequisites”)
I got this errors after I entered “make”. After I installed the DEVEL packages my “make” worked:
—
chmod 755 binm3+df
./compile spfquery.c
spfquery.c: In function main
spfquery.c:30: warning: incompatible implicit declaration of built-in function strdup
spfquery.c:24: warning: return type of main is not int
./load spfquery spf.o ip.o ipme.o ipalloc.o strsalloc.o \
now.o dns.o datetime.a stralloc.a alloc.a str.a substdio.a \
case.a error.a fs.a `cat dns.lib` `cat socket.lib`
—
I activated CATCH-ALL and
~~~
strato-server-germany:~ # tail /tmp/greylist_dbg.txt
——–
protocol = notneeded4qmail increase@blindsz.com
increase@blindsz.com -> cloidtd@clausvb.de (62.227.194.124) Doesn’t Exists Block
——–
protocol = notneeded4qmail Scott@blueskyimages.co.uk
Scott@blueskyimages.co.uk -> christo@clausvb.de (86.196.215.34) Doesn’t Exists Block
——–
strato-server-germany:~ #
~~~
worked and so Greylisting works.
I activated CATCH-ALL to get a lot of SPAM. If you have a new server, I suggest you send a lot of mails from different servers (GMX, hotmail, GMAIL, Yahoo, etc.) to your new domain.
=> Thanks for your great work Brent.
Best regards,
Claus
ClausVB
December 28th, 2006
Hello,
i have been using greylist with blacklist/whitelist for a week now, on a server hosting 40 domains and around 200 email adresses.
The result is absolutely awesome. Spam has decreased up to 90%, and thanks to the daily look at the database, i could spot a few false positives corrected via the whitelist.
now, i have been thinking: it would be nice that all adresses receiving emails sent by one of our customers get automatically whitelisted, so that we can directly avoid false positives from users which will probably send an email back.
Possible?
thank you for your great work, and for sharing it.
Alexandre
Alexandre Plennevaux
January 12th, 2007
in next version it would be nice if debug will include timestamp
blaz
January 14th, 2007
I followed exact instructions listed above and seemed not to have any errors but the greylist_dbg.txt file does not get created under /tmp. I am running centos 4.4 kernel 2.6.9-42.EL on a compaq with a AMD Sempron processor. Database creation worked without issues. Any ideas? Also how fast could you do an install for me?
Nathan
January 16th, 2007
hi,
Here, the database is getting huge, and clients say the emails are being late to arrive. what is the recommended limit of time after which we could delete outdated rows to speed up the check against black/white list process?
thank you,
Alexandre
Alexandre Plennevaux
January 17th, 2007
./compile spfquery.c
spfquery.c: In Funktion »main«:
spfquery.c:24: Warnung: Rückgabetyp von »main« ist nicht »int«
./load spfquery spf.o ip.o ipme.o ipalloc.o strsalloc.o \
now.o dns.o datetime.a stralloc.a alloc.a str.a substdio.a \
case.a error.a fs.a `cat dns.lib` `cat socket.lib`
what can i do???
I have debian, I install “libmysqlclient14-dev” and “libmysqlclient14″, openssl i install too…
BLaCkHuNteR
January 19th, 2007
Thanks for the compilation, it works fine, but I find that the disable of the reverse resolve of the ip doesn’t work (I mean the use of -Rt0 in the server args), making a delay on the smtp connection.
I’m wrong?
Thank you
Andrew S
January 20th, 2007
Problem in make, “tls.c:12: error: conflicting types for ‘strerror’”, prevents proceeding. cCause seems to be too new libssl-dev0.98. hard to downgarde though, because plesk8.1 seems to need >= 0.9.8a-1. this is in Ubuntu 6.06. Any suggestions?
pahis
January 22nd, 2007
Thanks for the easy tutorial. I just followed this and can’t wait to see how much spam it cuts out.
One thing which most people probably caught was the two different database usernames in the tutorial. In the edit to the local_scan.c you list the MYSQLUSER as greylist, but when you setup the user in the database, you entered greylisting as the username.
It took me a second to realize the difference. That might be the cause for the few posters that weren’t getting any entry’s in the database.
Thanks for the tutorial and patch.
Mike Arvay
January 22nd, 2007
hi,
i’m having a short question concerning greylisting with plesk 8.0.1 (debian 3.1) i’ve just added the following entry to the relaytofrom database:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires,record_expires, origin_type, create_time) VALUES (NULL, NULL,’domain.com’, NOW(), ‘2099-12-31 23:59:59′, ‘MANUAL’, NOW())
after this i checked the table and i was wondering because of the new entries concerning the whitelisted domain “domain.com”. there are hundreds of new entries for this domain after i tried to whitelist the domain with the lines above.
any idea?
greets
mEh
January 23rd, 2007
[…] Here is some example SQL for creating Whitelist & Blacklist entries in Greylisting. […]
Brent Meshier» Blog Archive » Using Whitelist & Blacklist with Greylisting
February 3rd, 2007
[…] Greylisting Patch für Plesk und Qmail unter Suse / RedHat […]
bechte.de » Blog Archive » Greylisting mit Plesk und Qmail auf Suse oder RedHat
February 7th, 2007
getting following error:
tls.c:12: error: conflicting types for âstrerrorâ
/usr/include/string.h:256: error: previous declaration of âstrerrorâ was here
make: *** [tls.o] Error 1
did this on a server with openssl 0.9.7f with no problems … got the error above on new server with openssl 0.9.8a … please help!
e-man
February 13th, 2007
Greylisting support für qmail mit Plesk 7.54 / 8 …
Heute habe ich endlich Greylisting auf meinem Rootserver implementiert. Ich habe einen gepatchten qmail-envelope-scanner und qmail-smtpd von Brent Meshier verwendet. Sein Verfahren arbeitet mit eine mysql Datenbank. Vorteilhaft an seiner Lösung ist,…
Zockertown
February 17th, 2007
Today, I’ve discovered your greylisting solution and I had success! (Plesk vserver Suse 9.3 ) Thank you very much, indeed. Just 1.5 hours of working, the where 44 spam mails blocked and 3 get through.. What a cool thing.
If you ever visit Germany I’ll give you some beer :)
bed
February 17th, 2007
The error in tls.c can be solved by commenting out the declaration of strerror() on line 12:
/* const char *strerror(int); */
It occurs because openssl now includes string.h which declares strerror() as extern.
TJ
February 21st, 2007
I’ve written a tutorial based on this article for painless install on Fedora Core 5 with Plesk 8.1.
It corrects the tls.c error, fixes the username/password inconsistencies, and has a ready-to-use mysql script.
http://virpus.com/forum/viewtopic.php?p=193
TJ
February 22nd, 2007
If /tmp/greylist_dbg.txt remains empty its likely a permissions problem.
I found that originally it was owned by root.root. I deleted the file and next time qmail-envelope-scanner was invoked, the file was created with ownership qmaild.nofiles and was written to correctly.
TJ
February 22nd, 2007
Thanks for your solution. It works perfectly on Suse 9.3 and Plesk 7.5 reloaded.
929 emails in the last hours, of which only 20 were non-spam and got through.
There is only one small feature that could (could it?) be added.
Most of the spam I get is addressed to non existing email addresses. I guess the database is going to get very large that way.
Is there a way to prevent those emails from being added?
Thomas
April 3rd, 2007
just updated from plesk 8.0.1 to 8.1.1
the qmail version shipped with these versions is the dame.
i just replaced the new 8.1.1 binary with the old patched one and it still works. :)
angelone
April 4th, 2007
First of all thanks for this great patch :-)
If you use a whitelist-entry the “passed_count” entry doesn’t change… Is there a way to change this?
Or not a bug, just a feature *smile* ?
Sucarab
April 23rd, 2007
I had the same Errors like Ryan on FreeBSD 6.2.
Can somebody give me a Solution about this?
I use FreeBSD 6.2 with Plesk 8.1.1
Lawe
April 26th, 2007
It seems the peace is over. Since yesterday I receive tons of spam again. Maybe the worms learned that lesson and can not stop anymore by greylisting :(
bed
May 2nd, 2007
It seems that this patch is having difficulties when using mysql 4.1.20 with utf8 charset (collation utf8_unicode_ci).
Symptoms are: existing “block” can not be found, and legitemate mails fill the table with every new (unsuccessfull) mail delivery. Problem lies in mail_from = ‘%s’ comparison.
I have patched local_scan.c->buildLookupSql
ORIGINAL LINE:
sprintf(sql,”SELECT id, NOW() > block_expires FROM relaytofrom WHERE record_expires > NOW() AND mail_from = ‘%s’ AND rcpt_to = ‘%s’ AND relay_ip like ‘”,sender_address, recipients_list[recipIndex].address);
CHANGED LINE:
sprintf(sql,”SELECT id, NOW() > block_expires FROM relaytofrom WHERE record_expires > NOW() AND mail_from LIKE ‘%s’ AND rcpt_to LIKE ‘%s’ AND relay_ip like ‘”,sender_address, recipients_list[recipIndex].address);
Although, it could be easier to create database using ASCII charset.
Can anyone confirm this?
————————
And second, has anyone created script that populates table with blacklisted IPs using some of the open blacklists?
Sorry for my tarzan english;)
c-rider
May 4th, 2007
I have one more report…
It seems that email addresses are not properly encoded for usage in sql query. I know that it is against specs, but I just saw mail address using ‘ sign registered in greylist_dbg.txt. That can lead to a sql code injection that could make greylisting useless.
Worst case scenario is that username and password used for greylisting has root privileges, which would compromise whole database.
For example: if you use Mail from: “‘; select 1,1 from relaytofrom where 1=’”, it would not trigger greylisting. I am not an expert in creating sql injections, so this is as far as I can go.
Maybe I am wrong. Can anyone confirm?
c-rider
May 4th, 2007
You are nothing short of a hero but please can you make this page shorter and it’s getting wayyyyyyy tooooo long….
Eugene van der Merwe
May 8th, 2007
Could Angelone or someone else please post the workaround for Plesk 8.1.1 ? We should no give up fighting the spammers.
Thanks DiWi
DiWi
May 10th, 2007
in regards to c-rider comment above regarding apostrophe, it already does do this - it breaks the sql and creates an error so it gets let straight through. (unless the code has been updated recently)
I did report this several months ago to Brent, but have not had a follow up at this time :(
If you explode the sql query it creates up it comes too eg
mysql> SELECT id, NOW() > block_expires FROM relaytofrom WHERE record_expires > NOW() AND mail_from = ‘abc’d@example.com’ AND rcpt_to = ‘XXX@XXXX.com’ AND relay_ip like ‘123.123.123%’ order by block_expires desc;
‘>
Run this from a mysql prompt and you will get a prompt waiting for you to complete the statement, i dont know C programming at all - but in short the mail_from needs escaping so that a \ is added in front of any apostrophe, this i believe then should stop this issue.
This is the only downside that we see to greylisting - if someone knows how to fix the code so that these are escaped (or even stripped) that would be great!!
Ian
May 25th, 2007
I’m trying to get greylisting working, but get this error when I am compiling.
I am running on debian 3.1
./compile tls.c
tls.c:12: error: conflicting types for âstrerrorâ
/usr/include/string.h:256: error: previous declaration of âstrerrorâ was here
make: *** [tls.o] Error 1
David
June 1st, 2007
If you are getting the kerberos error, you don’t have to copy the files form /usr/kerberos/include to /usr/include.
Simply edit ‘compile’ to include the following include path in the call to cc:
-I/usr/kerberos/include
Paul Stanisci
June 1st, 2007
I have installed Greylisting several times now.
A german translation is available, too.
http://clausvb.de/doku_greylisting.htm
(deutsche Ãœbersetzung)
Regards,
Claus
ClausVB
June 6th, 2007
I’m using this on RHEL4 and Plesk 8.1.1 with great success. Thank you for the easy-to-follow instructions.
Also, adding zen.spamhaus.org to the RBL+ Service (Server > Mail Setup) works well, too (although to allow smtp_auth to bypass the PBL part of spamhaus’ list, you’ll need to put the rblsmptd -r zen.spamhaus.org at the end of the “server_args” in /etc/xinetd.conf/smtp_psa and /etc/xinetd.conf/smtps_psa — both of these are controlled by /usr/local/psa/bin/mysqldump.sh, as far as I can tell).
Robot Terror
June 17th, 2007
Brilliant tool, however think I have found a bug.
If the mail_from address illegally contains one single quote, it doesn’t check the database, and lets them through.
Not being a C programmer, I wonder if anyone can suggest a fix to escape these quotes?
Thanks in advance
Mark
Mark Remde
June 22nd, 2007
will this work with plesk 8.2 or will there be new patches ?
i use greylisting now for a long time, it is great!
Daniel Anliker
July 11th, 2007
Upgrade from 8.1.1 to 8.2.0 overwrote the changes to enable greylisting.
Simply re-executing these steps, with the addition of a “make clean”, re-enabled greylisting for my server:
cd qmail-1.03
make clean
make
/etc/rc.d/init.d/qmail stop
cp -f qmail-envelope-scanner /var/qmail/bin/.
cp -f qmail-smtpd /var/qmail/bin/.
chown root.qmail /var/qmail/bin/qmail-envelope-scanner
chown root.qmail /var/qmail/bin/qmail-smtpd
/etc/rc.d/init.d/qmail start
Good stuff.
Robot Terror
July 14th, 2007
Great stuff! Simple to setup. And it just works. Reduces my spam by nearly 95%
I use plesk 8.2 on suse 10.1.
One suggestion: You need to edit the tls.c, line 12. Comment out the declaration. Otherwise you will have a duplicate declaration compiler error
Frank
Frank Jelinek
July 15th, 2007
There is an error above, the user in the mysql grant and the config file are different (greylist/greylisting) the need to be the same for the system to work
Chris
chris White
July 17th, 2007
For those looking for a solution to the quotes in the mail from causing messages to be passed without being greylisted I offer up the following code:
edit local_scan.c and at line 272 add the following:
int addrlen,escaddrlen;
addrlen = strlen(sender_address);
escaddrlen = (addrlen*2)+1;
char esc_sender_address[escaddrlen];
#ifdef HAVE_MYSQL_REAL_ESCAPE_STRING
mysql_real_escape_string(mysql,esc_sender_address,sender_address,addrlen);
#else
mysql_escape_string(esc_sender_address,sender_address,addrlen);
#endif
strcpy(sender_address,esc_sender_address);
This will escape the string sender_address and allow queries to be properly executed for mail from that contain ‘, “, etc.
This should be placed after line:
if (mysql_real_connect(mysql,MYSQLHOST,MYSQLUSER,MYSQLPASS,MYSQLDB,0,NULL,0)) {
and before line:
if ( !checkWhiteListIP( mysql, &ret )) { /* check for whitelisted sender ip address */
ExpressColo
July 30th, 2007
Thanks, ExpressColo. That also stops the “/G” problem I was noticing.
Robot Terror
July 31st, 2007
Other then SPF is normally implemented, I’d like to use a “SPF pass” to bypass the greylisting and accept the mail immediately.
So you don’t penalise bad SPF records but “whitelist” good SPF ones.
Is that feasible, maybe already done?
tim
August 2nd, 2007
I have qmail running on my server for over 3 years without any spam control. I installed greylist qmail-smtpd according to the instruction above. However, now I do not receive any email at all. Unfortunately, the table “relaytofrom” has no entry at all. Any suggestion what could be wrong. I have checked the mysql userid, password etc. and they are fine.
Thanks.
Sudhir
August 5th, 2007
Have Plesk 8.2 on Ubuntu 6.06, andwould ike to install greylisting as I had it beforeon Plesk 7.5.4, first snag is the pre-requisites, mysql-devel, openssl-devel, are not in the repository for my OS, does this cause me major problems??
Cheers
Jacko
Jacko
August 10th, 2007
Hi,
I get following error after restarting qmail:
Aug 17 13:25:37 ds kernel: sshd[24443] general protection rip:55cee4d6 rsp:ffffbdcc error:0
Aug 17 13:25:37 ds kernel: sshd[24444] general protection rip:55cee4d6 rsp:ffffbdcc error:0
Aug 17 13:25:37 ds kernel: sshd[24446] general protection rip:55cee4d6 rsp:ffffbdcc error:0
Aug 17 13:25:37 ds kernel: sshd[24448] general protection rip:55cee4d6 rsp:ffffbdcc error:0
Aug 17 13:25:37 ds kernel: sshd[24452] general protection rip:55cee4d6 rsp:ffffbdcc error:0
Aug 17 13:39:56 ds — MARK –
Aug 17 13:50:08 ds kernel: qmail-envelope-[5331]: segfault at 0000000000000046 rip 00000000556266a9 rsp 00000000ffffd504 error 4
Aug 17 13:50:08 ds kernel: qmail-envelope-[5333]: segfault at 0000000000000046 rip 00000000556266a9 rsp 00000000ffffd504 error 4
Aug 17 13:50:48 ds kernel: qmail-envelope-[5363]: segfault at 0000000000000046 rip 00000000556266a9 rsp 00000000ffffd524 error 4
Aug 17 13:51:11 ds kernel: qmail-envelope-[5392]: segfault at 0000000000000046 rip 00000000556266a9 rsp 00000000ffffd4f4 error 4
Yves
August 17th, 2007
Sorry the greylist exception location got lopped off.
You can find it at: http://www.vamsoft.com/greylisting_ip_exceptions.txt
Charles Wilson
August 17th, 2007
Here’s a better list as it includes the above instructions.
http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt
You can view or download the current version.
Charles Wilson
August 17th, 2007
I have successfully installed version 1.03 on Plesk 8.2.1 running on Suse 10 64bit
Great program, clear instructions !!
Erik Venema
September 27th, 2007
Believe it or not, i want to uninstall greyslisting. Im runin plesk 7.5. Any help on how to do that? I implemented the method here a year ago.
Jeremy - JPWDESIGNS
October 9th, 2007
I have successfully running it on QMail 1.03 on Plesk 8.2.1 running on Suse 9.3 64bit
one thing I needed to modify was path for libmysqlclient.a in Makefile (/usr/lib/mysql/libmysqlclient.a into /usr/lib64/mysql/libmysqlclient.a)
works great
Oliver
November 13th, 2007
hi. maybe someone can help me??
i installed mysql-devel, openssl-devel and zlib-devel on my server, running suse 10 and plesk 8.2.1
i configured the database in local_scan.c
i set up a database with the defined settings
but when i go to the next step and type in: “make” it comes up with this error:
./compile qmail-local.c
./compile: line 3: exec: cc: not found
make: *** [qmail-local.o] Error 127
can someone tell me what might have gone wrong.
previously i installed greylisting on a suse 9 with plesk 8.2.1 and it worked all fine. but unfortunately not this time on suse 10. :-(
Alex
November 15th, 2007
I just found out what happend:
You also need to have “gcc” installed!
Brent, maybe could add this to the prerequisites…
Beside from that - a great instruction.
Alex
November 18th, 2007
@Jeremy - JPWDESIGNS
“Believe it or not, i want to uninstall greyslisting. Im runin plesk 7.5. Any help on how to do that? I implemented the method here a year ago.”
Simply upgrade Plesk :-). It’ll remove the custom-compilation of qmail for you.
To re-enable greylisting post-upgrade:
http://robotterror.com/site/wiki/re_enable_greylisting_after_upgrading_plesk
BTW, you’ll definitely want to upgrade Plesk past the 7.5 series immediately. Here’s why: go to shell (command line via SSH) and execute this grep as root:
# grep passthr /var/log/httpd/access_log*
If you get hits on services/help/index.php you’re vulnerable. Now type:
# ls -la /dev/shm
If you see files, you’re compromised. Quick fix:
# rm -rf /dev/shm/.* /dev/shm/*
# chmod 0000 /usr/share/psa-horde/services/help/index.php
Or, instead of “chmod 0000″, add this to the top lines of the index.php (after ” /usr/share/psa-horde/services/help/index.php
Sometimes I think Plesk is a way of distributing Open Source applications in a way that well-known holes are left unpatched for long periods of time to allow other Russians access to servers around the world. Hmmmm…
Robot Terror
November 27th, 2007
Eh… the one-liner got eaten. Check this page out for the “passthru” exploit fix:
http://robotterror.com/site/wiki/quick_patch_for_pre_8_x_plesk_horde_vulnerability
Robot Terror
November 27th, 2007
Hello all.
I have applied this patch to Plesk 8.2.1, on Debian etch.
The patch itself works. But without a patch, I get the mail in 1-3 secs.
But with this patch, the mail scanning takes ~10secs and eats 100% CPU for 10-15 secs.
After that i get text in logs like:
protocol = notneeded4qmail hugle@no1.com
hugle@vkt.lt -> xxxxxxx.xxx (84.xx.120.10) Doesn’t Exists Block
——–
protocol = notneeded4qmail hugle@no1.com
hugle@vkt.lt -> info@xxxxxxx.xxx (84.xx.120.10) Exists Accept id = 1 expire = 1
What could cause such problem for mail processing to take
so much time ? and CPU ?
Thanks for your IDEAS.
I’m running Linux 2.6.23.9 kernel, Debian ETCH
see you
hugle
December 12th, 2007
Hi… i try to install this and i got an error on the make step. Im having problems to solve it cause i haven’t find openssl-devel for my OS that is Ubuntu 5.04.
Now i have a bigger problem… my server is not sending emails at all.. if any account on my server sends a email to hotmail, gmail, etc. the email never get to te destiny email. i’ll aprecciate if anyone can help me with this problem. it’s there some problems if you run the script and you get an error??? cause im having some serious email problems on my plesk 7.5.4 reloaded…
Alberto
December 21st, 2007
Does this work with Plesk 8.3 on Fedora 7?
nedry
January 5th, 2008
Hi. Does it Plesk 8.3.0 / Debian Etch compliant ?
Chr!x
January 8th, 2008
Hello.
I have solved the issue with Plesk using 100% CPU on incoming mail.
hugle
February 8th, 2008
Hello.
Is there a way to turn off RBL checking for SMTP-AUTHed users who uses my Plesk server, as SMTP server?
Or may I can use a whitelist Netblocks ?
Thank you !
hugle
February 9th, 2008
Hi Brent, hello all,
Thanks for your good documentations!
Unfortunately, it seems not to work in my area. I’ve tried on different servers already: Suse 10.1 32-bit, Plesk 8.3/Suse 9.3 64-bit, Plesk 8.3/Suse 10.0 64-bit Plesk 8.0.1/Suse 10.1 64-bit Plesk 8.3)
greylist_dbg.txt and DB are written correctly. But the mails seem not to go through!
What is going wrong? The pointer error does not always happen!
blah:~> telnet mailserver smtp
Trying xxx.xxx.xxx…
Connected to mailserver.
Escape character is ‘^]’.
220 mailserver.org ESMTP
ehlo asdf.ch
250-mailserver.org
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
mail from:martinw@wwww.ch
250 ok
rcpt to:martinw@waldex.ch
*** glibc detected *** free(): invalid pointer: 0×000000000061a930 ***
250 ok
data
354 go ahead
asdf
asdf
.
250 ok 1202585924 qp 8234
quit
221 mailserver.org
Connection closed by foreign host.
…anything similar to “421 temporary envelope failure (#4.3.0)” on my server never seen so far….
Extract from greylist_dbg.txt
protocol = notneeded4qmail [..] Doesn’t Exists Block
Re-Sent within 5 Minutes:
Exists Block id = xxx expire = 0
Re-Sent later than 5 Minutes:
Exists Accept id = xxxx expire = 1
I’ve tired with
qmail-103-greylist-psa8.tar.gz (http://meshier.com/2006/09/18/adding-greylisting-support-to-qmail-on-plesk-8/)
and with qmail-1.05_greylisting_plesk8.tar.gz (http://clausvb.de/doku_greylisting.htm).
I did not got any error in compiling. Only warnings when using qmail-103. No warnings when using qmail-1.05.
So it’s still not better. What do I do wrong? Any hints apprechiated!
Thanks
Sonshine
Martin aka Sonshine
February 9th, 2008
[…] Meldung korrekt. Exists Accept id = xxxx expire = 1 Ich habs mit qmail-103-greylist-psa8.tar.gz (Brent Meshier » Adding Greylisting support to qmail on Plesk 8) und mit qmail-1.05_greylisting_plesk8.tar.gz (ClausVB - Greylisting) versucht. Erfolglos. Dennoch […]
Greylisting mit Qmail und Plesk läuft nicht sauber? - Server Support Forum
February 10th, 2008