aboutsummaryrefslogtreecommitdiffstats
path: root/mail/postfix-postfwd/files
diff options
context:
space:
mode:
authorbeech <beech@FreeBSD.org>2008-05-21 09:54:45 +0800
committerbeech <beech@FreeBSD.org>2008-05-21 09:54:45 +0800
commit3b6ef3dc911a61b3ed0aef622dcde6575c913225 (patch)
tree86f773a2460a15de25e2fefe3afbb16db6dba494 /mail/postfix-postfwd/files
parent828edb356aa24660a8992e66645e2caca43f12c7 (diff)
downloadfreebsd-ports-gnome-3b6ef3dc911a61b3ed0aef622dcde6575c913225.tar.gz
freebsd-ports-gnome-3b6ef3dc911a61b3ed0aef622dcde6575c913225.tar.zst
freebsd-ports-gnome-3b6ef3dc911a61b3ed0aef622dcde6575c913225.zip
- New port: mail/postfix-postfwd A postfix firewall policy daemon
The program uses the postfix policy delegation protocol to control access to the mail system before a message has been accepted (please visit http://www.postfix.org/SMTPD_POLICY_README.html for more information). It allows you to choose an action (e.g. reject, dunno) for a combination of several smtp parameters (like sender and recipient address, size or the client's TLS fingerprint). PR: ports/123544 Submitted by: Sahil Tandon <sahil at tandon.net>
Diffstat (limited to 'mail/postfix-postfwd/files')
-rw-r--r--mail/postfix-postfwd/files/pkg-message.in27
-rw-r--r--mail/postfix-postfwd/files/postfwd.in45
2 files changed, 72 insertions, 0 deletions
diff --git a/mail/postfix-postfwd/files/pkg-message.in b/mail/postfix-postfwd/files/pkg-message.in
new file mode 100644
index 000000000000..bf63e05ea004
--- /dev/null
+++ b/mail/postfix-postfwd/files/pkg-message.in
@@ -0,0 +1,27 @@
+*************
+* Start postfwd with:
+
+# %%PREFIX%%/bin/postfwd start
+
+* Integrate thusly in: %%PREFIX%%/etc/postfix/main.cf
+
+127.0.0.1:10040_time_limit = 3600
+
+smtpd_recipient_restrictions =
+ ...
+ permit_mynetworks
+ ...
+ reject_unauth_destination
+ reject_unauth_pipelining
+ check_policy_service inet:127.0.0.1:10040
+ ...
+
+* NOTE: specify check_policy_service AFTER reject_unauth_destination
+* or else your system can become an open relay.
+*
+* CONFIGURATION:
+*
+* Create and edit %%PREFIX%%/etc/postfwd.conf
+* An example is provided in %%PREFIX%%/etc/postfwd.conf.sample
+*
+*************
diff --git a/mail/postfix-postfwd/files/postfwd.in b/mail/postfix-postfwd/files/postfwd.in
new file mode 100644
index 000000000000..1f8580c706cb
--- /dev/null
+++ b/mail/postfix-postfwd/files/postfwd.in
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+# PROVIDE: postfwd
+# REQUIRE: LOGIN cleanvar
+# KEYWORD: shutdown
+#
+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
+# to enable this service:
+#
+# postfwd_enable (bool):
+# Set to "NO" by default.
+# Set it to "YES" to enable postfwd.
+# postfwd_config (path): Set to %%PREFIX%%/etc/postfwd.conf
+# by default.
+#
+
+. %%RC_SUBR%%
+
+name=postfwd
+rcvar=${name}_enable
+
+command=%%PREFIX%%/bin/${name}
+required_files=%%PREFIX%%/etc/${name}.conf
+pidfile="/var/run/${name}.pid"
+
+stop_postcmd=stop_postcmd
+
+stop_postcmd()
+{
+ rm -f $pidfile
+}
+
+load_rc_config "$name"
+
+case "$postfwd_enable" in
+ [Yy][Ee][Ss] | 1 | [Oo][Nn] | [Tt][Rr][Uu][Ee]) ;;
+ *) echo "To make use of $name you must first set $rcvar=\"YES\" in /etc/rc.conf" ;;
+esac
+
+: ${postfwd_enable="NO"}
+: ${postfwd_config="%%PREFIX%%/etc/${name}.conf"}
+
+command_args="-d -f ${required_files} -i 127.0.0.1 -p 10040 -u nobody -g nobody -S"
+
+run_rc_command "$1"