ACL Policy Daemon for Postfix 0.73

ACL Policy Daemon is a program that communicates with the Postfix MTA using the Policy Delegation Protocol implementing an ACL.
ACL Policy Daemon is a program that communicates with the Postfix MTA using the Policy Delegation Protocol implementing an ACL (Access Control List) system, making very easy to improve and create nice controls on your e-mail traffic. You can use it to verify SPF records to.

The project is developed using Python and has no other dependencies and licensed by GPL version 2.

The rules are loaded from a regular text file. It is planned to load the rules from a SQL database or LDAP directory in the future.

Greylisting functionality will be implemented soon.

For news and updated information about ACL Policy Daemon, you can always check the project page at GNA: https://gna.org/projects/apolicy/

Installation:

You must have Python installed, version 2.3 or above. Run python to check:
miguel@debian:~$ python

Python 2.4.4c0 (#2, Jul 30 2006, 15:43:58)

[GCC 4.1.2 20060715 (prerelease) (Debian 4.1.1-9)] on linux2

Type "help", "copyright", "credits" or "license" for more information.
>>>

It is very easy to install apolicy. In some distributions, Postfix's daemons are located in /usr/libexec/postfix, check your distribution.

The following commands should do just fine, you must be root:

debian:~# tar zcf apolicy-0.3.tar.gz
debian:~# cp apolicy-0.3/src/apolicy.py /usr/lib/postfix/
debian:~# chmod 755 /usr/lib/postfix/apolicy.py
debian:~# mkdir /etc/apolicy/
debian:~# cp apolicy.conf /etc/apolicy/
debian:~# chmod 644 /etc/apolicy/apolicy.conf
debian:~# echo "apolicy unix - n n - - spawn" >> /etc/postfix/master.cf
debian:~# echo " user=nobody argv=/usr/lib/postfix/apolicy.py" >> /etc/postfix/master.cf

The apolicy.conf is a sample file with examples, you must edit it to fit your needs.

Install the complementary modules for apolicy. We will install 3 packages: apolicy, pyspf and pydns. Note that the directory that contains Python libraries is not the same on all operating systems. Sometimes it is inside /usr/lib or /usr/libexec, and may be named python or python< version >:

debian:~# mkdir /usr/lib//site-packages/apolicy
debian:~# mkdir /usr/lib//site-packages/spf
debian:~# mkdir /usr/lib//site-packages/DNS
debian:~# cp apolicy-0.3/src/apolicy/* /usr/lib//site-packages/apolicy
debian:~# cp apolicy-0.3/src/spf/* /usr/lib//site-packages/spf
debian:~# cp apolicy-0.3/src/DNS/* /usr/lib//site-packages/DNS
debian:~# echo apolicy > /usr/lib//site-packages/apolicy.pth
debian:~# echo spf > /usr/lib//site-packages/spf.pth
debian:~# echo DNS > /usr/lib//site-packages/DNS.pth

Before setting Postfix, it is wise to test apolicy and check if everything is right. The configuration file is loaded by default from /etc/apolicy/apolicy.conf, you can use -c parameter to change to point where your configuration file is. It is possible to debug your configuration using the parameter -d, it will send a lot of output to syslog mail facility:

debian:~# /usr/lib/postfix/apolicy.py -d

The program must keep running and waiting input from stdin. Take a look at mail.log for any problem. You can press ctrl+c to finish it. If no errors happened, then lets move forward.

Finally, add to your main.cf:

smtpd_recipient_restrictions =
reject_unlisted_recipient
...
reject_unauth_destination
check_policy_service unix:private/apolicy

For the size acl works, apolicy need to be called this way:

smtpd_end_of_data_restrictions = check_policy_service unix:private/apolicy

Requirements:

· Python >= 2.3

last updated on:
May 24th, 2008, 6:50 GMT
price:
FREE!
developed by:
Miguel Filho
homepage:
home.gna.org
license type:
GPL (GNU General Public License) 
category:
ROOT \ Communications \ Email

FREE!

In a hurry? Add it to your Download Basket!

user rating 21

3.1/5
 

0/5

Add your review!

SUBMIT