debian/0002755000000000000000000000000012147140424007167 5ustar debian/hapolicy.manpages0000644000000000000000000000002411640076354012515 0ustar man/man8/hapolicy.1 debian/postfwd.prerm0000644000000000000000000000031211477772521011734 0ustar #!/bin/sh set -e if [ "$1" = remove ] || [ "$1" = deconfigure ]; then update-alternatives --remove postfwd /usr/sbin/postfwd1 update-alternatives --remove postfwd /usr/sbin/postfwd2 fi #DEBHELPER# debian/patches/0002755000000000000000000000000012147140424010616 5ustar debian/patches/00list0000644000000000000000000000000011640065435011645 0ustar debian/postfwd.README.Debian0000644000000000000000000000362212072745305012724 0ustar postfwd for Debian ------------------ 1. PROVIDE A CONFIGFILE ----------------------- Please provide a config file, usually /etc/postfix/postfwd.cf. Examples are located in /usr/share/doc/postfwd/examples/. Another can be found at http://hege.li/howto/spam/etc/postfwd/postfwd.conf and is provided as example-cfg2.txt. A quickstart guide is available at http://www.postfwd.org/quick.html and the online documentation at http://www.postfwd.org/doc.html, the offline version can be viewed with 'postfwd -m'. 2. VERIFY CONFIG ---------------- How interpret the parser your rules, you can check with: # postfwd -f /etc/postfix/postfwd.cf -C -v Check your rules against sample request: # cat request.sample | postfwd -f /etc/postfix/postfwd.cf -L # cat request.sample ------ snip ------- ccert_fingerprint= size=64063 helo_name=english-breakfast.cloud9.net reverse_client_name=english-breakfast.cloud9.net queue_id= encryption_cipher= encryption_protocol= etrn_domain= ccert_subject= request=smtpd_access_policy protocol_state=RCPT recipient=someone@domain.local instance=6748.46adf3f8.62156.0 protocol_name=ESMTP encryption_keysize=0 recipient_count=0 ccert_issuer= sender=owner-postfix-users@postfix.org client_name=english-breakfast.cloud9.net client_address=168.100.1.7 ------ snip ------- Samples can be taken into the logfile when starting the daemon with "-vv" 3. AUTOMATIC STARTUP -------------------- In order to avoid the startup of the daemon on an unconfigured machine, automatic startup, on boot, is disabled by default. To enable it just edit the file /etc/default/postfwd and set the "startup" variable to 1. 4. CHOOSING WHICH POSTFWD VERSION TO USE ---------------------------------------- Since some time, there is also a prefork version available, called postfwd2. You can use update-alternatives to choose between 'postfwd1' and 'postfwd2'. -- Jan Wagner Mon, 10 Mar 2008 22:37:44 +0100 debian/postfwd.default0000644000000000000000000000054411774334341012234 0ustar # Global options for postfwd(8). # Set to '1' to enable startup (daemon mode) STARTUP=0 # Config file CONF=/etc/postfix/postfwd.cf # IP where listen to INET=127.0.0.1 # Port where listen to PORT=10040 # run as user postfw RUNAS="postfw" # Arguments passed on start (--daemon implied) ARGS="--summary=600 --cache=600 --cache-rdomain-only --cache-no-size" debian/postfwd.postinst0000644000000000000000000000276011477771442012504 0ustar #!/bin/sh # based on arpwatch.postinst: v11 2004/09/15 KELEMEN Peter # postinst: v1 2006/01/12 Jan Wagner set -e NUSER="postfw" NGROUP="postfw" NHOME="/var/lib/$NUSER" NGECOS="postfwd user" case "$1" in configure) # Take care of group. if NGROUP_ENTRY=`getent group $NGROUP`; then # group exists : else # group does not exist yet addgroup --quiet --system $NGROUP fi # Take care of user. if NUSER_ENTRY=`getent passwd $NUSER`; then # user exists adduser --quiet $NUSER $NGROUP # else # user does not exist yet adduser --quiet --system \ --ingroup $NGROUP \ --gecos "$NGECOS" \ --home $NHOME \ --no-create-home \ --shell /bin/sh \ --disabled-login \ --disabled-password \ --shell /bin/false \ $NUSER fi # Set up home directory. if [ -d $NHOME ]; then chown -R ${NUSER}:${NGROUP} $NHOME chmod -R o-rwX $NHOME fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac update-alternatives --install /usr/sbin/postfwd postfwd /usr/sbin/postfwd1 100 \ --slave /usr/share/man/man1/postfwd.1.gz postfwd.1.gz \ /usr/share/man/man1/postfwd1.1.gz update-alternatives --install /usr/sbin/postfwd postfwd /usr/sbin/postfwd2 120 \ --slave /usr/share/man/man1/postfwd.2.gz postfwd.2.gz \ /usr/share/man/man1/postfwd2.1.gz #DEBHELPER# debian/control0000644000000000000000000000266511735122701010601 0ustar Source: postfwd Section: mail Priority: optional Maintainer: Jan Wagner Build-Depends: debhelper (>= 9) Homepage: http://www.postfwd.org/ Vcs-Browser: https://scm.uncompleted.org/projects/debian/repository/show/postfwd Vcs-Svn: https://scm.uncompleted.org/svn/debian/postfwd/trunk Standards-Version: 3.9.3 Package: postfwd Architecture: all Depends: ${perl:Depends}, ${misc:Depends}, adduser, libnet-dns-perl, libnet-server-perl Conflicts: postfwd2 Description: Postfix policyd to combine complex restrictions in a ruleset Postfwd is written in perl to combine complex postfix restrictions in a ruleset similar to those of the most firewalls. The program uses the postfix policy delegation protocol to control access to the mail system before a message has been accepted. It allows you to choose an action (e.g. reject, dunno) for a combination of several smtp parameters (like sender and recipient address, size or the client's TLS fingerprint). Package: hapolicy Architecture: all Depends: ${perl:Depends}, ${misc:Depends} Description: Balancing and fallback postfix policy delegation service Hapolicy enables high availability, weighted loadbalancing and a fallback action for postfix policy delegation services. Invoked via postfix spawn it acts as a wrapper that queries other policy servers via tcp connection. The order of the service queries can be influenced by assigning a specific priority and weight to each service. debian/hapolicy.docs0000644000000000000000000000014211640076354011653 0ustar doc/hapolicy.html doc/hapolicy.txt tools/hapolicy/hapolicy.* tools/hapolicy/hapolicy[0-9a-zA-Z.]* debian/postfwd.manpages0000644000000000000000000000005211640076354012374 0ustar debian/tmp/postfwd1.8 man/man8/postfwd2.8 debian/source/0002755000000000000000000000000012147140424010467 5ustar debian/source/format0000644000000000000000000000001411735122136011675 0ustar 3.0 (quilt) debian/rules0000755000000000000000000000236111735123606010254 0ustar #!/usr/bin/make -f # written by Jan Wagner # # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 build: build-arch build-indep build-arch: build-indep: clean: dh_testdir dh_testroot dh_clean install: build dh_testdir dh_testroot dh_prep # install binaries install -D -m 644 sbin/postfwd debian/postfwd/usr/sbin/postfwd1 install -D -m 644 sbin/postfwd2 debian/postfwd/usr/sbin/postfwd2 install -D -m 644 tools/hapolicy/hapolicy debian/hapolicy/usr/sbin/hapolicy # install man page mkdir -p debian/tmp/ cp man/man8/postfwd.8 debian/tmp/postfwd1.8 pod2man debian/hapolicy/usr/sbin/hapolicy man/man8/hapolicy.1 # Build architecture-independent files here. binary-indep: build install dh_testdir dh_testroot dh_installchangelogs doc/postfwd.CHANGELOG dh_installdocs -ppostfwd -Xhapolicy dh_installdocs -phapolicy tools/hapolicy/hapolicy[0-9a-zA-Z.]* dh_installexamples etc/postfwd.cf.sample debian/example-cfg* dh_installinit -- defaults 19 21 dh_installman dh_compress dh_fixperms dh_perl dh_installdeb dh_gencontrol dh_md5sums dh_builddeb # Build architecture-dependent files here. binary-arch: build install binary: binary-indep binary-arch .PHONY: build clean binary-indep binary-arch binary install debian/example-cfg2.txt0000644000000000000000000001172511102540342012177 0ustar # downloaded from http://hege.li/howto/spam/etc/postfwd/postfwd.conf # check for more recent versions! ### ### Example config for postfwd 1.10pre7+ ### ## Check DNS whitelists, maybe we don't need more checks id=OK_DNSWL; \ rbl=list.dnswl.org/^127/43200; \ action=DUNNO ## Check (non-fqdn/ip/dynamic) HELO and (missing) reverse DNS id=SET_HELO; \ helo_name=!!\.; \ helo_name=[0-9.-]{7}; \ action=set(HIT_helo=1) id=SET_NODNS; \ client_name=^unknown$; \ action=set(HIT_nodns=1) id=REJECT_HELO_NODNS; \ HIT_helo==1; HIT_nodns==1; \ action=REJECT Blocked - contact postmaster@example.net for help - Suspicious HELO [$$helo_name] and missing reverse DNS [$$client_address] ## Check ZEN first for immediate blocking - less queries for other lists ## See usage policy: http://www.spamhaus.org/organization/dnsblusage.html id=REJECT_RBL_ZEN; \ rbl=zen.spamhaus.org; \ action=REJECT Blocked - contact postmaster@example.net for help - zen.spamhaus.org RBL ## Check other DNSBLs in parallel &&DNSBLS { \ rbl=bl.spamcop.net; \ rbl=dnsbl-1.uceprotect.net; \ rbl=dnsbl-2.uceprotect.net; \ rbl=dnsbl-3.uceprotect.net; \ rbl=psbl.surriel.com; \ rbl=combined.njabl.org; \ rbl=dnsbl.ahbl.org; \ rbl=dnsbl.sorbs.net; \ rbl=ix.dnsbl.manitu.net; \ rbl=dyna.spamrats.com; \ }; id=EVAL_DNSBLS; \ &&DNSBLS; rblcount=all; \ action=set(HIT_rbls=$$rblcount) id=REJECT_RBL_MULTI; \ HIT_rbls>=2; \ action=REJECT Blocked - contact postmaster@example.net for help - Multiple DNSBLs ## Check RHSBLs if there wasn't enough DNSBLs hit &&RHSBLS_REVERSE { \ rhsbl_reverse_client=dynamic.rhs.mailpolice.com; \ }; &&RHSBLS_SENDER { \ rhsbl_sender=multi.uribl.com; \ rhsbl_sender=multi.surbl.org; \ rhsbl_sender=bulk.rhs.mailpolice.com; \ rhsbl_sender=rhsbl.ahbl.org; \ rhsbl_sender=rhsbl.sorbs.net; \ rhsbl_sender=dsn.rfc-ignorant.org; \ }; id=EVAL_RHSBLS; \ &&RHSBLS_REVERSE; &&RHSBLS_SENDER; rhsblcount=all; \ action=set(HIT_rhsbls=$$rhsblcount) id=REJECT_RHSBL_MULTI; \ HIT_rhsbls>=2; \ action=REJECT Blocked - contact postmaster@example.net for help - Multiple RHSBLs ## See if we get any combined hits from rules before id=REJECT_RBL_RHSBL; \ HIT_rbls>=1; HIT_rhsbls>=1; \ action=REJECT Blocked - contact postmaster@example.net for help - RHSBL and DNSBL id=REJECT_RBL_HELO; \ HIT_rbls>=1; HIT_helo==1; \ action=REJECT Blocked - contact postmaster@example.net for help - DNSBL and suspicious HELO [$$helo_name] id=REJECT_RBL_NODNS; \ HIT_rbls>=1; HIT_nodns==1; \ action=REJECT Blocked - contact postmaster@example.net for help - DNSBL and missing reverse DNS [$$client_address] id=REJECT_RHSBL_HELO; \ HIT_rhsbls>=1; HIT_helo==1; \ action=REJECT Blocked - contact postmaster@example.net for help - RHSBL and suspicious HELO [$$helo_name] id=REJECT_RHSBL_NODNS; \ HIT_rhsbls>=1; HIT_nodns==1; \ action=REJECT Blocked - contact postmaster@example.net for help - RHSBL and missing reverse DNS [$$client_address] ## Finally greylist all lesser hits. ## ## A more DNSBL friendly way would be to greylist everything suspicious ## before DNS checks. Currently this requires you to setup some postfix ## tables before postfwd is called, since greylisting can be only done last ## in postfwd (action always exits processing). id=GREY_HELO; HIT_helo==1; action=check_postgrey id=GREY_NODNS; HIT_nodns==1; action=check_postgrey id=GREY_RBL; HIT_rbls>=1; action=check_postgrey id=GREY_RHSBL; HIT_rhsbls>=1; action=check_postgrey ## ## This example is free to use as per BSD license: ## ## Copyright (c) 2008, Henrik Krohns ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without modification, ## are permitted provided that the following conditions are met: ## ## * Redistributions of source code must retain the above copyright ## notice, this list of conditions and the following disclaimer. ## * Redistributions in binary form must reproduce the above copyright ## notice, this list of conditions and the following disclaimer in ## the documentation and/or other materials provided with the ## distribution. ## * Neither the name of the authors nor the names of his contributors ## may be used to endorse or promote products derived from this ## software without specific prior written permission. ## ## THIS SOFTWARE IS PROVIDED BY ME ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, ## INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS ## FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY DIRECT, ## INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ## NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR ## PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ## WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ## POSSIBILITY OF SUCH DAMAGE. ## debian/changelog0000644000000000000000000001773112147140414011047 0ustar postfwd (1.35-1) unstable; urgency=low * New upstream release - fixed fixed taint mode logging error - check_* functions use print/getline instead of send/recv for large --dumpcache output - log_* routines added to allow the same plugins for postfwd1 and postfwd2 - added more information when using --debug=cleanup - new sendmail(sendmail-path::from::to::subject::body) action - rate(), size() and rcpt() function index is now case insensitive by default - fixed segfault when using new perl versions (Closes: #697653) -- Jan Wagner Wed, 22 May 2013 14:49:15 +0200 postfwd (1.33-1) UNRELEASED; urgency=low * New upstream release - fixed bug when computing scores with more than 1 digit after the "." - fixed bug when computing negative values with the set action - ITEMS plugins returning zero values were handled incorrectly - max command recursion was not reset for each rule - fixed warning about use of (uninitialized value) when STORABLE is available but no cache file was defined (Closes: #697657) * Fix comment in /etc/default/postfwd (Closes: #679924), thanks Jeroen Koekkoek * Fix typo in README.Debian (closes: #691242), thanks Axel Beckert -- Jan Wagner Thu, 29 Mar 2012 20:31:17 +0200 postfwd (1.32-2) unstable; urgency=low * Switch over to packaging format 3.0 (quilt) (Closes: #664409) * Updating standards version to 3.9.3, no changes needed * Remove build-dependency of dpatch * Use dh_prep instead of dh_clean -k * Add build-arch and build-indep targets to debian/rules -- Jan Wagner Thu, 29 Mar 2012 20:22:17 +0200 postfwd (1.32-1) unstable; urgency=low * New upstream release - new option --save_rates= is able to load and save rate limit counters to disk on program start and termination. - the --debugitem="sender=example\.org$" option allows verbose logging for particular requests - the debug() action enables verbose logging for certain rules - nested commands are possible now - new mail(server/helo/from/to/subject/body) action. - single cache items can be wiped - sasl_username is logged if available - rate limit action is executed, if the first request exceeds the limit - exceeded ratecounters will not be kept permanently anymore - rate limits are evaluated at ruleset stage now - new parser enhancement is able to omit the trailing "\" for multi-line rules - new plugin interface (BETA) - Time::HiRes is used if available - multiple rate limits for the same items are supported now - new $$ratecount variable for rate() actions - new option --keep_rates - queueid is logged when available - rate limits fixed - new --debug class 'cleanup' - documentation updates and fixes * Suppress output on restarting via init script (Closes: #636782), thanks Martin F. Krafft for reporting * Add hapolicy and manpage into separate binary package * Reorganize documentation - Add new files from upstream to documentation - Changelogs where renamed by upstream * Bump Standards-Version to 3.9.2, no changes needed -- Jan Wagner Wed, 21 Dec 2011 22:27:27 +0100 postfwd (1.20-1) unstable; urgency=low * New upstream release - Release contains postfwd1 and postfwd2 now (Closes: #582969) - new --umask setting allows to set filepermissions for pidfiles and unix domain sockets - Rate limit code rewritten - rbl checks disabled for ipv6 addresses, cidr compare will switch to default (regex/string) - rbl check could fail on multiple dnsbl answers * Add dpatch infrastructure * Provide update-alternatives for choosing the postfwd variant * Install also CHANGELOG2 * Bump Standards-Version to 3.9.1, no changes needed -- Jan Wagner Thu, 10 Feb 2011 08:38:04 +0100 postfwd (1.18-1) unstable; urgency=low * New upstream release - Fixed bug when comparing sender and recipient addresses, like "sender=$$recipient" -- Jan Wagner Thu, 29 Apr 2010 08:46:25 +0200 postfwd (1.17-1) unstable; urgency=low * New upstream release - Net::DNS internal errors will now be handled gracefully - default for options --dns_max_ns_a_lookups and --dns_max_mx_a_lookups of 100 - Fixed variable substitution when the '=' operator is used -- Jan Wagner Mon, 22 Mar 2010 09:02:31 +0100 postfwd (1.16-2) unstable; urgency=low * Bump Standards-Version to 3.8.4, no changes needed * Migrate Vcs-Fields over to scm.uncompleted.org * Add 1.0 to debian/source/format -- Jan Wagner Wed, 10 Mar 2010 12:35:57 +0100 postfwd (1.16-1) unstable; urgency=low * NEW upstream release - documentation fixed - configuration parser improvements - option --reload (HUP signal) now reloads config, if the file is unchanged - redirect syslog to stdout for --kill, --reload and --showconfig - new rcpt() command counts recipients for rate limits - helo_address, and sender_(ns|mx)_addrs can now be csv items - items may now be retrieved from files using "item=file:/some/where" * Add "Copyright" to all copyrights in debian/copyright * Bump standards version to 3.8.3 (no changes needed) * Fix speeling errors in debian/README.Debian -- Jan Wagner Thu, 14 Jan 2010 19:32:26 +0100 postfwd (1.14-1) unstable; urgency=low * new upstream release - new compare operators - added --nodaemon option - perform non dns items first - enabled dns cache for sender(ns|mx) and helo address - new options --dns_max_ns_lookups and --dns_max_mx_lookups - new items sender_ns_names and sender_ns_addrs - new items sender_mx_names and sender_mx_addrs - new item helo_address, please see docs for more - added --proto switch, to enable the use of unix domain sockets - added command-line options --kill and --reload - dnsbl txt lookups only for dnsbls with at least one a record - small performance improvement - ask() action allows to use another policy service - new options --noidlestats and --norulelog * install postfwd.cf.sample, was renamed upstream * leave hints about documentation and config verification in README.Debian * Bump standards version to 3.8.2 (no changes needed) -- Jan Wagner Mon, 06 Jul 2009 21:15:35 +0200 postfwd (1.10pre8b-1) unstable; urgency=low * new upstream release - Net::CIDR::Lite is not required any longer - Net::DNS::Async is no longer used - changed Net::Server behaviour to ignore syslog errors - --shortlog is now default behaviour (use -v to see more) - days=Wed now means exactly Wednesday - disabled fallback to synchronous dns on timed out rbls - new item "rhsbl_helo" allows to check helo against rhsbls - the new variable $$request_hits contains a list of all matching ruleids - the new variable $$dnsbltext allows access to txt records of rbls - new options --no-rulestats and --nodnslog - ttls of the dns responses override --cache-rbl-timeout when bigger * drop dependency of libnet-cidr-lite-perl and libnet-dns-async-perl * add dependency of libnet-dns-perl -- Jan Wagner Thu, 19 Feb 2009 22:39:09 +0100 postfwd (1.10pre7c-3) unstable; urgency=low * implement machine-interpretable copyright file * fix init script (Closes: #503597). - let daemon write pid file for his own - point start-stop daemon to pidfile when stoping - fix reload by fixing the way how to get the pid * fix example-cfg2.txt to work with 1.10pre7 (Closes: #503596). -- Jan Wagner Fri, 31 Oct 2008 09:55:52 +0100 postfwd (1.10pre7c-2) unstable; urgency=low * Uploading to unstable. * Updating standards version to 3.8.0, no changes needed -- Jan Wagner Tue, 15 Jul 2008 22:43:08 +0200 postfwd (1.10pre7c-1) experimental; urgency=low * Initial release (Closes: #470356). -- Jan Wagner Sat, 31 May 2008 22:07:08 +0200 debian/compat0000644000000000000000000000000211735122136010365 0ustar 9 debian/watch0000644000000000000000000000006710765631271010232 0ustar version=3 http://www.postfwd.org/postfwd-(.*)\.tar\.gz debian/postfwd.docs0000644000000000000000000000012711640076354011534 0ustar doc/postfwd2.CHANGELOG doc/*.html doc/*.txt tools/*.pl tools/*.sample plugins/*.sample debian/copyright0000644000000000000000000000562311232714007011124 0ustar Format-Specification: http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=196 Packaged-By: Jan Wagner Packaged-Date: Mon, 10 Mar 2008 22:37:44 +0100 Upstream-Name: postfwd Upstream-Maintainer: Jan Peter Kessler Upstream-Source: http://www.postfwd.org Files: * Copyright: Copyright (c) 2007, Jan Peter Kessler, All rights reserved. License: BSD-3 Files: debian/* Copyright: Copyright (C) 2006, 2008 Jan Wagner License: GPL-2+ Files: debian/example-cfg2.txt Copyright: Copyright (c) 2008, Henrik Krohns License: BSD-3 License: BSD-3 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the authors nor the names of his contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ME ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. License: GPL-2+ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL-2 file. debian/postfwd.init0000644000000000000000000000460411617242554011554 0ustar #! /bin/sh # Written by Miquel van Smoorenburg . # Modified for Debian # by Ian Murdock . # # Version: @(#)skeleton 1.9 26-Feb-2001 miquels@cistron.nl # /etc/init.d/postfwd: v1 2008/03/12 Jan Wagner ### BEGIN INIT INFO # Provides: postfwd # Required-Start: $local_fs $network $remote_fs $syslog # Required-Stop: $local_fs $network $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: start and stop the postfw daemon # Description: a Perl policy daemon for the Postfix MTA ### END INIT INFO PATH=/sbin:/bin:/usr/sbin:/usr/bin NAME=postfwd DAEMON=/usr/sbin/${NAME} PIDFILE=/var/run/$NAME.pid DESC=postfwd test -x $DAEMON || exit 0 not_configured () { echo "#### WARNING ####" echo "${NAME} won't be started/stopped unless it is configured." echo "If you want to start ${NAME} as daemon, see /etc/default/${NAME}." echo "#################" exit 0 } no_configfile () { echo "#### WARNING ####" echo "${NAME} won't be started/stopped unless a rules file is provided at $CONF." echo "#################" exit 0 } # check if postfwd is configured or not if [ -f "/etc/default/$NAME" ] then . /etc/default/$NAME if [ "$STARTUP" != "1" ] then not_configured fi else not_configured fi # check if rules file is there if [ ! -f $CONF ] then no_configfile fi # Check whether we have to drop privileges. if [ -n "$RUNAS" ] then if ! getent passwd "$RUNAS" >/dev/null; then RUNAS="" fi fi set -e case "$1" in start) echo -n "Starting $DESC: " start-stop-daemon --start --quiet \ --name ${RUNAS} \ --exec $DAEMON -- ${ARGS} --daemon --file=${CONF} --interface=${INET} --port=${PORT} --user=${RUNAS} --group=${RUNAS} --pidfile=$PIDFILE echo "$NAME." ;; stop) echo -n "Stopping $DESC: " start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE && rm -rf $PIDFILE echo "$NAME." ;; reload) echo "Reloading $DESC configuration files." kill -HUP $(cat $PIDFILE) ;; restart|force-reload) echo -n "Restarting $DESC (incl. cache): " $0 stop > /dev/null sleep 1 $0 start > /dev/null echo "$NAME." ;; *) N=/etc/init.d/$NAME echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2 exit 1 ;; esac exit 0 debian/postfwd.postrm0000644000000000000000000000242711406143045012125 0ustar #!/bin/sh # based on arpwatch.postrm: v2 2004/09/15 KELEMEN Peter # postrm: v1 2006/10/12 Jan Wagner NUSER="postfw" NGROUP="postfw" set -e case "$1" in purge) # find first and last SYSTEM_UID numbers for LINE in `grep SYSTEM_UID /etc/adduser.conf | grep -v "^#"`; do case $LINE in FIRST_SYSTEM_UID*) FIST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='` ;; LAST_SYSTEM_UID*) LAST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='` ;; *) ;; esac done # remove system account if necessary if [ -n "$FIST_SYSTEM_UID" ] && [ -n "$LAST_SYSTEM_UID" ]; then if USERID=`getent passwd $NUSER | cut -f 3 -d ':'`; then if [ -n "$USERID" ]; then if [ "$FIST_SYSTEM_UID" -le "$USERID" ] && \ [ "$USERID" -le "$LAST_SYSTEM_UID" ] && \ [ -x /usr/sbin/deluser ]; then deluser --quiet $NUSER || true # And then remove the group GROUPID=`getent group $NGROUP | cut -f 3 -d ':'` if [ -n "$GROUPID" ] && [ -x /usr/sbin/delgroup ] ; then delgroup --quiet $NGROUP || true fi fi fi fi fi ;; remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) ;; *) echo "postrm called with unknown argument \`$1'" >&2 exit 1 ;; esac #DEBHELPER#