Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. Devel
Compile SPF patch on Postfix (Red hat 8.0)
tiagocruz at forumgdh
Aug 11, 2006, 1:28 PM
Post #1 of 7 (4923 views)
Permalink
Hello guys,

I know, its a very old OS, but I really need add the SPF patch on my postfix
running on one Red Hat 8.0 :-)

I've compiled the libspf2-1.2.5 as well, applied the patch
postfix-2.2.10_libspf2-1.2.x-20060614.patch.gz [1] on the postfix-2.2.11.tar.gz
and tryed to compile:

# make tidy
# make makefiles CCARGS="-I/usr/local/include" \
AUXLIBS="-lc -L/usr/local/lib -lspf2"
# make

Is this the make error message :
========================================
for i in tls.h tls_prng.h tls_scache.h tls_mgr.h; \
do \
cmp -s $i ../../include/$i 2>/dev/null || cp $i ../../include; \
done
cd ../../include; chmod 644 tls.h tls_prng.h tls_scache.h tls_mgr.h
[src/master]
for i in mail_server.h master_proto.h mail_flow.h; \
do \
cmp -s $i ../../include/$i 2>/dev/null || cp $i ../../include; \
done
cd ../../include; chmod 644 mail_server.h master_proto.h mail_flow.h
[src/postfix]
make: Nothing to be done for `update'.
[src/smtpstone]
make: Nothing to be done for `update'.
[src/sendmail]
make: Nothing to be done for `update'.
[src/error]
make: Nothing to be done for `update'.
[src/pickup]
make: Nothing to be done for `update'.
[src/cleanup]
make: Nothing to be done for `update'.
[src/smtpd]
gcc -Wmissing-prototypes -Wformat -I/usr/local/include -g -O -I. -I../../include
-DLINUX2 -c smtpd.c
cc1: warning: changing search order for system directory "/usr/local/include"
cc1: warning: as it has already been specified as a non-system directory
In file included from /usr/local/include/spf2/spf_server.h:22,
from /usr/local/include/spf2/spf.h:27,
from smtpd.h:18,
from smtpd.c:799:
/usr/local/include/spf2/spf_dns.h:82: conflicting types for `ns_type'
/usr/include/arpa/nameser.h:302: previous declaration of `ns_type'
In file included from /usr/local/include/spf2/spf.h:27,
from smtpd.h:18,
from smtpd.c:799:
/usr/local/include/spf2/spf_server.h:23:30: spf_dns_internal.h: No such file or
directory
make: *** [smtpd.o] Error 1
make: *** [update] Error 1

========================================


[1] http://www.linuxrulz.org/nkukard/postfix/

Many thanks!!

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
Re: Compile SPF patch on Postfix (Red hat 8.0) [ In reply to ]
scott at kitterman
Aug 11, 2006, 2:12 PM
Post #2 of 7 (4818 views)
Permalink
Have you considered just using the SPF policy daemon that included as an
example in the Postfix distribution? At the very least that ought to get
things working while you figure this out.

Scott K

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
Re: Compile SPF patch on Postfix (Red hat 8.0) [ In reply to ]
tiagocruz at forumgdh
Aug 12, 2006, 9:06 AM
Post #3 of 7 (4808 views)
Permalink
Hello Scott,

Thanks for reply!

So, is really better use one daemon? The SPF patch is not recomended?
Ok, I will try to find the daemon! :-)

But... whats him name? Because I saw a lot of SPF daemons and I'm a little
confuse now...

Many thanks!

Tiago Cruz

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
Re: Compile SPF patch on Postfix (Red hat 8.0) [ In reply to ]
julian at mehnle
Aug 12, 2006, 9:32 AM
Post #4 of 7 (4817 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tiago Cruz wrote:
> So, is really better use one daemon? The SPF patch is not recomended?
> Ok, I will try to find the daemon! :-)
>
> But... whats him name? Because I saw a lot of SPF daemons and I'm a
> little confuse now...

There are at least three[1]: the libspf2 policy daemon, postfix-policyd-
spf-perl, and tumgreyspf.

I'm no libspf2 expert, but I think the dreaded "spf_server.h: spf_dns_
internal.h: No such file or directory" error will stop you from building
the libspf2 policy daemon as well, so you'll essentially have to choose
between postfix-policyd-spf-perl and tumgreyspf.

References:
1. http://new.openspf.org/Implementations

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFE3gKIwL7PKlBZWjsRAgfnAJ9sFRUuhhR3JGpp7rFXEsrZ9Y+ZpQCfXc5s
Sc0rVbz/TKgcplfpKKqoRtI=
=xRuW
-----END PGP SIGNATURE-----

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
Re: Re: Compile SPF patch on Postfix (Red hat 8.0) [ In reply to ]
scott at kitterman
Aug 12, 2006, 9:43 AM
Post #5 of 7 (4805 views)
Permalink
On Saturday 12 August 2006 12:06, Tiago Cruz wrote:
> Hello Scott,
>
> Thanks for reply!
>
> So, is really better use one daemon? The SPF patch is not recomended?
> Ok, I will try to find the daemon! :-)
>
> But... whats him name? Because I saw a lot of SPF daemons and I'm a little
> confuse now...
>

The Postfix maintainers strongly recommend using the policy daemon approach
rather than patch the core MTA. It's the way I've always done it. The
policy interface is described here:

http://www.postfix.org/SMTPD_POLICY_README.html

There are a number of options which in part depend on your choice of SPF
checking library...

Libspf2 is distributed with a C policy daemon. I've not used either one.

If you look in the Postfix source for your Postfix version, you will find a
copy of postfix-policyd-spf. This was recently renamed
postfix-policyd-spf-perl in order to avoid confusion with the C
implementation distributed with Libspf2. The latest version is available
here:

http://new.openspf.org/source/software/postfix-policyd-spf-perl/tags/

It is designed to work with Mail::SPF::Query.

If you like Python, there is Tumgreyspf that also does greylisting:

http://www.tummy.com/Community/software/tumgreyspf/

It will support Libspf2, Mail::SPQ::Query, or pySPF.

I'm sure there are others too. I would choose based on your preference of
programming languages. I use the a customized version of the Python one
because I don't do C or PERL.

Scott K



-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
Re: Compile SPF patch on Postfix (Red hat 8.0) [ In reply to ]
tiagocruz at forumgdh
Aug 14, 2006, 11:21 AM
Post #6 of 7 (4808 views)
Permalink
Hello again Scott, many thanks for you help!

Ok, if postfix developers recomend this one, I'll use the
postfix-policyd-spf-perl ;)

I've implemented in my SMTP server, on "smtpd_recipient_restrictions"
like say in README... but can I put this on "smtpd_sender_restrictions",
because this machine is only SMTP?

I work in one ISP provider so the "SMTP" machines are RedHat 8.0
(4 machines) and anothers 4 "MX" machines running Debian with SPF patch...
So, I would like to put SPF on my SMTP, because MX already have. Is is
possible? Have some problem?

Many thanks!
Brazlilian Regards!

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
Re: Re: Compile SPF patch on Postfix (Red hat 8.0) [ In reply to ]
scott at kitterman
Aug 14, 2006, 11:39 AM
Post #7 of 7 (4806 views)
Permalink
On Monday 14 August 2006 14:21, Tiago Cruz wrote:
> Hello again Scott, many thanks for you help!
>
> Ok, if postfix developers recomend this one, I'll use the
> postfix-policyd-spf-perl ;)
>
> I've implemented in my SMTP server, on "smtpd_recipient_restrictions"
> like say in README... but can I put this on "smtpd_sender_restrictions",
> because this machine is only SMTP?
>
> I work in one ISP provider so the "SMTP" machines are RedHat 8.0
> (4 machines) and anothers 4 "MX" machines running Debian with SPF patch...
> So, I would like to put SPF on my SMTP, because MX already have. Is is
> possible? Have some problem?
>
If you are accepting mail from local mail clients, but not receiving mail, you
do not need SPF on those machines. The only machines that need SPF are the
MX machines.

Since only MTAs are listed in SPF records, if you try and do SPF checks on
each mail client that sends mail, they will fail the check. What you can do,
if you want, is to make sure that mail you send out would not fail an SPF
check when checked by the MTA your SMTP boxes send to. To do that, you need
to use the IP address of the SMTP server rather than the provided
client_address. You would have to modify postfix-policyd-spf-perl to do
this.

Scott K

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal