Commits

Zhang Huangbin committed e7d754e

Switch from Policyd-1.8 to Cluebringer on all Linux/BSD distributions.

Comments (0)

Files changed (14)

iRedMail/ChangeLog

 iRedMail-0.8.6:
+    * Switch from Policyd-1.8 to Cluebringer on all Linux/BSD distributions.
     * Drop support for below releases:
         + Debian 6 (squeeze)
         + Gentoo

iRedMail/conf/policy_server

 #---------------------------------------------------------------------
 
 # Use policyd-1.8 by default
-export USE_CLUEBRINGER='NO'
-export USE_POLICYD='YES'
+export USE_CLUEBRINGER='YES'
 
-# Use Policyd-2.x (cluebringer).
-if [ X"${DISTRO}" == X'RHEL' ]; then
-    if [ X"${BACKEND}" == X'PGSQL' ]; then
-        export USE_CLUEBRINGER='YES'
-        export USE_POLICYD='NO'
-    fi
-elif [ X"${DISTRO}" == X'SUSE' ]; then
-    # Use cluebringer in openSUSE-12.3 and later releases.
-    export USE_CLUEBRINGER='YES'
-    export USE_POLICYD='NO'
-elif [ X"${DISTRO}" == X'DEBIAN' ]; then
-    if [ X"${DISTRO_CODENAME}" == X'wheezy' ]; then
-        export USE_CLUEBRINGER='YES'
-        export USE_POLICYD='NO'
-    fi
-
-elif [ X"${DISTRO}" == X'UBUNTU' ]; then
-    export USE_CLUEBRINGER='YES'
-    export USE_POLICYD='NO'
-elif [ X"${DISTRO}" == X'FREEBSD' ]; then
-    if [ X"${BACKEND}" == X'PGSQL' ]; then
-        export USE_CLUEBRINGER='YES'
-        export USE_POLICYD='NO'
-    fi
-elif [ X"${DISTRO}" == X'OPENBSD' ]; then
+if [ X"${DISTRO}" == X'OPENBSD' ]; then
     export USE_CLUEBRINGER='NO'
-    export USE_POLICYD='NO'
     export USE_SPAMD='YES'
 fi
 
-if [ X"${USE_POLICYD}" == X'YES' ]; then
-    . ${CONF_DIR}/policyd
-fi
-
 if [ X"${USE_CLUEBRINGER}" == X'YES' ]; then
     . ${CONF_DIR}/cluebringer
 fi

iRedMail/conf/policyd

-#!/usr/bin/env bash
-
-# Author:   Zhang Huangbin (zhb _at_ iredmail.org)
-
-#---------------------------------------------------------------------
-# This file is part of iRedMail, which is an open source mail server
-# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
-#
-# iRedMail is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# iRedMail is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with iRedMail.  If not, see <http://www.gnu.org/licenses/>.
-#---------------------------------------------------------------------
-
-# ------------------------------------------------
-# Policyd.
-# ------------------------------------------------
-
-# POLICYD_BIND_HOST is configured in conf/global
-export POLICYD_BIND_PORT='10031' # Default value in policyd.conf.
-
-export POLICYD_RC_SCRIPT_NAME='policyd'
-export POLICYD_DB_PASSWD="$(${RANDOM_STRING})"
-
-export POLICYD_USER='policyd'
-export POLICYD_GROUP='policyd'
-export POLICYD_USER_HOME='/home/policyd'
-
-#
-# Another policyd instance for recipient throttle feature only.
-#
-export POLICYD_THROTTLE_PIDFILE='/var/run/policyd_throttle.pid'
-
-export POLICYD_THROTTLE_BIND_HOST="${POLICYD_BIND_HOST}"
-export POLICYD_THROTTLE_BIND_PORT='10032'
-
-#
-# Syslog setting.
-#
-export POLICYD_SEPERATE_LOG='NO'    # 'YES' or 'NO'
-
-# Default syslog facility is 'LOG_MAIL|LOG_INFO'
-export POLICYD_SYSLOG_FACILITY='LOG_MAIL|LOG_INFO'
-export POLICYD_LOGFILE='/var/log/policyd.log'
-export POLICYD_LOGROTATE_FILE='/etc/logrotate.d/policyd'
-
-if [ X"${DISTRO}" == X"RHEL" ]; then
-    export PKG_POLICYD='policyd'
-    export POLICYD_CONF='/etc/policyd.conf'
-    export POLICYD_THROTTLE_CONF='/etc/policyd_sender_throttle.conf'
-    export POLICYD_THROTTLE_PIDFILE='/var/run/policyd_sender_throttle.pid'
-
-    # Database.
-    export POLICYD_DB_NAME='policyd'
-    export POLICYD_DB_USER='policyd'
-
-    # Path of policyd-clean
-    export POLICYD_CLEANUP_BIN='/usr/sbin/policyd-cleanup'
-
-elif [ X"${DISTRO}" == X"SUSE" ]; then
-    export PKG_POLICYD='policyd'
-    export POLICYD_CONF='/etc/policyd.conf'
-    export POLICYD_THROTTLE_CONF='/etc/policyd_sender_throttle.conf'
-    export POLICYD_THROTTLE_PIDFILE='/var/run/policyd_sender_throttle.pid'
-
-    # Database.
-    export POLICYD_DB_NAME='policyd'
-    export POLICYD_DB_USER='policyd'
-
-    # Path of policyd-clean
-    export POLICYD_CLEANUP_BIN='/usr/lib/policyd/cleanup'
-
-    # Override default setting.
-    export POLICYD_USER_HOME='/var/lib/empty'
-
-elif [ X"${DISTRO}" == X"DEBIAN" -o X"${DISTRO}" == X"UBUNTU" ]; then
-    export PKG_POLICYD='postfix-policyd'
-    export POLICYD_CONF='/etc/postfix-policyd.conf'
-    export POLICYD_THROTTLE_CONF='/etc/postfix-policyd_throttle.conf'
-    export POLICYD_RC_SCRIPT_NAME="postfix-policyd"
-
-    # Database.
-    export POLICYD_DB_NAME='postfixpolicyd'
-    export POLICYD_DB_USER='postfix-policyd'
-
-    # Path of policyd-clean
-    export POLICYD_CLEANUP_BIN='/usr/lib/postfix-policyd/cleanup'
-
-elif [ X"${DISTRO}" == X"FREEBSD" ]; then
-    export PKG_POLICYD='postfix-policyd-sf'
-    export POLICYD_CONF='/usr/local/etc/postfix-policyd-sf.conf'
-    export POLICYD_THROTTLE_CONF='/usr/local/etc/policyd_throttle.conf'
-
-    # Database.
-    export POLICYD_DB_NAME='policyd'
-    export POLICYD_DB_USER='policyd'
-
-    # Path of policyd-clean
-    export POLICYD_CLEANUP_BIN='/usr/local/sbin/postfix-policyd-sf-cleanup'
-
-else
-    :
-fi
-
-export POLICYD_RC_SCRIPT="${DIR_RC_SCRIPTS}/${POLICYD_RC_SCRIPT_NAME}"
-export MYSQL_BACKUP_DATABASES="${MYSQL_BACKUP_DATABASES} ${POLICYD_DB_NAME}"

iRedMail/functions/cluebringer.sh

 
     # Get SQL structure template file.
     tmp_sql="/tmp/cluebringer_init_sql.${RANDOM}${RANDOM}"
-    if [ X"${DISTRO}" == X"RHEL" -o X"${DISTRO}" == X"SUSE" ]; then
-        DB_SAMPLE_FILE_NAME='policyd.mysql.sql'
+    if [ X"${DISTRO}" == X'RHEL' -o X"${DISTRO}" == X'SUSE' ]; then
+        if [ X"${BACKEND}" == X'OPENLDAP' -o X"${BACKEND}" == X'MYSQL' ]; then
+            tmp_db_sample_file_name='policyd.mysql.sql'
+        elif [ X"${BACKEND}" == X'PGSQL' ]; then
+            tmp_db_sample_file_name='policyd.pgsql.sql'
+        fi
 
-        if [ X"${DISTRO}" == X'SUSE' ]; then
+        DB_SAMPLE_FILE="$(eval ${LIST_FILES_IN_PKG} ${PKG_CLUEBRINGER} | grep "/${tmp_db_sample_file_name}$")"
+
+        if [ X"${BACKEND}" == X'OPENLDAP' -o X"${BACKEND}" == X'MYSQL' ]; then
+            perl -pi -e 's#TYPE=#ENGINE=#g' ${DB_SAMPLE_FILE}
+        elif [ X"${BACKEND}" == X'PGSQL' ]; then
+            perl -pi -e 's=^(#.*)=/*${1}*/=' ${DB_SAMPLE_FILE}
+        fi
+
+        if [ X"${BACKEND}" == X'OPENLDAP' -o X'${BACKEND}' == X'MYSQL' ]; then
             cat > ${tmp_sql} <<EOF
 CREATE DATABASE ${CLUEBRINGER_DB_NAME};
 USE ${CLUEBRINGER_DB_NAME};
-EOF
-        fi
 
-        DB_SAMPLE_FILE="$(eval ${LIST_FILES_IN_PKG} ${PKG_CLUEBRINGER} | grep "/${DB_SAMPLE_FILE_NAME}$")"
-        perl -pi -e 's#TYPE=#ENGINE=#g' ${DB_SAMPLE_FILE}
-
-        if [ X"${BACKEND}" == X"OPENLDAP" -o X"${BACKEND}" == X"MYSQL" ]; then
-            cat >> ${tmp_sql} <<EOF
 -- Import SQL structure template.
 SOURCE ${DB_SAMPLE_FILE};
 
 FLUSH PRIVILEGES;
 EOF
         elif [ X"${BACKEND}" == X"PGSQL" ]; then
-            export shipped_pgsql_temp="$(eval ${LIST_FILES_IN_PKG} ${PKG_CLUEBRINGER} | grep '/policyd.pgsql.sql$')"
-            perl -pi -e 's=^(#.*)=/*${1}*/=' ${shipped_pgsql_temp}
             cat > ${tmp_sql} <<EOF
 CREATE DATABASE ${CLUEBRINGER_DB_NAME} WITH TEMPLATE template0 ENCODING 'UTF8';
 CREATE USER ${CLUEBRINGER_DB_USER} WITH ENCRYPTED PASSWORD '${CLUEBRINGER_DB_PASSWD}' NOSUPERUSER NOCREATEDB NOCREATEROLE;
 \c ${CLUEBRINGER_DB_NAME};
 
 -- Import SQL structure template.
-\i ${shipped_pgsql_temp};
+\i ${DB_SAMPLE_FILE};
 EOF
 
-            unset shipped_pgsql_temp
         fi
 
     elif [ X"${DISTRO}" == X"DEBIAN" -o X"${DISTRO}" == X"UBUNTU" ]; then
 INSERT INTO policy_group_members (PolicyGroupID, Member, Disabled) VALUES (2, '@${FIRST_DOMAIN}', 0);
 EOF
 
+    # Delete testing policy and samples.
+    cat >> ${tmp_sql} <<EOF
+-- Delete default sample policy group members.
+DELETE FROM policy_group_members WHERE Member IN ('@example.org', '@example.com');
+
+-- Delete test policy.
+DELETE FROM quotas_limits;
+DELETE FROM quotas;
+DELETE FROM policy_members WHERE policyid=5;
+DELETE FROM policies WHERE id=5;
+EOF
+
     # Initial cluebringer db.
     # Enable greylisting on all inbound emails by default.
     if [ X"${BACKEND}" == X"OPENLDAP" -o X"${BACKEND}" == X"MYSQL" ]; then

iRedMail/functions/iredadmin.sh

     fi
 
     # Section [policyd].
-    ECHO_DEBUG "Configure Policyd related settings."
-    if [ X"${USE_POLICYD}" == X'YES' ]; then
+    if [ X"${USE_CLUEBRINGER}" == X'YES' ]; then
+        ECHO_DEBUG "Configure Cluebringer related settings."
         perl -pi -e 's#^(enabled =).*#${1} True#' settings.ini
         perl -pi -e 's#(.*)host_of_policyd_sql_server#${1} $ENV{SQL_SERVER}#' settings.ini
         perl -pi -e 's#(.*)port_of_policyd_sql_server#${1} $ENV{SQL_SERVER_PORT}#' settings.ini
-        perl -pi -e 's#^(db =) policyd#${1} $ENV{POLICYD_DB_NAME}#' settings.ini
-        perl -pi -e 's#^(user =) policyd#${1} $ENV{POLICYD_DB_USER}#' settings.ini
-        perl -pi -e 's#(.*)password_of_policyd_db#${1} $ENV{POLICYD_DB_PASSWD}#' settings.ini
+        perl -pi -e 's#^(db =) policyd#${1} $ENV{CLUEBRINGER_DB_NAME}#' settings.ini
+        perl -pi -e 's#^(user =) policyd#${1} $ENV{CLUEBRINGER_DB_USER}#' settings.ini
+        perl -pi -e 's#(.*)password_of_policyd_db#${1} $ENV{CLUEBRINGER_DB_PASSWD}#' settings.ini
     else
-        # Policyd-2 (cluebringer) is not yet supported in iRedAdmin.
-        perl -pi -e 's#^(enabled =) True#${1} False#' settings.ini
+        perl -pi -e 's#^(enabled =).*#${1} False#' settings.ini
     fi
 
     # Section [amavisd].

iRedMail/functions/packages.sh

 
     # Policyd.
     if [ X"${DISTRO}" == X"RHEL" ]; then
-        if [ X"${USE_POLICYD}" == X'YES' ]; then
-            ALL_PKGS="${ALL_PKGS} policyd${PKG_ARCH}"
-            ENABLED_SERVICES="${ENABLED_SERVICES} ${POLICYD_RC_SCRIPT_NAME}"
-        else
-            ALL_PKGS="${ALL_PKGS} cluebringer"
-            ENABLED_SERVICES="${ENABLED_SERVICES} ${CLUEBRINGER_RC_SCRIPT_NAME}"
+        ALL_PKGS="${ALL_PKGS} cluebringer"
+        ENABLED_SERVICES="${ENABLED_SERVICES} ${CLUEBRINGER_RC_SCRIPT_NAME}"
+    elif [ X"${DISTRO}" == X"SUSE" ]; then
+        ALL_PKGS="${ALL_PKGS} cluebringer"
+        ENABLED_SERVICES="${ENABLED_SERVICES} ${CLUEBRINGER_RC_SCRIPT_NAME}"
+    elif [ X"${DISTRO}" == X"DEBIAN" -o X"${DISTRO}" == X"UBUNTU" ]; then
+        ALL_PKGS="${ALL_PKGS} postfix-cluebringer postfix-cluebringer-webui"
+        ENABLED_SERVICES="${ENABLED_SERVICES} ${CLUEBRINGER_RC_SCRIPT_NAME}"
+
+        if [ X"${BACKEND}" == X"OPENLDAP" -o X"${BACKEND}" == X"MYSQL" ]; then
+            ALL_PKGS="${ALL_PKGS} postfix-cluebringer-mysql"
+        elif [ X"${BACKEND}" == X"PGSQL" ]; then
+            ALL_PKGS="${ALL_PKGS} postfix-cluebringer-pgsql"
         fi
-    elif [ X"${DISTRO}" == X"SUSE" ]; then
-        if [ X"${USE_POLICYD}" == X'YES' ]; then
-            ALL_PKGS="${ALL_PKGS} policyd"
-            ENABLED_SERVICES="${ENABLED_SERVICES} ${POLICYD_RC_SCRIPT_NAME}"
-        else
-            ALL_PKGS="${ALL_PKGS} cluebringer"
-            ENABLED_SERVICES="${ENABLED_SERVICES} ${CLUEBRINGER_RC_SCRIPT_NAME}"
-        fi
-
-    elif [ X"${DISTRO}" == X"DEBIAN" -o X"${DISTRO}" == X"UBUNTU" ]; then
-        if [ X"${USE_CLUEBRINGER}" == X'YES' ]; then
-            ALL_PKGS="${ALL_PKGS} postfix-cluebringer postfix-cluebringer-webui"
-            ENABLED_SERVICES="${ENABLED_SERVICES} ${CLUEBRINGER_RC_SCRIPT_NAME}"
-
-            if [ X"${BACKEND}" == X"OPENLDAP" -o X"${BACKEND}" == X"MYSQL" ]; then
-                ALL_PKGS="${ALL_PKGS} postfix-cluebringer-mysql"
-            elif [ X"${BACKEND}" == X"PGSQL" ]; then
-                ALL_PKGS="${ALL_PKGS} postfix-cluebringer-pgsql"
-            fi
-        else
-            ALL_PKGS="${ALL_PKGS} postfix-policyd"
-            ENABLED_SERVICES="${ENABLED_SERVICES} ${POLICYD_RC_SCRIPT_NAME}"
-        fi
-
     elif [ X"${DISTRO}" == X'OPENBSD' ]; then
         # No port available.
         :

iRedMail/functions/packages_freebsd.sh

         fi
     fi
 
-    if [ X"${BACKEND}" == X'OPENLDAP' -o X"${BACKEND}" == X'MYSQL' ]; then
-        # Policyd v1.8x
-        ALL_PORTS="${ALL_PORTS} mail/postfix-policyd-sf"
-        ENABLED_SERVICES="${ENABLED_SERVICES} policyd"
-    elif [ X"${BACKEND}" == X'PGSQL' ]; then
-        # Policyd v2.x
-        cat > /var/db/ports/policyd2/options <<EOF
+    # Policyd v2.x
+    cat > /var/db/ports/policyd2/options <<EOF
 OPTIONS_FILE_UNSET+=MYSQL
 OPTIONS_FILE_SET+=PostgreSQL
 OPTIONS_FILE_UNSET+=SQLite
 EOF
 
-        ALL_PORTS="${ALL_PORTS} mail/policyd2"
-        ENABLED_SERVICES="${ENABLED_SERVICES} policyd"
-    fi
+    ALL_PORTS="${ALL_PORTS} mail/policyd2"
+    ENABLED_SERVICES="${ENABLED_SERVICES} policyd"
 
     # ClamAV. REQUIRED.
     cat > /var/db/ports/clamav/options <<EOF

iRedMail/functions/policy_server.sh

 
 policy_server_config()
 {
-    if [ X"${USE_POLICYD}" == X'YES' ]; then
-        . ${FUNCTIONS_DIR}/policyd.sh
-
-        ECHO_INFO "Configure Policyd (postfix policy server, version 1.8)."
-        check_status_before_run policyd_user
-        check_status_before_run policyd_config
-    fi
-
     if [ X"${USE_CLUEBRINGER}" == X'YES' ]; then
         . ${FUNCTIONS_DIR}/cluebringer.sh
 
-        ECHO_INFO "Configure Policyd (postfix policy server, code name cluebringer)."
+        ECHO_INFO "Configure Cluebringer (postfix policy server)."
         check_status_before_run cluebringer_user
         check_status_before_run cluebringer_config
 

iRedMail/functions/policyd.sh

-#!/usr/bin/env bash
-
-# Author:   Zhang Huangbin (zhb@iredmail.org)
-
-#---------------------------------------------------------------------
-# This file is part of iRedMail, which is an open source mail server
-# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
-#
-# iRedMail is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# iRedMail is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with iRedMail.  If not, see <http://www.gnu.org/licenses/>.
-#---------------------------------------------------------------------
-
-# ---------------------------------------------
-# Policyd.
-# ---------------------------------------------
-policyd_user()
-{
-    ECHO_DEBUG "Add user and group for policyd: ${POLICYD_USER}:${POLICYD_GROUP}."
-    if [ X"${DISTRO}" == X"FREEBSD" ]; then
-        pw useradd -n ${POLICYD_USER} -s ${SHELL_NOLOGIN} -d ${POLICYD_USER_HOME} -m
-    elif [ X"${DISTRO}" == X"SUSE" ]; then
-        # Not need to add user/group.
-        :
-    else
-        groupadd ${POLICYD_GROUP}
-        useradd -m -d ${POLICYD_USER_HOME} -s ${SHELL_NOLOGIN} -g ${POLICYD_GROUP} ${POLICYD_USER}
-    fi
-
-    echo 'export status_policyd_user="DONE"' >> ${STATUS_FILE}
-}
-
-policyd_config()
-{
-    ECHO_DEBUG "Initialize MySQL database of policyd."
-
-    # Get SQL structure template file.
-    tmp_sql="/tmp/policyd_config_tmp.${RANDOM}${RANDOM}"
-    if [ X"${DISTRO}" == X"RHEL" -o X"${DISTRO}" == X"SUSE" ]; then
-        cat > ${tmp_sql} <<EOF
-CREATE DATABASE ${POLICYD_DB_NAME};
-USE ${POLICYD_DB_NAME}
--- Import SQL structure template.
-SOURCE ${SAMPLE_DIR}/policyd/DATABASE.mysql;
-
--- Grant privileges.
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${POLICYD_DB_NAME}.* TO "${POLICYD_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${POLICYD_DB_PASSWD}";
-FLUSH PRIVILEGES;
-EOF
-
-    elif [ X"${DISTRO}" == X"DEBIAN" -o X"${DISTRO}" == X"UBUNTU" ]; then
-        # dbconfig-common will initialize policyd database, grant privileges.
-        cat > ${tmp_sql} <<EOF
--- Reset password.
-USE mysql;
-UPDATE user SET Password=password("${POLICYD_DB_PASSWD}") WHERE User="${POLICYD_DB_USER}";
-FLUSH PRIVILEGES;
-EOF
-
-        # Debian 5, Ubuntu 8.04, 9.04: Import missing table: postfixpolicyd.blacklist_dnsname.
-        if [ X"${DISTRO}" == X'DEBIAN' ]; then
-            addition_sql_file='/usr/share/dbconfig-common/data/postfix-policyd/upgrade/mysql/1.73-1'
-            [ -f ${addition_sql_file} ] && \
-                perl -pi -e 's#TYPE=#ENGINE=#g' ${addition_sql_file}
-
-            cat >> ${tmp_sql} <<EOF
-USE ${POLICYD_DB_NAME};
-SOURCE ${addition_sql_file};
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${POLICYD_DB_NAME}.* TO "${POLICYD_DB_USER}"@"${SQL_HOSTNAME}";
-EOF
-        fi
-
-    elif [ X"${DISTRO}" == X"FREEBSD" ]; then
-        cat > ${tmp_sql} <<EOF
-CREATE DATABASE ${POLICYD_DB_NAME};
-USE ${POLICYD_DB_NAME}
--- Import SQL structure template.
-SOURCE ${SAMPLE_DIR}/policyd/DATABASE.mysql;
--- Grant privileges.
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${POLICYD_DB_NAME}.* TO "${POLICYD_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${POLICYD_DB_PASSWD}";
-FLUSH PRIVILEGES;
-EOF
-
-    else
-        :
-    fi
-
-    # Import whitelist/blacklist shipped in policyd.
-    cat >> ${tmp_sql} <<EOF
-USE ${POLICYD_DB_NAME};
-SOURCE ${SAMPLE_DIR}/policyd/whitelist.sql;
-SOURCE ${SAMPLE_DIR}/policyd/blacklist_helo.sql;
-EOF
-
-    mysql -h${SQL_SERVER} -P${SQL_SERVER_PORT} -u${MYSQL_ROOT_USER} -p"${MYSQL_ROOT_PASSWD}" <<EOF
-$(cat ${tmp_sql})
-USE ${POLICYD_DB_NAME};
-ALTER TABLE blacklist MODIFY COLUMN _description CHAR(60) CHARACTER SET utf8;
-ALTER TABLE blacklist_sender MODIFY COLUMN _description CHAR(60) CHARACTER SET utf8;
-ALTER TABLE whitelist MODIFY COLUMN _description CHAR(60) CHARACTER SET utf8;
-ALTER TABLE whitelist_dnsname MODIFY COLUMN _description CHAR(60) CHARACTER SET utf8;
-ALTER TABLE whitelist_sender MODIFY COLUMN _description CHAR(60) CHARACTER SET utf8;
-EOF
-
-    rm -rf ${tmp_sql} ${tmp_dir} 2>/dev/null
-    unset tmp_sql tmp_dir
-
-    # Configure policyd.
-    ECHO_DEBUG "Configure policyd: ${POLICYD_CONF}."
-
-    # FreeBSD: Copy sample config file.
-    if [ X"${DISTRO}" == X"FREEBSD" ]; then
-        cp /usr/local/etc/postfix-policyd-sf.conf.sample ${POLICYD_CONF}
-    fi
-
-    # We will use another policyd instance for recipient throttle
-    # feature, it's used in 'smtpd_end_of_data_restrictions'.
-    cp -f ${POLICYD_CONF} ${POLICYD_THROTTLE_CONF}
-
-    # Patch init script on RHEL/CentOS.
-    [ X"${DISTRO}" == X"RHEL" ] && patch -p0 < ${PATCH_DIR}/policyd/policyd_init.patch >/dev/null
-
-    # Set correct permission.
-    chown ${POLICYD_USER}:${POLICYD_GROUP} ${POLICYD_CONF} ${POLICYD_THROTTLE_CONF}
-    chmod 0700 ${POLICYD_CONF} ${POLICYD_THROTTLE_CONF}
-
-    # Setup postfix for recipient throttle.
-    cat >> ${POSTFIX_FILE_MAIN_CF} <<EOF
-# Uncomment below line to enable policyd sender throttle.
-#smtpd_end_of_data_restrictions = check_policy_service inet:${POLICYD_THROTTLE_BIND_HOST}:${POLICYD_THROTTLE_BIND_PORT}
-EOF
-
-    # -------------------------------------------------------------
-    # Policyd config for normal feature exclude recipient throttle.
-    # -------------------------------------------------------------
-    # ---- DATABASE CONFIG ----
-
-    perl -pi -e 's#^(MYSQLHOST=)(.*)#${1}"$ENV{SQL_SERVER}"#' ${POLICYD_CONF} ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(MYSQLDBASE=)(.*)#${1}"$ENV{POLICYD_DB_NAME}"#' ${POLICYD_CONF} ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(MYSQLUSER=)(.*)#${1}"$ENV{POLICYD_DB_USER}"#' ${POLICYD_CONF} ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(MYSQLPASS=)(.*)#${1}"$ENV{POLICYD_DB_PASSWD}"#' ${POLICYD_CONF} ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(FAILSAFE=)(.*)#${1}1#' ${POLICYD_CONF} ${POLICYD_THROTTLE_CONF}
-
-    # ---- DAEMON CONFIG ----
-    perl -pi -e 's#^(DEBUG=)(.*)#${1}0#' ${POLICYD_CONF}
-    perl -pi -e 's#^(DAEMON=)(.*)#${1}1#' ${POLICYD_CONF}
-    perl -pi -e 's#^(BINDHOST=)(.*)#${1}"$ENV{POLICYD_BIND_HOST}"#' ${POLICYD_CONF}
-    perl -pi -e 's#^(BINDPORT=)(.*)#${1}"$ENV{POLICYD_BIND_PORT}"#' ${POLICYD_CONF}
-
-    # ---- CHROOT ----
-    export policyd_user_id="$(id -u ${POLICYD_USER})"
-    export policyd_group_id="$(id -g ${POLICYD_USER})"
-    perl -pi -e 's#^(CHROOT=)(.*)#${1}$ENV{POLICYD_USER_HOME}#' ${POLICYD_CONF}
-    perl -pi -e 's#^(UID=)(.*)#${1}$ENV{policyd_user_id}#' ${POLICYD_CONF}
-    perl -pi -e 's#^(GID=)(.*)#${1}$ENV{policyd_group_id}#' ${POLICYD_CONF}
-
-    # ---- WHITELISTING ----
-    perl -pi -e 's#^(WHITELISTING=)(.*)#${1}1#' ${POLICYD_CONF}
-    perl -pi -e 's#^(WHITELISTNULL=)(.*)#${1}0#' ${POLICYD_CONF}
-    perl -pi -e 's#^(WHITELISTSENDER=)(.*)#${1}1#' ${POLICYD_CONF}
-    perl -pi -e 's#^(AUTO_WHITE_LISTING=)(.*)#${1}1#' ${POLICYD_CONF}
-    perl -pi -e 's#^(AUTO_WHITELIST_NUMBER=)(.*)#${1}10#' ${POLICYD_CONF}
-
-    # ---- BLACKLISTING ----
-    perl -pi -e 's#^(BLACKLISTING=)(.*)#${1}1#' ${POLICYD_CONF}
-    perl -pi -e 's#^(BLACKLIST_TEMP_REJECT=)(.*)#${1}0#' ${POLICYD_CONF}
-    perl -pi -e 's#^(AUTO_BLACK_LISTING=)(.*)#${1}1#' ${POLICYD_CONF}
-    perl -pi -e 's#^(AUTO_WHITELIST_NUMBER=)(.*)#${1}10#' ${POLICYD_CONF}
-
-    # ---- BLACKLISTING HELO ----
-    perl -pi -e 's#^(BLACKLIST_HELO=)(.*)#${1}0#' ${POLICYD_CONF}
-    # ---- BLACKLIST SENDER ----
-    perl -pi -e 's#^(BLACKLISTSENDER=)(.*)#${1}1#' ${POLICYD_CONF}
-
-    # ---- HELO_CHECK ----
-    perl -pi -e 's#^(HELO_CHECK=)(.*)#${1}1#' ${POLICYD_CONF}
-
-    # ---- SPAMTRAP ----
-    perl -pi -e 's#^(SPAMTRAPPING=)(.*)#${1}1#' ${POLICYD_CONF}
-
-    # ---- GREYLISTING ----
-    perl -pi -e 's#^(GREYLISTING=)(.*)#${1}1#' ${POLICYD_CONF}
-    perl -pi -e 's#^(TRAINING_MODE=)(.*)#${1}0#' ${POLICYD_CONF}
-    perl -pi -e 's#^(TRIPLET_TIME=)(.*)#${1}5m#' ${POLICYD_CONF}
-    perl -pi -e 's#^(TRIPLET_AUTH_TIMEOUT=)(.*)#${1}7d#' ${POLICYD_CONF}
-    perl -pi -e 's#^(TRIPLET_UNAUTH_TIMEOUT=)(.*)#${1}2d#' ${POLICYD_CONF}
-    perl -pi -e 's#^(OPTINOUT=)(.*)#${1}1#' ${POLICYD_CONF}
-    perl -pi -e 's#^(OPTINOUTALL=)(.*)#${1}1#' ${POLICYD_CONF}
-
-    # Disable sender throttling here, it should be invoked in postfix
-    # 'smtpd_end_of_data_restrictions'.
-    # ---- SENDER THROTTLE ----
-    perl -pi -e 's#^(SENDERTHROTTLE=)(.*)#${1}0#' ${POLICYD_CONF}
-    # ---- RECIPIENT THROTTLE ----
-    # Note: recipient throttle doesn't work in Postfix smtpd_end_of_data_restrictions.
-    perl -pi -e 's#^(RECIPIENTTHROTTLE=)(.*)#${1}0#' ${POLICYD_CONF}
-
-    # ---- RCPT ACL ----
-    if [ X"${DISTRO}" == X"RHEL" ]; then
-        perl -pi -e 's#^(RCPT_ACL=)(.*)#${1}1#' ${POLICYD_CONF}
-    else
-        :
-    fi
-
-    # -------------------------------------------------------------
-    # Policyd config for recipient throttle only.
-    # -------------------------------------------------------------
-
-    # ---- DAEMON CONFIG ----
-    perl -pi -e 's#^(DEBUG=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(DAEMON=)(.*)#${1}1#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(BINDHOST=)(.*)#${1}"$ENV{POLICYD_THROTTLE_BIND_HOST}"#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(BINDPORT=)(.*)#${1}"$ENV{POLICYD_THROTTLE_BIND_PORT}"#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(PIDFILE=)(.*)#${1}"$ENV{POLICYD_THROTTLE_PIDFILE}"#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- CHROOT ----
-    perl -pi -e 's#^(CHROOT=)(.*)#${1}$ENV{POLICYD_USER_HOME}#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(UID=)(.*)#${1}$ENV{policyd_user_id}#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(GID=)(.*)#${1}$ENV{policyd_group_id}#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- RECIPIENT THROTTLE ----
-    perl -pi -e 's#^(RECIPIENTTHROTTLE=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-
-    # ------------------ DISABLE ALL OTHER FEATURES -----------------
-    # ---- WHITELISTING ----
-    perl -pi -e 's#^(WHITELISTING=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- BLACKLISTING ----
-    perl -pi -e 's#^(BLACKLISTING=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- BLACKLISTING HELO ----
-    perl -pi -e 's#^(BLACKLIST_HELO=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- BLACKLIST SENDER ----
-    perl -pi -e 's#^(BLACKLISTSENDER=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- HELO_CHECK ----
-    perl -pi -e 's#^(HELO_CHECK=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- SPAMTRAP ----
-    perl -pi -e 's#^(SPAMTRAPPING=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- GREYLISTING ----
-    perl -pi -e 's#^(GREYLISTING=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- SENDER THROTTLE ----
-    # We need only this feature in this policyd instance.
-    perl -pi -e 's#^(SENDERTHROTTLE=)(.*)#${1}1#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(SENDER_THROTTLE_SASL=)(.*)#${1}1#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(SENDER_THROTTLE_HOST=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(QUOTA_EXCEEDED_TEMP_REJECT=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-    perl -pi -e 's#^(SENDERMSGSIZE=)(.*)#${1}$ENV{MESSAGE_SIZE_LIMIT}#' ${POLICYD_THROTTLE_CONF}
-
-    # ---- RCPT ACL ----
-    if [ X"${DISTRO}" == X"RHEL" ]; then
-        perl -pi -e 's#^(RCPT_ACL=)(.*)#${1}0#' ${POLICYD_THROTTLE_CONF}
-    else
-        :
-    fi
-
-    # -----------------
-    # Syslog Setting
-    # -----------------
-    perl -pi -e 's#^(SYSLOG_FACILITY=)(.*)#${1}"$ENV{POLICYD_SYSLOG_FACILITY}"#' ${POLICYD_CONF} ${POLICYD_THROTTLE_CONF}
-
-    if [ X"${POLICYD_SEPERATE_LOG}" == X"YES" ]; then
-        echo -e "local1.*\t\t\t\t\t\t-${POLICYD_LOGFILE}" >> ${SYSLOG_CONF}
-        cat > ${POLICYD_LOGROTATE_FILE} <<EOF
-${CONF_MSG}
-${AMAVISD_LOGFILE} {
-    compress
-    weekly
-    rotate 10
-    create 0600 amavis amavis
-    missingok
-
-    # Use bzip2 for compress.
-    compresscmd $(which bzip2)
-    uncompresscmd $(which bunzip2)
-    compressoptions -9
-    compressext .bz2
-
-    postrotate
-        ${SYSLOG_POSTROTATE_CMD}
-    endscript
-}
-EOF
-    else
-        :
-    fi
-
-    # Setup crontab.
-    ECHO_DEBUG "Setting cron job for policyd user: ${POLICYD_USER}."
-    if [ X"${DISTRO}" == X"FREEBSD" ]; then
-        cat > ${CRON_SPOOL_DIR}/${POLICYD_USER} <<EOF
-${CONF_MSG}
-1    */2    *    *    *    ${POLICYD_CLEANUP_BIN} -c ${POLICYD_CONF}
-1    */2    *    *    *    ${POLICYD_CLEANUP_BIN} -c ${POLICYD_THROTTLE_CONF}
-EOF
-    else
-        cat > ${CRON_SPOOL_DIR}/${POLICYD_USER} <<EOF
-${CONF_MSG}
-1    */2    *    *    *    ${POLICYD_CLEANUP_BIN} -c ${POLICYD_CONF}
-1    */2    *    *    *    ${POLICYD_CLEANUP_BIN} -c ${POLICYD_THROTTLE_CONF}
-EOF
-    fi
-
-    # FreeBSD: Start policyd when system start up.
-    freebsd_enable_service_in_rc_conf 'postfix_policyd_sf_enable' 'YES'
-
-    # Set cron file permission: root:root, 0600.
-    chmod 0600 ${CRON_SPOOL_DIR}/${POLICYD_USER}
-
-    # Add postfix alias.
-    add_postfix_alias ${POLICYD_USER} ${SYS_ROOT_USER}
-
-    # Tips.
-    cat >> ${TIP_FILE} <<EOF
-Policyd:
-    * Configuration files:
-        - ${POLICYD_CONF}
-    * RC script:
-        - ${DIR_RC_SCRIPTS}/policyd
-    * Misc:
-        - /etc/cron.daily/policyd-cleanup
-        - crontab -l -u ${POLICYD_USER}
-EOF
-
-    if [ X"${POLICYD_SEPERATE_LOG}" == X"YES" ]; then
-        cat >> ${TIP_FILE} <<EOF
-    * Log file:
-        - ${SYSLOG_CONF}
-        - ${POLICYD_LOGFILE}
-
-EOF
-    else
-        echo -e '\n' >> ${TIP_FILE}
-    fi
-
-    echo 'export status_policyd_config="DONE"' >> ${STATUS_FILE}
-}

iRedMail/functions/postfix.sh

     if [ X"${USE_CLUEBRINGER}" == X"YES" ]; then
         postconf -e smtpd_recipient_restrictions="reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, ${POSTCONF_IREDAPD} ${POSTCONF_CLUEBRINGER} permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination"
         postconf -e smtpd_end_of_data_restrictions="check_policy_service inet:${CLUEBRINGER_BIND_HOST}:${CLUEBRINGER_BIND_PORT}"
-
-    elif [ X"${USE_POLICYD}" == X"YES" ]; then
-        postconf -e smtpd_recipient_restrictions="reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, ${POSTCONF_IREDAPD} permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service inet:${POLICYD_BIND_HOST}:${POLICYD_BIND_PORT}"
-
     else
         postconf -e smtpd_recipient_restrictions="reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, ${POSTCONF_IREDAPD} permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination"
 

iRedMail/patches/policyd/policyd_init.patch

---- etc/rc.d/init.d/policyd	2008-07-21 13:56:05.000000000 -0400
-+++ /etc/rc.d/init.d/policyd	2008-07-21 14:23:06.000000000 -0400
-@@ -12,28 +12,54 @@
- 
- RETVAL=0
- prog='policyd'
-+
-+ENABLE_SENDER_THROTTLE="NO"
-+
- POLICYD="/usr/sbin/policyd"
- CONF="/etc/policyd.conf"
-+CONF_SENDER_THROTTLE="/etc/policyd_sender_throttle.conf"
-+POLICYD_PIDFILE='/var/run/policyd.pid'
-+POLICYD_SENDER_THROTTLE_PIDFILE='/var/run/policyd_sender_throttle.pid'
- 
- [ -f $POLICYD ] || exit 0
- [ -f $CONF ] || exit 0
- 
- start()
- {
--    echo -n $"Starting $prog:"
-+    echo -n $"Starting policyd:"
-     daemon "$POLICYD -c $CONF"
-     RETVAL=$?
-     [ "$RETVAL" = 0 ] && touch /var/lock/subsys/policyd
-     echo
-+
-+    if [ X"${ENABLE_SENDER_THROTTLE}" != X"NO" ]; then
-+        echo -n $"Starting policyd (sender throttle):"
-+        daemon "$POLICYD -c ${CONF_SENDER_THROTTLE}"
-+        RETVAL=$?
-+        [ "$RETVAL" = 0 ] && touch /var/lock/subsys/policyd_sender_throttle
-+        echo
-+    else
-+        :
-+    fi
- }
- 
- stop()
- {
--    echo -n $"Stopping $prog:"
--    killproc policyd
-+    echo -n $"Stopping policyd:"
-+    killproc -p ${POLICYD_PIDFILE}
-     RETVAL=$?
-     [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/policyd
-     echo
-+
-+    if [ X"${ENABLE_SENDER_THROTTLE}" != X"NO" ]; then
-+        echo -n $"Stopping policyd (sender throttle):"
-+        killproc -p ${POLICYD_SENDER_THROTTLE_PIDFILE}
-+        RETVAL=$?
-+        [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/policyd_sender_throttle
-+        echo
-+    else
-+        :
-+    fi
- }
- 
- restart()
-@@ -54,7 +80,13 @@
-         restart
-         ;;
-     status)
--        status policyd
-+        status -p /var/run/policyd.pid policyd
-+
-+        if [ X"${ENABLE_SENDER_THROTTLE}" != X"NO" ]; then
-+            status -p /var/run/policyd_sender_throttle.pid "policyd (sender throttle)"
-+        else
-+            :
-+        fi
-         ;;
-     *)
-         echo $"Usage: $0 {start|stop|restart|status}"

iRedMail/samples/policyd/DATABASE.mysql

--- CREATE DATABASE policyd;
--- USE policyd;
-  
-CREATE TABLE policy (
-  _rcpt        char(60) NOT NULL default '',
-  _optin       tinyint(1) unsigned NOT NULL default '1',
-  _priority    tinyint(1) unsigned NOT NULL default '0',
-  UNIQUE KEY _rcpt (_rcpt,_optin) 
-) ENGINE=MyISAM;
-
-CREATE TABLE policy_training (
-  _rcpt        char(60) NOT NULL default '',
-  _expire      int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _rcpt (_rcpt),
-  KEY _expire (_expire)
-) ENGINE=MyISAM;
-
-CREATE TABLE throttle (
-  _from        char(60) NOT NULL default '',
-  _count_max   mediumint(8) unsigned NOT NULL default '0',
-  _count_cur   mediumint(8) unsigned NOT NULL default '1',
-  _date        int(10) unsigned NOT NULL default '0',
-  _quota_cur   int(10) unsigned NOT NULL default '0',
-  _quota_max   int(10) unsigned NOT NULL default '0',
-  _time_limit  int(10) unsigned NOT NULL default '0',
-  _mail_size   int(10) unsigned NOT NULL default '0',
-  _count_tot   mediumint(8) unsigned NOT NULL default '1',
-  _rcpt_max    mediumint(8) unsigned NOT NULL default '0',
-  _rcpt_cur    mediumint(8) unsigned NOT NULL default '1',
-  _rcpt_tot    mediumint(8) unsigned NOT NULL default '1',
-  _abuse_cur   int(10) unsigned NOT NULL default '0',
-  _abuse_tot   int(10) unsigned NOT NULL default '0',
-  _log_warn    int(10) unsigned NOT NULL default '0',
-  _log_panic   int(10) unsigned NOT NULL default '0',
-  _priority    tinyint(1) unsigned NOT NULL default '0',
-  UNIQUE KEY _from (_from)
-) ENGINE=MyISAM;
-
-CREATE TABLE throttle_from_instance (
-  _instance    char(60) NOT NULL default '',
-  _from        char(60) NOT NULL default '',
-  _expire      int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _instance (_instance),
-  KEY _expire (_expire)
-) ENGINE=MyISAM;
-
-CREATE TABLE throttle_rcpt (
-  _rcpt        char(60) NOT NULL default '',
-  _count_max   mediumint(8) unsigned NOT NULL default '0',
-  _count_cur   mediumint(8) unsigned NOT NULL default '1',
-  _date        int(10) unsigned NOT NULL default '0',
-  _time_limit  int(10) unsigned NOT NULL default '0',
-  _count_tot   mediumint(8) unsigned NOT NULL default '1',
-  _abuse_cur   int(10) unsigned NOT NULL default '0',
-  _abuse_tot   int(10) unsigned NOT NULL default '0',
-  _log_warn    int(10) unsigned NOT NULL default '0',
-  _log_panic   int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _rcpt (_rcpt)
-) ENGINE=MyISAM;
-
-CREATE TABLE rcpt_acl (
-  _sender      char(60) NOT NULL default '',
-  _rcpt        char(60) NOT NULL default '',
-  _wblist      char(60) NOT NULL default '',
-  _priority    int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _rcpt (_rcpt,_sender)
-) ENGINE=MyISAM;
-
-CREATE TABLE triplet (
-  _from        char(60) NOT NULL default '',
-  _rcpt        char(60) NOT NULL default '',
-  _host        char(15) NOT NULL default '',
-  _datenew     int(10) unsigned NOT NULL default '0',
-  _datelast    int(10) unsigned NOT NULL default '0',
-  _count       smallint(5) unsigned NOT NULL default '0',
-  UNIQUE KEY _host (_host,_from,_rcpt),
-  KEY _datelast (_datelast),
-  KEY _datenew (_datenew)
-) ENGINE=MyISAM;
-  
-CREATE TABLE whitelist (
-  _whitelist   char(15) NOT NULL default '',
-  _description char(60) NOT NULL default '',
-  _expire      int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _whitelist (_whitelist),
-  KEY _expire (_expire)
-) ENGINE=MyISAM;
-
-CREATE TABLE whitelist_sender (
-  _whitelist   char(60) NOT NULL default '',
-  _description char(60) NOT NULL default '',
-  _expire      int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _whitelist (_whitelist),
-  KEY _expire (_expire)
-) ENGINE=MyISAM;
-
-CREATE TABLE whitelist_dnsname (
-  _whitelist   char(60) NOT NULL default '',
-  _description char(60) NOT NULL default '',
-  _expire      int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _whitelist (_whitelist),
-  KEY _expire (_expire)
-) ENGINE=MyISAM;
-
-CREATE TABLE blacklist (
-  _blacklist   char(15) NOT NULL default '',
-  _description char(60) NOT NULL default '',
-  _expire      int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _blacklist (_blacklist),
-  KEY _expire (_expire)
-) ENGINE=MyISAM;
-
-CREATE TABLE blacklist_helo (
-  _helo        char(60) NOT NULL default '',
-  UNIQUE KEY _helo (_helo)
-) ENGINE=MyISAM;
-
-CREATE TABLE blacklist_sender (
-  _blacklist   char(60) NOT NULL default '',
-  _description char(60) NOT NULL default '',
-  _expire      int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _blacklist (_blacklist),
-  KEY _expire (_expire)
-) ENGINE=MyISAM;
-
-CREATE TABLE blacklist_dnsname (
-  _blacklist   char(60) NOT NULL default '',
-  _description char(60) NOT NULL default '',
-  _expire      int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _blacklist (_blacklist),
-  KEY _expire (_expire)
-) ENGINE=MyISAM;
-
-CREATE TABLE spamtrap (
-  _rcpt        char(60) NOT NULL default '',
-  _active      tinyint(1) unsigned NOT NULL default '1',
-  UNIQUE KEY _rcpt (_rcpt,_active)
-) ENGINE=MyISAM;
-
-CREATE TABLE helo (
-  _host        char(15) NOT NULL default '',
-  _helo        char(60) NOT NULL default '',
-  _expire      int(10) unsigned NOT NULL default '0',
-  UNIQUE KEY _host (_host,_helo),
-  KEY _expire (_expire)
-) ENGINE=MyISAM;
-

iRedMail/samples/policyd/blacklist_helo.sql

-INSERT INTO blacklist_helo VALUES ('2die4.com');
-INSERT INTO blacklist_helo VALUES ('accountant.com');
-INSERT INTO blacklist_helo VALUES ('adexec.com');
-INSERT INTO blacklist_helo VALUES ('africamail.com');
-INSERT INTO blacklist_helo VALUES ('allergist.com');
-INSERT INTO blacklist_helo VALUES ('alumnidirector.com');
-INSERT INTO blacklist_helo VALUES ('archaeologist.com');
-INSERT INTO blacklist_helo VALUES ('arcticmail.com');
-INSERT INTO blacklist_helo VALUES ('artlover.com');
-INSERT INTO blacklist_helo VALUES ('asia.com');
-INSERT INTO blacklist_helo VALUES ('australiamail.com');
-INSERT INTO blacklist_helo VALUES ('berlin.com');
-INSERT INTO blacklist_helo VALUES ('bikerider.com');
-INSERT INTO blacklist_helo VALUES ('cartoday.com');
-INSERT INTO blacklist_helo VALUES ('catlover.com');
-INSERT INTO blacklist_helo VALUES ('cheerful.com');
-INSERT INTO blacklist_helo VALUES ('chemist.com');
-INSERT INTO blacklist_helo VALUES ('cis.co.za');
-INSERT INTO blacklist_helo VALUES ('clerk.com');
-INSERT INTO blacklist_helo VALUES ('cliffhanger.com');
-INSERT INTO blacklist_helo VALUES ('columnist.com');
-INSERT INTO blacklist_helo VALUES ('comic.com');
-INSERT INTO blacklist_helo VALUES ('compleatgolfer.co.za');
-INSERT INTO blacklist_helo VALUES ('consultant.com');
-INSERT INTO blacklist_helo VALUES ('counsellor.com');
-INSERT INTO blacklist_helo VALUES ('cutey.com');
-INSERT INTO blacklist_helo VALUES ('deliveryman.com');
-INSERT INTO blacklist_helo VALUES ('diplomats.com');
-INSERT INTO blacklist_helo VALUES ('doctor.com');
-INSERT INTO blacklist_helo VALUES ('doglover.com');
-INSERT INTO blacklist_helo VALUES ('dr.com');
-INSERT INTO blacklist_helo VALUES ('dublin.com');
-INSERT INTO blacklist_helo VALUES ('earthling.net');
-INSERT INTO blacklist_helo VALUES ('email.com');
-INSERT INTO blacklist_helo VALUES ('europe.com');
-INSERT INTO blacklist_helo VALUES ('execs.com');
-INSERT INTO blacklist_helo VALUES ('financier.com');
-INSERT INTO blacklist_helo VALUES ('gardener.com');
-INSERT INTO blacklist_helo VALUES ('gem.co.za');
-INSERT INTO blacklist_helo VALUES ('geologist.com');
-INSERT INTO blacklist_helo VALUES ('getawaytoafrica.com');
-INSERT INTO blacklist_helo VALUES ('gmail.com');
-INSERT INTO blacklist_helo VALUES ('google.com');
-INSERT INTO blacklist_helo VALUES ('graphic-designer.com');
-INSERT INTO blacklist_helo VALUES ('hairdresser.net');
-INSERT INTO blacklist_helo VALUES ('hot-shot.com');
-INSERT INTO blacklist_helo VALUES ('iafrica.co.za');
-INSERT INTO blacklist_helo VALUES ('iafrica.com');
-INSERT INTO blacklist_helo VALUES ('iname.com');
-INSERT INTO blacklist_helo VALUES ('incrediblemail.co.za');
-INSERT INTO blacklist_helo VALUES ('inorbit.com');
-INSERT INTO blacklist_helo VALUES ('insurer.com');
-INSERT INTO blacklist_helo VALUES ('japan.com');
-INSERT INTO blacklist_helo VALUES ('journalist.com');
-INSERT INTO blacklist_helo VALUES ('law.co.za');
-INSERT INTO blacklist_helo VALUES ('lawyer.com');
-INSERT INTO blacklist_helo VALUES ('legislator.com');
-INSERT INTO blacklist_helo VALUES ('lobbyist.com');
-INSERT INTO blacklist_helo VALUES ('london.com');
-INSERT INTO blacklist_helo VALUES ('loveable.com');
-INSERT INTO blacklist_helo VALUES ('lycos.com');
-INSERT INTO blacklist_helo VALUES ('mad.scientist.com');
-INSERT INTO blacklist_helo VALUES ('madrid.com');
-INSERT INTO blacklist_helo VALUES ('mail.com');
-INSERT INTO blacklist_helo VALUES ('mindless.com');
-INSERT INTO blacklist_helo VALUES ('minister.com');
-INSERT INTO blacklist_helo VALUES ('moscowmail.com');
-INSERT INTO blacklist_helo VALUES ('mselect.co.za');
-INSERT INTO blacklist_helo VALUES ('munich.com');
-INSERT INTO blacklist_helo VALUES ('musician.org');
-INSERT INTO blacklist_helo VALUES ('mweb.co.za');
-INSERT INTO blacklist_helo VALUES ('mweb.com');
-INSERT INTO blacklist_helo VALUES ('mwunitymail.mweb.co.za');
-INSERT INTO blacklist_helo VALUES ('myself.com');
-INSERT INTO blacklist_helo VALUES ('nav-gateway.mweb.co.za');
-INSERT INTO blacklist_helo VALUES ('netactive.co.za');
-INSERT INTO blacklist_helo VALUES ('nycmail.com');
-INSERT INTO blacklist_helo VALUES ('optician.com');
-INSERT INTO blacklist_helo VALUES ('outblaze.com');
-INSERT INTO blacklist_helo VALUES ('pediatrician.com');
-INSERT INTO blacklist_helo VALUES ('pix.co.za');
-INSERT INTO blacklist_helo VALUES ('pixie.co.za');
-INSERT INTO blacklist_helo VALUES ('playful.com');
-INSERT INTO blacklist_helo VALUES ('poetic.com');
-INSERT INTO blacklist_helo VALUES ('popstar.com');
-INSERT INTO blacklist_helo VALUES ('post.com');
-INSERT INTO blacklist_helo VALUES ('presidency.com');
-INSERT INTO blacklist_helo VALUES ('priest.com');
-INSERT INTO blacklist_helo VALUES ('programmer.net');
-INSERT INTO blacklist_helo VALUES ('publicist.com');
-INSERT INTO blacklist_helo VALUES ('realtyagent.com');
-INSERT INTO blacklist_helo VALUES ('registerednurses.com');
-INSERT INTO blacklist_helo VALUES ('repairman.com');
-INSERT INTO blacklist_helo VALUES ('representative.com');
-INSERT INTO blacklist_helo VALUES ('rescueteam.com');
-INSERT INTO blacklist_helo VALUES ('rome.com');
-INSERT INTO blacklist_helo VALUES ('saintly.com');
-INSERT INTO blacklist_helo VALUES ('samerica.com');
-INSERT INTO blacklist_helo VALUES ('sanfranmail.com');
-INSERT INTO blacklist_helo VALUES ('scientist.com');
-INSERT INTO blacklist_helo VALUES ('seductive.com');
-INSERT INTO blacklist_helo VALUES ('singapore.com');
-INSERT INTO blacklist_helo VALUES ('sociologist.com');
-INSERT INTO blacklist_helo VALUES ('soon.com');
-INSERT INTO blacklist_helo VALUES ('techie.com');
-INSERT INTO blacklist_helo VALUES ('technologist.com');
-INSERT INTO blacklist_helo VALUES ('tokyo.com');
-INSERT INTO blacklist_helo VALUES ('umpire.com');
-INSERT INTO blacklist_helo VALUES ('usa.com');
-INSERT INTO blacklist_helo VALUES ('whoever.com');
-INSERT INTO blacklist_helo VALUES ('winemag.co.za');
-INSERT INTO blacklist_helo VALUES ('winning.com');
-INSERT INTO blacklist_helo VALUES ('witty.com');
-INSERT INTO blacklist_helo VALUES ('writeme.com');
-INSERT INTO blacklist_helo VALUES ('yahoo.com');
-INSERT INTO blacklist_helo VALUES ('yours.com');
-
--- Provided by iRedMail
-INSERT INTO blacklist_helo (_helo) VALUES ("126.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("163.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("163.net");
-INSERT INTO blacklist_helo (_helo) VALUES ("sohu.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("yahoo.com.cn");
-INSERT INTO blacklist_helo (_helo) VALUES ("yahoo.co.jp");
-INSERT INTO blacklist_helo (_helo) VALUES ("wz.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("taj-co.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("speedtouch.lan");
-INSERT INTO blacklist_helo (_helo) VALUES ("dsldevice.lan");
-INSERT INTO blacklist_helo (_helo) VALUES ("728154EA470B4AA.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("CF8D3DB045C1455.net");
-INSERT INTO blacklist_helo (_helo) VALUES ("dsgsfdg.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("se.nit7-ngbo.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("mail.goo.ne.jp");
-INSERT INTO blacklist_helo (_helo) VALUES ("n-ong_an.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("e5.il.n5tt.zj.cn");
-INSERT INTO blacklist_helo (_helo) VALUES ("meqail.teamefs-ine5tl.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("zzg.jhf-sp.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("din_glo-ng.net");
-INSERT INTO blacklist_helo (_helo) VALUES ("fda-cnc.ie.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("yrtaj-yrco.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("m.am.biz.cn");
-INSERT INTO blacklist_helo (_helo) VALUES ("xr_haig.roup.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("hjn.cn");
-INSERT INTO blacklist_helo (_helo) VALUES ("we_blf.com.cn");
-INSERT INTO blacklist_helo (_helo) VALUES ("netvigator.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("mysam.biz");
-INSERT INTO blacklist_helo (_helo) VALUES ("mail.teams-intl.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("seningbo.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("nblf.com.cn");
-INSERT INTO blacklist_helo (_helo) VALUES ("kdn.ktguide.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("zzsp.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("nblongan.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("dpu.cn");
-INSERT INTO blacklist_helo (_helo) VALUES ("mail.nbptt.zj.cn");
-INSERT INTO blacklist_helo (_helo) VALUES ("nbalton.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("cncie.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("xinhaigroup.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("5483e996d84343f.com");
-INSERT INTO blacklist_helo (_helo) VALUES ("yeah.net");

iRedMail/samples/policyd/whitelist.sql

-INSERT INTO whitelist (_whitelist,_description) VALUES ('127.%.%.%','# localhost');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('192.168.%.%','# private netblock');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('10.%.%.%','# private netblock');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('12.5.136.141','# Southwest Airlines (unique sender, no retry)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('12.5.136.142','# Southwest Airlines (unique sender, no retry)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('12.107.209.244','# kernel.org mailing lists (high traffic, unique sender per mail)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('12.107.209.250','# sourceware.org mailing lists (high traffic, unique sender per mail)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('63.82.37.110','# SLmail');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('64.7.153.18','# sentex.ca (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('64.12.137.%','# AOL (common pool) - http://postmaster.aol.com/servers/imo.html');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('64.12.138.%','# AOL (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('64.124.204.39','# moveon.org (unique sender per attempt)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('64.125.132.254','# collab.net (unique sender per attempt)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('64.233.170.%','# gmail (common server pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('65.82.241.160','# Groupwise?');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.100.210.82','# Groupwise?');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.135.209.%','# Ebay (for time critical alerts)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.135.197.%','# Ebay (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.162.216.166','# Groupwise?');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.206.22.82','# PLEXOR');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.206.22.83','# PLEXOR');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.206.22.84','# PLEXOR');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.206.22.85','# PLEXOR');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.218.66.%','# Yahoo Groups servers (common pool, no retry)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.218.67.%','# Yahoo Groups servers (common pool, no retry)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.218.69.%','# Yahoo Groups servers (common pool, no retry)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.27.51.218','# ljbtc.com (Groupwise)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.89.73.101','# Groupwise?');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('68.15.115.88','# Groupwise?');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('194.245.101.88','# Joker.com (email forwarding server)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('195.235.39.19','# Tid InfoMail Exchanger v2.20');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('195.238.2.105','# skynet.be (wierd retry pattern)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('195.238.2.124','# skynet.be (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('195.238.3.12','# skynet.be (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('195.238.3.13','# skynet.be (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('204.60.8.162','# Groupwise?');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('204.107.120.10','# Ameritrade (no retry)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('205.188.139.136','# AOL (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('205.188.139.137','# AOL (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('205.188.144.207','# AOL (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('205.188.144.208','# AOL (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('205.188.156.66','# AOL (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('205.188.157.%','# AOL (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('205.188.159.7','# AOL (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('205.206.231.%','# SecurityFocus.com (unique sender per attempt)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('205.211.164.50','# sentex.ca (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('207.115.63.%','# Prodigy (broken software that retries continually with no delay)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('207.171.168.%','# Amazon.com (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('207.171.180.%','# Amazon.com (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('207.171.187.%','# Amazon.com (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('207.171.188.%','# Amazon.com (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('207.171.190.%','# Amazon.com (common pool)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('213.136.52.31','# Mysql.com (unique sender)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('216.136.226.0','# Yahoo Mail?');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('216.157.204.5','# Groupwise?');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('217.158.50.178','# AXKit mailing list (unique sender per attempt)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('209.237.227.%','# SpamAssassin mailing list');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('66.35.250.%','# lists.sourceforge.net');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('196.25.240.%','# saix.net');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('196.4.160.%','# internet solutions (business smtp)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('196.35.77.%','# internet solutions (dialup smtp)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('196.25.69.%','# telkom');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('196.2.50.%','# mweb (dialup smtp)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('196.2.49.%','# mweb (business smtp)');
-INSERT INTO whitelist (_whitelist,_description) VALUES ('196.2.24.%','# mweb (business smtp)');
-INSERT INTO whitelist_dnsname (_whitelist,_description) VALUES ('bigfish.com','# bigfish.com has smtp servers behind multiple ips');