--- rpms/smeserver-qpsmtpd/sme9/smeserver-qpsmtpd.spec 2013/02/07 22:39:35 1.1 +++ rpms/smeserver-qpsmtpd/sme9/smeserver-qpsmtpd.spec 2017/08/03 13:50:08 1.40 @@ -1,23 +1,66 @@ -# $Id: smeserver-qpsmtpd.spec,v 1.39 2012/07/19 05:57:12 wellsi Exp $ +# $Id: smeserver-qpsmtpd.spec,v 1.39 2017/05/20 11:14:10 vip-ire Exp $ Summary: SME Server qpsmtpd module %define name smeserver-qpsmtpd Name: %{name} %define version 2.4.0 -%define release 1 +%define release 38 Version: %{version} Release: %{release}%{?dist} License: GPL Group: Networking/Daemons Source: %{name}-%{version}.tar.xz +Patch1: smeserver-qpsmtpd-2.4.0-spamassassin_size_limit.patch +Patch2: smeserver-qpsmtpd-2.4.0-initialize_size.patch +Patch3: smeserver-qpsmtpd-2.4.0-ciphers-update.patch +Patch4: smeserver-qpsmtpd-2.4.0-RBLSBLupdate.patch +Patch5: smeserver-qpsmtpd-2.4.0-remove_databytes.patch +Patch6: smeserver-qpsmtpd-2.4.0-ahbl-patch +Patch7: smeserver-qpsmtpd-2.4.0-allow_relayclients_wo_authentications.patch +Patch8: smeserver-qpsmtpd-2.4.0-add_domain_to_bcc_user.patch +Patch9: smeserver-qpsmtpd-2.4.0-ssl_proto_from_db.patch +Patch10: smeserver-qpsmtpd-2.4.0-ssl_update.patch +Patch11: smeserver-qpsmtpd-2.4.0-compat_with_0.96.patch +Patch12: smeserver-qpsmtpd-2.4.0-helo_default_to_rfc.patch +Patch13: smeserver-qpsmtpd-2.4.0-remove_obsolete_badrcptto_pattern_conf.patch +Patch14: smeserver-qpsmtpd-2.4.0-dhparam.patch +Patch15: smeserver-qpsmtpd-2.4.0-karma.patch +Patch16: smeserver-qpsmtpd-2.4.0-loadcheck.patch +Patch17: smeserver-qpsmtpd-2.4.0-use_clamdscan_plugin.patch +Patch18: smeserver-qpsmtpd-2.4.0-change_rbl_sbl_list_separator.patch +Patch19: smeserver-qpsmtpd-2.4.0-add_uribl_support.patch +Patch20: smeserver-qpsmtpd-2.4.0-use_naughty_plugin.patch +Patch21: smeserver-qpsmtpd-2.4.0-bogus_bounce.patch +Patch22: smeserver-qpsmtpd-2.4.0-external_badrcptto.patch +Patch23: smeserver-qpsmtpd-2.4.0-inbound_spf.patch +Patch24: smeserver-qpsmtpd-2.4.0-inbound_dkim.patch +Patch25: smeserver-qpsmtpd-2.4.0-inbound_dmarc.patch +Patch26: smeserver-qpsmtpd-2.4.0-dkim_signing.patch +Patch27: smeserver-qpsmtpd-2.4.0-init_dmarc_report_db.patch +Patch28: smeserver-qpsmtpd-2.4.0-dmarc_settings_bool.patch +Patch29: smeserver-qpsmtpd-2.4.0-dmarc_reporting.patch +Patch30: smeserver-qpsmtpd-2.4.0-spf_reject_policy.patch +Patch31: smeserver-qpsmtpd-2.4.0-PERMS.patch +Patch32: smeserver-qpsmtpd-2.4.0-fix_syntax_in_print_dns.patch +Patch33: smeserver-qpsmtpd-2.4.0-set_dkim_option_after_key.patch +Patch34: smeserver-qpsmtpd-2.4.0-remove_o_and_r_dkim_fields.patch +Patch35: smeserver-qpsmtpd-2.4.0-fix_disabling_dmarc_reports.patch +Patch36: smeserver-qpsmtpd-2.4.0-spf_and_dmarc_reject_off.patch +Patch37: smeserver-qpsmtpd-2.4.0-default_helo_policy_lenient.patch +Patch38: smeserver-qpsmtpd-2.6.0-disable_dmarc_report.patch +Patch39: smeserver-qpsmtpd-2.6.0-log_dmarc_send_reports_output.patch BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot -Requires: qpsmtpd >= 0.83 +Requires: qpsmtpd >= 0.96 +Requires: perl(ClamAV::Client) Requires: perl(Mail::DKIM) Requires: perl(Mail::DKIM::DkSignature) +Requires: perl(Mail::DMARC) +Requires: perl(DBD::SQLite) Requires: daemontools Requires: qpsmtpd-plugins >= 0.0.1-sme04 Requires: ipsvd Requires: e-smith-lib >= 1.16.0-08 +Requires: e-smith-cvm-unix-local Obsoletes: e-smith-obtuse-smtpd Obsoletes: e-smith-qmail-smtpd Obsoletes: e-smith-mailfront @@ -32,6 +75,7 @@ Requires: perl-Convert-TNEF Requires: perl-IO-stringy Requires: perl-File-MMagic Requires: perl-MIME-tools +Conflicts: smeserver-wbl < 0.3.0-14 BuildArchitectures: noarch BuildRequires: e-smith-devtools AutoReqProv: no @@ -40,6 +84,131 @@ AutoReqProv: no SME Server qpsmtpd smtpd module %changelog +* Thu Aug 3 2017 Daniel Berteaud 2.4.0-38.sme +- Log DMARC reporting in syslog instead of sending email to the admin. + Also suppress SSL connection failed warnings [SME: 10401] + +* Sat May 20 2017 Daniel Berteaud 2.4.0-37.sme +- Turn DMARC reporting off by default [SME: 10320] + +* Sat May 06 2017 Jean-Philipe Pialasse 2.4.0-36.sme +- prevent incoming email to stop if smeserver-wbl is installed and not updated [SME: 10276] + +* Mon Feb 27 2017 Jean-Philipe Pialasse 2.4.0-34.sme +- updated regex for SBList in smeserver-qpsmtpd-2.4.0-change_rbl_sbl_list_separator.patch +- to take into account list using a subdomain [SME: 10116] +- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday, + by assuming the date is correct and changing the weekday. + Thu May 11 2005 --> Thu May 05 2005 or Wed May 11 2005 or Thu May 12 2005 or .... + Sun Sep 25 2010 --> Sun Sep 19 2010 or Sat Sep 25 2010 or Sun Sep 26 2010 or .... + +* Tue Sep 13 2016 Daniel Berteaud 2.4.0-32.sme +- Set the default helo policy to lenient [SME: 9767] + +* Tue Jul 12 2016 Daniel Berteaud 2.4.0-31.sme +- Turn SPF and DMARC rejects off by default [SME: 9654] + +* Fri Jun 17 2016 Daniel Berteaud 2.4.0-30.sme +- Fix disabling DMARC reporting [SME: 9507] + +* Tue May 24 2016 Daniel Berteaud 2.4.0-29.sme +- Remove o and r DKIM fields as they are not standard [SME: 9506] + +* Mon May 16 2016 Daniel Berteaud 2.4.0-28.sme +- In qpsmtpd-print-dns set DKIM options after the public key so the string + will still be splitted correctly [SME: 9506] + +* Sat May 7 2016 Daniel Berteaud 2.4.0-27.sme +- Fix a syntax error in the qpsmtpd-print-dns script [SME: 9507] + +* Sat May 7 2016 Daniel Berteaud 2.4.0-26.sme +- Remove warning about spool dir permission on startup [SME: 9511] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-25.sme +- Add missing patch for DKIM signing [SME: 9506] +- Create needed directories [SME: 9507] +- Add missing run time dependency on perl(DBD::SQLite) [SME: 9507] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-24.sme +- Check SPF for inbound emails [SME: 9505] +- Check DKIM for inbound emails [SME: 9504] +- Check DMARC for inbound emails (based on the previous SPF and DKIM checks) + [SME: 9507] +- Store and send DMARC aggregate reports [SME: 9507] +- Support DKIM signing for outbound emails [SME: 9506] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-23.sme +- Use an additional badrcptto file list for external connections so + local only pseudonymes work as expected [SME: 9503] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-22.sme +- Enable the bogus_bounce plugin [SME: 9501] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-21.sme +- Use the naughty plugin to defer rejections, leaving users an opportunity + to authenticate [SME: 9500] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-20.sme +- Add support for the uribl plugin [SME: 9499] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-19.sme +- Change separator for SBList and RBLlist from : to , [SME: 9498] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-18.sme +- Switch to the clamdscan plugin [SME: 9497] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-17.sme +- Enabe the loadcheck plugin [SME: 9508] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-16.sme +- Add support for the karma plugin [SME: 9502] + +* Fri May 6 2016 Daniel Berteaud 2.4.0-15.sme +- Work with qpsmtpd 0.96 [SME: 8861] + +* Wed Jan 13 2016 Daniel Berteaud 2.4.0-14.sme +- Expand all ssl related conf in ssl-update [SME: 9152] + +* Tue Jan 12 2016 Daniel Berteaud 2.4.0-13.sme +- Hook into a new ssl-update event [SME: 9152] + +* Thu Jan 7 2016 Daniel Berteaud 2.4.0-12.sme +- Allow setting SSL protocols from DB [SME: 9162] + +* Thu Aug 6 2015 Daniel Berteaud 2.4.0-11.sme +- Add domain part to bcc user if missing [SME: 8990] + +* Wed Dec 3 2014 stephane de Labrusse 2.4.0-10.sme +- allow IP relayclient stored by DB [SME: 8704] +- Code from Stefano ZAmboni +- & Charlie Brady + +* Tue Dec 2 2014 stephane de Labrusse 2.4.0-9.sme +- allow IP relayclient stored by DB [SME: 8704] +- Code from Stefano ZAmboni + +* Tue May 6 2014 Ian Wells 2.4.0-8.sme +- Remove dnsbl.ahbl.org RBL List [SME: 8368] + +* Tue Apr 15 2014 Ian Wells 2.4.0-7.sme +- Remove the databytes file from qpsmtpd config [SME: 8329] + +* Tue Apr 15 2014 Ian Wells 2.4.0-6.sme +- Update SBL and RBL Lists [SME: 8236] + +* Tue Jan 28 2014 Ian Wells 2.4.0-5.sme +- Remove insecure ciphers [SME: 8138] + +* Fri Jun 14 2013 Daniel Berteaud 2.4.0-4 +- Fix size_limit initialization [SME: 7671] + +* Wed Apr 24 2013 Daniel Berteaud 2.4.0-3 +- reads MaxMessageSize prop of spamassassin and adds it + to the arguments of the plugin if defined [SME: 7559] + +* Wed Apr 10 2013 Daniel Berteaud 2.4.0-2 +- Requires e-smith-cvm-unix-local [SME: 7509] + * Thu Feb 7 2013 Shad L. Lords 2.4.0-1 - Roll new stream for sme9 @@ -61,10 +230,12 @@ SME Server qpsmtpd smtpd module * Fri Oct 1 2010 Daniel Berteaud 2.2.0-10.sme - Fix RelayRequiresAuth for local network [SME: 5575] -* Sun Sep 25 2010 Shad L. Lords 2.2.0-9.sme +* Sat Sep 25 2010 Shad L. Lords 2.2.0-9.sme + Sun Sep 25 2010 --> Sun Sep 19 2010 or Sat Sep 25 2010 or Sun Sep 26 2010 or .... - Make tls ciphers configurable [SME: 6241] -* Sun Sep 25 2010 Shad L. Lords 2.2.0-8.sme +* Sat Sep 25 2010 Shad L. Lords 2.2.0-8.sme + Sun Sep 25 2010 --> Sun Sep 19 2010 or Sat Sep 25 2010 or Sun Sep 26 2010 or .... - Require auth for all relays (local too) [SME: 5575] * Sat Jun 5 2010 Ian Wells 2.2.0-7.sme @@ -568,16 +739,19 @@ SME Server qpsmtpd smtpd module - Make sure that empty templates-begin files exist in peers/{0,local} templates directories. -* Thu May 11 2005 Gordon Rowell +* Wed May 11 2005 Gordon Rowell + Thu May 11 2005 --> Thu May 05 2005 or Wed May 11 2005 or Thu May 12 2005 or .... - [0.0.4-12] - Fix up config/relayclients - need a dot after network blocks -* Thu May 11 2005 Gordon Rowell +* Wed May 11 2005 Gordon Rowell + Thu May 11 2005 --> Thu May 05 2005 or Wed May 11 2005 or Thu May 12 2005 or .... - [0.0.4-11] - Also regenerate goodrcptto in {user,pseudonym}-modify, since details about the account may have changed -* Thu May 11 2005 Gordon Rowell +* Wed May 11 2005 Gordon Rowell + Thu May 11 2005 --> Thu May 05 2005 or Wed May 11 2005 or Thu May 12 2005 or .... - [0.0.4-10] - Actually regenerate goodrcptto in the events mentioned in 0.0.3-01 (typo in createlinks) @@ -679,20 +853,70 @@ SME Server qpsmtpd smtpd module %prep %setup +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 +%patch17 -p1 +%patch18 -p1 +%patch19 -p1 +%patch20 -p1 +%patch21 -p1 +%patch22 -p1 +%patch23 -p1 +%patch24 -p1 +%patch25 -p1 +%patch26 -p1 +%patch27 -p1 +%patch28 -p1 +%patch29 -p1 +%patch30 -p1 +%patch31 -p1 +%patch32 -p1 +%patch33 -p1 +%patch34 -p1 +%patch35 -p1 +%patch36 -p1 +%patch37 -p1 +%patch38 -p1 +%patch39 -p1 %build perl createlinks +mkdir -p root/var/lib/qpsmtpd/karma +mkdir -p root/var/lib/qpsmtpd/dmarc +mkdir -p root/home/e-smith/dkim_keys/default +mkdir -p root/var/service/qpsmtpd/config/dkim + PEERS_CONFIG=root/etc/e-smith/templates/var/service/qpsmtpd/config/peers mkdir -p $PEERS_CONFIG/0 mkdir -p $PEERS_CONFIG/local DISABLE_LOCAL=" -10check_earlytalker +09karma +10earlytalker 12count_unrecognized_commands -16require_resolvable_fromhost +15helo +16resolvable_fromhost +19loadcheck 20rhsbl 22dnsbl +221spf +223dmarc +34badrcptto_ext 70spamassassin " @@ -702,6 +926,7 @@ do done DISABLE_EXTERNAL=" +34badrcptto 65disclaimer " @@ -751,6 +976,10 @@ rm -f %{name}-%{version}-%{release}-file \ --file /var/service/sqpsmtpd/sqpsmtpd "attr(0755,root,root)" \ --dir /var/spool/qpsmtpd "attr(2750,qpsmtpd,clamav)" \ + --dir /var/lib/qpsmtpd/karma "attr(2750,qpsmtpd,qpsmtpd)" \ + --dir /var/lib/qpsmtpd/dmarc "attr(2750,qpsmtpd,qpsmtpd)" \ + --dir /home/e-smith/dkim_keys "attr(2750,root,qpsmtpd)" \ + --dir /var/service/qpsmtpd/config/dkim "attr(2750,qpsmtpd,qpsmtpd)" \ \ --file /usr/local/bin/qplogsumm.pl "attr(0755,root,root)" \ > %{name}-%{version}-%{release}-filelist