Add tumgreyspf 1.09, external policy checker for the postfix mail

server.

PR:		ports/85587
Submitted by:	Marcus Grando <marcus@corp.grupos.com.br>

mail/Makefile

@@ -510,6 +510,7 @@
     SUBDIR += tlb
     SUBDIR += tmda
     SUBDIR += tpop3d
+    SUBDIR += tumgreyspf
     SUBDIR += turba
     SUBDIR += uebimiau
     SUBDIR += up-imapproxy

mail/tumgreyspf/Makefile

@@ -0,0 +1,76 @@
+# New ports collection makefile for:	tumgreyspf
+# Date created:				31 Aug 2005
+# Whom:					Marcus Grando <marcus@corp.grupos.com.br>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	tumgreyspf
+PORTVERSION=	1.09
+CATEGORIES=	mail
+MASTER_SITES=	ftp://ftp.tummy.com/pub/tummy/tumgreyspf/
+
+MAINTAINER=	marcus@corp.grupos.com.br
+COMMENT=	External policy checker for the postfix mail server
+
+RUN_DEPENDS=	${PYTHON_SITELIBDIR}/spf.py:${PORTSDIR}/mail/py-spf
+
+USE_PYTHON=	2.1+
+NO_BUILD=	yes
+USE_REINPLACE=	yes
+
+TUMGREYSPF_DIR?=	/var/db/${PORTNAME}
+TUMGREYSPF_USER?=	nobody
+TUMGREYSPF_GROUP?=	nobody
+
+PKGMESSAGE=	${WRKSRC}/pkg-message
+PKGDEINSTALL=	${WRKDIR}/pkg-deinstall
+PKGINSTALL=	${WRKDIR}/pkg-install
+
+SUB_FILES=	pkg-message pkg-deinstall pkg-install
+SUB_LIST+=	TUMGREYSPF_DIR=${TUMGREYSPF_DIR} \
+		TUMGREYSPF_USER=${TUMGREYSPF_USER} \
+		TUMGREYSPF_GROUP=${TUMGREYSPF_GROUP}
+
+.if !defined(NOPORTDOCS)
+PORTDOCS=	*
+.endif
+
+pre-everything::
+	@${ECHO_MSG}
+	@${ECHO_MSG} "You may set following options:"
+	@${ECHO_MSG}
+	@${ECHO_MSG} "TUMGREYSPF_DIR=/var/db/${PORTNAME}	Local are used to greylist"
+	@${ECHO_MSG} "TUMGREYSPF_USER=nobody			User to run ${PORTNAME} (Default: nobody)"
+	@${ECHO_MSG} "TUMGREYSPF_GROUP=nobody			Group to run ${PORTNAME} (Default: nobody)"
+	@${ECHO_MSG}
+
+post-patch:
+	@${REINPLACE_CMD} -e "s|%%PREFIX%%|${PREFIX}|g" -e "s|%%TUMGREYSPF_DIR%%|${TUMGREYSPF_DIR}|g" \
+		${WRKSRC}/tumgreyspfsupp.py ${WRKSRC}/tumgreyspf.conf
+
+do-install:
+	${INSTALL_SCRIPT} ${WRKSRC}/tumgreyspfsupp.py ${PYTHONPREFIX_SITELIBDIR}
+	${INSTALL_SCRIPT} ${WRKSRC}/tumgreyspf ${PREFIX}/bin
+	${INSTALL_SCRIPT} ${WRKSRC}/tumgreyspf-clean ${PREFIX}/bin
+	${INSTALL_SCRIPT} ${WRKSRC}/tumgreyspf-configtest ${PREFIX}/bin
+	${INSTALL_SCRIPT} ${WRKSRC}/gentest ${PREFIX}/bin/tumgreyspf-gentest
+	${INSTALL_SCRIPT} ${WRKSRC}/tumgreyspf-stat ${PREFIX}/bin
+	${INSTALL_SCRIPT} ${WRKSRC}/tumgreyspf.conf ${PREFIX}/etc/tumgreyspf.conf.default
+.	if !exists(${PREFIX}/etc/tumgreyspf.conf)
+		${INSTALL_SCRIPT} ${WRKSRC}/tumgreyspf.conf ${PREFIX}/etc
+.	endif
+
+post-install:
+	@${MKDIR} ${DATADIR}
+	@${INSTALL_DATA} ${WRKSRC}/__default__.dist ${DATADIR}
+.if !defined(NOPORTDOCS)
+	@${MKDIR} ${DOCSDIR}
+	@${INSTALL_DATA} ${WRKSRC}/README* ${DOCSDIR}
+.endif
+	@${CAT} ${PKGMESSAGE}
+.if !defined(PACKAGE_BUILDING)
+	@${SETENV} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
+.endif
+
+.include <bsd.port.mk>

mail/tumgreyspf/distinfo

@@ -0,0 +1,2 @@
+MD5 (tumgreyspf-1.09.tar.gz) = bb27837d82297698fe1cb9f91b808fc3
+SIZE (tumgreyspf-1.09.tar.gz) = 22456

mail/tumgreyspf/files/patch-tumgreyspf

@@ -0,0 +1,10 @@
+--- tumgreyspf.orig	Wed Aug 31 21:42:35 2005
++++ tumgreyspf	Wed Aug 31 21:43:01 2005
+@@ -11,7 +11,6 @@
+ 
+ 
+ import syslog, os, sys, string, re, time, popen2, urllib, stat
+-sys.path.append('/usr/local/lib/tumgreyspf')
+ import tumgreyspfsupp
+ 
+ syslog.openlog(os.path.basename(sys.argv[0]), syslog.LOG_PID, syslog.LOG_MAIL)

mail/tumgreyspf/files/patch-tumgreyspf-clean

@@ -0,0 +1,10 @@
+--- tumgreyspf-clean.orig	Wed Aug 31 21:43:32 2005
++++ tumgreyspf-clean	Wed Aug 31 21:43:48 2005
+@@ -8,7 +8,6 @@
+ #  <jafo@tummy.com>
+ 
+ import os, re, string, syslog, sys, time
+-sys.path.append('/usr/local/lib/tumgreyspf')
+ import tumgreyspfsupp
+ 
+ ###################

mail/tumgreyspf/files/patch-tumgreyspf-stat

@@ -0,0 +1,10 @@
+--- tumgreyspf-stat.orig	Wed Aug 31 21:44:32 2005
++++ tumgreyspf-stat	Wed Aug 31 21:44:42 2005
+@@ -7,7 +7,6 @@
+ #  <jafo@tummy.com>
+ 
+ import os, re, string, syslog, sys, time
+-sys.path.append('/usr/local/lib/tumgreyspf')
+ import tumgreyspfsupp
+ 
+ ###################

mail/tumgreyspf/files/patch-tumgreyspf.conf

@@ -0,0 +1,25 @@
+--- tumgreyspf.conf.orig	Wed Aug 31 22:23:05 2005
++++ tumgreyspf.conf	Wed Aug 31 22:23:57 2005
+@@ -15,18 +15,18 @@
+ #  Path to the directory-based configuration.  This can be used to override
+ #  the configuration values for certain remote hosts, senders or
+ #  recipients.
+-configPath = 'file:///var/local/lib/tumgreyspf/config'
++configPath = 'file:///%%TUMGREYSPF_DIR%%/config'
+ 
+ #  Directory where the greylist resides.
+-greylistDir = '/var/local/lib/tumgreyspf/data'
++greylistDir = '%%TUMGREYSPF_DIR%%/data'
+ 
+ #  Path to the program used for greylist checking.  This can either be the
+ #  perl version available from http://spf.pobox.com/ or the
+ #  "spfquery-static" program built from libspf2, also available from
+ #  http://spf.pobox.com/
+-spfqueryPath = '/usr/local/lib/tumgreyspf/spfquery'
++spfqueryPath = '%%PREFIX%%/bin/spfquery'
+ 
+ #  Directory where the blackhole information goes.  "ips" sub-directory
+ #  contains IPs that have touched us with a bad address.  "addresses"
+ #  sub-directory has a file per address named after the bad addresses.
+-blackholeDir = '/var/lib/tumgreyspf/blackhole'
++blackholeDir = '%%TUMGREYSPF_DIR%%/blackhole'

mail/tumgreyspf/files/patch-tumgreyspfsupp.py

@@ -0,0 +1,23 @@
+--- tumgreyspfsupp.py.orig	Wed Aug 31 21:39:42 2005
++++ tumgreyspfsupp.py	Wed Aug 31 21:41:24 2005
+@@ -10,15 +10,15 @@
+ 
+ 
+ #  default values
+-defaultConfigFilename = '/var/local/tumgreyspf/config/tumgreyspf.conf'
++defaultConfigFilename = '%%PREFIX%%/etc/tumgreyspf.conf'
+ defaultConfigData = {
+ 		'debugLevel' : 0,
+ 		'defaultSeedOnly' : 0,
+ 		'defaultAllowTime' : 600,
+-		'configPath' : 'file:///var/local/lib/tumgreyspf/config',
+-		'greylistDir' : '/var/local/lib/tumgreyspf/data',
+-		'blackholeDir' : '/var/local/lib/tumgreyspf/blackhole',
+-		'spfqueryPath' : '/usr/local/lib/tumgreyspf/spfquery',
++		'configPath' : 'file:///%%TUMGREYSPF_DIR%%/config',
++		'greylistDir' : '%%TUMGREYSPF_DIR%%/data',
++		'blackholeDir' : '%%TUMGREYSPF_DIR%%/blackhole',
++		'spfqueryPath' : '%%PREFIX%%/bin/spfquery',
+ 		}
+ 
+ 

mail/tumgreyspf/files/pkg-deinstall.in

@@ -0,0 +1,21 @@
+#!/bin/sh
+
+case "$2" in
+	DEINSTALL)
+		if cmp -s %%DATADIR%%/__default__.dist %%TUMGREYSPF_DIR%%/config/__default__; then
+			rm %%TUMGREYSPF_DIR%%/config/__default__ 2>/dev/null
+		fi
+		rmdir %%TUMGREYSPF_DIR%%/config 2>/dev/null
+		rmdir %%TUMGREYSPF_DIR%%/data 2>/dev/null
+		rmdir %%TUMGREYSPF_DIR%% 2>/dev/null
+		if [ -d %%TUMGREYSPF_DIR%% ]; then
+			echo ""
+			echo "If you are deinstalling completely tumgreyspf, run:"
+			echo ""
+			echo "# rm -rf %%TUMGREYSPF_DIR%%"
+			echo ""
+		fi
+		;;
+	*)
+		;;
+esac

mail/tumgreyspf/files/pkg-install.in

@@ -0,0 +1,15 @@
+#!/bin/sh
+
+case "$2" in
+	POST-INSTALL)
+		echo "===> Create %%TUMGREYSPF_DIR%% directories"
+		install -d -o %%TUMGREYSPF_USER%% -g %%TUMGREYSPF_GROUP%% -m 755 %%TUMGREYSPF_DIR%%
+		install -d -o %%TUMGREYSPF_USER%% -g %%TUMGREYSPF_GROUP%% -m 700 %%TUMGREYSPF_DIR%%/data
+		install -d -m 755 %%TUMGREYSPF_DIR%%/config
+		if [ ! -f %%TUMGREYSPF_DIR%%/config/__default__ ]; then
+			install %%DATADIR%%/__default__.dist %%TUMGREYSPF_DIR%%/config/__default__
+		fi
+		;;
+	*)
+		;;
+esac

mail/tumgreyspf/files/pkg-message.in

@@ -0,0 +1,32 @@
+#
+# To configure Postfix
+#
+
+Add to your postfix master.cf:
+
+tumgreyspf  unix  -       n       n       -       -       spawn
+	user=%%TUMGREYSPF_USER%% argv=%%PREFIX%%/bin/tumgreyspf
+      
+Next, main.cf must be configured so that "smtpd_sender_restrictions"
+includes a call to the tumgreyspf policy filter.  If you already have
+a "smtpd_sender_restrictions" line(s), you can add the following line
+anywhere after the line which reads "reject_unauth_destination".
+         
+check_policy_service unix:private/tumgreyspf
+         
+WARNING: It's very important that you have
+"reject_unauth_destination" before the "check_policy_service".  If
+you do not, your system may be an open relay.
+         
+So, for example, a minimal "smtpd_sender_restrictions" may look like:
+
+smtpd_sender_restrictions = reject_unauth_destination,
+                            check_policy_service unix:private/tumgreyspf
+
+You will also need to have a line in the main.cf which reads:
+
+tumgreyspf_time_limit = 3600
+
+Please consult the postfix documentation for more information on
+these and other settings you may wish to have in the
+"smtpd_recipient_restrictions" configuration.

mail/tumgreyspf/pkg-descr

@@ -0,0 +1,17 @@
+Tumgreyspf, an external policy checker for the postfix mail
+server. It can optionally greylist and/or use spfquery to 
+check SPF records to determine if email should be accepted 
+by your server.
+
+Because of it's design, legitimate e-mail is never trapped 
+or rejected. Only spam and viruses are caught. Since adding 
+it to our mail server (which also uses Spam Assassin, ClamAV, 
+and an outsourced anti-spam system), our spam level has 
+dropped by an order of magnitude.
+
+It uses the file-system as it's database, no additional 
+database is required to use it. 
+
+WWW: http://www.tummy.com/Community/software/tumgreyspf/
+
+Marcus Grando <marcus@corp.grupos.com.br>

mail/tumgreyspf/pkg-plist

@@ -0,0 +1,10 @@
+@unexec if cmp -s %D/etc/tumgreyspf.conf.default %D/etc/tumgreyspf.conf; then rm -f %D/etc/tumgreyspf.conf; fi
+etc/tumgreyspf.conf.default
+bin/tumgreyspf
+bin/tumgreyspf-clean
+bin/tumgreyspf-configtest
+bin/tumgreyspf-gentest
+bin/tumgreyspf-stat
+%%PYTHON_SITELIBDIR%%/tumgreyspfsupp.py
+%%DATADIR%%/__default__.dist
+@dirrm %%DATADIR%%