-Scott Everson
How to add graylisting to sendmail on Ensim 3.5 and 3.7-4.0.x for Red Hat/Fedora. I'm sure this could be tweaked for other platforms as well. This setup will only graylist by IP address and defaults to 10minutes. To change the delay time, update the options in the init.d script below.
Login as root on your box and follow the directions below.
1. Ensim sendmail does not ship with the needed libraries to compile any plug-in milters.
a) locate the version of sendmail that you are currently running:
CODE
# rpm -q sendmail
sendmail-8.12.10-1
sendmail-8.12.10-1
b) visit the sendmail site and grab the link to the tarball for that specific version.
c) download the tarball into your /tmp dir:
CODE
# cd /tmp
# wget [url="ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.12.10.tar.gz"]ftp://ftp.sendmail.org/pub/sendmail/sendm....8.12.10.tar.gz[/url]
# wget [url="ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.12.10.tar.gz"]ftp://ftp.sendmail.org/pub/sendmail/sendm....8.12.10.tar.gz[/url]
d) unpack the tarball into a temporary folder:
CODE
# tar -xzvf sendmail.8.12.10.tar.gz
e) build and install the libmilter: (** MAKE SURE YOU ONLY INSTALL libmilter **)
CODE
# cd sendmail-8.12.10/libmilter (** check your path!** )
# ./Build install
# ./Build install
2. Download and compile the latest version of graymilter:
a) visit the graymilter site and grab the link for the latest version.
b) download it:
CODE
# cd /tmp
# wget [url="http://www.acme.com/software/graymilter/graymilter-1.25.tar.gz"]http://www.acme.com/software/graymilter/gr...ter-1.25.tar.gz[/url]
# wget [url="http://www.acme.com/software/graymilter/graymilter-1.25.tar.gz"]http://www.acme.com/software/graymilter/gr...ter-1.25.tar.gz[/url]
c) unpack the tarball
CODE
# tar -xzvf graymilter-1.25.tar.gz
d) compile and install it
CODE
# cd graymilter-1.25
# make install
# make install
3. Get graymilter running
a) copy the following text into a file called /etc/init.d/graymilter
CODE
#!/bin/sh
#
# graymilter This script starts and stops the graymilter daemon
#
# chkconfig: - 80 20
#
# description: graymilter is a daemon process which delays incoming mail
# on it's first pass. Once mail has been retried, it is let
# through. It is called by sendmail.
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
# Source spamd configuration. The graytime value specifies how many seconds to wait before whitelisting an IP; 600=10 minutes
GRAYDOPTIONS="-graytime 600 unix:/var/run/graymilter.sock"
[ -f /usr/sbin/graymilter -o -f /usr/local/sbin/graymilter ] || exit 0
PATH=$PATH:/usr/sbin:/usr/local/sbin
# See how we were called.
case "$1" in
start)
# Start daemon.
echo -n "Starting graymilter: "
daemon graymilter $GRAYDOPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/graymilter
;;
stop)
# Stop daemons.
echo -n "Shutting down graymilter: "
killproc graymilter
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/graymilter
;;
restart)
$0 stop
$0 start
;;
condrestart)
[ -e /var/lock/subsys/graymilter ] && $0 restart
;;
status)
status graymilter
;;
*)
echo "Usage: $0 {start|stop|restart|status|condrestart}"
exit 1
esac
exit 0
#
# graymilter This script starts and stops the graymilter daemon
#
# chkconfig: - 80 20
#
# description: graymilter is a daemon process which delays incoming mail
# on it's first pass. Once mail has been retried, it is let
# through. It is called by sendmail.
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
# Source spamd configuration. The graytime value specifies how many seconds to wait before whitelisting an IP; 600=10 minutes
GRAYDOPTIONS="-graytime 600 unix:/var/run/graymilter.sock"
[ -f /usr/sbin/graymilter -o -f /usr/local/sbin/graymilter ] || exit 0
PATH=$PATH:/usr/sbin:/usr/local/sbin
# See how we were called.
case "$1" in
start)
# Start daemon.
echo -n "Starting graymilter: "
daemon graymilter $GRAYDOPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/graymilter
;;
stop)
# Stop daemons.
echo -n "Shutting down graymilter: "
killproc graymilter
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/graymilter
;;
restart)
$0 stop
$0 start
;;
condrestart)
[ -e /var/lock/subsys/graymilter ] && $0 restart
;;
status)
status graymilter
;;
*)
echo "Usage: $0 {start|stop|restart|status|condrestart}"
exit 1
esac
exit 0
b) enable your new script
CODE
# chmod 755 /etc/init.d/graymilter
# chkconfig --add graymilter
# chkconfig --add graymilter
c) fire up the daemon
CODE
# service graymilter start
4. Backup your existing sendmail.cf file:
For 3.5 and down:
CODE
# cp /etc/sendmail.cf /etc/sendmail.cf.bak
For 3.7 and up:
CODE
# cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.bak
5. Go to your Ensim mail configuration directory and backup the existing sendmail.mc file:
CODE
# cd /usr/lib/opcenter/sendmail/install/
# cp sendmail.mc sendmail.mc.bak
# cp sendmail.mc sendmail.mc.bak
6. Edit the sendmail.mc file with pico (or your favorite editor -- vi perhaps):
For 3.5 and down:
CODE
# pico -w sendmail.mc
For 3.7 and up if pico isn't available:
CODE
# nano -w sendmail.mc
6. Add in the following line to the bottom of the file, then save and exit:
CODE
INPUT_MAIL_FILTER(`graymilter',`S=unix:/var/run/graymilter.sock, T=S:4m;R:4m')dnl
7. In 3.7 and up only:
Go to your Appliance Administrator -> Mail Scanning
undo the "Enable mail scanning on this server" checkbox, save, and then check the "Enable mail scanning on this server" checkbox, and save
8. Rebuild the sendmail.cf file
For webppliance 3.5 and earlier:
CODE
# m4 /usr/lib/opcenter/sendmail/install/sendmail.mc > /etc/sendmail.cf
For 3.7 and up:
CODE
# m4 /usr/lib/opcenter/sendmail/install/sendmail.mc > /etc/mail/sendmail.cf
9. Restart sendmail
CODE
# service sendmail restart
10. Watch your maillog file to see graylisting at work.
CODE
# tail -f /var/log/maillog
(press CTRL-C to quit)
(press CTRL-C to quit)
11. Cleanup any mess you may have made.
a) remove the sendmail stuff from /tmp
CODE
# rm -r /tmp/sendmail-8.12.10 /tmp/sendmail.8.12.10.tar.gz
# rm -r /tmp/graymilter-1.25.tar.gz /tmp/graymilter-1.25
# rm -r /tmp/graymilter-1.25.tar.gz /tmp/graymilter-1.25