Date: Sun, 11 Feb 2007 10:28:38 +0900 (WST) From: Dean Hollister <dean@odyssey.apana.org.au> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/109039: Upgraded Port: mail/dcc-dccd to 1.3.50 Message-ID: <200702110128.KAA98051@odyssey.apana.org.au> Resent-Message-ID: <200702110210.l1B2A6Nh044895@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 109039
>Category: ports
>Synopsis: Upgraded Port: mail/dcc-dccd to 1.3.50
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Sun Feb 11 02:10:06 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Dean Hollister
>Release: FreeBSD 4.11-STABLE i386
>Organization:
Australian Public Access Network Association Inc
>Environment:
System: FreeBSD odyssey.apana.org.au 4.11-STABLE FreeBSD 4.11-STABLE #0: Sun Sep 3 11:41:09 WST 2006 root@odyssey.apana.org.au:/usr/src/sys/compile/ODYSSEY i386
>Description:
Upgraded Port: mail/dcc-dccd to 1.3.50
Changes in this release:
o Make "option forced-discard-nok" in /var/dcc/whiteclnt the default for
dccm as well as dccifd in proxy mode.
o Add whiteclnt type of IP address entry "submit".
It is intended to be applied to the IP addresses of SMTP submission
clients such as web browsers that cannot tolerate 4yz temporary
rejections of mail, but that cannot be trusted to not send spam.
o Let body and reputation checksum thresholds be set in the global and
per-user whiteclnt files. "Never" is a valid threshold and turns
off rejections for a checksum.
o Overhaul proof of concept per-user whiteclnt CGI scripts to handle
per-user checksum thresholds.
o Rationalize /var/dcc/libexec/dcc-stats-graph -tTITLE
o Fix bugs with -eNEVER and -Enever in dbclean.
o Add "submit" to "mx" and "mxdcc" values for IP addresses whiteclnt files
to mark SMTP clients that are submitting new messages and that
do not understand 4yz rejections for individual recipients.
o Fix dccifd crash on bogus long recipient names.
o /var/dcc/libexec/fetchblack is not as noisy when the sources of the
public DCC server blacklist are down for long periods.
o Limit the database window to less than 2 GBytes on all 32-bit systems
including Solaris. Previous versions assumed that Solaris would
do the right thing if it allowed large files.
o Fix bugs in the "skipping asking DCC server" mechanism that made it
too forgiving.
o Remove the `dccd -t` thresholds in favor of simple constants.
o Dccm, dccifd, and dccproc now emit X-DCC headers for locally white-
and blacklisted messages even when no DCC server responds.
o Automatically compensate for incompatibility in newer versions of
rrdtool.
o Increase the computed limit on `dccm -j` by not dedicating two FDs
to each thread for per-user log files but instead doing some locking.
o Fix memory leak in dccm and dccifd when DNSBLs (-B) are used.
o Improve performance on current UNIX-like systems that have madvise()
with large DCC server databases.
o Mention the "incompatible whitelists" message in the FAQ.
o Do not greylist mail from SMTP submission clients marked by
"submit IP" lines in /var/dcc/whiteclnt.
o Stop race with idle DNSBL helper processes.
o More adjustments to help deal with large databases.
o Change header checksums to ignore all instead of only some occurrences
characters matching [<>'"]
o Dccm uses SMFIP_RCPT_REJ in sendmail 8.14 to detect dictionary attacks
and adjust the DCC Reputation of attackers.
o Fix a very rare infinite loop in the MIME decoding code in DCC clients.
o Add "option log-subdirectory-{day,hour,minute}" to whiteclnt files
to create per-user log files in subdirectories like the subdirectories
used for /var/dcc/log with dccm, dccifd, and dccproc -l.
o Detect too-small file size resource limits in dccd and dbclean.
o Compile with -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64.
o Add dccm and dccifd -Bset:maxjobs=X.
o Fix printf(null) crash in dccifd acting as a proxy for CommuniGate.
o Remove support for external filters as part of the fix for the
thundering herd problem in `dccm -B`.
o Check NS IP addresses in DNS blacklists (DNSBLs) before MX IP addresses
for dccproc, dccifd, and dccm -B.
o Fix `dccm -tsubstitute...` problem.
o Significantly improve speed on large FreeBSD DCC servers.
o Make dbclean automatic -e/-E adjustments much more stable to
significantly help DCC servers on Mondays and Tuesdays.
o Fix bad Body and missing Fuz1 and Fuz2 checksums for dccifd and dccm
when previous messages had bad MIME encapsulation.
o Turn off automatic generation of 64-bit DCC servers.
o Change dbclean to use a dccd optimization and be faster on FreeBSD
systems that have less that 4 GByte of RAM.
o Set the GID of dccifd, dccm, and dccproc log files and subdirectory
to be the same as the parent directory if running as root and
if necessary.
o Fix client random selection of public DCC servers.
/var/dcc/blacklist also affects flooding peers.
o Implement FreeBSD specific rc.d startup script, as submitted by
Ken Menzel.
>How-To-Repeat:
>Fix:
diff -ruN dcc-dccd.orig/Makefile dcc-dccd/Makefile
--- dcc-dccd.orig/Makefile Wed Aug 2 20:59:03 2006
+++ dcc-dccd/Makefile Sun Feb 11 09:54:18 2007
@@ -6,7 +6,7 @@
#
PORTNAME= dcc-dccd
-PORTVERSION= 1.3.42
+PORTVERSION= 1.3.50
CATEGORIES= mail
MASTER_SITES= http://www.rhyolite.com/anti-spam/dcc/source/ \
http://www.wa.apana.org.au/~dean/sources/
@@ -107,6 +107,8 @@
${SH} ${PKGINSTALL} ${PREFIX} PRE-INSTALL
post-install:
+ ${INSTALL} -o root -g wheel -m 644 ${MASTERDIR}/files/dcc-start.sh.dist ${PREFIX}/etc/rc.d
+
.if !exists(${PREFIX}/dcc/map)
${CP} ${PREFIX}/dcc/map ${PREFIX}/dcc/map.dist
@${CHOWN} ${DCCUSER} ${PREFIX}/dcc/map.dist
diff -ruN dcc-dccd.orig/distinfo dcc-dccd/distinfo
--- dcc-dccd.orig/distinfo Wed Aug 2 20:59:03 2006
+++ dcc-dccd/distinfo Sun Feb 11 08:58:37 2007
@@ -1,3 +1,3 @@
-MD5 (dcc-dccd-1.3.42.tar.Z) = 47d023c6d96f0f8fa7910425b1e76459
-SHA256 (dcc-dccd-1.3.42.tar.Z) = 2544815d2fab2c913f3d8ca8bf1fe8ec247c50837a138998d86f708cf696a20b
-SIZE (dcc-dccd-1.3.42.tar.Z) = 1424267
+MD5 (dcc-dccd-1.3.50.tar.Z) = 4306df4a05d04f926995ddc0c1d480e1
+SHA256 (dcc-dccd-1.3.50.tar.Z) = 942c9be56f3ff765b524e6c49d85dd84aa4a22c1514afe096d34e246cbf6cc21
+SIZE (dcc-dccd-1.3.50.tar.Z) = 1448485
diff -ruN dcc-dccd.orig/files/dcc-start.sh.dist dcc-dccd/files/dcc-start.sh.dist
--- dcc-dccd.orig/files/dcc-start.sh.dist Thu Jan 1 08:00:00 1970
+++ dcc-dccd/files/dcc-start.sh.dist Sun Feb 11 09:42:57 2007
@@ -0,0 +1,57 @@
+#!/bin/sh
+#
+# PROVIDE: dccifd
+# REQUIRE: LOGIN
+# BEFORE: mail
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable dccifd:
+#
+#dccifd_enable="YES"
+#
+# See dccifd(8) for flags
+#
+
+. /etc/rc.subr
+
+name=dccifd
+rcvar=`set_rcvar`
+
+load_rc_config $name
+
+# Set defaults
+: ${dccifd_enable:="NO"}
+: ${dccifd_flags=""}
+: ${dccifd_home="/usr/local/dcc"}
+: ${dccifd_conf="$dccifd_home/dcc_conf"}
+
+
+pidfile=${dccifd_pidfile:-"/var/run/dccifd.pid"}
+command="${dccifd_home}/libexec/start-dccifd"
+procname="${dccifd_home}/libexec/dccifd"
+required_dirs="$dccifd_home"
+required_files="${dccifd_conf}"
+
+stop_postcmd="stop_postcmd"
+start_precmd="start_precmd"
+
+
+stop_postcmd()
+{
+ rm -f $pidfile
+}
+
+start_precmd()
+{
+X=`grep DCCIFD_ENABLE ${dccifd_conf}`
+eval $X
+if [ "$DCCIFD_ENABLE" != "on" ]
+then
+ echo "Warning ${X} needs to be on in ${dccifd_conf}"
+ return 1
+fi
+}
+
+run_rc_command "$1"
+
diff -ruN dcc-dccd.orig/files/patch-cgi-bin::Makefile.in dcc-dccd/files/patch-cgi-bin::Makefile.in
--- dcc-dccd.orig/files/patch-cgi-bin::Makefile.in Thu Jan 1 08:00:00 1970
+++ dcc-dccd/files/patch-cgi-bin::Makefile.in Sun Feb 11 09:59:28 2007
@@ -0,0 +1,11 @@
+--- cgi-bin/Makefile.in.orig Sun Feb 11 09:58:09 2007
++++ cgi-bin/Makefile.in Sun Feb 11 09:58:30 2007
+@@ -60,7 +60,7 @@
+ -m 644 -c $$NM $(INST_BINDIR)/$$NM; done
+ for NM in $(LOCFILES); do \
+ if test ! -f $(INST_BINDIR)/$$NM; then \
+- $(INSTALL) $(SET_BINOWN) -m 644 -c $$NM $(INST_BINDIR)/$$NM; \
++ $(INSTALL) $(SET_BINOWN) -m 644 -c $$NM $(INST_BINDIR)/$$NM.dist; \
+ fi; done
+
+ deinstall:
diff -ruN dcc-dccd.orig/files/patch-homedir::Makefile.in dcc-dccd/files/patch-homedir::Makefile.in
--- dcc-dccd.orig/files/patch-homedir::Makefile.in Fri Mar 3 17:09:23 2006
+++ dcc-dccd/files/patch-homedir::Makefile.in Sun Feb 11 09:25:53 2007
@@ -1,37 +1,33 @@
---- homedir/Makefile.in.orig Thu Sep 8 09:57:07 2005
-+++ homedir/Makefile.in Wed Mar 1 07:39:11 2006
-@@ -51,15 +51,11 @@
- $(HINSTALL) -m 755 -d $(INST_HOMEDIR); fi
- if test ! -d $(INST_HOMEDIR)/log; then \
- $(HINSTALL) -m 710 -d $(INST_HOMEDIR)/log; fi
-- if test -s $(INST_HOMEDIR)/dcc_conf; then \
-- sh make-dcc_conf -h $(INST_HOMEDIR); \
-- else \
-- $(HINSTALL) -m 644 dcc_conf $(INST_HOMEDIR)/dcc_conf; \
+--- homedir/Makefile.in.orig Sun Feb 11 09:05:45 2007
++++ homedir/Makefile.in Sun Feb 11 09:07:59 2007
+@@ -57,23 +57,19 @@
+ $(HINST) -m 755 -d $(DIR); fi
+ if test ! -d $(DIR)/log; then\
+ $(HINST) -m 710 -d $(DIR)/log; fi
+- if test -s $(DIR)/dcc_conf; then\
+- sh make-dcc_conf -h $(DIR);\
+- else\
+- $(HINST) -m 644 dcc_conf $(DIR)/dcc_conf;\
- fi
-+ $(HINSTALL) -m 644 dcc_conf $(INST_HOMEDIR)/dcc_conf.dist; \
- for nm in flod grey_flod whitelist grey_whitelist \
- whiteclnt whitecommon; do \
- if test ! -f $(INST_HOMEDIR)/$$nm; then \
-- $(HINSTALL) -m 644 $$nm $(INST_HOMEDIR)/$$nm; fi; \
-+ $(HINSTALL) -m 644 $$nm $(INST_HOMEDIR)/$$nm.dist; fi; \
- done
- @if test ! -f $(INST_HOMEDIR)/ids \
- -a ! -f $(INST_HOMEDIR)/map \
-@@ -67,11 +63,11 @@
- PASSWD1=`ps|cksum|tr ' ' 'xy'`; \
- PASSWD2=`ps|cksum|tr ' ' 'yx'`; \
- umask 077; \
-- sed -e "s/secret1/$$PASSWD1/" map.txt >$(INST_HOMEDIR)/map.txt; \
-+ sed -e "s/secret1/$$PASSWD1/" map.txt >$(INST_HOMEDIR)/map.txt.dist; \
- sed -e "s/secret1/$$PASSWD1/" -e "s/secret2/$$PASSWD2/" ids \
-- >$(INST_HOMEDIR)/ids; \
-+ >$(INST_HOMEDIR)/ids.dist; \
- ${DEPTH}/cdcc/cdcc -qh $(INST_HOMEDIR) 'new map; load -' \
-- <$(INST_HOMEDIR)/map.txt >/dev/null; \
-- set +e; chown $(DCC_SUID) $(INST_HOMEDIR)/map.txt \
-- $(INST_HOMEDIR)/map $(INST_HOMEDIR)/ids; \
-+ <$(INST_HOMEDIR)/map.txt.dist >/dev/null; \
-+ set +e; chown $(DCC_SUID) $(INST_HOMEDIR)/map.txt.dist \
-+ $(INST_HOMEDIR)/map $(INST_HOMEDIR)/ids.dist; \
++ $(INSTALL) -m 644 dcc_conf $(DIR)/dcc_conf.dist; \
+ for nm in flod grey_flod whitelist grey_whitelist\
+ whiteclnt whitecommon; do\
+ if test ! -f $(DIR)/$$nm; then\
+- $(HINST) -m 644 $$nm $(DIR)/$$nm; fi; done
++ $(INSTALL) -m 644 $$nm $(DIR)/$$nm.dist; fi; done
+ if test ! -f $(DIR)/ids -a ! -f $(DIR)/map -a ! -f $(DIR)/map.txt; then\
+ umask 077; PASSWD1=`$(RSTRING)`; PASSWD2=`$(RSTRING)`;\
+- sed -e "s/secret1/$$PASSWD1/" map.txt >$(DIR)/map.txt;\
++ sed -e "s/secret1/$$PASSWD1/" map.txt >$(DIR)/map.txt.dist;\
+ sed -e "s/secret1/$$PASSWD1/" -e "s/secret2/$$PASSWD2/" ids\
+- >$(DIR)/ids;\
+- ${DEPTH}/cdcc/cdcc -qh $(DIR) 'new map; load $(DIR)/map.txt';\
+- set +e; chown $(DCC_SUID) $(DIR)/map.txt\
+- $(DIR)/map $(DIR)/ids;\
++ >$(DIR)/ids.dist;\
++ ${DEPTH}/cdcc/cdcc -qh $(DIR) 'new map; load $(DIR)/map.txt.dist';\
++ set +e; chown $(DCC_SUID) $(DIR)/map.txt.dist\
++ $(DIR)/map $(DIR)/ids.dist;\
fi
+
+ deinstall:
diff -ruN dcc-dccd.orig/pkg-plist dcc-dccd/pkg-plist
--- dcc-dccd.orig/pkg-plist Wed Mar 15 20:16:40 2006
+++ dcc-dccd/pkg-plist Sun Feb 11 10:12:20 2007
@@ -39,6 +39,8 @@
dcc/cgi-bin/list-log
dcc/cgi-bin/list-msg
dcc/cgi-bin/webuser-notify
+dcc/cgi-bin/footer.dist
+dcc/cgi-bin/header.dist
dcc/libexec/cron-dccd
%%WITH_DCCIFD%%dcc/libexec/dccifd
%%WITH_SENDMAIL%%dcc/libexec/dccm
@@ -49,6 +51,7 @@
dcc/libexec/dcc-stats-init
dcc/libexec/dccd
dcc/libexec/dccsight
+dcc/libexec/dns-helper
dcc/libexec/fetchblack
dcc/libexec/fetch-testmsg-whitelist
dcc/libexec/hackmc
@@ -65,6 +68,7 @@
dcc/libexec/updatedcc
dcc/libexec/uninstalldcc
dcc/libexec/wlist
+etc/rc.d/dcc-start.sh.dist
@dirrm dcc/log
@dirrm dcc/libexec
@dirrm dcc/cgi-bin
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200702110128.KAA98051>