diff options
| author | Norikatsu Shigemura <nork@FreeBSD.org> | 2024-03-11 10:26:27 +0900 |
|---|---|---|
| committer | Norikatsu Shigemura <nork@FreeBSD.org> | 2024-03-11 10:26:27 +0900 |
| commit | 8aa480245f5657e917b209a3c7766f38582ec4c7 (patch) | |
| tree | b2823e59bb3eea76717e52deb05d38d43b6be8f1 | |
| parent | 746736cb56a704b1a915afe15281e5e9e7166cad (diff) | |
| download | freebsd-ports-8aa480245f5657e917b209a3c7766f38582ec4c7.zip | |
mail/p5-Mail-Milter-Authentication: Add new port
A Perl implementation of email authentication standards rolled up into a
single easy to use milter.
This milter verifies using the following standards.
ARC / BIMI / DMARC / IPRev / SPF
Check HELO matches it's IP address
DKIM (including ADSP)
DomainKeys (deprecated)
SenderID (deprecated)
Includes other additional modules like AddID, ReturnOK and etc...
Approved by: hrs (mentor)
12 files changed, 635 insertions, 0 deletions
diff --git a/mail/Makefile b/mail/Makefile index ef59986a9a0e..3e4784b259cb 100644 --- a/mail/Makefile +++ b/mail/Makefile @@ -377,6 +377,7 @@ SUBDIR += p5-Mail-Mbox-MessageParser SUBDIR += p5-Mail-MboxParser SUBDIR += p5-Mail-Message + SUBDIR += p5-Mail-Milter-Authentication SUBDIR += p5-Mail-OpenDKIM SUBDIR += p5-Mail-OpenRelay-Simple SUBDIR += p5-Mail-POP3Client diff --git a/mail/p5-Mail-Milter-Authentication/Makefile b/mail/p5-Mail-Milter-Authentication/Makefile new file mode 100644 index 000000000000..7416e7c9a919 --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/Makefile @@ -0,0 +1,94 @@ +PORTNAME= Mail-Milter-Authentication +PORTVERSION= 3.20240205 +CATEGORIES= mail perl5 +MASTER_SITES= CPAN +PKGNAMEPREFIX= p5- + +MAINTAINER= nork@FreeBSD.org +COMMENT= Perl Mail Authentication Milter +WWW= https://metacpan.org/release/Mail-Milter-Authentication/ + +LICENSE= ART10 GPLv1+ +LICENSE_COMB= dual + +BUILD_DEPENDS= p5-File-ShareDir-Install>0:devel/p5-File-ShareDir-Install +RUN_DEPENDS= p5-App-Cmd>0:devel/p5-App-Cmd \ + p5-Clone>0:devel/p5-Clone \ + p5-Date-Manip>0:devel/p5-Date-Manip \ + p5-Email-Date-Format>0:mail/p5-Email-Date-Format \ + p5-Email-Sender>0:mail/p5-Email-Sender \ + p5-Email-Simple>0:mail/p5-Email-Simple \ + p5-File-Slurp>0:devel/p5-File-Slurp \ + p5-Import-Into>0:devel/p5-Import-Into \ + p5-JSON-XS>0:converters/p5-JSON-XS \ + p5-List-MoreUtils>0:lang/p5-List-MoreUtils \ + p5-Lock-File>0:devel/p5-Lock-File \ + p5-Log-Dispatchouli>0:devel/p5-Log-Dispatchouli \ + p5-Mail-AuthenticationResults>2.20230112:mail/p5-Mail-AuthenticationResults \ + p5-Mail-BIMI>=3.20230913:mail/p5-Mail-BIMI \ + p5-Mail-DataFeed-Abusix>=1.20200617.1:mail/p5-Mail-DataFeed-Abusix \ + p5-Mail-DKIM>=1.20200824:mail/p5-Mail-DKIM \ + p5-Mail-DMARC>=1.20160612:mail/p5-Mail-DMARC \ + p5-Mail-SPF>0:mail/p5-Mail-SPF \ + p5-Net-DNS-Resolver-Mock>=1.20171219:dns/p5-Net-DNS-Resolver-Mock \ + p5-Net-DNS>=1.01:dns/p5-Net-DNS \ + p5-Net-IP>0:net-mgmt/p5-Net-IP \ + p5-Net-Server>0:net/p5-Net-Server \ + p5-Proc-ProcessTable>0:devel/p5-Proc-ProcessTable \ + p5-Prometheus-Tiny-Shared>=0.020:net-mgmt/p5-Prometheus-Tiny-Shared \ + p5-Sereal>0:converters/p5-Sereal \ + p5-SUPER>0:devel/p5-SUPER \ + p5-Test-File-Contents>0:devel/p5-Test-File-Contents \ + p5-Text-Table>0:textproc/p5-Text-Table \ + p5-TimeDate>0:devel/p5-TimeDate \ + p5-TOML>0:textproc/p5-TOML +TEST_DEPENDS= p5-Crypt-OpenSSL-RSA>0:security/p5-Crypt-OpenSSL-RSA \ + p5-Test-CheckManifest>0:devel/p5-Test-CheckManifest \ + p5-Test-Exception>0:devel/p5-Test-Exception \ + p5-Test-Perl-Critic>0:textproc/p5-Test-Perl-Critic + +USES= perl5 shebangfix +USE_PERL5= configure +USE_RC_SUBR= authentication_milter +SHEBANG_FILES= bin/authentication_milter bin/authentication_milter_blocker \ + bin/authentication_milter_client bin/authentication_milter_log + +TEST_ENV= AUTHOR_TESTING=1 \ + RELEASE_TESTING=1 \ + TEST_AUTHOR=1 + +ETCDIR= ${PREFIX}/etc/mail +EXTRACT_AFTER_ARGS= --exclude ./share/authentication_milter.init \ + --no-same-owner --no-same-permission +.for V in CACHEDIR ETCDIR RUNDIR SPOOLDIR VARLIBDIR VARLIBDIRBASE \ + DEFAULT_USER DEFAULT_GROUP +REINPLACE_LIST+= -e "s|%%${V}%%|${$V}|g" +.endfor +NO_ARCH= yes +SUB_FILES= pkg-message +.for V in CACHEDIR ETCDIR RUNDIR SPOOLDIR VARLIBDIR VARLIBDIRBASE \ + DEFAULT_USER DEFAULT_GROUP +SUB_LIST+= ${V}=${$V} +.endfor + +PLIST_SUB= ${SUB_LIST} + +CACHEDIR= /var/cache/auth_milter +DEFAULT_GROUP= mailnull +DEFAULT_USER= mailnull +RUNDIR= /var/run/auth_milter +SPOOLDIR= /var/spool/auth_milter +VARLIBDIR= /var/lib/auth_milter +VARLIBDIRBASE= /var/lib + +post-patch: + cd ${PATCH_WRKSRC} && ${REINPLACE_CMD} ${REINPLACE_LIST} \ + bin/authentication_milter \ + lib/Mail/Milter/Authentication/Config.pm \ + lib/Mail/Milter/Authentication/Handler/DMARC.pm \ + share/authentication_milter.json + +post-install: + ${MKDIR} ${STAGEDIR}${ETCDIR}/authentication_milter.d + +.include <bsd.port.mk> diff --git a/mail/p5-Mail-Milter-Authentication/distinfo b/mail/p5-Mail-Milter-Authentication/distinfo new file mode 100644 index 000000000000..248b6a8464f1 --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1708613768 +SHA256 (Mail-Milter-Authentication-3.20240205.tar.gz) = 88a04406509c2f6a2b1b718b1ca250dc4e86f783343ceeb6cd6eac00ed4d0d7e +SIZE (Mail-Milter-Authentication-3.20240205.tar.gz) = 249101 diff --git a/mail/p5-Mail-Milter-Authentication/files/authentication_milter.in b/mail/p5-Mail-Milter-Authentication/files/authentication_milter.in new file mode 100644 index 000000000000..870ea0c4b6df --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/files/authentication_milter.in @@ -0,0 +1,93 @@ +#!/bin/sh + +# PROVIDE: authentication_milter +# REQUIRE: NETWORKING +# BEFORE: mail +# KEYWORD: shutdown +# +# Define these authentication_milter* variables in one of these files: +# /etc/rc.conf +# /etc/rc.conf.local +# /etc/rc.conf.d/authentication_milter +# +# DO NOT CHANGE THESE DEFAULT VALUES HERE +# +# Add the following lines to /etc/rc.conf to enable authentication_milter: +# +# authentication_milter_enable="YES" +# authentication_milter_flags="<set as needed>" +# authentication_milter_prefix="%%ETCDIR%%" +# authentication_milter_foreground_enable="<default 'NO'>" +# + +. /etc/rc.subr + +name="authentication_milter" +rcvar="authentication_milter_enable" +procname="${name}:parent" + +load_rc_config $name + +: ${authentication_milter_enable:=NO} +: ${authentication_milter_prefix:=%%ETCDIR%%} +: ${authentication_milter_foreground_enable:=NO} + +pidfile="%%RUNDIR%%/${name}.pid" +command="%%PREFIX%%/bin/authentication_milter" +command_args="--pidfile ${pidfile} --prefix ${authentication_milter_prefix} ${command_args}" + +start_precmd="authentication_milter_precmd_start" +stop_precmd="authentication_milter_precmd" + +authentication_milter_precmd_start () { + var1= + var2= + + case "${authentication_milter_flags}" in + -c*|*-c*|--control*|*--control*) + var1="control" + ;; + -d*|*-d*|--daemon*|*--daemon*) + var1="daemon" + ;; + --pidfile*|*--pidfile*) + var2="pidfile" + ;; + --prefix*|*--prefix*) + var2="prefix" + ;; + -h*|*-h*|--help*|*--help*) + var1="help" + ;; + esac + case ${var1} in + "") ;; + *) + err 1 "Invalid option --${var1} found in ${name}_flags" + ;; + esac + case ${var2} in + "") ;; + *) + err 1 "Invalid option --${var2} found in ${name}_flags." \ + "Use \$${name}_${var2} in /etc/rc.conf instead." + ;; + esac + + piddir=$(dirname "$pidfile") + install -d %%VARLIBDIRBASE%% + install -d -m 0755 -o "%%DEFAULT_USER%%" -g "%%DEFAULT_GROUP%%" "$piddir" + install -d -m 0750 -o "%%DEFAULT_USER%%" -g "%%DEFAULT_GROUP%%" \ + %%RUNDIR%% %%CACHEDIR%% %%SPOOLDIR%% %%VARLIBDIR%% + + authentication_milter_precmd + if ! checkyesno authentication_milter_foreground_enable; then + command_args="-d ${command_args}" + fi +} + +authentication_milter_precmd () { + command_args="-c ${rc_arg} ${command_args}" +} + +run_rc_command "$1" diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-bin_authentication__milter b/mail/p5-Mail-Milter-Authentication/files/patch-bin_authentication__milter new file mode 100644 index 000000000000..2d9ef925cdcf --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/files/patch-bin_authentication__milter @@ -0,0 +1,85 @@ +--- bin/authentication_milter.orig 2024-02-05 02:41:57 UTC ++++ bin/authentication_milter +@@ -15,7 +15,7 @@ use Mail::Milter::Authentication::Protocol::SMTP; + use Mail::Milter::Authentication::Protocol::SMTP; + + # CONFIG +-my $pid_file = '/run/authentication_milter.pid'; ++my $pid_file = '%%RUNDIR%%/authentication_milter.pid'; + my $daemon = 0; + my $help = 0; + my $prefix; +@@ -195,11 +195,11 @@ version 3.20240205 + =item --pidfile <file> + + Write the process PID to the given file. +- defaults to /run/authentication_milter.pid ++ defaults to %%RUNDIR%%/authentication_milter.pid + + =item --prefix <dir> + +- Read configuration from dir rather than /etc/ ++ Read configuration from dir rather than %%ETCDIR%% + + =item -i|--ident <ident> + +@@ -212,7 +212,7 @@ version 3.20240205 + + =head1 CONFIGURATION + +- The milter reads configuration from /etc/authentication_milter.json ++ The milter reads configuration from %%ETCDIR%%/authentication_milter.json + + The configuration file format is as follows... + +@@ -266,10 +266,10 @@ version 3.20240205 + "metric_tempfile" : "/tmpfs/authmilter_metrics", | Path to shared metrics data, defaults to <lib_path>/metrics + "metric_basic_http" : 1, | Disable extended http services such as config and grafana json pages + +- "cache_dir" : "/var/cache/auth_milter", | Path to the shared cache directory +- "spool_dir" : "/var/spool/auth_milter", | Path to the shared spool directory +- "lib_dir" : "/var/lib/auth_milter", | Path to the shared lib directory +- "lock_file" : "/var/run/authmilter.lock", | Optionally specify the location of the Net::Server lock file ++ "cache_dir" : "%%CACHEDIR%%", | Path to the shared cache directory ++ "spool_dir" : "%%SPOOLDIR%%", | Path to the shared spool directory ++ "lib_dir" : "%%VARLIBDIR%%", | Path to the shared lib directory ++ "lock_file" : "%%RUNDIR%%/authmilter.lock", | Optionally specify the location of the Net::Server lock file + + # metric_port and metric_host are deprecated. + # please use metric_connection instead +@@ -289,7 +289,7 @@ version 3.20240205 + "sock_type" : "inet", | Socket type (inet or unix) + "sock_host" : "localhost", | Host to connect to (when inet) + "sock_port" : "2525", | Port to connect to (when inet) +- "sock_path" : "/var/run/smtp.sock", | Socket path to connect to (when unix) ++ "sock_path" : "%%RUNDIR%%/smtp.sock", | Socket path to connect to (when unix) + "timeout_in" : "10", | Timeout when waiting for inbound SMTP data + "timeout_out" : "10", | Timeout when waiting for outbound SMTP data + "pipeline_limit" : "50", | Limit the number of transactions accepted in an SMTP pipeline +@@ -315,7 +315,7 @@ version 3.20240205 + "unix:/var/sock/a.sock" : { + "server_name" : "util.example.com", + "sock_type" : "unix", +- "sock_path" : "/var/run/smtp.sock", ++ "sock_path" : "%%RUNDIR%%/smtp.sock", + "timeout_in" : "10", + "timeout_out" : "10" + } +@@ -408,7 +408,7 @@ version 3.20240205 + }, + "!InactiveModule" : {}, + | Additionally, config for a module can be placed in a file +- | with filename /etc/authentication_milter.d/ModuleName.json ++ | with filename %%ETCDIR%%/authentication_milter.d/ModuleName.json + | the contents of which should be the JSON assigned to the + | entry here. + +@@ -421,7 +421,7 @@ This milter uses Mail::DMARC as a backend for DMARC ch + + This milter uses Mail::DMARC as a backend for DMARC checks, this module requires that a configuration file is setup. + +-You should create and populate /etc/mail-dmarc.ini ++You should create and populate %%ETCDIR%%/mail-dmarc.ini + + For DMARC reporting you are also required to setup a datastore, including creating a basic table structure. + The detauls of this are to be found in the Mail::DMARC documentation. diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication.pm b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication.pm new file mode 100644 index 000000000000..7908a75deddf --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication.pm @@ -0,0 +1,18 @@ +--- lib/Mail/Milter/Authentication.pm.orig 2024-02-05 02:41:57 UTC ++++ lib/Mail/Milter/Authentication.pm +@@ -32,11 +32,14 @@ use vars qw(@ISA); + my $MYARGS = { + 'ident' => $Mail::Milter::Authentication::Config::IDENT, + 'to_stderr' => 0, # handled elsewhere ++ 'to_stdout' => 0, # handled elsewhere + 'log_pid' => 1, + 'facility' => LOG_MAIL, + }; + if ( exists $config->{ 'log_dispatchouli' } ) { +- $MYARGS = $config->{ 'log_dispatchouli' }; ++ foreach my $k (keys %{$config->{ 'log_dispatchouli' }}) { ++ $MYARGS->{$k} = $config->{ 'log_dispatchouli' }->{$k}; ++ } + } + + $LOGGER = Log::Dispatchouli->new( $MYARGS ); diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Config.pm b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Config.pm new file mode 100644 index 000000000000..c2ac6dfd0d26 --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Config.pm @@ -0,0 +1,71 @@ +--- lib/Mail/Milter/Authentication/Config.pm.orig 2024-02-05 02:41:57 UTC ++++ lib/Mail/Milter/Authentication/Config.pm +@@ -21,7 +21,7 @@ our @EXPORT_OK = qw{ + }; + + +-our $PREFIX = '/etc'; ++our $PREFIX = '%%ETCDIR%%'; + our $IDENT = 'authentication_milter'; + my $CONFIG; + +@@ -31,19 +31,19 @@ sub default_config { + 'debug' => 0, + 'dryrun' => 0, + 'logtoerr' => 0, +- 'error_log' => '/var/log/authentication_milter.err', ++ "log_dispatchouli" => {}, + 'extended_log' => 1, + 'legacy_log' => 0, +- 'connection' => 'inet:12345@localhost', +- 'umask' => '0000', +- 'runas' => 'nobody', +- 'rungroup' => 'nogroup', ++ 'connection' => 'unix:%%RUNDIR%%/auth_milter.sock', ++ 'umask' => '0077', ++ 'runas' => '%%DEFAULT_USER%%', ++ 'rungroup' => '%%DEFAULT_GROUP%%', + 'listen_backlog' => 20, + 'check_for_dequeue' => 60, +- 'min_children' => 20, +- 'max_children' => 200, +- 'min_spare_children' => 10, +- 'max_spare_children' => 20, ++ 'min_children' => 1, ++ 'max_children' => 2, ++ 'min_spare_children' => 1, ++ 'max_spare_children' => 1, + 'max_requests_per_child' => 200, + 'protocol' => 'milter', + 'connect_timeout' => 30, +@@ -61,9 +61,9 @@ sub default_config { + 'ip_map' => {}, + 'authserv_id' => '', + 'handlers' => {}, +- 'cache_dir' => '/var/cache/authentication_milter', +- 'spool_dir' => '/var/spool/authentication_milter', +- 'lib_dir' => '/var/lib/authentication_milter', ++ 'cache_dir' => '%%CACHEDIR%%', ++ 'spool_dir' => '%%SPOOLDIR%%', ++ 'lib_dir' => '%%VARLIBDIR%%', + 'lock_file' => '', + }; + +@@ -104,7 +104,7 @@ sub setup_config { + else { + if ( $EUID == 0 ) { + # We are root, create in global space +- $dir = '/var/'.$type.'/authentication_milter'; ++ $dir = '/var/'.$type.'/auth_milter'; + mkdir $dir if ! -e $dir; + # Create the subdir for this IDENT + $dir .= '/'.$safe_ident; +@@ -119,7 +119,7 @@ sub setup_config { + else { + # We are a user! Create something in a temporary space + $dir = join( '_', +- '/tmp/authentication_milter', ++ '/tmp/auth_milter', + $type, + $EUID, + $safe_ident, diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Handler_DMARC.pm b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Handler_DMARC.pm new file mode 100644 index 000000000000..4f336401d318 --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Handler_DMARC.pm @@ -0,0 +1,11 @@ +--- lib/Mail/Milter/Authentication/Handler/DMARC.pm.orig 2024-02-05 02:41:57 UTC ++++ lib/Mail/Milter/Authentication/Handler/DMARC.pm +@@ -26,7 +26,7 @@ sub default_config { + 'report_suppression_list' => 'rbl.example.com', + 'no_report' => 0, + 'hide_report_to' => 0, +- 'config_file' => '/etc/mail-dmarc.ini', ++ 'config_file' => '%%ETCDIR%%/mail-dmarc.ini', + 'no_reject_disposition' => 'quarantine', + 'no_list_reject_disposition' => 'none', + 'reject_on_multifrom' => 30, diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-share_authentication__milter.json b/mail/p5-Mail-Milter-Authentication/files/patch-share_authentication__milter.json new file mode 100644 index 000000000000..1547a396af4f --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/files/patch-share_authentication__milter.json @@ -0,0 +1,76 @@ +--- share/authentication_milter.json.orig 2024-02-05 02:41:57 UTC ++++ share/authentication_milter.json +@@ -2,19 +2,19 @@ + "debug" : 0, + "dryrun" : 0, + "logtoerr" : 0, +- "error_log" : "/var/log/authentication_milter.err", ++ "log_dispatchouli" : {}, + +- "connection" : "inet:12345@localhost", +- "umask" : "0000", +- "runas" : "nobody", +- "rungroup" : "nogroup", ++ "connection" : "unix:%%RUNDIR%%/auth_milter.sock", ++ "umask" : "0077", ++ "runas" : "%%DEFAULT_USER%%", ++ "rungroup" : "%%DEFAULT_GROUP%%", + "chroot" : "", + + "listen_backlog" : 20, +- "min_children" : 20, +- "max_children" : 200, +- "min_spare_children" : 10, +- "max_spare_children" : 20, ++ "min_children" : 1, ++ "max_children" : 2, ++ "min_spare_children" : 1, ++ "max_spare_children" : 1, + "max_requests_per_child" : 200, + + "connect_timeout" : 30, +@@ -31,21 +31,32 @@ + "handlers" : { + + "SPF" : { +- "hide_none" : 0 ++ "hide_none" : 0, ++ "hide_received-spf_header": 1 + }, + + "DKIM" : { + "hide_none" : 0, +- "check_adsp" : 1, ++ "check_adsp" : 0, ++ "hide_domainkeys" : 1, + "show_default_adsp" : 0, +- "adsp_hide_none" : 0 ++ "adsp_hide_none" : 1 + }, + + "DMARC" : { + "hide_none" : 0, ++ "hard_reject" : 0, ++ "no_reject_disposition" : "quarantine", ++ "use_arc" : 1, ++ "no_report" : 1, ++ "config_file": "%%ETCDIR%%/mail-dmarc.ini", + "detect_list_id" : "1" + }, + ++ "ARC" : { ++ "hide_none" : 0 ++ }, ++ + "PTR" : {}, + + "SenderID" : { +@@ -63,7 +74,7 @@ + "100.200.100.2", + "2001:44c2:3881:aa00::/56", + "2001:44b8:3021:123:dead:beef:abcd:1234" +- ], ++ ] + }, + + "!AddID" : {}, diff --git a/mail/p5-Mail-Milter-Authentication/files/pkg-message.in b/mail/p5-Mail-Milter-Authentication/files/pkg-message.in new file mode 100644 index 000000000000..b818cbe67c5d --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/files/pkg-message.in @@ -0,0 +1,33 @@ +[ +{ type: install + message: <<EOM +To enable authentication_milter to run at boot time, set the following +variable in your /etc/rc.conf file: + + authentication_milter_enable="YES" + +Check and/or modify the following configuration files to suit your needs: + + %%ETCDIR%%/authentication_milter.json + %%ETCDIR%%/mail-dmarc.ini + + NOTE: The default settings almost works for test and/or personal use, + SPF/DKIM/DMARC(no report mail)/ARC(but not enable ARC-Seals) are OK. + + To enable DMARC report feature, now TODO. Because it's required + p5-Mail-DMARC port setup. + +For sendmail users, please add the following line to your sendmail.mc: + + INPUT_MAIL_FILTER(`authentication_milter', \ + `S=local:%%RUNDIR%%/auth_milter.sock, F=T, T=R:2m') + +For postfix users, please add the following line to your main.cf: + + smtpd_milters = sock:%%RUNDIR%%/auth_milter.sock + + Note: milter sockets must be accessible from postfix/smtpd; + using inet sockets might be preferred. +EOM +} +] diff --git a/mail/p5-Mail-Milter-Authentication/pkg-descr b/mail/p5-Mail-Milter-Authentication/pkg-descr new file mode 100644 index 000000000000..dd7a509a2948 --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/pkg-descr @@ -0,0 +1,22 @@ +A Perl implementation of email authentication standards rolled up into a +single easy to use milter. +This milter verifies using the following standards. + ARC / BIMI / DMARC / IPRev / SPF + Check HELO matches it's IP address + DKIM (including ADSP) + DomainKeys (deprecated) + SenderID (deprecated) +Includes additional modules. + AddID - add a header to all email (example) + ReturnOK - Checks that return addresses have properly configured MX + records + TLS (milter protocol only) - identifies TLS protected connections + Check alignment of RFC5322 From and Mail From addresses + Send aggregate data to the abusix service + Check for SMTP Authentication + Block mail based on simple rules + Check IP against a trusted list and/or local IP space + Extended logging + Reverse loopup checking + Check against a list of RBLDNS services + Generate metrics about message header and body sizes diff --git a/mail/p5-Mail-Milter-Authentication/pkg-plist b/mail/p5-Mail-Milter-Authentication/pkg-plist new file mode 100644 index 000000000000..f820499bd692 --- /dev/null +++ b/mail/p5-Mail-Milter-Authentication/pkg-plist @@ -0,0 +1,128 @@ +bin/authentication_milter +bin/authentication_milter_blocker +bin/authentication_milter_log +bin/authentication_milter_client +@sample %%SITE_PERL%%/auto/share/dist/Mail-Milter-Authentication/authentication_milter.json %%ETCDIR%%/authentication_milter.json +@sample %%SITE_PERL%%/auto/share/dist/Mail-Milter-Authentication/mail-dmarc.ini %%ETCDIR%%/mail-dmarc.ini +%%SITE_PERL%%/Mail/Milter/Authentication.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Resolver.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Client.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Tester.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Constants.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Exception.pm +%%SITE_PERL%%/Mail/Milter/Authentication/HTDocs.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Metric.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Pragmas.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Config.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/IPRev.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TLS_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Size.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/XGoogleDKIM.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Auth.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/AbusixDataFeed.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TLS.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/DMARC_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TrustedIP.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Sanitize_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Sanitize.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Size_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/PTR_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Logger.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/BIMI.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/DKIM_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TestTimeout.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/AlignedFrom.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/AddID.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/ReturnOK_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/LocalIP_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/XGoogleDKIM_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/DMARC.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Auth_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/IPRev_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Blocker.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/ReturnOK.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/SPF.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/LocalIP.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/SenderID_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/AlignedFrom_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/PTR.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/ARC_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/RBLDNS.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TrustedIP_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/SPF_metrics.json +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/SenderID.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/ARC.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Handler/DKIM.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowProcesses.json +%%SITE_PERL%%/Mail/Milter/Authentication/Metric/Grafana.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowProcessingTime.json +%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowUptime.json +%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowErrors.json +%%SITE_PERL%%/Mail/Milter/Authentication/Metric/Base.json +%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowThroughput.json +%%SITE_PERL%%/Mail/Milter/Authentication/Tester/HandlerTester.pm +%%SITE_PERL%%/Mail/Milter/Authentication/htdocs/css/authmilter.css +%%SITE_PERL%%/Mail/Milter/Authentication/htdocs/css/normalize.css +%%SITE_PERL%%/Mail/Milter/Authentication/htdocs/css/skeleton.css +%%SITE_PERL%%/Mail/Milter/Authentication/Net/ServerPatches.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Net/Milter.pm +%%SITE_PERL%%/Mail/Milter/Authentication/App/Blocker/App.pm +%%SITE_PERL%%/Mail/Milter/Authentication/App/Blocker/App/Command/delete.pm +%%SITE_PERL%%/Mail/Milter/Authentication/App/Blocker/App/Command/add.pm +%%SITE_PERL%%/Mail/Milter/Authentication/App/Blocker/App/Command/list.pm +%%SITE_PERL%%/Mail/Milter/Authentication/App/ProcessLog/App.pm +%%SITE_PERL%%/Mail/Milter/Authentication/App/ProcessLog/App/Command/arex.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Protocol/SMTP.pm +%%SITE_PERL%%/Mail/Milter/Authentication/Protocol/Milter.pm +%%PERL5_MAN1%%/authentication_milter_blocker.1.gz +%%PERL5_MAN1%%/authentication_milter_client.1.gz +%%PERL5_MAN1%%/authentication_milter_log.1.gz +%%PERL5_MAN1%%/authentication_milter.1.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::App::Blocker::App.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::App::Blocker::App::Command::add.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::App::Blocker::App::Command::delete.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::App::Blocker::App::Command::list.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::App::ProcessLog::App.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::App::ProcessLog::App::Command::arex.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Client.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Config.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Constants.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Exception.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::AbusixDataFeed.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::AddID.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::AlignedFrom.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::ARC.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Auth.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::BIMI.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Blocker.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::DKIM.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::DMARC.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::IPRev.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::LocalIP.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Logger.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::PTR.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::RBLDNS.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::ReturnOK.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Sanitize.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::SenderID.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Size.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::SPF.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::TestTimeout.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::TLS.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::TrustedIP.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::XGoogleDKIM.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::HTDocs.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Metric.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Metric::Grafana.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Net::Milter.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Net::ServerPatches.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Pragmas.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Protocol::Milter.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Protocol::SMTP.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Resolver.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Tester::HandlerTester.3.gz +%%PERL5_MAN3%%/Mail::Milter::Authentication::Tester.3.gz +@dir %%ETCDIR%%/authentication_milter.d |