SID-Milter のインストール
〜 CentOS 6.3 に SID-Milter をインストール 〜
2011-06-09 作成 福島
2012-10-08 更新 福島
TOP > tips > sid-milter
・SID-Milter をコンパイルするために Milter のソースをインストール (libmilter/mfapi.h が必要)
※CentOS 6.3 の場合は、パッケージマネージャーからのインストールが可能。
$ su
# yum info sendmail-devel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: ftp.tsukuba.wide.ad.jp
* base: ftp.tsukuba.wide.ad.jp
* extras: ftp.tsukuba.wide.ad.jp
* updates: ftp.tsukuba.wide.ad.jp
Available Packages --- インストールされていない
Name : sendmail-devel
Arch : i386
Version : 8.13.8
Release : 8.el5
Size : 128 k
Repo : base
Summary : エキストラ開発 include ファイルと開発ファイル
License : Sendmail
Description: Include files and devel libraries for e.g. the milter addons as part
: of sendmail.
|
# yum -y install sendmail-devel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: ftp.tsukuba.wide.ad.jp
* base: ftp.tsukuba.wide.ad.jp
* extras: ftp.tsukuba.wide.ad.jp
* updates: ftp.tsukuba.wide.ad.jp
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package sendmail-devel.i386 0:8.13.8-8.el5 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=====================================================================================================
Package Arch Version Repository Size
=====================================================================================================
Installing:
sendmail-devel i386 8.13.8-8.el5 base 128 k
Transaction Summary
=====================================================================================================
Install 1 Package(s)
Upgrade 0 Package(s)
Total download size: 128 k
Downloading Packages:
sendmail-devel-8.13.8-8.el5.i386.rpm
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : sendmail-devel 1/1
Installed:
sendmail-devel.i386 0:8.13.8-8.el5
Complete! |
# exit
$
・SID-Milter をソースからインストール
$ wget sid-milter-1.0.0.tar.gz
$ tar xzf sid-milter-1.0.0.tar.gz
$ cd sid-milter-1.0.0
sid-milter-1.0.0$ vi ./sid-filter/Makefile.m4
CentOS 6.3 の場合は、以下を追加 (`-lresolv ' の箇所)
これを入れないと Build がエラーで停止します。--(A) エラー内容は後述
bldPRODUCT_START(`executable', `sid-filter')
define(`bldSOURCES', `sid-filter.c rfc2822.c util.c ')
PREPENDDEF(`confLIBS', `-lmilter ')
APPENDDEF(`confLIBS', `-lresolv ')
bldPRODUCT_END |
sid-milter-1.0.0$ ./Build
sid-milter-1.0.0$ su
sid-milter-1.0.0# mkdir -p /usr/man/man3
sid-milter-1.0.0# mkdir -p /usr/man/man8
sid-milter-1.0.0# ./Build install
・SID-Milter の起動スクリプトを作成
sid-milter-1.0.0# vi /etc/rc.d/init.d/sid-filter
#!/bin/bash
#
# sid-filter This shell script takes care of starting and stopping
# sid-filter.
#
# chkconfig: 2345 75 35
# processname: sid-filter
# pidfile: /var/run/sid-filter.pid
#
# Short-Description: start and stop sid-filter
# Description: The sid-milter package is an open source implementation of the Sender-ID and
# SPF sender authentication systems.
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network
# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 0
[ -f /usr/bin/sid-filter ] || exit 0
RETVAL=0
prog="sid-filter"
start() {
# Start daemons.
# 今回は SPF が無効でも Reject しない設定にするため、テストモード (-t) で起動する。
echo -n $"Starting $prog: "
daemon /usr/bin/sid-filter -l -p inet:8891@localhost -P /var/run/sid-filter.pid -t
RETVAL=$?
echo
return $RETVAL
}
stop() {
# Stop daemons.
killproc sid-filter
RETVAL=$?
echo
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
RETVAL=$?
;;
status)
status sid-filter
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit $RETVAL
|
・SID-Milter の起動スクリプトを登録
sid-milter-1.0.0# chmod +x /etc/rc.d/init.d/sid-filter
sid-milter-1.0.0# chkconfig --add sid-filter
sid-milter-1.0.0# chkconfig --list sid-filter
sid-filter 0:off 1:off 2:on 3:on 4:on 5:on 6:off
|
・SID-Milter を起動
※CentOS 6.3 で GNOME をインストールした場合は、「サービス」からの起動が可能。
sid-milter-1.0.0# /etc/rc.d/init.d/sid-filter start
sid-milter-1.0.0# exit
sid-milter-1.0.0$
・SID-Milter が起動されたことを確認
sid-milter-1.0.0$ tail /var/log/maillog
Jun 9 01:00:07 host1 sid-filter[6273]: Sendmail Sender-ID Filter v1.0.0 starting (args: -l -p inet:8891@localhost -P /var/run/sid-filter.pid -t)
|
・Sendmail (sendmail.cf) を再作成
$ su
# cd /etc/mail
/etc/mail# vi sendmail.mc
INPUT_MAIL_FILTER(`sid-filter',`S=inet:8891@localhost')dnl
|
/etc/mail# make
・sendmail を再起動
/etc/mail# /etc/rc.d/init.d/sendmail restart
/etc/mail# exit
$
・SPF が参照できることを確認 (SPF 正常のメールを受信して確認)
$ tail /var/log/maillog
Jun 9 01:07:35 host1 sendmail[6444]: p58G7Uv9006444: from=, size=1003, class=0, nrcpts=1, msgid=<4DEF9E30.3010504@gmail.com>, proto=ESMTP, daemon=MTA, relay=msag503.gmail.com [2.248.238.124]
Jun 9 01:07:35 host1 sendmail[6444]: p58G7Uv9006444: Milter insert (1): header: Authentication-Results: host1.mydomain.com; sender-id=pass header.from=who@gmail.com; spf=pass smtp.mfrom=who@gmail.com
Jun 9 01:07:35 host1 sendmail[6446]: p58G7Uv9006444: to=, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31318, dsn=2.0.0, stat=Sent
|
・SPF が参照できない場合の挙動を確認 (SPF 異常のメールを受信して確認: sid-filter を -t で起動しているので、メールは配送される)
$ tail /var/log/maillog
Jun 9 01:41:23 host1 sendmail[6816]: p58GeofQ006816: from=test@example.com, size=6, class=0, nrcpts=1, msgid=<201106081641.p58GeofQ006816@host1.mydomain.com>, proto=SMTP, daemon=MTA, relay=proxy.mydomain.com [21.26.88.203]
Jun 9 01:41:23 host1 sid-filter[6813]: p58GeofQ006816 can't determine Purported Responsible Address
Jun 9 01:41:23 host1 sendmail[6818]: p58GeofQ006816: to=myaddr@mydomain.com, delay=00:00:07, xdelay=00:00:00, mailer=local, pri=30323, dsn=2.0.0, stat=Sent
|
・実験したメールの手順は以下 (proxy.mydomain.com → host1.mydomain.com の接続)
$ telnet host1.mydomain.com 25
Trying 21.26.88.201...
Connected to host1.mydomain.com.
Escape character is '^]'.
220 host1.mydomain.com ESMTP Sendmail 8.13.8/8.13.8; Thu, 9 Jun 2011 01:40:50 +0900
helo localhost
250 host1.mydomain.com Hello proxy.mydomain.com [21.26.88.203], pleased to meet you
mail from: test@example.com
250 2.1.0 test@example.com... Sender ok
rcpt to: myaddr@mydomain.com
250 2.1.5 myaddr@mydomain.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
test
.
250 2.0.0 p58GeofQ006816 Message accepted for delivery
quit
221 2.0.0 host1.mydomain.com closing connection
Connection closed by foreign host.
|
(A) -lresolv を追加しない場合のエラー内容
sid-filter.o: In function `sid_decode_a':
sid-filter.c:(.text+0x18c3): undefined reference to `__dn_expand'
sid-filter.c:(.text+0x18ce): undefined reference to `__dn_skipname'
sid-filter.c:(.text+0x19db): undefined reference to `__dn_expand'
sid-filter.o: In function `sid_marid_check':
sid-filter.c:(.text+0x1eb7): undefined reference to `__dn_expand'
sid-filter.c:(.text+0x1ec2): undefined reference to `__dn_skipname'
sid-filter.c:(.text+0x1fed): undefined reference to `__dn_expand'
sid-filter.c:(.text+0x228d): undefined reference to `__dn_expand'
sid-filter.c:(.text+0x22cd): undefined reference to `__dn_expand'
sid-filter.c:(.text+0x240d): undefined reference to `__dn_expand'
/tmp/sid-milter-1.0.0/obj.Linux.2.6.32-279.5.2.el6.x86_64.x86_64/libar/libar.a(ar.o): In function `ar_sendquery':
ar.c:(.text+0x1613): undefined reference to `__res_nmkquery'
/tmp/sid-milter-1.0.0/obj.Linux.2.6.32-279.5.2.el6.x86_64.x86_64/libar/libar.a(ar.o): In function `ar_dispatcher':
ar.c:(.text+0x21a6): undefined reference to `__dn_skipname'
ar.c:(.text+0x21e0): undefined reference to `__dn_skipname'
ar.c:(.text+0x222d): undefined reference to `__dn_expand'
collect2: ld はステータス 1 で終了しました
make[1]: *** [sid-filter] エラー 1
make[1]: ディレクトリ `/tmp/sid-milter-1.0.0/obj.Linux.2.6.32-279.5.2.el6.x86_64.x86_64/sid-filter' から出ます
make: *** [all] エラー 2
|