To begin, you have to understand what is RBL and Greylisting
gl4rbl is an antispam program created to use with qmail (but he should be used with another MTA).
gl4rbl do not claim to be able to eliminate all the spams, and it does not replace the use of the bayes filters. but gl4rbl can be used to reject a lot of spam at the SMTP greeting level, instead have to receipt them, write them on disc, use CPU for bayes filter.
I have created it as a replacement for rblsmtpd , because rblsmtpd have been created in 2000 when the spam was a problem different with that from today. So, my problem with rblsmtpd is that it reject all mails where IP Address is listed in RBLs. Even if the result is that too many spams are stopped, that raise also the reject of legitimate email messages. According to me, antispam systems should reject less spam but no ham.
To finish, note that gl4rbl make IP greylisting only (not using SMTP enveloppe), indeed, most of the case the results is sufficient and the system consumes much less resources processor, disc and RAM
To discuss about gl4rbl ideas, problems and/or solutions, you can join the mailing-list by sending an email to gl4rbl-subscribe@chanial.com (it will send you an confirmation mail request)
If you want to participate, join the mailing list and explain me (over the list) what you want to do, you can provide patchs, and if you want, i can give you an write access for the subversion repositery.
Current version is 0.4, you can download it at :
| gl4rbl-0.4.tar.bz2 gl4rbl-0.4.tar.gz |
Download gl4rbl, and extract it into a temporary directory, example :
| cd /tmp wget http://david.chanial.com/gl4rbl/gl4rbl-VERSION.tar.bz2 tar xjvf gl4rbl-VERSION.tar.bz2 cd gl4rbl-VERSION |
configure it, and make it :
Note you have to replace the default qmaild user by the user which is used for qmail-smtpd (see /service/qmail-smtpd/run for example)
| ./configure --enable-user=qmaild --enable-ipwait=240 --enable-dbexpire=48 --enable-checks=1 make |
if no errors, as root, now, install it :
| make install |
Now, if no errors occured, you have to configure it, and says qmail-smtpd to use it
You can "whitelist" somes IPs, or IP subnets to always connect thems to qmail-smtpd, in order to, edit the whitelist file /var/qmail/gl4rbl/whitelist, example :
| 127. 192.168.0.12 192.168.1. |
after each edits of the whitelist file (event if your whitelist files is now empty), you have to call gl4rbl-conf in order he updates the cdb version of your list :
| /var/qmail/bin/gl4rbl-conf |
Finally, you have to modify you qmail-smtpd init script in order it call gl4rbl before running qmail-smtpd, below an example of exec line (before) :
| exec /usr/local/bin/softlimit -m 2000000 \ /usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ /var/qmail/bin/qmail-smtpd 2>&1 |
After adding the gl4rbl instructions :
| exec /usr/local/bin/softlimit -m 2000000 \ /usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ /var/qmail/bin/gl4rbl \ -r bl.spamcop.net \ -r sbl-xbl.spamhaus.org \ /var/qmail/bin/qmail-smtpd 2>&1 |
As you see, you have to enter a -r FQDN for each rbl you want the IP to be checked. You should note put here a lot of RBL, because each dns request take few seconds, and i'm sure you don't want each SMTP connection take "a lot of" times before the mail can be passed thru to qmail-smtpd if not listed in any RBL.
You can also put somes directives in order to change the default values fixed by --enable-ipwait= --enable-dbexpire= --enable-checks=, by using repectivly -d, -l, -c :
| exec /usr/local/bin/softlimit -m 2000000 \ /usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ /var/qmail/bin/gl4rbl \ -d 240 \ -l 48 \ -c 1 \ -r bl.spamcop.net \ -r sbl-xbl.spamhaus.org \ /var/qmail/bin/qmail-smtpd 2>&1 |
Thanks to myself :) David CHANIAL who have take time to create gl4rbl in his (short) free time
Special thanks to D. J. Bernstein who provide in public domain merveillous librarys : cdb, stralloc, dns , and others C utils...
Thanks to libdjb - http://www.fefe.de/djb/ which provide an "easy-to-use" package for the djb librarys