I have encountered the situation when users have weak passwords and are guessed by spammers so valid accounts are used for SPAM. The solution they choose in case is the limitation of mails sent over a period of time.
- Install dependencies on the application
yum install -y mariadb mariadb-server perl-Cache-FastMmap perl-Config-IniFiles
- Download and install policyd rpm package and source files for setting up db.
wget https://download.policyd.org/v2.0.14/cluebringer-2.0.14-1.noarch.rpm
rpm -Uvh cluebringer-2.0.14-1.noarch.rpm
wget https://download.policyd.org/v2.0.14/cluebringer-v2.0.14.zip
- Settings database.
unzip cluebringer-v2.0.14.zip
cd cluebringer-v2.0.14/database/
Prepare sql file
vim run.sh
#!/bin/bash
for i in core.tsql access_control.tsql quotas.tsql amavis.tsql checkhelo.tsql checkspf.tsql greylisting.tsql;
do
./convert-tsql mysql $i
done > policyd.sql
Change in file
sed -i 's/TYPE=InnoDB CHARACTER SET latin1 COLLATE latin1_bin//' policyd.sql
Create database and populate.
mysql -u root -p
create database policyd;
GRANT all on policyd.* to 'policyd'@'localhost' identified by 'Your-password';
\q
mysql -u root -p policyd < policyd.sqlConfigure cbpolicyd database on webui.conf
vim /etc/policyd/cluebringer.conf
config line like this
[database]
#DSN=DBI:SQLite:dbname=policyd.sqlite
DSN=DBI:mysql:database=policyd;host=localhost
Username=policyd
Password=Your-password
vim /etc/policyd/webui.conf
config line like this
$DB_DSN="mysql:host=localhost;dbname=policyd";
$DB_USER="policyd";
$DB_PASS="Your-password";
- Setup in your page policyd and postfix.
Access for config file
cd /var/www/html/
ln -s /usr/share/cluebringer/webui/ policyd
Now you need to create your apache access with vhosts.
Modify postfix
Add the following Postfix config setting in BOTH smtpd_recipient_restrictions and
smtpd_end_of_data_restrictions: check_policy_service inet:127.0.0.1:10031
It’s recommended to add these parameters first, i.e.:
smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, permit_mynetworks, ..
You can check logs on /var/log/cbpolicyd.log and /var/log/maillog
Start service /etc/init.d/cbpolicyd start
Enable:
[root@mail html]# systemctl enable cbpolicyd
cbpolicyd.service is not a native service, redirecting to /sbin/chkconfig.
Executing /sbin/chkconfig cbpolicyd on
Posted from my blog with SteemPress : http://blog.ceae.info/easy-install-cbpolicyd-on-centos-7/