1POP-BEFORE-SMTP(1) User Contributed Perl Documentation POP-BEFORE-SMTP(1)
2
6 pop-before-smtp - watch log for POP/IMAP auth, update map allowing SMTP
7
9 nohup pop-before-smtp [--config=FILE] [--[no]write] [--[no]debug] \
10 [--[no]flock] [--reprocess] [--watchlog=FILE] [--dbfile=FILE] \
11 [--logto=FILE] [--grace=SECONDS] [--daemon=PIDFILE] \
12 [--version] [--dumpconfig] [--list]
13
15 pop-before-smtp watches your mail log file (e.g. /var/log/maillog) for
16 lines written by your POP/IMAP software (e.g. UW popd/imapd) that
17 indicate a successful login. When found, pop-before-smtp installs an
18 entry for the IP in an on-disk hash (DB) that is watched by your SMTP
19 software (e.g. Postfix, sendmail, qmail, etc.). It then expires these
20 entries when 30 minutes have elapsed after the last POP/IMAP access
21 from that IP.
22
24 --config=FILE
25 Specify the config file to read instead of
26 /etc/pop-before-smtp-conf.pl. Useful for testing a new
27 configuration before you install it. This option must occur first
28 on the command-line since it will be processed before reading the
29 config file, and all other options will be processed after reading
30 the config file.
31 --[no]write
33 Specify --nowrite if you don't want the DB file to be even opened,
34 let alone updated. Useful for trying out pattern-matching rules,
35 especially when used with --debug and --reprocess. (If your mail-
36 log is world-readable, you can even run the test as a non-
37 privileged user.)
38 --[no]debug
40 If you specify --debug, logging to stdout will be enabled, plus
41 extra debug messages will be generated to help you diagnose
42 local/remote IP distinctions. Specify --logto after this option if
43 you want the messages to go somewhere other than stdout. Often
44 combined with --reprocess.
45 --[no]flock
47 Using --noflock will turn off the default file-locking used on the
48 DB file.
49 --reprocess
51 Parse the whole mail-log file, pretending that each line is
52 happening again. Useful for testing, especially when combined with
53 --debug and possibly --nowrite.
54 --watchlog=FILE
56 You can specify what mail-log to watch for POP/IMAP events. To see
57 what the default value is for your system, run "pop-before-smtp
58 --dumpconfig".
59 --dbfile=FILE
61 You can specify what DB file to update. To see what the default
62 value is for your system, run "pop-before-smtp --dumpconfig".
63 Typically, the filename that is created/updated is this name with a
64 ".db" suffix added (because the default tie function appends the
65 ".db" onto the specified db name -- if you supply a custom tie
66 function, it is free to choose to do something else).
67 --logto=FILE
69 Turns on logging to the specified file (use "-" for stdout).
70 --grace=SECONDS
72 Set the number of seconds that an IP address is authorized after it
73 successfully signs in via POP or IMAP.
74 --version
76 Output the current version of the script and exit. May be combined
77 with --dumpconfig and --list in the same run.
78 --dumpconfig
80 Output some config info and exit. This makes it easy to see what
81 things like the dbfile, logto, and watchlog values are being set to
82 in the config file. May be combined with --version and --list in
83 the same run.
84 --list
86 List the current IPs contained in the DB file (if any) and exit.
87 May be combined with --version and --dumpconfig in the same run.
88 --daemon=PIDFILE
90 Become a daemon by forking, redirecting STDIN/STDOUT/STDERR to
91 /dev/null, calling setsid, calling chdir('/'), and writing out the
92 process ID of the forked process into the specified PIDFILE.
93
95 This daemon directly requires four modules from CPAN, which are not
96 included in the base Perl release as of this writing. See the
97 quickstart guide for more information (either look at the
98 README.QUICKSTART file in the source or visit
99 http://popbsmtp.sourceforge.net/quickstart.shtml).
100 You should edit the supplied pop-before-smtp-conf.pl file to customize
102 things for your local system, such as scanning for the right POP/IMAP
103 authorization, setting various options, etc. Again, the quickstart
104 guide cover this.
105 When starting up, pop-before-smtp builds an internal table of all
107 netblocks natively permitted by your SMTP software (for Postfix it
108 looks at the output of "postconf mynetworks"). This allows us to filter
109 out local IP addresses that are already authorized and thus need no
110 special help from us.
111 This daemon likes a couple of helpers. Several init scripts are
113 included with the source and a version customized for your current OS
114 may have been installed in the same package as the pop-before-smtp
115 script.
116 Once pop-before-smtp has been started (and thus the database file has
118 been created), you'll need to modify your MTA's configuration to read
119 the IPs from the database file. This is also covered in the quickstart
120 guide.
121
123 See the website http://popbsmtp.sourceforge.net/ for the latest
124 version. See the mailing list (referenced on the website) for support.
125
127 pop-before-smtp keeps two data structures for all currently-allowed
128 hosts: a queue, and a hash. The queue contains [ipaddr, time] records,
129 while the hash contains ipaddr => time. Every time the daemon wakes up
130 to deal with something else from the logfile handle, it peeks a the
131 front of the queue, and when the timestamp of the record there has
132 expired (is > 30 minutes old) it tosses it, and if the timestamp in the
133 hash equals the timestamp in the queue, it deletes the hash entry and
134 the on-disk db file entry.
135 pop-before-smtp protects the writes to the db file by flock. As far as
137 I know, the consequences of a collision (corrupt read in an smtpd) are
138 relatively mild, and the likelihood of one is remote, but the
139 performance impact of the locking seems to be negligible, so it's
140 enabled by default. To disable the flocking, invoke with --noflock or
141 set "$flock = 0" in the config file.
142
144 Pop-before-smtp was created by Bennett Todd <bet@rahul.net>. It is
145 currently being maintained by Wayne Davison
146 <wayned@users.sourceforge.net>.
147perl v5.10.0 2007-06-06 POP-BEFORE-SMTP(1)