Spamdyke is a filter for monitoring and intercepting SMTP connections between a remote host and a qmail server. Spam is blocked while the remote server (spammer) is still connected; no additional processing or storage is needed. In addition to all of its anti-spam filters, spamdyke also includes a number of features to enhance qmail. Best of all, using spamdyke does not require patching or recompiling qmail!
Lets install the port.
# cd /usr/ports/mail/spamdyke
# make install clean
Make sure the following boxes are checked:
Now we need to edit the spamdyke.conf to enable logging.
# vi /usr/local/etc/spamdyke.conf
Now change the following values under logging.
Now lets create the directory and set permissions:
chown -R qmaild:wheel /var/log/spamdyke
I have re-written the qmail-smtpd/run file as of 6/21/16. If you have downloaded that file before this date you will need to copy the new file over. To download it here is what you will need to do:
# cd ~root
# mkdir qmail
# cd qmail
# fetch http://freebsdrocks.net/qmail2/scripts4.tgz
# tar zxvf scripts4.tgz
# rm scripts4.tgz
Now you'll want to edit the new smtpd_run. Please pay attention to anything you have already enabled and uncomment the lines. For instance if you're using validrcptto you'll want to un-comment the appropriate validrcptto lines, etc.
# vi smtpd_run
Change the IP first
Under the RBL section uncomment the following line:
RBLCMD2="/usr/local/bin/spamdyke -f /usr/local/etc/spamdyke.conf"
exit the file then we will copy it over:
# cd /service/qmail-smtpd
# cp run bak.run
# cp ~root/qmail/smtpd_run run
# chmod 755 run
and then restart the qmail-smtpd service.
# svc -t /service/qmail-smtpd
Now check the service and make sure it's running.
# svstat /service/qmail-smtpd
/service/qmail-smtpd: up (pid 20708) 12 seconds
Optional: Adding Spamdyke recipient validation
Parts of this article were modified from this page:
It's impossible to overstate the complexity of qmail's recipient validation procedure. It is inexcusably complex, far beyond the point where anyone can be certain qmail's implementation is correct (and secure) in all cases. If you want to get a glimpse at how bad it is, take at look at the flowchart here. You'll see the flowchart is big, but the number of possible configurations is describes enormous: there are just under 165 thousand different paths through it (even more if the loops are followed multiple times). Fully testing spamdyke's reject-recipient filter requires checking every one of those paths -- this takes weeks to finish using spamdyke's test scripts. spamdyke-qrv begins its work at step 7 in the flowchart (steps 1, 2, 5 and 6 are assumed to have been performed by spamdyke before spamdyke-qrv was started).
spamdyke-qrv is intended to be run as root by marking the binary "setuid root". This is necessary because spamdyke typically runs as a non-root user and doesn't have access to all of the files needed to validate an address without root access.
Now lets start the installation:
# cd /usr/local/bin
# ln -s gcc46 gcc
# ln -s g++46 g++
# cd /usr/ports/distfiles/
# tar -xzvf spamdyke-5.0.1.tgz
# cd spamdyke-5.0.1/spamdyke-qrv
# ./configure --with-excessive-output --with-vpopmail-support VALIAS_PATH=/usr/home/vpopmail/bin/valias VUSERINFO_PATH=/usr/home/vpopmail/bin/vuserinfo
# make install
Check the install with:
spamdyke-qrv -v -v domain.com username