SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
UCSPI-TCP
Primary tabs
ucspi-tcp is djb's implementation of UNIX Client-Server Program Interface using TCP. It's used on our server to manage what IPs are allowed to connect to the SMTP service(s) as well as passing any environment variables that those IPs might want to use.
Installation
Download the source tarball:
cd /package
wget https://www.fehcom.de/ipnet/ucspi-tcp6/ucspi-tcp6-1.06a.tgz
tar xzf ucspi-tcp6-1.06a.tgz
cd host/ucspi-tcp6-1.06
This version of ucspi-tcp6 included a greetdelay patch for rblsmtpd. Since that functionality is added to qmail-smtpd later (in John Simpson's Combined Patch), there's a potential doubling up of the greetdelay. (See http://notes.sagredo.eu/node/128). However, since John's smtp run script doesn't call rblsmtpd with the "-W" flag,
Install it:
package/install
Make the directory to hold the tcpserver access rules:
mkdir /etc/tcp
Configuration for SMTP server
Edit /etc/tcp/smtp
and add some rules:
127.:allow,RELAYCLIENT=""
192.168.0.:allow,RELAYCLIENT=""
Make the cdb file from the text file:
tcprules /etc/tcp/smtp.cdb /etc/tcp/smtp.tmp < /etc/tcp/smtp
chmod 644 /etc/tcp/smtp.cdb
Rather than having to remember how to do this every time, create /etc/tcp/Makefile
with (NOTE: The spacing before the "tcprules" command should be a TAB!!!!):
smtp.cdb:smtp
tcprules /etc/tcp/smtp.cdb /etc/tcp/smtp.tmp < /etc/tcp/smtp
Then, to recreate compile the CDB file, you simply have to run:
make
ucspi-ssl
For Centos 7, used ucspi-ssl 0.99 from http://www.fehcom.de/ipnet/ucspi-ssl.html.
cd /package
wget http://www.fehcom.de/ipnet/ucspi-ssl/ucspi-ssl-0.99e.tgz
tar zxf ucspi-ssl-0.99e.tgz
cd host/superscript.com/net/ucspi-ssl-0.99e
package/install base
Troubleshooting
https://forums.gentoo.org/viewtopic.php?t=276084&highlight=tcpserver
- Log in to post comments
Credits
Various bits of code, scripts, and procedures were put together with information from John Simpson's qmail.jms1.net website. It's an excellent resource on managing and setting up a Qmail server.