qpsmtpd/qpsmtpd.spec

# $Id: qpsmtpd.spec,v 1.30 2021/11/16 23:13:14 jpp Exp $

Name: qpsmtpd
Version: 1.0.0
Release: 1%{?dist}
Summary: qpsmtpd + qpsmtpd-apache
License: MIT
Group: System Environment/Daemons
URL: http://smtpd.develooper.com/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: perl >= 0:5.00503
BuildRequires: perl(ExtUtils::MakeMaker)
BuildRequires: perl(ExtUtils::ParseXS)
BuildRequires: perl(ExtUtils::Manifest)
BuildArch: noarch
Requires: perl(Mail::Header), perl(Net::DNS) perl(Net::IP)
Requires: perl(IO::Socket::SSL) >= 1.70
Requires: perl(Data::Validate::Domain)
Requires(pre): coreutils, shadow-utils, perl

Source0: %{name}-%{version}.tar.gz
Source1: qpsmtpd-forkserver.rc
Source2: qpsmtpd-forkserver.sysconfig
Source3: qpsmtpd-xinetd
Source4: in.qpsmtpd
Source5: qpsmtpd.conf
Source6: README.selinux

Patch1: qpsmtpd-0.95-qpsmtpd_forserver_keepalive.patch
Patch2: qpsmtpd-0.95-notls_conf.patch
Patch3: qpsmtpd-0.96-set_hooks.patch
Patch4: qpsmtpd-0.96-more_badrcptto.patch
Patch5: qpsmtpd-0.96-dkim_no_sign_for_others_on_symlinks.patch
Patch6: qpsmtpd-0.96-remove_karma_rcpt_handler.patch
Patch7: qpsmtpd-1.0.0-uribl_validate_domains.patch
Patch8: qpsmtpd-0.96-bz10112-whitelist.patch
Patch9: qpsmtpd-0.96-SME10139-Message-Id.patch
Patch10: qpsmtpd-0.96-bz10290-spamassassin-fetchmail.patch
Patch11: qpsmtpd-0.96-bz12450-auth_imap-perport.patch
Patch12: qpsmtpd-v1.0.0-20240428.patch

%description
qpsmtpd is a flexible smtpd daemon written in Perl. Apart from the core
SMTP features, all functionality is implemented in small "extension
plugins" using the easy to use object oriented plugin API.

qpsmtpd was originally written as a drop-in qmail-smtpd replacement, but
now it also includes a smtp forward and a postfix "backend".

%package apache
Requires: perl(mod_perl2)
Summary: mod_perl-2 connection handler for qpsmtpd
Group: System Environment/Daemons

%description apache

This module implements a mod_perl/apache 2.0 connection handler
that turns Apache into an SMTP server using Qpsmtpd.


%prep
%setup -q

%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1

%build
CFLAGS="$RPM_OPT_FLAGS" perl Makefile.PL INSTALLDIRS="vendor" PREFIX="%{buildroot}%{_prefix}"
make

%clean
rm -rf $RPM_BUILD_ROOT
%install

rm -rf $RPM_BUILD_ROOT
find blib/lib -name '*.pm.*' -exec rm -f {} \;
make pure_install

mkdir -p %{buildroot}%{_datadir}/%{name}
rm -f %{buildroot}%{_datadir}/%{name}/plugins/*.*
cp -r plugins %{buildroot}%{_datadir}/%{name}/plugins
mkdir -p %{buildroot}%{_sysconfdir}/%{name}
rm -f %{buildroot}%{_sysconfdir}/%{name}/*.*
cp -r config.sample/* %{buildroot}%{_sysconfdir}/%{name}/
echo %{_datadir}/%{name}/plugins > %{buildroot}%{_sysconfdir}/%{name}/plugin_dirs
echo %{_localstatedir}/spool/qpsmtpd > %{buildroot}%{_sysconfdir}/%{name}/spool_dir
echo logging/file_connection loglevel LOGINFO %{_localstatedir}/log/qpsmtpd/%Y-%m-%d > %{buildroot}%{_sysconfdir}/%{name}/logging
mkdir -p %{buildroot}%{_initrddir}
cp %{SOURCE1} %{buildroot}%{_initrddir}/qpsmtpd-forkserver
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
cp %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/qpsmtpd-forkserver
mkdir -p %{buildroot}%{_localstatedir}/spool/qpsmtpd
mkdir -p %{buildroot}%{_localstatedir}/log/qpsmtpd
mkdir -p %{buildroot}%{_sysconfdir}/xinetd.d
cp %{SOURCE3} %{buildroot}%{_sysconfdir}/xinetd.d/smtp
mkdir -p %{buildroot}%{_sbindir}
cp %{SOURCE4} %{buildroot}%{_sbindir}/in.smtp
mkdir -p %{buildroot}%{_sysconfdir}/httpd/conf.d
cp %{SOURCE5} %{buildroot}%{_sysconfdir}/httpd/conf.d
mkdir -p %{buildroot}%{_docdir}/%{name}-apache-%{version}
cp %{SOURCE6} %{buildroot}%{_docdir}/%{name}-apache-%{version}

[ -x /usr/lib/rpm/brp-compress ] && /usr/lib/rpm/brp-compress

find %{buildroot}%{_prefix} \( -name perllocal.pod -o -name .packlist \) -exec rm {} \;
find %{buildroot}%{_prefix} -type f -print | \
        sed "s@^%{buildroot}@@g"        | \
        grep -v [Aa]sync                | \
        grep -v packaging               | \
        grep -v README.selinux          | \
        grep -v /Apache                 | \
        grep -v /Danga                  | \
        grep -v Qpsmtpd/PollServer.pm   > %{name}-%{version}-%{release}-filelist
if [ "$(cat %{name}-%{version}-%{release}-filelist)X" = "X" ] ; then
    echo "ERROR: EMPTY FILE LIST"
    exit -1
fi

%files -f %{name}-%{version}-%{release}-filelist
%defattr(-,root,root)
%doc CREDITS Changes LICENSE README.md README.plugins.md STATUS
%{_initrddir}/qpsmtpd-forkserver
%config(noreplace) %{_sysconfdir}/qpsmtpd/*
%config(noreplace) %{_sysconfdir}/xinetd.d/smtp
%config(noreplace) %{_sysconfdir}/sysconfig/qpsmtpd-forkserver

%files apache
%defattr(-,root,root)
%{_prefix}/share/perl5/vendor_perl/Apache/Qpsmtpd.pm
%{_mandir}/man3/Apache::Qpsmtpd.3pm.gz
%config(noreplace) %{_sysconfdir}/httpd/conf.d/*
%doc %{_docdir}/%{name}-apache-%{version}/README.selinux

%pre


%changelog
* Sun Apr 28 2024 Jean-Philippe Pialasse <jpp@koozali.org> 1.0.0-1.sme
- upgrade to last version [SME: 11802]
- reapply our specific patches, rewrite them if necessary
  added qpsmtpd-0.96-bz12450-auth_imap-perport.patch from SME10
- apply last fixes in git since v 1.0.0
  postfix: avoid logging full headers;Load plugins in qpsmtpd-forkserver;
  Fix received_line hook behaviour; Add missing use statement for NetAddr::IP

* Fri Jul 14 2023 BogusDateBot
- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
  by assuming the date is correct and changing the weekday.
  Tue Nov 30 2005 --> Tue Nov 29 2005 or Wed Nov 30 2005 or Tue Dec 06 2005 or ....

* Tue Nov 16 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.96-21.sme
- fix fetchmail patch to check local_ip [SME: 11763]

* Mon Nov 15 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.96-20.sme
- fix configuration not honoured on initial start [SME: 10387]
  commented out load_plugins see https://github.com/smtpd/qpsmtpd/issues/288.

* Sun Mar 11 2018 Jean-Philippe Pialasse <tests@pialasse.com> 0.96-19.sme
- add support to force spamcheck on specific IP for fetchmail [SME: 10290]

* Tue Mar 07 2017 Jean-Philippe Pialasse <tests@pialasse.com> 0.96-18.sme
- Removed Message-Id validation, as it rejects MS account validation email [SME: 10139]

* Mon Feb 27 2017 Jean-Philippe Pialasse <tests@pialasse.com> 0.96-17.sme
- fix whitelist plugin to support helo with naughty rejecting at mail stage [SME: 10112]

* Mon Jul 11 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-16.sme
- Validate domains found in uribl with Data::Validate::Domain [SME: 9467]

* Tue Jul 5 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-15.sme
- Use eval to fetch dkim policies, prevent fatal errors in case of DNS
  timeout [SME: 9480]

* Wed Jun 15 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-14.sme
- Remove karma rcpt handling (buggy and doesn't make a lot of sense)
  [SME: 9462]

* Sat May 28 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-13.sme
- Check rua is defined before trying to parse it to prevent an error
  if a domain has a DMARC entry published with no rua [SME: 9206]

* Mon May 16 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-12.sme
- Fix error when RCPT TO is not valid [SME: 9460]

* Mon May 9 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-11.sme
- Fix karma logic by checking negative strikes [SME: 9462]

* Sun May 8 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-10.sme
- Remove previous patch, it was already applied [SME: 9462]

* Sun May 8 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-9.sme
- Backport a fix for karma_tool so it can find its database [SME: 9462]

* Fri May 6 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-8.sme
- Support dkim signing with symlinks [SME: 9496]
- Fix DMARC rejects not working [SME: 9202]
- Add DMARC results notes so further plugin can check it [SME: 9202]
- Add possibility to reject solely on SPF result if no DMARC policy is published
  [SME: 9479]

* Fri May 6 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-7.sme
- Backport some minor patches from git head [SME: 9460]

* Fri Apr 22 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-6.sme
- badrcptto can now read another file container bad addresses [SME: 9460]
  [SME: 4597]

* Thu Apr 21 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-5.sme
- Fix a typo in previous patch [SME: 9462]

* Thu Apr 21 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-4.sme
- Backport the karma strikes param patch [SME: 9462]

* Mon Apr 18 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-3.sme
- hook uribl in data_post so it has access to the body [SME: 9467]

* Sun Apr 17 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-2.sme
- Don't log user credentials except when using the higher log level
  [SME: 9466]

* Sat Apr 16 2016 Daniel Berteaud <daniel@firewall-services.com> 0.96-1.sme
- Update to 0.96 [SME: 9460]

* Fri Mar 25 2016 Charlie Brady <charlieb@charliebrady.org> 0.84-20.sme
- Fix startup warnings due to Socket6 symbol import. [SME: 9386]

* Sun Feb 7 2016 stephane de labrusse <stephdl@de-labrusse.fr> 0.84-19.sme
- Build new rpm for sme10

* Thu Jan 7 2016 Daniel Berteaud <daniel@firewall-services.com> 0.84-18.sme
- Allow reading SSL_version from the tls_protocols config file (and turn
  TLSv1 back on by default) [SME: 9162]

* Wed Jan 6 2016 Daniel Berteaud <daniel@firewall-services.com> 0.84-17.sme
- Correctly log login attempts with nulls in login name [SME: 9167]

* Wed Jan 6 2016 Daniel Berteaud <daniel@firewall-services.com> 0.84-16.sme
- Disable TLSv1 [SME: 9162]

* Fri Sep 11 2015 stephane de Labrusse <stephdl@de-labrusse.fr> 0.84-15.sme
- Modify whitelist_soft transaction to interact with dnsbl filter [SME: 8747]
- by John Crisp <jcrisp@safeandsoundit.co.uk>
- Added qpsmtpd-0.84-make-dnsbl-more-whitelist_soft-aware.patch

* Tue May 19 2015 Daniel Berteaud <daniel@firewall-services.com> 0.84-14.sme
- Disable SSLv3 [SME: 8926]

* Fri May 15 2015 Daniel Berteaud <daniel@firewall-services.com> 0.84-13.sme
- New notls conf to set hosts you dont want to advertize STARTTLS to [SME: 8863]

* Sun Feb 15 2015 Daniel Berteaud <daniel@firewall-services.com> 0.84-12.sme
- Revert forcing TLSv1 patch as it breaks some inbound delivery [SME: 8851]
- Revert whitelist_soft dnsbl as it hasn't been verified yet and we need to
  push the fix for TLSv1 [SME: 8747]

* Fri Dec 26 2014 stephane de Labrusse <stephdl@de-labrusse.fr> 0.84-11.sme
- Modify whitelist_soft transaction to interact with dnsbl filter [SME: 8747]
- by John Crisp <jcrisp@safeandsoundit.co.uk>

* Mon Dec 22 2014 Daniel Berteaud <daniel@firewall-services.com> 0.84-10.sme
- Force usage of TLSv1 [SME: 8726]

* Thu Mar 13 2014 Daniel Berteaud <daniel@firewall-services.com> 0.84-9.sme
- Remove DENYSOFT on SPF softfail [SME: 8273]

* Mon Dec 9 2013 Daniel Berteaud <daniel@firewall-services.com> 0.84-8.sme
- Fix handling of messages with no body and no trailing \n after headers (eq was
  used in attempted assignment). [SME: 8051, see SME: 7754]

* Fri Jul 5 2013 Ian Wells <esmith@wellsi.com> 0.84-7.sme
- Accept messages with no body and no trailing \n after headers [SME: 7754]

* Thu Apr 25 2013 chris burnat <devlist@burnat.com> 0.84-6.sme
- Fix Net::DNS update breaks qpsmtpd, codes suggested by Ian [SME: 7561]

* Wed Apr 24 2013 Daniel Berteaud <daniel@firewall-services.com> 0.84-5.sme
- allows the spamassassin plugin to read the size limit from its
  arguments [SME: 7559]

* Fri Feb 1 2013 Shad L. Lords <slords@mail.com> 0.84-4.sme
- Update spec so building on rhel6 works [SME: 7263]

* Fri May 04 2012 Charlie Brady <charlie_brady@mitel.com> 0.84-3.sme
- Set SO_KEEPALIVE option on client socket - to detect dead
  connections. [SME: 6924]

* Sun Nov 14 2010 <slords@mail.com> 0.84-2.sme
- Sync with upstream git repo.
- Fix require_resolvable_fromhost doesn't work [SME: 6369]
- Fix TLS security defaults [SME: 6241]
- Fix fatal errors when mail has no headers [SME: 6345]

* Wed Apr 14 2010 <slords@mail.com> 0.84-0.1.sme
- Update to 0.84
- add sme specific patches
- Perl module rpms moved to /usr/share/perl5/vendor_perl [SME: 7223]

* Wed Mar 3 2010 <filippo.carletti@gmail.com> 0.83-0.7.sme
- Remove spool and log dir from package (in smeserver-qpsmtpd)
- Don't create smtpd user (unused in sme) [SME: 5815]

* Thu Nov 5 2009 <smeserver-contribs@snetram.nl> 0.83-0.6.sme
- Apply qpsmtpd git changesets to implement custom SPAM
  subject prefix [SME: 5031]

* Tue Nov 3 2009 <slords@mail.com> 0.83-0.5.sme
- Update pre requires so scripts don't fail on install [SME: 5558]

* Sat Oct 31 2009 <slords@mail.com> 0.83-0.4.sme
- Rebase bad_rcptto patch to remove orig file [SME: 5548]
- Change logging in tls init to prevent warnings [SME: 5551]

* Thu Oct 29 2009 <slords@mail.com> 0.83-0.3.sme
- Only run/initialize plugins once [SME: 5533]

* Mon Oct 26 2009 <filippo.carletti@gmail.com> 0.83-0.2.sme
- Change spool dir permissions and owner to qpsmtpd:clamav
- Change log dir permissions and owner to smelog:smelog

* Tue Sep 22 2009 <filippo.carletti@gmail.com> 0.83-0.1.sme
- add sme specific patches

* Fri Sep 18 2009 <rpmbuild@robinbowes.com> 0.83-0.1
- Update to 0.83

* Sun Jul 12 2009 <rpmbuild@robinbowes.com> 0.82-0.1
- Update to latest release
- don't add qpsmtpd to start-up by default
- add apache config file to qpsmtpd-apache package
- remove all patches
- use rpm macros for dirs
- use a filelist for main package instead of a long list of files

* Tue Jul 15 2008 <rpmbuild@robinbowes.com> 0.43-0.7
- Removed SelectServer.pm from .spec file

* Tue Mar 18 2008 <rpmbuild@robinbowes.com> 0.43-0.6
- moved config files back to /etc/qpsmtpd following some changes
  to the qpsmtpd src

* Tue Mar 18 2008 <rpmbuild@robinbowes.com> 0.43-0.5
- moved config files to /etc/qpsmtpd/config

* Tue Mar 18 2008 <rpmbuild@robinbowes.com> 0.43-0.4
- Moved qpsmtpd-async to /usr/bin
- Added qpsmtpd-async man page to async package
- Added async smtproute plugin to async package
  
* Wed Mar 12 2008 <rpmbuild@robinbowes.com> 0.43-0.3
- Makefile.PL now updated in svn, so remove hack

* Wed Mar 12 2008 <rpmbuild@robinbowes.com> 0.43-0.2
- Added qpsmtpd-prefork to qpsmtpd RPM, inc. hack to work round
  deficiency in Makefile.PL

* Mon Mar 10 2008 <rpmbuild@robinbowes.com> 0.43-0.1
- Updated to work with Makefile to build from svn

* Wed Sep 12 2007 <rpmbuild@robinbowes.com> 0.40-2.0
- Updated to build trunk-r790

* Tue Jun 12 2007 <hjp@hjp.at> 0.40-1.0
- updated to 0.40 - no code change.

* Thu Jun 07 2007 <hjp@hjp.at> 0.40-0.2
- unset environment variables which are normally tainted in perl.
- updated to 0.40rc1
- added dependency on Net::IP (needed by some plugins)

* Sat May 05 2007 <hjp@hjp.at> 0.33-0.5
- moved environment cleanup into start() function, otherwise
  LANG just gets reinitialized.

* Sat May 05 2007 <hjp@hjp.at> 0.33-0.4
- split qpsmtpd-async into a separate package to avoid dependency
  on ParaDNS.

* Sat May 05 2007 <hjp@hjp.at> 0.33-0.3
- also unset LANG, LC_ALL and LC_TIME in startup script to prevent
  locale specific Received headers (bug reported by Dominik Meyer)

* Sun Feb 25 2007 <hjp@hjp.at> 0.33-0.2
- 0.3x branch has been merged back to trunk. 
  Got current snapshot (r715) from trunk.

* Sun Feb 25 2007 <hjp@hjp.at> 0.33-0.1
- Start forkserver via "daemon" (Gavin Carr)
- Fixed 'service qpsmtpd-forkserver status' (Gavin Carr)
- Changed policy for config files to noreplace (Gavin Carr)

* Sun Nov 05 2006 <hjp@hjp.at> 0.33-0.0
- Upgraded to current snapshot from 0.3x branch (which should become
  0.33 soon-ish)
- included xinetd-support again.

* Sat Mar 18 2006 <hjp@hjp.at> 0.32-2
- fix dnsbl to check whether answer fits query.
- randomize Net::DNS ids for qpsmtpd-forkserver child processes.

* Wed Mar 08 2006 <hjp@hjp.at> 0.32-1
- New upstream 0.32
- rc-file unsets PERL_UNICODE (bug #38397)

* Sat Jan 28 2006 <hjp@hjp.at> 0.31.1-3
- Use ${SOURCE*} macros to refer to source files
- Avoid invoking rpm and other cleanup in %pre section
- Invoke chkconfig in %post.
- (Thanks to Josko Plazonic for the reporting these problems and
  suggesting fixes)

* Wed Nov 30 2005 <hjp@hjp.at> 0.31.1-2
  Tue Nov 30 2005 --> Tue Nov 29 2005 or Wed Nov 30 2005 or Tue Dec 06 2005 or ....
- Revision 170 of plugins/loggin/file_connection:
  Return DECLINED from open_log.
  Open log in write_log if it isn't already open.

* Tue Nov 29 2005 <hjp@hjp.at> 0.31.1-1
- Commented out queue plugins from sample config
- Added dependencies
- Create smtpd user if it doesn't exist
- Added /var/log/qpsmtpd and /var/spool/qpsmtpd

* Sat Nov 26 2005 <hjp@hjp.at>
- Added file_connection plugin
- Startup file for qpsmtpd-forkserver now uses --detach and assumes that
  a suitable logging module is configured (file_connection by default)

* Wed Nov 23 2005 <hjp@hjp.at>
- Forkserver drops privileges before loading plugins now.

* Sun Nov 20 2005 <hjp@hjp.at>
- New upstream 0.31.1

* Mon Nov 14 2005 <hjp@hjp.at> 0.31-8
- New upstream 0.31rc3.
- pre-connection patch slightly simplified since upstream fixed one of
  the bugs.

* Tue Aug 23 2005 <hjp@hjp.at>
- forced INSTALLSITELIB=/usr/lib/perl5/site_perl as suggested by 
  Charlie Brady.

* Sat Aug 20 2005 <hjp@hjp.at> 0.31-7
- RC2 from upstream.
- Removed patches which aren't applied from spec file.

* Fri Jul 22 2005 <hjp@hjp.at> 0.31-6
- New upstream snapshot from 0.31 branch: svn revision 509.

* Sun Jul 17 2005 <hjp@hjp.at> 0.31-5
- include only /etc/init.d/qpsmtpd-forkserver, not /etc/init.d
  it conflicts with old initscripts packages.

* Sun Jul 17 2005 <hjp@hjp.at> 0.31-4
- removed tabs from forkserver 

* Sun Jul 17 2005 <hjp@hjp.at> 0.31-3
- added startup script for forkserver
- changed BuildArchitectures to noarch.

* Sat Jul 16 2005 <hjp@hjp.at> 0.31-2
- pre-connection hook is now actually called, not just defined.

* Fri Jul 15 2005 <hjp@hjp.at> 0.31-1
- merged with 0.31. Most of my patches are now in the official release.
- merged Gavin's per-user-config patch with my dirs patch, since the
  latter needs a way to turn off logging.
- added /etc/qpsmtpd/plugin_dir to package.

* Mon Jun 13 2005 <hjp@hjp.at> 0.29-6
- fixed removal of patch backup files
- fixed option --pid-file

* Sun Jun 12 2005 <hjp@hjp.at>
- avoid installing patch backup files
- split Apache::Qpsmtpd into separate package to avoid dependency hell.
- fixed URL
- changed group to Daemons.
- Fixed installation for newer versions of ExtUtils::MakeMaker

* Wed Jun  1 2005 <hjp@hjp.at> 0.29-5
- Really don't reap children in signal handler.

* Tue May 31 2005 <hjp@hjp.at> 0.29-4
- Return 421 for DENYSOFT_DISCONNECT
- Don't reap children in signal handler.

* Thu May 19 2005 <hjp@hjp.at> 0.29-3
- removed code to accept paths without <>.

* Thu May 19 2005 <hjp@hjp.at> 0.29-2
- added QPSMTPD_CONFIG env variable and plugin_dir config.
- added supplemental groups and support for pid file
- added shared_connect hook
- changed log level for SMTP dialog from DEBUG to INFO

* Thu Apr 21 2005 hjp@hjp.at
- added plugins, /etc and docs.

* Mon Apr 18 2005 hjp@hjp.at
- Specfile autogenerated