Your message dated Mon, 16 Jan 2006 14:49:51 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#320487: fixed in postgrey 1.24-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 29 Jul 2005 19:58:01 +0000
>From [EMAIL PROTECTED] Fri Jul 29 12:58:01 2005
Return-path: <[EMAIL PROTECTED]>
Received: from mail.riseup.net [69.90.134.155]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1DyazZ-0002M4-00; Fri, 29 Jul 2005 12:58:01 -0700
Received: from localhost (localhost [127.0.0.1])
by mail.riseup.net (Postfix) with ESMTP id E96D8A2BB2;
Fri, 29 Jul 2005 12:56:38 -0700 (PDT)
Received: from mail.riseup.net ([127.0.0.1])
by localhost (buffy [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
id 30906-18; Fri, 29 Jul 2005 12:56:38 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.riseup.net (Postfix) with ESMTP id 55A34A2DF2;
Fri, 29 Jul 2005 12:56:38 -0700 (PDT)
Received: by pond (Postfix, from userid 1000)
id E76CE3A7A6; Fri, 29 Jul 2005 14:57:55 -0500 (CDT)
Content-Type: multipart/mixed; boundary="===============0708176610=="
MIME-Version: 1.0
From: Micah Anderson <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: postgrey: Please include privacy patch
X-Mailer: reportbug 3.15
Date: Fri, 29 Jul 2005 14:57:55 -0500
Message-Id: <[EMAIL PROTECTED]>
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at riseup.net
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
This is a multi-part MIME message sent by reportbug.
--===============0708176610==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Package: postgrey
Version: 1.21-2
Severity: wishlist
Tags: patch
Please consider adding the attached patch to the postgrey package, it
is very small, but does great things. The patch comes from
http://dev.riseup.net/privacy/postgrey/ and what it does is add the
simple capability to postgrey to store the IPs and emails in the
greylisting database using a one-way SHA1 hash function, instead of in
clear-text.
This will defeat straight-forward attempts to retrieve mail user
behaviours. The goal is to give the system administrator the means to
implement their site-logging policies by allowing them easier control
over the privacy behavior of what information postgrey gathers. Please
see the above page for more information regarding the rationale.
The attached patch adds this capability to the current postgrey debian
package (1.21-2) in a non-intrusive way.
Thanks,
Micah
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (300, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.8-2-k7
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages postgrey depends on:
ii debconf 1.4.52 Debian configuration management sy
ii libberkeleydb-perl 0.26-3 use Berkeley DB 4 databases from P
ii libnet-dns-perl 0.48-1 Perform DNS queries from a Perl sc
ii libnet-server-perl 0.87-3 An extensible, general perl server
ii perl 5.8.7-4 Larry Wall's Practical Extraction
ii ucf 2.000 Update Configuration File: preserv
Versions of packages postgrey recommends:
ii postfix 2.2.3-3.riseup.net.1 A high-performance mail transport
-- debconf information excluded
--===============0708176610==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="postgrey-1.21-privacy_debian.patch"
diff -urN postgrey-1.21.orig/debian/control postgrey-1.21/debian/control
--- postgrey-1.21.orig/debian/control 2005-07-27 20:49:52.000000000 +0200
+++ postgrey-1.21/debian/control 2005-07-25 01:14:37.000000000 +0200
@@ -9,7 +9,7 @@
Package: postgrey
Architecture: all
Depends: debconf, libberkeleydb-perl (>= 0.23-2), libnet-dns-perl,
- libnet-server-perl (>= 0.87), perl, ucf (>= 0.28)
+ libnet-server-perl (>= 0.87), libdigest-sha1-perl, perl, ucf (>= 0.28)
Recommends: postfix
Description: greylisting implementation for Postfix
A policy server for postfix (version 2.1 and later) implementing greylisting.
diff -urN postgrey-1.21.orig/debian/postgrey-default
postgrey-1.21/debian/postgrey-default
--- postgrey-1.21.orig/debian/postgrey-default 2005-07-27 20:49:52.000000000
+0200
+++ postgrey-1.21/debian/postgrey-default 2005-07-27 20:34:40.000000000
+0200
@@ -5,6 +5,7 @@
# you may want to set
# --delay=N how long to greylist, seconds (default: 300)
# --max-age=N delete old entries after N days (default: 30)
+# --privacy store data using one-way hash functions
# see also the postgrey(8) manpage
POSTGREY_OPTS="--inet=127.0.0.1:60000"
diff -urN postgrey-1.21.orig/postgrey postgrey-1.21/postgrey
--- postgrey-1.21.orig/postgrey 2005-07-27 20:49:52.000000000 +0200
+++ postgrey-1.21/postgrey 2005-07-27 20:35:46.000000000 +0200
@@ -15,6 +15,7 @@
use Fcntl ':flock'; # import LOCK_* constants
use Sys::Hostname;
use POSIX qw(strftime setlocale LC_ALL);
+use Digest::SHA1 qw(sha1_hex);
use vars qw(@ISA);
@ISA = qw(Net::Server::Multiplex);
@@ -245,6 +246,9 @@
my ($client_net, $client_host) =
$self->do_client_substitutions($attr->{client_address},
$attr->{client_name});
my $key = lc "$client_net/$sender/$attr->{recipient}";
+ if ($self->{postgrey}{privacy}) {
+ $key = sha1_hex($key);
+ }
my $val = $db->{$key};
my $first;
@@ -294,6 +298,9 @@
if($self->{postgrey}{awl_clients}) {
my $cawl_db = $self->{postgrey}{db_cawl};
my $cawl_key = $attr->{client_address};
+ if ($self->{postgrey}{privacy}) {
+ $cawl_key = sha1_hex($cawl_key);
+ }
my $cawl_val = $cawl_db->{$cawl_key};
my ($cawl_count, $cawl_last);
($cawl_count, $cawl_last) = split(/,/,$cawl_val) if defined $cawl_val;
@@ -370,7 +377,7 @@
'dbdir=s', 'pidfile=s', 'delay=i', 'max-age=i',
'lookup-by-subnet', 'lookup-by-host', 'auto-whitelist-clients:s',
'whitelist-clients=s@', 'whitelist-recipients=s@',
- 'retry-window=s', 'greylist-action=s', 'greylist-text=s',
+ 'retry-window=s', 'greylist-action=s', 'greylist-text=s', 'privacy',
) or exit(1);
# note: lookup-by-subnet can be given for compatibility, but it is default
# so do not do nothing with it...
@@ -442,6 +449,7 @@
whitelist_recipients_files => $opt{'whitelist-recipients'} ||
[ '/etc/postgrey/whitelist_recipients' ,
'/etc/postgrey/whitelist_recipients.local' ],
+ privacy => defined $opt{'privacy'},
},
}, 'postgrey';
@@ -605,6 +613,7 @@
N is the minimal count of mails before a
client is
whitelisted (turned on by default with value
5)
specify N=0 to disable.
+ --privacy store data using one-way hash functions
Note that the --whitelist-x options can be specified multiple times,
and that per default /etc/postgrey/whitelist_clients.local and
@@ -781,6 +790,12 @@
=back
+=head2 Privacy
+
+The --privacy option enable the use of a SHA1 hash function to store
+IPs and emails in the greylisting database. This will defeat straight
+forward attempts to retrieve mail user behaviours.
+
=head2 SEE ALSO
See L<http://www.greylisting.org/> for a description of what
--===============0708176610==--
---------------------------------------
Received: (at 320487-close) by bugs.debian.org; 16 Jan 2006 22:56:52 +0000
>From [EMAIL PROTECTED] Mon Jan 16 14:56:52 2006
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EydAd-00014j-Nq; Mon, 16 Jan 2006 14:49:51 -0800
From: Adrian von Bidder <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.65 $
Subject: Bug#320487: fixed in postgrey 1.24-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Mon, 16 Jan 2006 14:49:51 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 2
Source: postgrey
Source-Version: 1.24-1
We believe that the bug you reported is fixed in the latest version of
postgrey, which is due to be installed in the Debian FTP archive:
postgrey_1.24-1.diff.gz
to pool/main/p/postgrey/postgrey_1.24-1.diff.gz
postgrey_1.24-1.dsc
to pool/main/p/postgrey/postgrey_1.24-1.dsc
postgrey_1.24-1_all.deb
to pool/main/p/postgrey/postgrey_1.24-1_all.deb
postgrey_1.24.orig.tar.gz
to pool/main/p/postgrey/postgrey_1.24.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Adrian von Bidder <[EMAIL PROTECTED]> (supplier of updated postgrey package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 16 Jan 2006 21:17:19 +0100
Source: postgrey
Binary: postgrey
Architecture: source all
Version: 1.24-1
Distribution: unstable
Urgency: low
Maintainer: Adrian von Bidder <[EMAIL PROTECTED]>
Changed-By: Adrian von Bidder <[EMAIL PROTECTED]>
Description:
postgrey - greylisting implementation for Postfix
Closes: 320487 334430 342464
Changes:
postgrey (1.24-1) unstable; urgency=low
.
* The "Let's Actually Do Something For Debian Today" Release
* new upstream version:
- don't use DB_TXN_NOSYNC (causes hangs - closes: #334430)
- --privacy option (closes: #320487)
- netsolmail was added to the whitelist (closes: #342464)
(thanks to David Schweikert for solving all my problems)
Files:
0bd6316849c8b488d33f9c8076db59d4 678 mail optional postgrey_1.24-1.dsc
db11f4da47ee28252cf2ddd160308d7e 27444 mail optional postgrey_1.24.orig.tar.gz
7535a98f402946a7cba7940d7eb742b8 9799 mail optional postgrey_1.24-1.diff.gz
4a4d6ba00efff3ab5cff78cdc762c5fe 40846 mail optional postgrey_1.24-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: get my key from http://fortytwo.ch/gpg/92082481
iEYEARECAAYFAkPMA/0ACgkQi6Qxi+Wn99Y/0wCgspR89m2hPEZ1kUcbwRpIOqA5
ahsAn0TZ0IBQVnS36H+TezesIU2P7fhw
=1sOP
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
