This shows you the differences between two versions of the page.
— |
picoenterprise:email-rbl [2013/12/18 12:52] (current) Luc Nieland created |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | |||
+ | |||
+ | =====Build an RBL-service===== | ||
+ | |||
+ | xxxxxx | ||
+ | |||
+ | ====Installation==== | ||
+ | |||
+ | apt-get install foo | ||
+ | |||
+ | |||
+ | ====Configuration==== | ||
+ | |||
+ | foo | ||
+ | <code> | ||
+ | fooo | ||
+ | ... | ||
+ | </code> | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | An IPv4 + MySQL startingpoint: http://www.blue-quartz.com/rbl/ | ||
+ | |||
+ | The database is only for administration. | ||
+ | |||
+ | |||
+ | |||
+ | ===PACKAGE BOUWEN=== | ||
+ | |||
+ | * voor dev: apt-get install build-essential autoconf automake | ||
+ | autotools-dev debhelper devscripts file fakeroot gnupg lintian patch | ||
+ | patchutils pbuilder make | ||
+ | |||
+ | * apt-get source rbldnsd | ||
+ | |||
+ | * dpkg-depcheck -d ./configure | ||
+ | |||
+ | * extra: apt-get install locales zlib1g-dev | ||
+ | |||
+ | * apt-get build-dep rbldnsd | ||
+ | |||
+ | * mv /usr/local/src/rbldnsd* /home/olivier | ||
+ | chown -R olivier.olivier /home/olivier | ||
+ | |||
+ | * als olivier source ophalen | ||
+ | wget -c http://www.corpit.ru/mjt/rbldnsd/rbldnsd-0.997a.tar.gz | ||
+ | en de .sig zo u wilt... | ||
+ | source uitpakken....d'r zit al een 'debian' subdirectory in om het | ||
+ | package te bouwen... | ||
+ | wel ff een 'install file' aanmaken, omdat je de daemon anders mist na | ||
+ | het bouwen | ||
+ | cd rbldnsd-0.997 && echo 'debian/rbldnsd/usr/sbin/rbldnsd usr/sbin' | ||
+ | >> debian/install | ||
+ | in de debian/rules file regel 39 vlak voor 'dh_installman rbldnsd.8' | ||
+ | de regel invoegen: dh_install | ||
+ | |||
+ | * dan 'cd /home/olivier/rbldnsd-0.997a' en het package bouwen | ||
+ | dpkg-buildpackage -us -uc -rfakeroot -b | ||
+ | |||
+ | * package installeren: | ||
+ | cd .. && dpkg -i rbldnsd_0.997a_amd64.deb | ||
+ | |||
+ | |||
+ | |||
+ | ===CONFIGGEN=== | ||
+ | * zo, hehe.....nou kunnen we gaan configgen..... | ||
+ | * eerst /etc/default/rbldnsd: | ||
+ | |||
+ | ... | ||
+ | RBLDNSD="dsbl6 -f -r/var/lib/rbldns/dsbl6 \ | ||
+ | -l rbl6.log -6 -b2a02:348:50:6728::5 \ | ||
+ | rbl6.pref.nl:ip6trie:spammerlist,whitelist \ | ||
+ | rbl6.pref.nl:generic:forward | ||
+ | " | ||
+ | ... | ||
+ | |||
+ | * nou de benoddigde tree aanmaken: | ||
+ | |||
+ | mkdir -p /var/lib/rbldns/dsbl6 | ||
+ | cd /var/lib/rbldns/dsbl6 | ||
+ | touch forward spammerlist whitelist rbl6.log | ||
+ | chown -R rbldns.rbldns /var/lib/rbldns/dsbl6 | ||
+ | |||
+ | * tot slot de filetjes vullen: | ||
+ | |||
+ | echo '@ A 2a02:348:50:6728::5' >> dsbl6/forward | ||
+ | echo 'test A 2a02:348:50:6728::5' >> dsbl6/forward | ||
+ | |||
+ | echo ':127.0.1.2: Listed, see http://rbl6.pref.nl/check?ipaddress=$' >> | ||
+ | dsbl6/whitelist | ||
+ | |||
+ | en diezelfde regel ook voor dsbl6/spammerlist doen | ||
+ | |||
+ | * ff herstarten-> /etc/init.d/rbldnsd restart | ||
+ | |||
+ | Klaar, nou kan 'ie gevuld worden | ||
+ | |||
+ | * eerst twee netwerkjes blacklisten | ||
+ | echo '2001:21ab:c000/36' >> dsbl6/spammerlist | ||
+ | echo '2605:6001:42::/52' >> dsbl6/spammerlist | ||
+ | |||
+ | en nog eentje, maar die krijgt een specifiek dns-antwoord-commentaar | ||
+ | |||
+ | echo '2001:21ab:def7:4242 :127.0.1.3: This one smells funny' >> | ||
+ | dsbl6/spammerlist | ||
+ | |||
+ | |||
+ | |||
+ | ===TESSSTEN=== | ||
+ | |||
+ | Euhhh, nou willen we kunnen testen of 'ie het ook doet: | ||
+ | |||
+ | * apt-get install ipv6calc | ||
+ | |||
+ | * ipv6calc -q --out revnibbles.arpa 2605:6001:42::1 >> /homedir/nibble.txt | ||
+ | |||
+ | * dan even nibble.txt aanpassen zodat ip6.arpa wordt vervangen door | ||
+ | rbl6.pref.nl. | ||
+ | |||
+ | * dig -6 -txt @2a02:348:50:6728::5 $(cat nibble.txt) | ||
+ | |||
+ | |||