Index: head/mail/sendmail/Makefile =================================================================== --- head/mail/sendmail/Makefile +++ head/mail/sendmail/Makefile @@ -30,7 +30,8 @@ WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} DOCS= KNOWNBUGS LICENSE PGPKEYS README RELEASE_NOTES \ sendmail/TRACEFLAGS sendmail/SECURITY sendmail/TUNING -PLIST_SUB+= PREFIX=${PREFIX:S=${PREFIX}/==} MANPREFIX=${MANPREFIX:S=$=/=:S=${PREFIX}==:S=^/==} +PLIST_SUB+= PREFIX=${PREFIX:S=${PREFIX}/==} \ + MANPREFIX=${MANPREFIX:S=$=/=:S=${PREFIX}==:S=^/==} PKGMESSAGE= ${WRKSRC}/pkg-message WCONF= ${WRKSRC}/devtools/Site @@ -44,8 +45,11 @@ BASEMAIL= /usr/libexec/sendmail/sendmail MILTER_SOVER?= 6 -OPTIONS_DEFINE?= SHMEM SEM LA NIS IPV6 TLS SASL SASLAUTHD LDAP BDB GDBM SOCKETMAP CYRUSLOOKUP PICKY_HELO_CHECK MILTER DOCS -OPTIONS_DEFAULT?= SHMEM SEM LA NIS TLS SASL SASLAUTHD PICKY_HELO_CHECK MILTER BDB1 +OPTIONS_DEFINE?= SHMEM SEM LA NIS IPV6 TLS SASL SASLAUTHD LDAP BDB \ + GDBM SOCKETMAP CYRUSLOOKUP BLACKLISTD \ + PICKY_HELO_CHECK MILTER DOCS +OPTIONS_DEFAULT?= SHMEM SEM LA NIS TLS SASL SASLAUTHD BDB1 \ + PICKY_HELO_CHECK MILTER NO_OPTIONS_SORT=yes SHMEM_DESC= System V shared memory support LA_DESC= load averages support @@ -54,6 +58,7 @@ BDB_DESC= Berkeley DB version 4+ support GDBM_DESC= GNU dbm library support (option COMPAT needed) SOCKETMAP_DESC= Enable socketmap feature +BLACKLISTD_DESC= Enable blacklistd support CYRUSLOOKUP_DESC= Enable cyruslookup feature PICKY_HELO_CHECK_DESC= Enable picky HELO check MILTER_DESC= Enable milter support @@ -120,6 +125,9 @@ .if ${PORT_OPTIONS:MLDAP} SITE+= ${FILESDIR}/site.config.m4.ldap .endif +.if ${PORT_OPTIONS:MBLACKLISTD} +SITE+= ${FILESDIR}/site.config.m4.blacklistd +.endif .if ${PORT_OPTIONS:MMILTER} SITE+= ${FILESDIR}/site.config.m4.milter .endif @@ -148,6 +156,12 @@ ${FALSE}; \ fi) .endif +.if ${PORT_OPTIONS:MBLACKLISTD} + @(if [ ! -e "${DESTDIR}/usr/lib/libblacklist.so" ] ; then \ + ${ECHO_MSG} "===> libblacklist.so not found. Please update to FreeBSD 11"; \ + ${FALSE}; \ + fi) +.endif ${REINPLACE_CMD} ${SED_SCRIPT} ${WRKSRC}/devtools/OS/FreeBSD ${SED} -e "s=%%PREFIX%%=${PREFIX}=g" \ -e "s=%%LOCALBASE%%=${LOCALBASE}=g" \ @@ -192,7 +206,8 @@ .endif post-build: - (cd ${WRKSRC}/doc/op && ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} op.txt) + (cd ${WRKSRC}/doc/op && \ + ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} op.txt) pre-install: ${MKDIR} ${STAGEDIR}/etc/mail Index: head/mail/sendmail/files/patch-daemon.c =================================================================== --- head/mail/sendmail/files/patch-daemon.c +++ head/mail/sendmail/files/patch-daemon.c @@ -0,0 +1,13 @@ +--- sendmail/daemon.c.orig 2016-06-12 18:25:14.196269000 -0400 ++++ sendmail/daemon.c 2016-06-12 18:31:47.159880000 -0400 +@@ -754,6 +754,10 @@ + anynet_ntoa(&RealHostAddr)); + } + ++#ifdef USE_BLACKLIST ++ blacklist_init(); ++#endif ++ + if (pipefd[0] != -1) + { + auto char c; Index: head/mail/sendmail/files/patch-main.c =================================================================== --- head/mail/sendmail/files/patch-main.c +++ head/mail/sendmail/files/patch-main.c @@ -0,0 +1,26 @@ +--- sendmail/main.c.orig 2016-06-12 18:24:56.170900000 -0400 ++++ sendmail/main.c 2016-06-12 18:30:07.426701000 -0400 +@@ -4642,3 +4642,23 @@ + sm_etype_printf, + "quick abort %0", + }; ++ ++#ifdef USE_BLACKLIST ++static struct blacklist *blstate; ++ ++void ++blacklist_init(void) ++{ ++ blstate = blacklist_open(); ++} ++ ++void ++blacklist_notify(int a, int fd, char *msg) ++{ ++ if (blstate == NULL) ++ blacklist_init(); ++ if (blstate == NULL) ++ return; ++ (void)blacklist_r(blstate, a, fd, msg); ++} ++#endif Index: head/mail/sendmail/files/patch-sendmail.h =================================================================== --- head/mail/sendmail/files/patch-sendmail.h +++ head/mail/sendmail/files/patch-sendmail.h @@ -0,0 +1,16 @@ +--- sendmail/sendmail.h.orig 2016-06-12 18:23:05.239106000 -0400 ++++ sendmail/sendmail.h 2016-06-12 18:42:38.972341000 -0400 +@@ -2647,6 +2647,13 @@ + extern char *milter_unknown __P((char *, ENVELOPE *, char *)); + #endif /* MILTER */ + ++#if USE_BLACKLIST ++/* blacklistd functions */ ++void blacklist_init(void); ++void blacklist_notify(int, int, char *); ++#include ++#endif ++ + extern char *addquotes __P((char *, SM_RPOOL_T *)); + extern char *arpadate __P((char *)); + extern bool atobool __P((char *)); Index: head/mail/sendmail/files/patch-srvrsmtp.c =================================================================== --- head/mail/sendmail/files/patch-srvrsmtp.c +++ head/mail/sendmail/files/patch-srvrsmtp.c @@ -0,0 +1,44 @@ +--- sendmail/srvrsmtp.c.orig 2015-03-18 07:47:12.000000000 -0400 ++++ sendmail/srvrsmtp.c 2016-06-12 18:36:01.372172000 -0400 +@@ -832,6 +832,9 @@ + int n_badrcpts_adj; + #endif /* _FFR_BADRCPT_SHUTDOWN */ + ++#ifdef USE_BLACKLIST ++ int fd; ++#endif + SevenBitInput_Saved = SevenBitInput; + smtp.sm_nrcpts = 0; + #if MILTER +@@ -1328,6 +1331,9 @@ + (int) tp.tv_sec + + (tp.tv_usec >= 500000 ? 1 : 0) + ); ++#ifdef USE_BLACKLIST ++ blacklist_notify(1, fd, "pre-greeting traffic"); ++#endif + } + } + } +@@ -1723,6 +1729,10 @@ + { + /* not SASL_OK or SASL_CONT */ + message("535 5.7.0 authentication failed"); ++#ifdef USE_BLACKLIST ++ fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); ++ blacklist_notify(1, fd, "AUTH FAIL"); ++#endif + if (LogLevel > 9) + sm_syslog(LOG_WARNING, e->e_id, + "AUTH failure (%s): %s (%d) %s, relay=%.100s", +@@ -3524,6 +3534,10 @@ + if (++n_badcmds > MAXBADCOMMANDS) + { + stopattack: ++#ifdef USE_BLACKLIST ++ fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); ++ blacklist_notify(1, fd, "too many bad commands"); ++#endif + message("421 4.7.0 %s Too many bad commands; closing connection", + MyHostName); + Index: head/mail/sendmail/files/patch-usersmtp.c =================================================================== --- head/mail/sendmail/files/patch-usersmtp.c +++ head/mail/sendmail/files/patch-usersmtp.c @@ -0,0 +1,29 @@ +--- sendmail/usersmtp.c.orig 2014-12-05 10:42:28.000000000 -0500 ++++ sendmail/usersmtp.c 2016-06-12 18:35:25.940865000 -0400 +@@ -1825,6 +1825,10 @@ + + if (saslresult != SASL_OK && saslresult != SASL_CONTINUE) + { ++#ifdef USE_BLACKLIST ++ int fd = sm_io_getinfo(mci->mci_in, SM_IO_WHAT_FD, NULL); ++ blacklist_notify(1, fd, "AUTH FAIL"); ++#endif + if (tTd(95, 5)) + sm_dprintf("AUTH FAIL=%s (%d)\n", + sasl_errstring(saslresult, NULL, NULL), +@@ -1970,9 +1974,13 @@ + do + { + result = attemptauth(m, mci, e, &(mci->mci_sai)); +- if (result == EX_OK) ++ if (result == EX_OK) { ++#ifdef USE_BLACKLIST ++ int fd = sm_io_getinfo(mci->mci_in, SM_IO_WHAT_FD, NULL); ++ blacklist_notify(0, fd, "AUTH OK"); ++#endif + mci->mci_sasl_auth = true; +- else if (result == EX_TEMPFAIL || result == EX_NOPERM) ++ } else if (result == EX_TEMPFAIL || result == EX_NOPERM) + { + mci->mci_saslcap = removemech((mci->mci_sai)[SASL_MECH], + mci->mci_saslcap, Index: head/mail/sendmail/files/site.config.m4.blacklistd =================================================================== --- head/mail/sendmail/files/site.config.m4.blacklistd +++ head/mail/sendmail/files/site.config.m4.blacklistd @@ -0,0 +1,2 @@ +APPENDDEF(`conf_sendmail_ENVDEF', `-DUSE_BLACKLIST') +APPENDDEF(`conf_sendmail_LIBS', `-lblacklist')