*** greylist.pl.orig	Wed Feb 11 10:37:27 2004
--- greylist.pl	Wed Jul 25 22:20:49 2007
***************
*** 1,5 ****
--- 1,32 ----
  #!/usr/bin/perl
  
+ #
+ #   greylist.pl -- for Postfix 2.3.4 (from examples/smtpd-policy)
+ #
+ #   revision history
+ #	0.0: ORIGIAL
+ #	0.1: Jan.  1, 2007 by Dai ISHIJIMA (only just making DB file)
+ #				i.e., answer ``DUNNO'' everytime
+ #	0.2: Jan.  2, 2007 (midnight version)
+ #	0.3: Jan.  3, 2007 (working-hour pass through version)
+ #	0.4: Mar. 14, 2007 (checking on weekends)
+ #	0.5: Mar. 22, 2007 (logging)
+ #	0.6: Jul. 25, 2007 (separate pass through, controlled by cron,
+ #			    revise DB lock mechanism (see DB_File(3)))
+ #
+ #   preparations:
+ #	make ``/var/mta/greylist.db'' empty DB file (nobody)
+ #		# mkdir -p /var/mta
+ #		# chown nobody:nobody /var/mta
+ #		# cp /dev/null /var/mta/greylist.db
+ #		# chown nobody:nobody /var/mta/greylist.db
+ #
+ #	edit ``master.cf,'' ``main.cf'' to enable greylisting
+ #
+ #   method to check DB file
+ #	% makemap -u btree /var/mta/greylist.db | more
+ #
+ 
  use DB_File;
  use Fcntl;
  use Sys::Syslog qw(:DEFAULT setlogsock);
***************
*** 74,80 ****
--- 101,113 ----
  # $database_name.time(), so that the mail system does not get stuck.
  #
  $database_name="/var/mta/greylist.db";
+ ###$database_name="/var/tmp/greylist.db";		# bad idea
  $greylist_delay=60;
+ #### 2007-07-25
+ $pass_through="/var/mta/greylist.pass";	# if size > 0, return DUNNO
+ 
+ #### 2007-03-21
+ $my_verbose = 1;
  
  #
  # Syslogging options for verbose mode and for fatal errors.
***************
*** 109,114 ****
--- 142,155 ----
  	update_database($key, $time_stamp);
      }
  
+     #### 2007-03-21
+     syslog $syslog_priority, "to=<%s>, from=<%s>, relay=%s[%s], age=%d",
+ 	$attr{"recipient"}, $attr{"sender"},
+ 	$attr{"client_name"}, $attr{"client_address"},
+ 	$now - $time_stamp
+ 	if $my_verbose;
+     ####
+ 
      # The result can be any action that is allowed in a Postfix access(5) map.
      #
      # To label mail, return ``PREPEND'' headername: headertext
***************
*** 123,128 ****
--- 164,175 ----
      if ($now - $time_stamp > $greylist_delay) {
  	return "dunno";
      } else {
+ 	if (-s $pass_through) {
+ 		# answer ``DUNNO'' in working hours (06:00..21.00)
+ 		# on weekdays (It works normally on Saturday and Sunday)
+ 		# i.e.; pass through any mails in these hours
+ 		return "dunno";
+ 	}
  	return "defer_if_permit Service is unavailable";
      }
  }
***************
*** 169,176 ****
      my($key) = @_;
      my($value);
  
!     flock DATABASE_HANDLE, LOCK_SH ||
! 	fatal_exit "Can't get shared lock on %s: $!", $database_name;
      # XXX Synchronize our cache from the on-disk copy before lookup.
      $value = $db_hash{$key};
      syslog $syslog_priority, "lookup %s: %s", $key, $value if $verbose;
--- 216,231 ----
      my($key) = @_;
      my($value);
  
!     #### 2007-07-25
!     unless (flock(DATABASE_HANDLE, LOCK_SH | LOCK_NB)) {
! 	syslog $syslog_priority, "CONTENTION; can't read during update"
! 	if $verbose;
! 	unless(flock(DATABASE_HANDLE, LOCK_SH)) {
! 	    fatal_exit "Can't get shared lock on %s: $!", $database_name;
! 	}
!     }
!     #flock DATABASE_HANDLE, LOCK_SH ||
!     #	fatal_exit "Can't get shared lock on %s: $!", $database_name;
      # XXX Synchronize our cache from the on-disk copy before lookup.
      $value = $db_hash{$key};
      syslog $syslog_priority, "lookup %s: %s", $key, $value if $verbose;
***************
*** 189,202 ****
      my($key, $value) = @_;
  
      syslog $syslog_priority, "store %s: %s", $key, $value if $verbose;
!     flock DATABASE_HANDLE, LOCK_EX ||
! 	fatal_exit "Can't exclusively lock %s: $!", $database_name;
      # XXX Synchronize our cache from the on-disk copy before update.
      $db_hash{$key} = $value;
      $database_obj->sync() &&
  	fatal_exit "Can't update %s: $!", $database_name;
      flock DATABASE_HANDLE, LOCK_UN ||
  	fatal_exit "Can't unlock %s: $!", $database_name;
  }
  
  #
--- 244,269 ----
      my($key, $value) = @_;
  
      syslog $syslog_priority, "store %s: %s", $key, $value if $verbose;
!     #### 2007-07-25
!     unless (flock(DATABASE_HANDLE, LOCK_EX | LOCK_NB)) {
! 	syslog $syslog_priority, "CONTENTION; must have EXCLUSIVE lock"
! 	if $verbose;
! 	unless(flock(DATABASE_HANDLE, LOCK_EX)) {
! 	    fatal_exit "Can't exclusively lock %s: $!", $database_name;
! 	}
!     }
!     #flock DATABASE_HANDLE, LOCK_EX ||
!     #	fatal_exit "Can't exclusively lock %s: $!", $database_name;
      # XXX Synchronize our cache from the on-disk copy before update.
      $db_hash{$key} = $value;
      $database_obj->sync() &&
  	fatal_exit "Can't update %s: $!", $database_name;
      flock DATABASE_HANDLE, LOCK_UN ||
  	fatal_exit "Can't unlock %s: $!", $database_name;
+     #### 2007-07-25
+     undef $database_obj;
+     untie %db_hash;
+     close(DATABASE_HANDLE);
  }
  
  #
***************
*** 219,225 ****
  # syslog so that people can actually see our messages.
  #
  setlogsock $syslog_socktype;
! openlog $0, $syslog_options, $syslog_facility;
  
  #
  # We don't need getopt() for now.
--- 286,294 ----
  # syslog so that people can actually see our messages.
  #
  setlogsock $syslog_socktype;
! ####openlog $0, $syslog_options, $syslog_facility;
! openlog "postfix/greylist.pl", $syslog_options, $syslog_facility;
! #### 2007-03-22
  
  #
  # We don't need getopt() for now.