Installation

Debian Etch 4.0 dependencies

# aptitude install python python-ipy python-dns python-twisted-core python-twisted-bin 
# wget http://ufpr.dl.sourceforge.net/sourceforge/pymilter/python-spf_2.0.3-0_all.deb
# dpkg -i python-spf_2.0.3-0_all.deb

{i} For all Ubuntu releases, make sure that the Universe repository is in your sources.list.

Ubuntu 6.06 dependencies

Add Dapper backports in sources.list.

deb http://archive.ubuntu.com/ubuntu dapper-backports main universe

aptitude install python python-ipy python-dns python-twisted-core python-twisted-bin
aptitude install -t dapper-backports python-spf

Ubuntu 6.10, 7.04, 7.10, 8.04 dependencies

aptitude install python-ipy python-dns python-twisted-core python-twisted-bin python-spf

Fedora 7, 8, 9 dependencies

yum install python-twisted-core python-pyspf python-pydns python-IPy python-devel

Other distributions

apolicy depends on the following Python modules:

Your distribution might have most of them already packaged.

Installing apolicy from source

The following commands should do just fine, you must be root:

# wget http://download.gna.org/apolicy/apolicy-0.73.tar.gz
# tar zxf apolicy-0.73.tar.gz
# python setup.py install

<!> If you are updating a previous installation, don't run python setup.py install, instead run this one:

# python setup.py install_lib

The command above will preserve your configuration files.

Take a look at /etc/apolicy/main.conf for additional settings, and /etc/apolicy/policy.conf for the ACLs, actions and access configuration.

Verify integrity and authenticity

# wget http://www.apolicy.org/gpg/miguelfilho.gpg -O- -q | gpg --import
# wget http://download.gna.org/apolicy/apolicy-0.73.tar.gz.sig
# gpg --verify apolicy-0.73.tar.gz.sig

init scripts

To start the daemon, you can use one of the init scripts supplied with the source.

Copy one of them to /etc/init.d, renaming to just apolicy.

Red Hat-like distributions:

# chkconfig --add apolicy

Debian and derivatives:

# update-rc.d apolicy defaults

Then use the your normal procedure to start/stop the service.

apolicy will listen by default on 127.0.0.1:10001.

By now the proccess must be running, check with ps and netstat. In case of any problem, check /var/log/syslog and /var/log/mail.log.

Configuring Postfix

Just add check_policy_service inet:127.0.0.1:10001 to smtpd_client_restrictions, smtpd_recipient_restrictions etc, and you are good to go.

For the size acl works properly, apolicy must to be called from smtpd_end_of_data_restrictions.

Restart Postfix.

Logging

There is two log sources to get information, first is the log sent to syslog, using the mail facility. The other is the file /var/log/twistd.log. This file contains critical errors from the twisted daemon, keep an eye on this file too.

Debugging

You can turn debug on editing the configuration file /etc/apolicy/main.conf. Go to the bottom of the file and change this:

[logger_apolicy]
level=INFO

To this:

[logger_apolicy]
level=DEBUG

Then restart apolicy.

Installation (last edited 2014-08-27 10:00:40 by vic)