= Installation =

== Debian Etch 4.0 dependencies ==

{{{
# aptitude install python python-ipy python-dns python-twisted-core python-twisted-bin python-ldap
# wget http://ufpr.dl.sourceforge.net/sourceforge/pymilter/python-spf_2.0.3-0_all.deb
# dpkg -i python-spf_2.0.3-0_all.deb 
}}}

{i} For all Ubuntu releases, make sure that the ''Universe'' repository
is in your sources.list.

== Ubuntu 6.06 dependencies ==

Add Dapper backports in sources.list.
{{{
deb http://archive.ubuntu.com/ubuntu dapper-backports main universe
}}}

{{{
aptitude install python python-ipy python-dns python-twisted-core python-twisted-bin python-ldap
aptitude install -t dapper-backports python-spf
}}}

== Ubuntu 6.10, 7.04, 7.10, 8.04 dependencies  ==

{{{
aptitude install python-ipy python-dns python-twisted-core python-twisted-bin python-spf python-ldap
}}}

== Fedora 7, 8, 9 dependencies ==
{{{
yum install python-twisted-core python-pyspf python-pydns python-IPy python-devel python-ldap
}}}

== Other distributions ==

apolicy depends on the following Python modules:

 * twisted >= 2.4: http://twistedmatrix.com/
 * ipy >= 0.50: http://software.inl.fr/trac/wiki/IPy
 * pydns >= 2.3: http://pydns.sourceforge.net/
 * pyspf >= 2.0: http://www.bmsi.com/python/milter.html
 * ldap: http://python-ldap.sourceforge.net/

Your distribution might have most of them already packaged.

== Installing apolicy from source ==

The following commands should do just fine, you must be root:

{{{
# wget ftp://ftp.uma.es/pub/apolicy/apolicy-0.74-1.tar.gz
# tar zxf apolicy-0.74-1.tar.gz
# cd apolicy-0.74-1
# python setup.py install
}}}

<!> If you are updating a previous installation, '''don't run python setup.py install''', instead run this one:
{{{
# python setup.py install_lib
}}}

The command above will preserve your configuration files.

Take a look at /etc/apolicy/main.conf for additional settings, and 
/etc/apolicy/policy.conf for the ACLs, actions and access configuration.

=== Verify integrity and authenticity <= 0.73 ===
{{{
# wget http://www.apolicy.org/gpg/miguelfilho.gpg -O- -q | gpg --import
# wget http://download.gna.org/apolicy/apolicy-0.73.tar.gz.sig
# gpg --verify apolicy-0.73.tar.gz.sig
}}}

== init scripts ==

To start the daemon
{{{
systemctl daemon-reload
systemctl enable apolicy
systemctl start apolicy
}}}

Note that the supplied default cofiguration comes with a complex example that makes apolicy fail to start. This is because the example need datasource configuration. Adapt the configuraton with trivial stuff and make apolicy starts.

apolicy will listen by default on 127.0.0.1:10001.

By now the proccess must be running, check with `ps` and `netstat`.
In case of any problem, check /var/log/syslog and /var/log/maillog.

== Configuring Postfix ==

Just add '''check_policy_service inet:127.0.0.1:10001''' to 
'''smtpd_client_restrictions''', '''smtpd_recipient_restrictions''' etc, 
and you are good to go.

For the ''size'' acl works properly, apolicy must to be called from 
'''smtpd_end_of_data_restrictions'''.

Restart Postfix.

== Logging ==

There is two log sources to get information, first is the log sent to
syslog, using the mail facility. The other is the file ''/var/log/twistd.log''.
This file contains critical errors from the '''twisted''' daemon,
keep an eye on this file too.

== Debugging ==

You can turn debug on editing the configuration file /etc/apolicy/main.conf.
Go to the bottom of the file and change this:
{{{
[logger_apolicy]
level=INFO
}}}

To this:
{{{
[logger_apolicy]
level=DEBUG
}}}

Then restart apolicy.