升级slockd,也不知道有什么作用。
一、下载slockd-0.2,从Extmail社区。
二、解包,tar zxvf 文件名
三、mv 解包目录 /usr/local/slockd 覆盖原来slockd目录
四、在slockd目录下,./slockd-init stop/start/restart
以下是INSTALL文档摘录:
5) Config slockd
# cd /usr/local/slockd
Edit config/main.cf, you will see the main configuration for
slockd, every config parameter has comment on it, read them
carefully before any change.
Slockd will listen to only the localhost, port 10030, and throw
any infomation to the STDERR.
The minimal change should take is to change the pid_file and
log_file path to appropriate place, eg:
pid_file /var/run/slockd.pid
log_file /var/log/slockd.log
6) Config your resolv.conf
Edit your /etc/resolv.conf and make sure you have a fast dns
server, if possible install a local cache dns server will gain
great performance.
7) Startup and test
Run it on command line:
# ./slockd
It will startup and accept connection, debug infomation will
throw to the stderr, on another console or terminal, enter
tools directory and run the following command:
perl policy_sig -h localhost -p 10030 --helo FOOBAR \
--ip 192.168.0.1 --from --to
If the programe return:
action=504 : rejected, see
it means slockd works.
You can do more test by replacing --helo, --ip, --from and --to
to other value to see what will retrun from slockd.
8) Config Postfix or other MTA
Currently according apf plugin/patches, slockd can serve Postfix,
sendmail and qmail.
This document only cover how to config the Postfix mta, other
config for sendmail and qmail coming soon.
Edit /path/to/postfix/main.cf
Add "check_policy_service inet:127.0.0.1:10030" entry to the
smtpd_recipient_restrictions, the following is recommand setting:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
check_policy_service inet:127.0.0.1:10030
9) Reload Postfix
Reload postfix, wait and monitor the maillog, to see whether the
Postfix query slockd and reject UCE.
10) Daemonize slockd
After you make sure that slockd works well, you can config it
as a background daemon.
Edit config/main.cf, uncomment log_file and config to a suitable
path, eg: /var/log/slockd.log, uncomment setsid then set to 1:
setsid 1
then call slockd in command line:
./slockd
The slockd will startup and run in background.
11) Initialize script
There is a simple initialize script for slockd to start , stop and
restart, at the top of slockd source tree. run it as:
./slockd-init start
./slockd-init stop
./slockd-init restart
You can add the following line into /etc/rc.d/rc.local
/usr/local/slockd/slockd-init start
阅读(894) | 评论(0) | 转发(0) |
