Sophie: apolicy-0.73-3mdv2010.0 noarch

apolicy-0.73-3mdv2010.0.noarch.rpm

= Installation =

== Debian Etch 4.0 dependencies ==

{{{
# aptitude install python python-ipy python-dns python-twisted-core python-twisted-bin 
# wget http://ufpr.dl.sourceforge.net/sourceforge/pymilter/python-spf_2.0.3-0_all.deb
# dpkg -i python-spf_2.0.3-0_all.deb
}}}

{i} For all Ubuntu releases, make sure that the ''Universe'' repository
is in your sources.list.

== Ubuntu 6.06 dependencies ==

Add Dapper backports in sources.list.
{{{
deb http://archive.ubuntu.com/ubuntu dapper-backports main universe
}}}

{{{
aptitude install python python-ipy python-dns python-twisted-core python-twisted-bin
aptitude install -t dapper-backports python-spf
}}}

== Ubuntu 6.10, 7.04, 7.10, 8.04 dependencies  ==

{{{
aptitude install python-ipy python-dns python-twisted-core python-twisted-bin python-spf
}}}

== Fedora 7, 8, 9 dependencies ==
{{{
yum install python-twisted-core python-pyspf python-pydns python-IPy python-devel
}}}

== Other distributions ==

apolicy depends on the following Python modules:

 * twisted >= 2.4: http://twistedmatrix.com/
 * ipy >= 0.50: http://software.inl.fr/trac/wiki/IPy
 * pydns >= 2.3: http://pydns.sourceforge.net/
 * pyspf >= 2.0: http://www.bmsi.com/python/milter.html

Your distribution might have most of them already packaged.

== Installing apolicy from source ==

The following commands should do just fine, you must be root:

{{{
# wget http://download.gna.org/apolicy/apolicy-0.73.tar.gz
# tar zxf apolicy-0.73.tar.gz
# python setup.py install
}}}

<!> If you are updating a previous installation, '''don't run python setup.py install''', instead run this one:
{{{
# python setup.py install_lib
}}}

The command above will preserve your configuration files.

Take a look at /etc/apolicy/main.conf for additional settings, and 
/etc/apolicy/policy.conf for the ACLs, actions and access configuration.

=== Verify integrity and authenticity ===
{{{
# wget http://www.apolicy.org/gpg/miguelfilho.gpg -O- -q | gpg --import
# wget http://download.gna.org/apolicy/apolicy-0.73.tar.gz.sig
# gpg --verify apolicy-0.73.tar.gz.sig
}}}

== init scripts ==

To start the daemon, you can use one of the init scripts supplied with the source.
 * '''debian/apolicy.init''': use this init script for Debian and derivatives
 * '''apolicy.init''': use this init script for Red Hat-like distributions

Copy one of them to ''/etc/init.d'', renaming to just ''apolicy''.

Red Hat-like distributions:
{{{
# chkconfig --add apolicy
}}}

Debian and derivatives:
{{{
# update-rc.d apolicy defaults
}}}

Then use the your normal procedure to start/stop the service.

apolicy will listen by default on 127.0.0.1:10001.

By now the proccess must be running, check with `ps` and `netstat`.
In case of any problem, check /var/log/syslog and /var/log/mail.log.


== Configuring Postfix ==

Just add '''check_policy_service inet:127.0.0.1:10001''' to 
'''smtpd_client_restrictions''', '''smtpd_recipient_restrictions''' etc, 
and you are good to go.

For the ''size'' acl works properly, apolicy must to be called from 
'''smtpd_end_of_data_restrictions'''.

Restart Postfix.

== Logging ==

There is two log sources to get information, first is the log sent to
syslog, using the mail facility. The other is the file ''/var/log/twistd.log''.
This file contains critical errors from the '''twisted''' daemon,
keep an eye on this file too.

== Debugging ==

You can turn debug on editing the configuration file /etc/apolicy/main.conf.
Go to the bottom of the file and change this:
{{{
[logger_apolicy]
level=INFO
}}}

To this:
{{{
[logger_apolicy]
level=DEBUG
}}}

Then restart apolicy.