git: 8aa480245f56 - main - mail/p5-Mail-Milter-Authentication: Add new port
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 11 Mar 2024 01:27:21 UTC
The branch main has been updated by nork:
URL: https://cgit.FreeBSD.org/ports/commit/?id=8aa480245f5657e917b209a3c7766f38582ec4c7
commit 8aa480245f5657e917b209a3c7766f38582ec4c7
Author: Norikatsu Shigemura <nork@FreeBSD.org>
AuthorDate: 2024-03-11 01:26:27 +0000
Commit: Norikatsu Shigemura <nork@FreeBSD.org>
CommitDate: 2024-03-11 01:26:27 +0000
mail/p5-Mail-Milter-Authentication: Add new port
A Perl implementation of email authentication standards rolled up into a
single easy to use milter.
This milter verifies using the following standards.
ARC / BIMI / DMARC / IPRev / SPF
Check HELO matches it's IP address
DKIM (including ADSP)
DomainKeys (deprecated)
SenderID (deprecated)
Includes other additional modules like AddID, ReturnOK and etc...
Approved by: hrs (mentor)
---
mail/Makefile | 1 +
mail/p5-Mail-Milter-Authentication/Makefile | 94 +++++++++++++++
mail/p5-Mail-Milter-Authentication/distinfo | 3 +
.../files/authentication_milter.in | 93 +++++++++++++++
.../files/patch-bin_authentication__milter | 85 ++++++++++++++
.../files/patch-lib_Mail_Milter_Authentication.pm | 18 +++
.../patch-lib_Mail_Milter_Authentication_Config.pm | 71 ++++++++++++
...lib_Mail_Milter_Authentication_Handler_DMARC.pm | 11 ++
.../files/patch-share_authentication__milter.json | 76 ++++++++++++
.../files/pkg-message.in | 33 ++++++
mail/p5-Mail-Milter-Authentication/pkg-descr | 22 ++++
mail/p5-Mail-Milter-Authentication/pkg-plist | 128 +++++++++++++++++++++
12 files changed, 635 insertions(+)
diff --git a/mail/Makefile b/mail/Makefile
index ef59986a9a0e..3e4784b259cb 100644
--- a/mail/Makefile
+++ b/mail/Makefile
@@ -377,6 +377,7 @@
SUBDIR += p5-Mail-Mbox-MessageParser
SUBDIR += p5-Mail-MboxParser
SUBDIR += p5-Mail-Message
+ SUBDIR += p5-Mail-Milter-Authentication
SUBDIR += p5-Mail-OpenDKIM
SUBDIR += p5-Mail-OpenRelay-Simple
SUBDIR += p5-Mail-POP3Client
diff --git a/mail/p5-Mail-Milter-Authentication/Makefile b/mail/p5-Mail-Milter-Authentication/Makefile
new file mode 100644
index 000000000000..7416e7c9a919
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/Makefile
@@ -0,0 +1,94 @@
+PORTNAME= Mail-Milter-Authentication
+PORTVERSION= 3.20240205
+CATEGORIES= mail perl5
+MASTER_SITES= CPAN
+PKGNAMEPREFIX= p5-
+
+MAINTAINER= nork@FreeBSD.org
+COMMENT= Perl Mail Authentication Milter
+WWW= https://metacpan.org/release/Mail-Milter-Authentication/
+
+LICENSE= ART10 GPLv1+
+LICENSE_COMB= dual
+
+BUILD_DEPENDS= p5-File-ShareDir-Install>0:devel/p5-File-ShareDir-Install
+RUN_DEPENDS= p5-App-Cmd>0:devel/p5-App-Cmd \
+ p5-Clone>0:devel/p5-Clone \
+ p5-Date-Manip>0:devel/p5-Date-Manip \
+ p5-Email-Date-Format>0:mail/p5-Email-Date-Format \
+ p5-Email-Sender>0:mail/p5-Email-Sender \
+ p5-Email-Simple>0:mail/p5-Email-Simple \
+ p5-File-Slurp>0:devel/p5-File-Slurp \
+ p5-Import-Into>0:devel/p5-Import-Into \
+ p5-JSON-XS>0:converters/p5-JSON-XS \
+ p5-List-MoreUtils>0:lang/p5-List-MoreUtils \
+ p5-Lock-File>0:devel/p5-Lock-File \
+ p5-Log-Dispatchouli>0:devel/p5-Log-Dispatchouli \
+ p5-Mail-AuthenticationResults>2.20230112:mail/p5-Mail-AuthenticationResults \
+ p5-Mail-BIMI>=3.20230913:mail/p5-Mail-BIMI \
+ p5-Mail-DataFeed-Abusix>=1.20200617.1:mail/p5-Mail-DataFeed-Abusix \
+ p5-Mail-DKIM>=1.20200824:mail/p5-Mail-DKIM \
+ p5-Mail-DMARC>=1.20160612:mail/p5-Mail-DMARC \
+ p5-Mail-SPF>0:mail/p5-Mail-SPF \
+ p5-Net-DNS-Resolver-Mock>=1.20171219:dns/p5-Net-DNS-Resolver-Mock \
+ p5-Net-DNS>=1.01:dns/p5-Net-DNS \
+ p5-Net-IP>0:net-mgmt/p5-Net-IP \
+ p5-Net-Server>0:net/p5-Net-Server \
+ p5-Proc-ProcessTable>0:devel/p5-Proc-ProcessTable \
+ p5-Prometheus-Tiny-Shared>=0.020:net-mgmt/p5-Prometheus-Tiny-Shared \
+ p5-Sereal>0:converters/p5-Sereal \
+ p5-SUPER>0:devel/p5-SUPER \
+ p5-Test-File-Contents>0:devel/p5-Test-File-Contents \
+ p5-Text-Table>0:textproc/p5-Text-Table \
+ p5-TimeDate>0:devel/p5-TimeDate \
+ p5-TOML>0:textproc/p5-TOML
+TEST_DEPENDS= p5-Crypt-OpenSSL-RSA>0:security/p5-Crypt-OpenSSL-RSA \
+ p5-Test-CheckManifest>0:devel/p5-Test-CheckManifest \
+ p5-Test-Exception>0:devel/p5-Test-Exception \
+ p5-Test-Perl-Critic>0:textproc/p5-Test-Perl-Critic
+
+USES= perl5 shebangfix
+USE_PERL5= configure
+USE_RC_SUBR= authentication_milter
+SHEBANG_FILES= bin/authentication_milter bin/authentication_milter_blocker \
+ bin/authentication_milter_client bin/authentication_milter_log
+
+TEST_ENV= AUTHOR_TESTING=1 \
+ RELEASE_TESTING=1 \
+ TEST_AUTHOR=1
+
+ETCDIR= ${PREFIX}/etc/mail
+EXTRACT_AFTER_ARGS= --exclude ./share/authentication_milter.init \
+ --no-same-owner --no-same-permission
+.for V in CACHEDIR ETCDIR RUNDIR SPOOLDIR VARLIBDIR VARLIBDIRBASE \
+ DEFAULT_USER DEFAULT_GROUP
+REINPLACE_LIST+= -e "s|%%${V}%%|${$V}|g"
+.endfor
+NO_ARCH= yes
+SUB_FILES= pkg-message
+.for V in CACHEDIR ETCDIR RUNDIR SPOOLDIR VARLIBDIR VARLIBDIRBASE \
+ DEFAULT_USER DEFAULT_GROUP
+SUB_LIST+= ${V}=${$V}
+.endfor
+
+PLIST_SUB= ${SUB_LIST}
+
+CACHEDIR= /var/cache/auth_milter
+DEFAULT_GROUP= mailnull
+DEFAULT_USER= mailnull
+RUNDIR= /var/run/auth_milter
+SPOOLDIR= /var/spool/auth_milter
+VARLIBDIR= /var/lib/auth_milter
+VARLIBDIRBASE= /var/lib
+
+post-patch:
+ cd ${PATCH_WRKSRC} && ${REINPLACE_CMD} ${REINPLACE_LIST} \
+ bin/authentication_milter \
+ lib/Mail/Milter/Authentication/Config.pm \
+ lib/Mail/Milter/Authentication/Handler/DMARC.pm \
+ share/authentication_milter.json
+
+post-install:
+ ${MKDIR} ${STAGEDIR}${ETCDIR}/authentication_milter.d
+
+.include <bsd.port.mk>
diff --git a/mail/p5-Mail-Milter-Authentication/distinfo b/mail/p5-Mail-Milter-Authentication/distinfo
new file mode 100644
index 000000000000..248b6a8464f1
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1708613768
+SHA256 (Mail-Milter-Authentication-3.20240205.tar.gz) = 88a04406509c2f6a2b1b718b1ca250dc4e86f783343ceeb6cd6eac00ed4d0d7e
+SIZE (Mail-Milter-Authentication-3.20240205.tar.gz) = 249101
diff --git a/mail/p5-Mail-Milter-Authentication/files/authentication_milter.in b/mail/p5-Mail-Milter-Authentication/files/authentication_milter.in
new file mode 100644
index 000000000000..870ea0c4b6df
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/files/authentication_milter.in
@@ -0,0 +1,93 @@
+#!/bin/sh
+
+# PROVIDE: authentication_milter
+# REQUIRE: NETWORKING
+# BEFORE: mail
+# KEYWORD: shutdown
+#
+# Define these authentication_milter* variables in one of these files:
+# /etc/rc.conf
+# /etc/rc.conf.local
+# /etc/rc.conf.d/authentication_milter
+#
+# DO NOT CHANGE THESE DEFAULT VALUES HERE
+#
+# Add the following lines to /etc/rc.conf to enable authentication_milter:
+#
+# authentication_milter_enable="YES"
+# authentication_milter_flags="<set as needed>"
+# authentication_milter_prefix="%%ETCDIR%%"
+# authentication_milter_foreground_enable="<default 'NO'>"
+#
+
+. /etc/rc.subr
+
+name="authentication_milter"
+rcvar="authentication_milter_enable"
+procname="${name}:parent"
+
+load_rc_config $name
+
+: ${authentication_milter_enable:=NO}
+: ${authentication_milter_prefix:=%%ETCDIR%%}
+: ${authentication_milter_foreground_enable:=NO}
+
+pidfile="%%RUNDIR%%/${name}.pid"
+command="%%PREFIX%%/bin/authentication_milter"
+command_args="--pidfile ${pidfile} --prefix ${authentication_milter_prefix} ${command_args}"
+
+start_precmd="authentication_milter_precmd_start"
+stop_precmd="authentication_milter_precmd"
+
+authentication_milter_precmd_start () {
+ var1=
+ var2=
+
+ case "${authentication_milter_flags}" in
+ -c*|*-c*|--control*|*--control*)
+ var1="control"
+ ;;
+ -d*|*-d*|--daemon*|*--daemon*)
+ var1="daemon"
+ ;;
+ --pidfile*|*--pidfile*)
+ var2="pidfile"
+ ;;
+ --prefix*|*--prefix*)
+ var2="prefix"
+ ;;
+ -h*|*-h*|--help*|*--help*)
+ var1="help"
+ ;;
+ esac
+ case ${var1} in
+ "") ;;
+ *)
+ err 1 "Invalid option --${var1} found in ${name}_flags"
+ ;;
+ esac
+ case ${var2} in
+ "") ;;
+ *)
+ err 1 "Invalid option --${var2} found in ${name}_flags." \
+ "Use \$${name}_${var2} in /etc/rc.conf instead."
+ ;;
+ esac
+
+ piddir=$(dirname "$pidfile")
+ install -d %%VARLIBDIRBASE%%
+ install -d -m 0755 -o "%%DEFAULT_USER%%" -g "%%DEFAULT_GROUP%%" "$piddir"
+ install -d -m 0750 -o "%%DEFAULT_USER%%" -g "%%DEFAULT_GROUP%%" \
+ %%RUNDIR%% %%CACHEDIR%% %%SPOOLDIR%% %%VARLIBDIR%%
+
+ authentication_milter_precmd
+ if ! checkyesno authentication_milter_foreground_enable; then
+ command_args="-d ${command_args}"
+ fi
+}
+
+authentication_milter_precmd () {
+ command_args="-c ${rc_arg} ${command_args}"
+}
+
+run_rc_command "$1"
diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-bin_authentication__milter b/mail/p5-Mail-Milter-Authentication/files/patch-bin_authentication__milter
new file mode 100644
index 000000000000..2d9ef925cdcf
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/files/patch-bin_authentication__milter
@@ -0,0 +1,85 @@
+--- bin/authentication_milter.orig 2024-02-05 02:41:57 UTC
++++ bin/authentication_milter
+@@ -15,7 +15,7 @@ use Mail::Milter::Authentication::Protocol::SMTP;
+ use Mail::Milter::Authentication::Protocol::SMTP;
+
+ # CONFIG
+-my $pid_file = '/run/authentication_milter.pid';
++my $pid_file = '%%RUNDIR%%/authentication_milter.pid';
+ my $daemon = 0;
+ my $help = 0;
+ my $prefix;
+@@ -195,11 +195,11 @@ version 3.20240205
+ =item --pidfile <file>
+
+ Write the process PID to the given file.
+- defaults to /run/authentication_milter.pid
++ defaults to %%RUNDIR%%/authentication_milter.pid
+
+ =item --prefix <dir>
+
+- Read configuration from dir rather than /etc/
++ Read configuration from dir rather than %%ETCDIR%%
+
+ =item -i|--ident <ident>
+
+@@ -212,7 +212,7 @@ version 3.20240205
+
+ =head1 CONFIGURATION
+
+- The milter reads configuration from /etc/authentication_milter.json
++ The milter reads configuration from %%ETCDIR%%/authentication_milter.json
+
+ The configuration file format is as follows...
+
+@@ -266,10 +266,10 @@ version 3.20240205
+ "metric_tempfile" : "/tmpfs/authmilter_metrics", | Path to shared metrics data, defaults to <lib_path>/metrics
+ "metric_basic_http" : 1, | Disable extended http services such as config and grafana json pages
+
+- "cache_dir" : "/var/cache/auth_milter", | Path to the shared cache directory
+- "spool_dir" : "/var/spool/auth_milter", | Path to the shared spool directory
+- "lib_dir" : "/var/lib/auth_milter", | Path to the shared lib directory
+- "lock_file" : "/var/run/authmilter.lock", | Optionally specify the location of the Net::Server lock file
++ "cache_dir" : "%%CACHEDIR%%", | Path to the shared cache directory
++ "spool_dir" : "%%SPOOLDIR%%", | Path to the shared spool directory
++ "lib_dir" : "%%VARLIBDIR%%", | Path to the shared lib directory
++ "lock_file" : "%%RUNDIR%%/authmilter.lock", | Optionally specify the location of the Net::Server lock file
+
+ # metric_port and metric_host are deprecated.
+ # please use metric_connection instead
+@@ -289,7 +289,7 @@ version 3.20240205
+ "sock_type" : "inet", | Socket type (inet or unix)
+ "sock_host" : "localhost", | Host to connect to (when inet)
+ "sock_port" : "2525", | Port to connect to (when inet)
+- "sock_path" : "/var/run/smtp.sock", | Socket path to connect to (when unix)
++ "sock_path" : "%%RUNDIR%%/smtp.sock", | Socket path to connect to (when unix)
+ "timeout_in" : "10", | Timeout when waiting for inbound SMTP data
+ "timeout_out" : "10", | Timeout when waiting for outbound SMTP data
+ "pipeline_limit" : "50", | Limit the number of transactions accepted in an SMTP pipeline
+@@ -315,7 +315,7 @@ version 3.20240205
+ "unix:/var/sock/a.sock" : {
+ "server_name" : "util.example.com",
+ "sock_type" : "unix",
+- "sock_path" : "/var/run/smtp.sock",
++ "sock_path" : "%%RUNDIR%%/smtp.sock",
+ "timeout_in" : "10",
+ "timeout_out" : "10"
+ }
+@@ -408,7 +408,7 @@ version 3.20240205
+ },
+ "!InactiveModule" : {},
+ | Additionally, config for a module can be placed in a file
+- | with filename /etc/authentication_milter.d/ModuleName.json
++ | with filename %%ETCDIR%%/authentication_milter.d/ModuleName.json
+ | the contents of which should be the JSON assigned to the
+ | entry here.
+
+@@ -421,7 +421,7 @@ This milter uses Mail::DMARC as a backend for DMARC ch
+
+ This milter uses Mail::DMARC as a backend for DMARC checks, this module requires that a configuration file is setup.
+
+-You should create and populate /etc/mail-dmarc.ini
++You should create and populate %%ETCDIR%%/mail-dmarc.ini
+
+ For DMARC reporting you are also required to setup a datastore, including creating a basic table structure.
+ The detauls of this are to be found in the Mail::DMARC documentation.
diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication.pm b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication.pm
new file mode 100644
index 000000000000..7908a75deddf
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication.pm
@@ -0,0 +1,18 @@
+--- lib/Mail/Milter/Authentication.pm.orig 2024-02-05 02:41:57 UTC
++++ lib/Mail/Milter/Authentication.pm
+@@ -32,11 +32,14 @@ use vars qw(@ISA);
+ my $MYARGS = {
+ 'ident' => $Mail::Milter::Authentication::Config::IDENT,
+ 'to_stderr' => 0, # handled elsewhere
++ 'to_stdout' => 0, # handled elsewhere
+ 'log_pid' => 1,
+ 'facility' => LOG_MAIL,
+ };
+ if ( exists $config->{ 'log_dispatchouli' } ) {
+- $MYARGS = $config->{ 'log_dispatchouli' };
++ foreach my $k (keys %{$config->{ 'log_dispatchouli' }}) {
++ $MYARGS->{$k} = $config->{ 'log_dispatchouli' }->{$k};
++ }
+ }
+
+ $LOGGER = Log::Dispatchouli->new( $MYARGS );
diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Config.pm b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Config.pm
new file mode 100644
index 000000000000..c2ac6dfd0d26
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Config.pm
@@ -0,0 +1,71 @@
+--- lib/Mail/Milter/Authentication/Config.pm.orig 2024-02-05 02:41:57 UTC
++++ lib/Mail/Milter/Authentication/Config.pm
+@@ -21,7 +21,7 @@ our @EXPORT_OK = qw{
+ };
+
+
+-our $PREFIX = '/etc';
++our $PREFIX = '%%ETCDIR%%';
+ our $IDENT = 'authentication_milter';
+ my $CONFIG;
+
+@@ -31,19 +31,19 @@ sub default_config {
+ 'debug' => 0,
+ 'dryrun' => 0,
+ 'logtoerr' => 0,
+- 'error_log' => '/var/log/authentication_milter.err',
++ "log_dispatchouli" => {},
+ 'extended_log' => 1,
+ 'legacy_log' => 0,
+- 'connection' => 'inet:12345@localhost',
+- 'umask' => '0000',
+- 'runas' => 'nobody',
+- 'rungroup' => 'nogroup',
++ 'connection' => 'unix:%%RUNDIR%%/auth_milter.sock',
++ 'umask' => '0077',
++ 'runas' => '%%DEFAULT_USER%%',
++ 'rungroup' => '%%DEFAULT_GROUP%%',
+ 'listen_backlog' => 20,
+ 'check_for_dequeue' => 60,
+- 'min_children' => 20,
+- 'max_children' => 200,
+- 'min_spare_children' => 10,
+- 'max_spare_children' => 20,
++ 'min_children' => 1,
++ 'max_children' => 2,
++ 'min_spare_children' => 1,
++ 'max_spare_children' => 1,
+ 'max_requests_per_child' => 200,
+ 'protocol' => 'milter',
+ 'connect_timeout' => 30,
+@@ -61,9 +61,9 @@ sub default_config {
+ 'ip_map' => {},
+ 'authserv_id' => '',
+ 'handlers' => {},
+- 'cache_dir' => '/var/cache/authentication_milter',
+- 'spool_dir' => '/var/spool/authentication_milter',
+- 'lib_dir' => '/var/lib/authentication_milter',
++ 'cache_dir' => '%%CACHEDIR%%',
++ 'spool_dir' => '%%SPOOLDIR%%',
++ 'lib_dir' => '%%VARLIBDIR%%',
+ 'lock_file' => '',
+ };
+
+@@ -104,7 +104,7 @@ sub setup_config {
+ else {
+ if ( $EUID == 0 ) {
+ # We are root, create in global space
+- $dir = '/var/'.$type.'/authentication_milter';
++ $dir = '/var/'.$type.'/auth_milter';
+ mkdir $dir if ! -e $dir;
+ # Create the subdir for this IDENT
+ $dir .= '/'.$safe_ident;
+@@ -119,7 +119,7 @@ sub setup_config {
+ else {
+ # We are a user! Create something in a temporary space
+ $dir = join( '_',
+- '/tmp/authentication_milter',
++ '/tmp/auth_milter',
+ $type,
+ $EUID,
+ $safe_ident,
diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Handler_DMARC.pm b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Handler_DMARC.pm
new file mode 100644
index 000000000000..4f336401d318
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/files/patch-lib_Mail_Milter_Authentication_Handler_DMARC.pm
@@ -0,0 +1,11 @@
+--- lib/Mail/Milter/Authentication/Handler/DMARC.pm.orig 2024-02-05 02:41:57 UTC
++++ lib/Mail/Milter/Authentication/Handler/DMARC.pm
+@@ -26,7 +26,7 @@ sub default_config {
+ 'report_suppression_list' => 'rbl.example.com',
+ 'no_report' => 0,
+ 'hide_report_to' => 0,
+- 'config_file' => '/etc/mail-dmarc.ini',
++ 'config_file' => '%%ETCDIR%%/mail-dmarc.ini',
+ 'no_reject_disposition' => 'quarantine',
+ 'no_list_reject_disposition' => 'none',
+ 'reject_on_multifrom' => 30,
diff --git a/mail/p5-Mail-Milter-Authentication/files/patch-share_authentication__milter.json b/mail/p5-Mail-Milter-Authentication/files/patch-share_authentication__milter.json
new file mode 100644
index 000000000000..1547a396af4f
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/files/patch-share_authentication__milter.json
@@ -0,0 +1,76 @@
+--- share/authentication_milter.json.orig 2024-02-05 02:41:57 UTC
++++ share/authentication_milter.json
+@@ -2,19 +2,19 @@
+ "debug" : 0,
+ "dryrun" : 0,
+ "logtoerr" : 0,
+- "error_log" : "/var/log/authentication_milter.err",
++ "log_dispatchouli" : {},
+
+- "connection" : "inet:12345@localhost",
+- "umask" : "0000",
+- "runas" : "nobody",
+- "rungroup" : "nogroup",
++ "connection" : "unix:%%RUNDIR%%/auth_milter.sock",
++ "umask" : "0077",
++ "runas" : "%%DEFAULT_USER%%",
++ "rungroup" : "%%DEFAULT_GROUP%%",
+ "chroot" : "",
+
+ "listen_backlog" : 20,
+- "min_children" : 20,
+- "max_children" : 200,
+- "min_spare_children" : 10,
+- "max_spare_children" : 20,
++ "min_children" : 1,
++ "max_children" : 2,
++ "min_spare_children" : 1,
++ "max_spare_children" : 1,
+ "max_requests_per_child" : 200,
+
+ "connect_timeout" : 30,
+@@ -31,21 +31,32 @@
+ "handlers" : {
+
+ "SPF" : {
+- "hide_none" : 0
++ "hide_none" : 0,
++ "hide_received-spf_header": 1
+ },
+
+ "DKIM" : {
+ "hide_none" : 0,
+- "check_adsp" : 1,
++ "check_adsp" : 0,
++ "hide_domainkeys" : 1,
+ "show_default_adsp" : 0,
+- "adsp_hide_none" : 0
++ "adsp_hide_none" : 1
+ },
+
+ "DMARC" : {
+ "hide_none" : 0,
++ "hard_reject" : 0,
++ "no_reject_disposition" : "quarantine",
++ "use_arc" : 1,
++ "no_report" : 1,
++ "config_file": "%%ETCDIR%%/mail-dmarc.ini",
+ "detect_list_id" : "1"
+ },
+
++ "ARC" : {
++ "hide_none" : 0
++ },
++
+ "PTR" : {},
+
+ "SenderID" : {
+@@ -63,7 +74,7 @@
+ "100.200.100.2",
+ "2001:44c2:3881:aa00::/56",
+ "2001:44b8:3021:123:dead:beef:abcd:1234"
+- ],
++ ]
+ },
+
+ "!AddID" : {},
diff --git a/mail/p5-Mail-Milter-Authentication/files/pkg-message.in b/mail/p5-Mail-Milter-Authentication/files/pkg-message.in
new file mode 100644
index 000000000000..b818cbe67c5d
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/files/pkg-message.in
@@ -0,0 +1,33 @@
+[
+{ type: install
+ message: <<EOM
+To enable authentication_milter to run at boot time, set the following
+variable in your /etc/rc.conf file:
+
+ authentication_milter_enable="YES"
+
+Check and/or modify the following configuration files to suit your needs:
+
+ %%ETCDIR%%/authentication_milter.json
+ %%ETCDIR%%/mail-dmarc.ini
+
+ NOTE: The default settings almost works for test and/or personal use,
+ SPF/DKIM/DMARC(no report mail)/ARC(but not enable ARC-Seals) are OK.
+
+ To enable DMARC report feature, now TODO. Because it's required
+ p5-Mail-DMARC port setup.
+
+For sendmail users, please add the following line to your sendmail.mc:
+
+ INPUT_MAIL_FILTER(`authentication_milter', \
+ `S=local:%%RUNDIR%%/auth_milter.sock, F=T, T=R:2m')
+
+For postfix users, please add the following line to your main.cf:
+
+ smtpd_milters = sock:%%RUNDIR%%/auth_milter.sock
+
+ Note: milter sockets must be accessible from postfix/smtpd;
+ using inet sockets might be preferred.
+EOM
+}
+]
diff --git a/mail/p5-Mail-Milter-Authentication/pkg-descr b/mail/p5-Mail-Milter-Authentication/pkg-descr
new file mode 100644
index 000000000000..dd7a509a2948
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/pkg-descr
@@ -0,0 +1,22 @@
+A Perl implementation of email authentication standards rolled up into a
+single easy to use milter.
+This milter verifies using the following standards.
+ ARC / BIMI / DMARC / IPRev / SPF
+ Check HELO matches it's IP address
+ DKIM (including ADSP)
+ DomainKeys (deprecated)
+ SenderID (deprecated)
+Includes additional modules.
+ AddID - add a header to all email (example)
+ ReturnOK - Checks that return addresses have properly configured MX
+ records
+ TLS (milter protocol only) - identifies TLS protected connections
+ Check alignment of RFC5322 From and Mail From addresses
+ Send aggregate data to the abusix service
+ Check for SMTP Authentication
+ Block mail based on simple rules
+ Check IP against a trusted list and/or local IP space
+ Extended logging
+ Reverse loopup checking
+ Check against a list of RBLDNS services
+ Generate metrics about message header and body sizes
diff --git a/mail/p5-Mail-Milter-Authentication/pkg-plist b/mail/p5-Mail-Milter-Authentication/pkg-plist
new file mode 100644
index 000000000000..f820499bd692
--- /dev/null
+++ b/mail/p5-Mail-Milter-Authentication/pkg-plist
@@ -0,0 +1,128 @@
+bin/authentication_milter
+bin/authentication_milter_blocker
+bin/authentication_milter_log
+bin/authentication_milter_client
+@sample %%SITE_PERL%%/auto/share/dist/Mail-Milter-Authentication/authentication_milter.json %%ETCDIR%%/authentication_milter.json
+@sample %%SITE_PERL%%/auto/share/dist/Mail-Milter-Authentication/mail-dmarc.ini %%ETCDIR%%/mail-dmarc.ini
+%%SITE_PERL%%/Mail/Milter/Authentication.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Resolver.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Client.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Tester.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Constants.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Exception.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/HTDocs.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Metric.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Pragmas.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Config.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/IPRev.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TLS_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Size.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/XGoogleDKIM.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Auth.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/AbusixDataFeed.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TLS.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/DMARC_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TrustedIP.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Sanitize_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Sanitize.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Size_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/PTR_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Logger.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/BIMI.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/DKIM_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TestTimeout.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/AlignedFrom.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/AddID.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/ReturnOK_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/LocalIP_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/XGoogleDKIM_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/DMARC.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Auth_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/IPRev_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/Blocker.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/ReturnOK.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/SPF.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/LocalIP.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/SenderID_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/AlignedFrom_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/PTR.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/ARC_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/RBLDNS.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/TrustedIP_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/SPF_metrics.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/SenderID.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/ARC.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Handler/DKIM.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowProcesses.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Metric/Grafana.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowProcessingTime.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowUptime.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowErrors.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Metric/Base.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Metric/RowThroughput.json
+%%SITE_PERL%%/Mail/Milter/Authentication/Tester/HandlerTester.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/htdocs/css/authmilter.css
+%%SITE_PERL%%/Mail/Milter/Authentication/htdocs/css/normalize.css
+%%SITE_PERL%%/Mail/Milter/Authentication/htdocs/css/skeleton.css
+%%SITE_PERL%%/Mail/Milter/Authentication/Net/ServerPatches.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Net/Milter.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/App/Blocker/App.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/App/Blocker/App/Command/delete.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/App/Blocker/App/Command/add.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/App/Blocker/App/Command/list.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/App/ProcessLog/App.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/App/ProcessLog/App/Command/arex.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Protocol/SMTP.pm
+%%SITE_PERL%%/Mail/Milter/Authentication/Protocol/Milter.pm
+%%PERL5_MAN1%%/authentication_milter_blocker.1.gz
+%%PERL5_MAN1%%/authentication_milter_client.1.gz
+%%PERL5_MAN1%%/authentication_milter_log.1.gz
+%%PERL5_MAN1%%/authentication_milter.1.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::App::Blocker::App.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::App::Blocker::App::Command::add.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::App::Blocker::App::Command::delete.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::App::Blocker::App::Command::list.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::App::ProcessLog::App.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::App::ProcessLog::App::Command::arex.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Client.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Config.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Constants.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Exception.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::AbusixDataFeed.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::AddID.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::AlignedFrom.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::ARC.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Auth.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::BIMI.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Blocker.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::DKIM.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::DMARC.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::IPRev.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::LocalIP.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Logger.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::PTR.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::RBLDNS.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::ReturnOK.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Sanitize.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::SenderID.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::Size.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::SPF.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::TestTimeout.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::TLS.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::TrustedIP.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Handler::XGoogleDKIM.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::HTDocs.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Metric.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Metric::Grafana.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Net::Milter.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Net::ServerPatches.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Pragmas.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Protocol::Milter.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Protocol::SMTP.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Resolver.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Tester::HandlerTester.3.gz
+%%PERL5_MAN3%%/Mail::Milter::Authentication::Tester.3.gz
+@dir %%ETCDIR%%/authentication_milter.d