this is obsolete doc -- see http://doc.nethence.com/ instead

Dnsbl-milter on RHEL 

note -- this is only necessary for postoffice smtp server, with Sendmail simply use the FEATURE dnsbl consecutively. 

Requirements 

Note. [DNSBL-milter] (http://dnsbl-milter.sourceforge.net/) requires sendmail-devel -- libmilter to compile. 

On Redhat systems, 

  rpm -q sendmail-devel 

Note. sendmail-milter is probably needed too 

Add the milter group and user, 

groupadd milter 

useradd -M -s /sbin/nologin -g milter milter 

check, 

grep ^milter /etc/group 

grep ^milter /etc/passwd 

Create the folder for the pid and the unix socket, 

  cd /var/run/ 

  mkdir -p milter/ 

  chown milter:milter milter/ 

  chmod 700 milter/ 

Installation 

I need the very latest version of dnsbl-milter (http://dnsbl-milter.sourceforge.net/) to get that option, 

-s              Do not stamp messages with X-DNSBL-MILTER header

Version 1.2 doesn't has it and it is mandatory to work with the postoffice smtp server. 

So I'm getting the development version through git (http://dnsbl-milter.git.sourceforge.net/git/dnsbl-milter/dnsbl-milter.git), 

  git clone git://dnsbl-milter.git.sourceforge.net/gitroot/dnsbl-milter/dnsbl-milter 

  cd dnsbl-milter/ 

  make 

  make install 

  cp init.d/dnsbl-milter /etc/init.d/ 

Note. if you don't have git already, you can get those packages from EPEL (http://fedoraproject.org/wiki/EPEL), 

  git 

  perl-Git 

  perl-Error 

Ready to go 

Register, start and enable the daemon, 

chkconfig --add dnsbl-milter 

service dnsbl-milter restart 

chkconfig dnsbl-milter on 

Check that everything's fine, 

ps aux | grep dnsbl 

chkconfig --list | grep dnsbl-milter 

ls -l /var/run/milter/ 

You can now configure your smtp daemon to use that unix socket as milter and reload/restart it. 

Troubbleshooting 

For dnsbl-mitler to work with postoffice smtp server, and when using something else as 'spam=bounce' like for example 'spam=accept' or 'spam=folder:path', you'll have to disable the stamping of X-DNSBL-MILTER headers, 

cd /etc/init.d/ 

vi dnsbl-milter 

change (add '-s'), 

DPARMS="-s --user milter --group milter --bind unix:$SOCKET" 

Example 

This is a typical set of lines you should see in your logs, once this is up and running, 

Jan 14 09:34:56 bsd dnsbl-milter[95552]: s0E8YtqU096676: [58.54.18.21] [58.54.18.21] is blacklisted on b.barracudacentral.org 

Jan 14 09:34:56 bsd sm-mta[96676]: s0E8YtqU096676: Milter: from=<buiwo@jnxqfnf.net.cn>, reject=550 5.7.1 Client address [58.54.18.21] blocked. Listed on Barracuda Reputation Block List (BRBL). See http://www.barracudacentral.org/lookups?ip_address=58.54.18.21 

Jan 14 09:34:57 bsd sm-mta[96676]: s0E8YtqU096676: from=<buiwo@jnxqfnf.net.cn>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=[58.54.18.21] 

References 

dnsbl-milter - Sendmail DNSBL & DNSWL milter: http://dnsbl-milter.sourceforge.net/ 

Postoffice: http://www.pell.portland.or.us/~orc/Code/postoffice/