This is an old revision of the document!

  • Set up your database
    • In database/ run the following:
    • for i in core.tsql access_control.tsql quotas.tsql amavis.tsql checkhelo.tsql checkspf.tsql greylisting.tsql accounting.tsql
      ./convert-tsql mysql $i
      done > policyd.sql
    • This will build policyd.mysql, be sure to always load core.tsql first, you only really need the schema for the modules you plan to use but there is no harm in adding all of them.
    • Load policyd.mysql into your database, in this case MySQL:
    • mysql -u root -p policyd < policyd.mysql
  • Move cluebringer.conf to your /etc directory and edit your database details in cluebringer.conf
  • Copy the cbp/ & awitpt/ directories into /usr/local/lib/policyd-2.1/
  • mkdir /usr/local/lib/policyd-2.1
    cp -r cbp /usr/local/lib/policyd-2.1/
    cp -r awitpt/awitpt /usr/local/lib/policyd-2.1/
  • Copy cbpolicyd and cbpadmin into /usr/local/bin
  • cp cbpadmin /usr/local/bin/
    cp cbpolicyd /usr/local/sbin/
  • Setup system directories
  • mkdir /var/log/cbpolicyd
    mkdir /var/run/cbpolicyd
  • If you are running cbpolicyd as an unprivileged user, then
  • chown cbpolicyd.cbpolicyd /var/log/cbpolicyd /var/run/cbpolicyd
  • Install the webui/* into your apache directory, check out includes/config.php and adjust the database details.
  • Setup Postfix to use cbpolicyd
    • Add the following Postfix config setting in BOTH smtpd_recipient_restrictions and smtpd_end_of_data_restrictions
    • check_policy_service inet:
    • It's recommended to add these parameters first, ie:
    • smtpd_recipient_restrictions = check_policy_service inet:, permit_mynetworks, ..., ...

Optional Amavisd Support

  • Copy your amavisd from /usr/sbin/amavisd and patch it with contrib/amavisd-new-2.5.3_policyd-200802070918.patch
  • patch < contrib/amavisd-new-2.5.3_policyd-200802070918.patch
  • Change your initscripts to start the patched amavisd
  • Copy where you see fit, and add this configuration line to amavisd.conf
  • include_config_files('/path/to/');
  • Edit the top of and change:
  • use lib('/root/cluebringer-trunk');  # to point to the directory which contains cbp/
    my $DB_dsn = "DBI:mysql:database=policyd;host=localhost";  # to point to your MySQL DB
  • Fire everything up and browse to the web gui to set up policyd