nymserv
所属分类:Email服务器
开发工具:Perl
文件大小:23KB
下载次数:0
上传日期:2010-01-04 22:05:19
上 传 者:
sh-1993
说明: Nymserv电子邮件假名服务器
(Nymserv Email Pseudonym Server)
文件列表:
gpg-gen-key.conf.in (181, 2010-01-05)
nymserver.pl (62005, 2010-01-05)
setup.sh (2730, 2010-01-05)
Some extremely brief instructions on setting up a hod.aarg.net style
nym server. This assumes you already know about remailers and DNS,
and sendmail, and have already setup the appropriate DNS records
(either A or MX) to receive mail at a "nym" domain name on your
machine.
Make sure you have Perl 5.6 or later, installed with the DB_File
module. Don't forget to run h2ph when installing perl (cd
/usr/include; h2ph *.h sys/*.h). If you don't have DB_File, get db
from ftp.cs.berkeley.edu:/ucb/4bsd/db.1.85.tar.gz, install it, and
then reinstall perl so that the DB_File module is available.
Make sure you also have a Mixmaster remailer running. You will need
to examine the $REMAIL variable and point it at your Mixmaster binary.
Create a new userid/groupid under which to run the nym. Call it
nymuser.
Create a directory for your nym server to reside in, for example
/usr/nym. Copy the nymserv perl script into /usr/nym, and make three
subdirectories of /usr/nym: pgp, queue, and users. Make sure pgp,
queue, and users are writeable by user nymuser.
Use 'su' to change to your nymserver's new user id, then create a
GnuPG key for your nymserver as follows:
gpg --gen-key
You will want to make sure that the email addresses for the user id
cover both send@ and config@. For
example, the hod.aarg.net key looks like this:
pub 1024D/9721FD57 2002-01-29 Hod Nymserver
uid Hod Nymserver
sub 1024g/9A21D444 2002-01-29
Put the key's GnuPG passphrase in the file pgp/passphrase.
Create files /usr/nym/users/postmaster.forward and
/usr/nym/users/admin.forward which contain your real email address.
Create a file users/remailer-key.reply which contains the GnuPG public
key you just created. Create a ring prototype file by running
commands similar to those below.
echo 'From: nobody@nym.alias.net' > users/remailer-key.reply
echo 'Subject: PGP key for nym.alias.net' >> users/remailer-key.reply
echo '' >> users/remailer-key.reply
gpg --armor --export $YOUR_NEW_KEY_ID >> users/remailer-key.reply
cp pgp/pubring.pgp ring-proto.pgp
Edit the configuration variables in the nymserver.pl script to set
your machine name, nymuser keyid (this must be the long keyid as given
by "gpg --with-colons --list-key"), domain names, and the paths
to the needed binaries. You will need the GnuPG::Interface and
Digest::MD5 perl modules, which you can download at CPAN
(http://www.cpan.org/).
If you have an A record for your nymserver, set up finger support.
Put a line like this in /etc/inetd.conf:
finger stream tcp nowait nymuser /usr/nym/nymserv nymserv -fingerd
Finally, make a new sendmail.cf file which sends all mail to the nym
domain name through the nymserver. What follows is an example ".mc"
file suitable for use with sendmail 8.7.5.
-------------------------------------------------------------------------------
divert(-1)
# Example sendmail configuration for a nymserver
include(`../m4/cf.m4')
dnl
dnl Set your Operating system type below
dnl
OSTYPE(solaris2)dnl
dnl
dnl These flags are necessary to encure privacy (and to prevent nym
dnl from lines from being rewritten with names of actual users in the
dnl password file):
dnl
define(`confPRIVACY_FLAGS',
`novrfy,noexpn,noreceipts,restrictmailq,restrictqrun')dnl
define(`confFROM_HEADER', `$g')dnl
define(`confLOG_LEVEL', `1')dnl
define(`confTO_IDENT', `0s')dnl
define(`HReceived', `H?R?Received')dnl
dnl
dnl Recommended:
dnl
define(`confMIME_FORMAT_ERRORS', `False')dnl
dnl
dnl Uncomment the following line if you want procmail used for local
dnl mail:
dnl
dnl FEATURE(local_procmail)
PUSHDIVERT(7)dnl
######################################
### alias mailer specification ###
######################################
dnl
dnl Note here that 8888 should be changed to the user ID of the nym
dnl user, and 9999 should be changed to the group ID of that user.
dnl
Mnym, P=/usr/nym/nymserv, F=DFMehluS, L=255, T=X-Unix,
U=8888 9999, S=10/30, R=20/40,
A=nymserv -d $u
POPDIVERT`'dnl
MAILER(local)dnl
MAILER(smtp)dnl
LOCAL_RULE_0
dnl
dnl Replace nym.alias.net with the actual name of your nymserver.
dnl
# Redirect the alias mail to the alias mailer
R$+<@nym.alias.net.> $#nym $: $1
-------------------------------------------------------------------------------
Here are some additional configuration tips for Postfix users supplied
by Peter Palfrader (peter@palfrader.org). I haven't tried them, and
hopefully some other Postfix users can clarify this if it needs any fixes.
-------------------------------------------------------------------------------
Use a transport by adding the following to etc/postfix/master.cf:
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (50)
nymserver unix - n n - - pipe
flags=FR user=nymserv argv=/usr/local/bin/nymserv -d $recipient
Add the following to your transport table (for instance /etc/postfix/transport):
nym.example.com nymserver:
Run postmap /etc/postfix/transport, and make sure you have
transport_maps = hash:/etc/postfix/transport
in your main.cf. Then, add nym.example.com to your relay_domains setting
in main.cf:
relay_domains = ....... nym.example.com
If you don't have a relay_domains setting yet, use the "postconf relay_domains"
command to find out what the default is, then add this - with the addition
of the nymserver domain - to main.cf.
-------------------------------------------------------------------------------
If your MTA is exim, you can follow these instructions :
1) make sure you accept mail for the nym domain, so put a line
accept domains = nym.alias.net
in your acl section.
2) tell exim the nym domain is to be considered local and should not
be catched by a dnslookup routeur.
3) add a routeur for your nym domain :
nymserv:
debug_print = "R: nymserv for $local_part@$domain"
driver = accept
domains = +nymdomains
transport = nymserv_pipe
no_verify
no_expn
Don't set any local_part_suffix as it would probably break alias used
(remailer-key for example).
4) add the nymserv_pipe transport :
nymserv_pipe:
debug_print = "T: nymserv_pipe for $local_part@$domain"
driver = pipe
user = nymserv
group = nymserv
path = "/bin:/usr/bin:/usr/local/bin"
command = "/var/lib/nymserv/nymserver.pl -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
----------------------
An additional guide to setting up Nymserv with some great information
and useful complaints about the lack of documentation may be found
here:
http://blog.phrog.org/2007/05/12/nymserv-install-notes/
近期下载者:
相关文件:
收藏者: