Bug 544016

Summary: Review Request: cbpolicyd - Postfix anti-spam policy server
Product: [Fedora] Fedora Reporter: Chris St. Pierre <cstpierr>
Component: Package ReviewAssignee: Nobody's working on this, feel free to take it <nobody>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: fedora-package-review, johannes.russek, notting, sixy
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-11-29 12:47:34 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 201449    

Description Chris St. Pierre 2009-12-03 12:39:50 EST
Spec URL: http://www.nebrwesleyan.edu/people/stpierre/cbpolicyd.spec
SRPM URL: http://www.nebrwesleyan.edu/people/stpierre/cbpolicyd-2.0.8-2.fc11.src.rpm

Policyd v2 (codenamed "cluebringer") is a multi-platform policy server for popular MTAs. This policy daemon is designed mostly for large scale mail hosting environments. The main goal is to implement as many spam combating and email compliance features as possible while at the same time maintaining the portability, stability and performance required for mission critical email hosting of today.

Currently, the package has no SELinux magic, but I've found someone to help me write that.
Comment 1 Chris St. Pierre 2009-12-15 10:54:48 EST
Policyd has released v2.0.9, so I've produced an updated specfile and SRPM for the new version.

Spec URL: http://www.nebrwesleyan.edu/people/stpierre/cbpolicyd.spec
Comment 2 Chris St. Pierre 2009-12-17 10:25:45 EST
Turns out there was a blocking bug in 2.0.9, so v2.0.10 has been released.  New specfile is up, and a new SRPM is at:


I've also added a logrotate config to the 2.0.10 package.
Comment 3 Chris St. Pierre 2010-02-08 10:52:17 EST
There was a bug in 2.0.10 that prevented recently-autowhitelisted hosts from sending properly, with policyd producing a database error and returning DEFER.  I've uploaded a new specfile that includes a patch to fix this bug, and a new SRPM for it:


I've also added a cron entry to automatically clean up old entries.
Comment 4 James Findley 2010-02-22 12:43:44 EST
Ok, rpmlint is throwing up this:
W: mixed-use-of-spaces-and-tabs (spaces: line 7, tab: line 16)

So that needs to be fixed.  

> %define ...

You should use %global rather than %define.

I'm also not sure they are strictly needed, as they make it harder to read.

>Provides:       policyd = %{version}, %{codename} = %{version}
>Obsoletes:      policyd < 2

Why are those there? as far as I can see, there is no policyd rpm in the repos, so the obsoletes isn't needed, and what problem is the Provides: meant to solve?

> %preun

You should probably stop the service before the chkconfig --del here.

>%dir %{configdir}

This is specified in two places.  Perhaps a -common package?


should be %attr(640,root,apache)


These need the %config macro applied

Other than that, it looks pretty good to me.
Comment 5 Chris St. Pierre 2010-03-04 11:38:30 EST

I've kept the %codename, but changed %define to %global; I got rid of the others %defines.

The naming of this project is pretty muddled.  It's officially called "policyd"; but v.2 was codenamed "cluebringer"; and lots of files are named with "cbpolicyd".  A spec file is distributed with Policyd (which doesn't conform to the Fedora packaging guidelines) that creates an RPM called 'cluebringer'.  People with policyd v1 installed will have an RPM installed called 'policyd'.  Although these have never been in Fedora as far as I know, I added the Provides and Obsoletes to ensure backwards compat with these older packages since I couldn't find any sort of guidelines on this.

%preun fixed.

Given that /etc/cluebringer is the only thing specified in more than one package, I don't know that a -common package makes a lot of sense here.

The errors you're getting from rpmlint about permissions are actually due to those config files not being world-readable, but they both contain passwords so it's important that they not be.  They'll have to be added to the exception list for that check once I get this package into Fedora.  Until then, those errors from rpmlint can be ignored.  %attr(0640,...) is appropriate here.

%config added where necessary.

New spec and SRPM:

Comment 6 Jason Tibbitts 2010-11-24 16:18:41 EST
Sorry this has sat for so long; I've tried a few times to get someone who knows anything about postfix to look at this to no avail.

The spec uses those terrible macro versions of plain commands like %{__cp} and %{__mkdir_p}.  Honestly I'd just get rid of them all so the spec is readable, but if you really want them, please use them consistently and use %{__rm}, %{__mv}, %{__ln_s} and such.

Do we know what upstream would like their software to be called?
Comment 7 Chris St. Pierre 2010-11-26 11:26:42 EST
I've changed jobs since entering this review request and I no longer work with Policyd.  Unless someone else wants to take this on it's probably safe to close it.
Comment 8 Jason Tibbitts 2010-11-29 12:47:34 EST
Cool, thanks.