[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

db.debian.org (and related infrastructure) updates

On 10884 March 1977, Ryan Murray wrote:

> Here's some news on recent db.debian.org changes that are now available:

> The LDAP schema has been updated to include several new fields:
> 	* Date of Birth (developer-only visible)
> 	* Gender (world visible)
> 	* Mail disable message
> 	* Mail greylisting
> 	* Mail sender verification callouts
> 	* Mail whitelist
> 	* Mail RBL list
> 	* Mail RHSBL list

As there have been a few questions on IRC about all this, here a few
answers to questions that came up:

 - While you can disable mail receiving and set greylisting / callout
   via the webinterface, every other mail related change needs to be
   done via the mail gateway.
   That means setting whitelist, rbl and rhsbl need to go the mail way,
   in the same way that dns zone updates for debian.net are done.

 - If you whitelist hosts - dont bother to whitelist any .debian.org
   host, they are automagically whitelisted.

 - The greylist timeout had been 60 minutes, which was the package
   default of greylistd. It is now changed to 10 minutes, and a bug has
   been filed to hopefully get the default in the package changed too (#405030)

 - the birthDate field isn't currently available via the mail daemon,
   this will be fixed soon.

 - birthDate currently requires a valid year. This will be changed so
   you can specify 0000 if you don't want to enter a year.

 - Sender verification callout is sometimes also called sender
   verify. It means that master.debian.org tries to get a mail sent to
   the address in the MAIL FROM part (stopping right after RCPT TO:) and
   decides on the reply what to do. A permanent error (the 5xx case)
   will let master reject the mail, a temporary error (the 4xx case)
   will also get master to sent out a 4xx error. It will also reply with
   4xx in case a callout uses too much time and then continue to
   validate the address. Results will be cached, of course.

 - The RHSBL feature in use takes the envelopes sender (ie MAIL FROM) to
   look up, not the domain of the client. For postfix users this means
   usage of reject_rhsbl_sender instead of _client.

If you want to adjust some handling of all this, add more nice features,
generally help with our central userdatabase and what it is able to do
for us - you can find the source code at [1] and the cgi part that is
visible through the web is at [2], with templates in [3]. If you have
something feel free to contact admin@db.debian.org with proposals and/or

[1] http://cvs.debian.org/userdir-ldap/?root=debian-admin
[2] http://cvs.debian.org/userdir-ldap-cgi/?root=debian-admin
[3] http://cvs.debian.org/db.debian.org/?root=webwml

bye Joerg
<dilinger> i just managed to procrastinate an extra 30 mins by reading
		   an article on how not to procrastinate

Attachment: pgpRoZzxJuRGF.pgp
Description: PGP signature

Reply to: