Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 544016 - Review Request: cbpolicyd - Postfix anti-spam policy server
Summary: Review Request: cbpolicyd - Postfix anti-spam policy server
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Nobody's working on this, feel free to take it
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2009-12-03 17:39 UTC by Chris St. Pierre
Modified: 2010-11-29 17:47 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-11-29 17:47:34 UTC

Attachments (Terms of Use)

Description Chris St. Pierre 2009-12-03 17:39:50 UTC
Spec URL:

Policyd v2 (codenamed "cluebringer") is a multi-platform policy server for popular MTAs. This policy daemon is designed mostly for large scale mail hosting environments. The main goal is to implement as many spam combating and email compliance features as possible while at the same time maintaining the portability, stability and performance required for mission critical email hosting of today.

Currently, the package has no SELinux magic, but I've found someone to help me write that.

Comment 1 Chris St. Pierre 2009-12-15 15:54:48 UTC
Policyd has released v2.0.9, so I've produced an updated specfile and SRPM for the new version.

Spec URL:

Comment 2 Chris St. Pierre 2009-12-17 15:25:45 UTC
Turns out there was a blocking bug in 2.0.9, so v2.0.10 has been released.  New specfile is up, and a new SRPM is at:

I've also added a logrotate config to the 2.0.10 package.

Comment 3 Chris St. Pierre 2010-02-08 15:52:17 UTC
There was a bug in 2.0.10 that prevented recently-autowhitelisted hosts from sending properly, with policyd producing a database error and returning DEFER.  I've uploaded a new specfile that includes a patch to fix this bug, and a new SRPM for it:

I've also added a cron entry to automatically clean up old entries.

Comment 4 James Findley 2010-02-22 17:43:44 UTC
Ok, rpmlint is throwing up this:
W: mixed-use-of-spaces-and-tabs (spaces: line 7, tab: line 16)

So that needs to be fixed.  

> %define ...

You should use %global rather than %define.

I'm also not sure they are strictly needed, as they make it harder to read.

>Provides:       policyd = %{version}, %{codename} = %{version}
>Obsoletes:      policyd < 2

Why are those there? as far as I can see, there is no policyd rpm in the repos, so the obsoletes isn't needed, and what problem is the Provides: meant to solve?

> %preun

You should probably stop the service before the chkconfig --del here.

>%dir %{configdir}

This is specified in two places.  Perhaps a -common package?


should be %attr(640,root,apache)


These need the %config macro applied

Other than that, it looks pretty good to me.

Comment 5 Chris St. Pierre 2010-03-04 16:38:30 UTC

I've kept the %codename, but changed %define to %global; I got rid of the others %defines.

The naming of this project is pretty muddled.  It's officially called "policyd"; but v.2 was codenamed "cluebringer"; and lots of files are named with "cbpolicyd".  A spec file is distributed with Policyd (which doesn't conform to the Fedora packaging guidelines) that creates an RPM called 'cluebringer'.  People with policyd v1 installed will have an RPM installed called 'policyd'.  Although these have never been in Fedora as far as I know, I added the Provides and Obsoletes to ensure backwards compat with these older packages since I couldn't find any sort of guidelines on this.

%preun fixed.

Given that /etc/cluebringer is the only thing specified in more than one package, I don't know that a -common package makes a lot of sense here.

The errors you're getting from rpmlint about permissions are actually due to those config files not being world-readable, but they both contain passwords so it's important that they not be.  They'll have to be added to the exception list for that check once I get this package into Fedora.  Until then, those errors from rpmlint can be ignored.  %attr(0640,...) is appropriate here.

%config added where necessary.

New spec and SRPM:

Comment 6 Jason Tibbitts 2010-11-24 21:18:41 UTC
Sorry this has sat for so long; I've tried a few times to get someone who knows anything about postfix to look at this to no avail.

The spec uses those terrible macro versions of plain commands like %{__cp} and %{__mkdir_p}.  Honestly I'd just get rid of them all so the spec is readable, but if you really want them, please use them consistently and use %{__rm}, %{__mv}, %{__ln_s} and such.

Do we know what upstream would like their software to be called?

Comment 7 Chris St. Pierre 2010-11-26 16:26:42 UTC
I've changed jobs since entering this review request and I no longer work with Policyd.  Unless someone else wants to take this on it's probably safe to close it.

Comment 8 Jason Tibbitts 2010-11-29 17:47:34 UTC
Cool, thanks.

Note You need to log in before you can comment on or make changes to this bug.