Difference between revisions of "GeoIP"
m (Remove redundant header) |
Unnilennium (talk | contribs) |
||
(93 intermediate revisions by 16 users not shown) | |||
Line 1: | Line 1: | ||
{{Languages}} | {{Languages}} | ||
+ | This product includes GeoLite2 data created by MaxMind, available from | ||
+ | https://www.maxmind.com. | ||
+ | ==Maintainer== | ||
+ | [[User:ReetP|john crisp]] | ||
+ | |||
+ | [mailto:stephdl@de-labrusse.fr stephdl] Stéphane de Labrusse AKA [[User:stephdl|Stephdl]]<br /> | ||
+ | ==Version== | ||
+ | {{#smeversion: smeserver-geoip }} | ||
+ | |||
+ | {{Warning box|From MAXMIND site : | ||
+ | "Due to upcoming data privacy regulations, we are making significant changes to how you access free GeoLite2 databases starting December 30, 2019. Learn more on our blog." https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/ | ||
+ | |||
+ | Quote | ||
+ | Starting December 30, 2019, we will be requiring users of our GeoLite2 databases to register for a MaxMind account and obtain a license key in order to download GeoLite2 databases. We will continue to offer the GeoLite2 databases without charge, and with the ability to redistribute with proper attribution and in compliance with privacy regulations. In addition, we are introducing a new end-user license agreement to govern your use of the GeoLite2 databases. Previously, GeoLite2 databases were accessible for download to the public on our developer website and were licensed under the Creative Commons Attribution-ShareAlike 4.0 International License. | ||
+ | |||
+ | Starting December 30, 2019, downloads will no longer be served from our public GeoLite2 page, from geolite.maxmind.com/download/geoip/database/*, or from any other public URL. | ||
+ | End Quote | ||
+ | |||
+ | See the section below [[GeoIP#Installation_and_Updating_of_geoip_v2_db|Installation of V2 db ]] for steps on how to migrate to the new download mechanism.}} | ||
+ | |||
==Description== | ==Description== | ||
− | The GeoIP plugin lets | + | The GeoIP plugin for qpsmtpd lets you know where your mail server is receiving mail from. If you're receiving too much spam from a particular location, this will help track it down. You can then use that info to reject connections from that place taking the load off your server. |
+ | |||
+ | {{Note box|Maxmind have removed support for their legacy v1 DBs and an update to v2 DBs is required. Please see the bugtracker link to bug #9033 below for more information }} | ||
+ | |||
+ | ==Installation== | ||
− | == | + | <tabs container><tab name="SME 10"> |
+ | yum install smeserver-geoip --enablerepo=smecontribs | ||
+ | Then configure your update key, create a Maxmind account and retrieve an AccountID and LicenseKey properties and keys to the geoip db config. | ||
+ | You can also leave as is and just get the update from rpms every 2 months or so... | ||
+ | <br /> | ||
+ | </tab> | ||
+ | <tab name="SME 9"> | ||
− | === | + | ====Installation of legacy geoip v1 db==== |
− | |||
− | yum --enablerepo= | + | those are still available for few time only for back compatibility purpose and to avoid a yum update mess, or if you do not trust third party repo, but be aware thos db are not updated anymore since April 2018 and were already only 80% accurate then. |
+ | yum install smeserver-geoip --enablerepo=smecontribs | ||
+ | config set UnsavedChanges no | ||
+ | signal-event geoip-update | ||
− | + | ====update of geoip v1 db==== | |
+ | if you have smeserver-geoip-1.1.2-7 already installed, this will keep you on the legacy version, only change new plugin comaptible with v1 and removal of cron update. | ||
+ | yum update --enablerepo=smecontribs | ||
− | + | This is not updated anymore since 2018, you do not need the update key if you want to only use this. | |
− | + | ====Installation and Updating of geoip v2 db==== | |
− | + | As a result you will now need the OpenFusion repo to install smeserver-geoip We will be syncing their mirror in due course to speed up installs and updates. | |
− | + | yum --enablerepo=smeaddons install smeserver-extrarepositories-openfusion | |
+ | signal-event yum-modify | ||
+ | config set UnsavedChanges no | ||
− | + | ====Updating to v2 with v1 DBs installed==== | |
+ | If you have the v1 DBs package smeserver-geoip-1.1.2-7 already installed and do not wish to update to v2 DBs you may perform updates safely, after making sure your smeserver-extrarepositories-openfusion is the latest, the following: | ||
− | + | To carry out an install or update of the new v2 DBs you are required to firstly remove the exclude statement from the openfusion repo db | |
+ | db yum_repositories delprop openfusion Exclude | ||
+ | signal-event yum-modify | ||
+ | You may then go ahead with the following to either install or update a v2 DB package | ||
+ | yum install smeserver-geoip2 --enablerepo=smecontribs,openfusion | ||
+ | yum update --enablerepo=smecontribs,openfusion | ||
+ | config set UnsavedChanges no | ||
− | + | A configuration db for geoip has been created as part of the install | |
+ | # config show geoip | ||
+ | geoip=service | ||
+ | status=enabled | ||
− | + | ====Fresh Installation of geoip v2 DBs==== | |
+ | To carry out an install or update of the new v2 DBs you are required to firstly remove the exclude statement from the openfusion repo db | ||
+ | db yum_repositories delprop openfusion Exclude | ||
+ | signal-event yum-modify | ||
− | + | You may then go ahead with the following to either install or update a v2 DB package | |
− | + | yum install smeserver-geoip2 --enablerepo=smecontribs,openfusion | |
− | + | config set UnsavedChanges no | |
− | + | A configuration db for geoip has been created as part of the install | |
+ | # config show geoip | ||
+ | geoip=service | ||
+ | status=enabled | ||
− | Now | + | Now add Maxmind AccountID and LicenseKey properties and keys to the geoip db config |
+ | </tab> | ||
+ | </tabs> | ||
− | + | ==== Maxmind account to update db ==== | |
+ | Sign up for a MaxMind account (no purchase required) https://dev.maxmind.com/geoip/geoip2/geolite2/ | ||
+ | |||
+ | Important - Note your login details and in particular your AccountID and LicenseKey | ||
+ | |||
+ | Go to Services My Licence key and generate a licence key, carefully note the key details, multiple keys may be created. | ||
+ | |||
+ | The following config property keys and values will be used to set the geoip config db for ongoing updates see below | ||
+ | AccountID ####### | ||
+ | LicenseKey xxxxxxxxxxxxxxx | ||
+ | set them in db and expand the config file | ||
+ | db configuration setprop geoip LicenseKey "YOUR LIC KEY" AccountID "YOUR ACCT ID" | ||
+ | expand-template /etc/GeoIP.conf | ||
+ | |||
+ | ====Update the db==== | ||
+ | signal-event geoip-update | ||
==Testing== | ==Testing== | ||
− | Now that the package and database are installed, we can test it. | + | {{Note box| These tests use the V1 DB which will be increasingly out of date.}} |
+ | |||
+ | Now that the package and database are installed, we can test it (refer to Country Code list at end of page as required). | ||
geoiplookup 216.17.211.37 | geoiplookup 216.17.211.37 | ||
Line 53: | Line 124: | ||
geoiplookup contribs.org | geoiplookup contribs.org | ||
− | Same result. So we know it works with | + | Same result. So we know it works with ip addresses or domain names. Let's test it again around the world. |
geoiplookup gormand.com.au | geoiplookup gormand.com.au | ||
Line 60: | Line 131: | ||
GeoIP Country Edition: AU, Australia | GeoIP Country Edition: AU, Australia | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
One last time: | One last time: | ||
Line 78: | Line 141: | ||
==Usage== | ==Usage== | ||
+ | |||
===Tracking e-mail=== | ===Tracking e-mail=== | ||
− | + | The qpsmtpd GeoIP plugin should now do its work. Check the qpsmtpd logs and you'll see the countries from where mail is sent. | |
cat /var/log/qpsmtpd/current | cat /var/log/qpsmtpd/current | ||
Line 91: | Line 155: | ||
Insert the following: Code: | Insert the following: Code: | ||
− | + | #!/bin/sh | |
− | + | # Read the qpsmtpd log file. | |
− | + | # Read all of the countries and count them. | |
− | + | cat /var/log/qpsmtpd/* | \ | |
− | + | grep 'GeoIP Country:' | \ | |
− | + | sed -e 's/^.*\(..\)$/\1/' | \ | |
− | + | sort | uniq -c | sort -n | |
Now run the script. It will show the number of messages sent by country code. | Now run the script. It will show the number of messages sent by country code. | ||
Line 106: | Line 170: | ||
===Blocking email=== | ===Blocking email=== | ||
− | Add the values to the SME CADNHO db. In our case, Russia | + | Add the values to the SME CADNHO db. In our case, Russia and Poland seem to causing issues. You can type in any country codes you wish. |
config setprop qpsmtpd BadCountries RU,PL | config setprop qpsmtpd BadCountries RU,PL | ||
Line 114: | Line 178: | ||
signal-event email-update | signal-event email-update | ||
− | No more mail from | + | No more mail from domains ending on .ru or .pl. The beauty of this is that the SME Server lookups happen locally on the local database rather than looking up the IP address via dns. This results in very fast responses. In addition, the plugin happens before most other plugins. This means the mail is dropped before the SME Server even has to check to see if it's on a blacklist or if it's spam. |
+ | |||
+ | ===Abbreviated Country Code List=== | ||
+ | |||
+ | A1 Anonymous Proxy | ||
+ | A2 Satellite Provider | ||
+ | AC Ascension Island | ||
+ | AD Andorra | ||
+ | AE United Arab Emirates | ||
+ | AERO members of the air-transport industry | ||
+ | AF Afghanistan | ||
+ | AG Antigua and Barbuda | ||
+ | AI Anguilla | ||
+ | AL Albania | ||
+ | AM Armenia | ||
+ | AN Netherlands Antilles (being phased out) | ||
+ | AO Angola | ||
+ | AQ Antarctica | ||
+ | AP Asia/Pacific | ||
+ | AR Argentina | ||
+ | AS American Samoa | ||
+ | ASIA Restricted to the Pan-Asia and Asia Pacific community | ||
+ | AT Austria | ||
+ | AU Australia | ||
+ | AW Aruba | ||
+ | AX Aland Islands | ||
+ | AZ Azerbaijan | ||
+ | BA Bosnia and Herzegovina | ||
+ | BB Barbados | ||
+ | BD Bangladesh | ||
+ | BE Belgium | ||
+ | BF Burkina Faso | ||
+ | BG Bulgaria | ||
+ | BH Bahrain | ||
+ | BI Burundi | ||
+ | BIZ Restricted for Business | ||
+ | BJ Benin | ||
+ | BL Saint Barthelemy | ||
+ | BM Bermuda | ||
+ | BN Brunei Darussalam | ||
+ | BO Bolivia | ||
+ | BQ Bonaire, Sint Eustatius and Saba | ||
+ | BR Brazil | ||
+ | BS Bahamas | ||
+ | BT Bhutan | ||
+ | BV Bouvet Island | ||
+ | BW Botswana | ||
+ | BY Belarus | ||
+ | BZ Belize | ||
+ | CA Canada | ||
+ | CC Cocos (Keeling) Islands | ||
+ | CD Congo, The Democratic Republic of the | ||
+ | CF Central African Republic | ||
+ | CG Congo | ||
+ | CH Switzerland | ||
+ | CI Cote d'Ivoire | ||
+ | CK Cook Islands | ||
+ | CL Chile | ||
+ | CM Cameroon | ||
+ | CN China | ||
+ | CO Colombia | ||
+ | COM Generic top-level domain | ||
+ | COOP cooperative associations | ||
+ | CR Costa Rica | ||
+ | CU Cuba | ||
+ | CV Cape Verde | ||
+ | CW Curaçao | ||
+ | CX Christmas Island | ||
+ | CY Cyprus | ||
+ | CZ Czech Republic | ||
+ | DE Germany | ||
+ | DJ Djibouti | ||
+ | DK Denmark | ||
+ | DM Dominica | ||
+ | DO Dominican Republic | ||
+ | DZ Algeria | ||
+ | EC Ecuador | ||
+ | EDU Educational Institutions | ||
+ | EE Estonia | ||
+ | EG Egypt | ||
+ | EH Western Sahara | ||
+ | ER Eritrea | ||
+ | ES Spain | ||
+ | ET Ethiopia | ||
+ | EU European Union | ||
+ | FI Finland | ||
+ | FJ Fiji | ||
+ | FK Falkland Islands (Malvinas) | ||
+ | FM Micronesia, Federated States of | ||
+ | FO Faroe Islands | ||
+ | FR France | ||
+ | GA Gabon | ||
+ | GB United Kingdom | ||
+ | GD Grenada | ||
+ | GE Georgia | ||
+ | GF French Guiana | ||
+ | GG Guernsey | ||
+ | GH Ghana | ||
+ | GI Gibraltar | ||
+ | GL Greenland | ||
+ | GM Gambia | ||
+ | GN Guinea | ||
+ | GOV United States Government | ||
+ | GP Guadeloupe | ||
+ | GQ Equatorial Guinea | ||
+ | GR Greece | ||
+ | GS South Georgia and the South Sandwich Islands | ||
+ | GT Guatemala | ||
+ | GU Guam | ||
+ | GW Guinea-Bissau | ||
+ | GY Guyana | ||
+ | HK Hong Kong | ||
+ | HM Heard Island and McDonald Islands | ||
+ | HN Honduras | ||
+ | HR Croatia | ||
+ | HT Haiti | ||
+ | HU Hungary | ||
+ | ID Indonesia | ||
+ | IE Ireland | ||
+ | IL Israel | ||
+ | IM Isle of Man | ||
+ | IN India | ||
+ | INFO Generic top-level domain | ||
+ | IO British Indian Ocean Territory | ||
+ | IQ Iraq | ||
+ | IR Iran, Islamic Republic of | ||
+ | IS Iceland | ||
+ | IT Italy | ||
+ | JE Jersey | ||
+ | JM Jamaica | ||
+ | JO Jordan | ||
+ | JOBS Reserved to serve needs of the international human resource management community | ||
+ | JP Japan | ||
+ | KE Kenya | ||
+ | KG Kyrgyzstan | ||
+ | KH Cambodia | ||
+ | KI Kiribati | ||
+ | KM Comoros | ||
+ | KN Saint Kitts and Nevis | ||
+ | KP Korea, Democratic People's Republic of | ||
+ | KR Korea, Republic of | ||
+ | KW Kuwait | ||
+ | KY Cayman Islands | ||
+ | KZ Kazakhstan | ||
+ | LA Lao People's Democratic Republic | ||
+ | LB Lebanon | ||
+ | LC Saint Lucia | ||
+ | LI Liechtenstein | ||
+ | LK Sri Lanka | ||
+ | LR Liberia | ||
+ | LS Lesotho | ||
+ | LT Lithuania | ||
+ | LU Luxembourg | ||
+ | LV Latvia | ||
+ | LY Libyan Arab Jamahiriya | ||
+ | MA Morocco | ||
+ | MC Monaco | ||
+ | MD Moldova, Republic of | ||
+ | ME Montenegro | ||
+ | MF Saint Martin (French part) | ||
+ | MG Madagascar | ||
+ | MH Marshall Islands | ||
+ | MIL United States Military | ||
+ | MK Macedonia, The Former Yugoslav Republic of | ||
+ | ML Mali | ||
+ | MM Myanmar | ||
+ | MN Mongolia | ||
+ | MO Macao | ||
+ | MOBI consumers and providers of mobile products and services | ||
+ | MP Northern Mariana Islands | ||
+ | MQ Martinique | ||
+ | MR Mauritania | ||
+ | MS Montserrat | ||
+ | MT Malta | ||
+ | MU Mauritius | ||
+ | MUSEUM museums | ||
+ | MV Maldives | ||
+ | MW Malawi | ||
+ | MX Mexico | ||
+ | MY Malaysia | ||
+ | MZ Mozambique | ||
+ | NA Namibia | ||
+ | NAME individuals | ||
+ | NC New Caledonia | ||
+ | NE Niger | ||
+ | NET Generic top-level domain | ||
+ | NF Norfolk Island | ||
+ | NG Nigeria | ||
+ | NI Nicaragua | ||
+ | NL Netherlands | ||
+ | NO Norway | ||
+ | NP Nepal | ||
+ | NR Nauru | ||
+ | NU Niue | ||
+ | NZ New Zealand | ||
+ | OM Oman | ||
+ | ORG Generic top-level domain | ||
+ | PA Panama | ||
+ | PE Peru | ||
+ | PF French Polynesia | ||
+ | PG Papua New Guinea | ||
+ | PH Philippines | ||
+ | PK Pakistan | ||
+ | PL Poland | ||
+ | PM Saint Pierre and Miquelon | ||
+ | PN Pitcairn | ||
+ | PR Puerto Rico | ||
+ | PRO Restricted to credentialed professionals and related entities | ||
+ | PS Palestinian Territory, Occupied | ||
+ | PT Portugal | ||
+ | PW Palau | ||
+ | PY Paraguay | ||
+ | QA Qatar | ||
+ | RE Reunion | ||
+ | RO Romania | ||
+ | RS Serbia | ||
+ | RU Russian Federation | ||
+ | RW Rwanda | ||
+ | SA Saudi Arabia | ||
+ | SB Solomon Islands | ||
+ | SC Seychelles | ||
+ | SD Sudan | ||
+ | SE Sweden | ||
+ | SG Singapore | ||
+ | SH Saint Helena | ||
+ | SI Slovenia | ||
+ | SJ Svalbard and Jan Mayen | ||
+ | SK Slovakia | ||
+ | SL Sierra Leone | ||
+ | SM San Marino | ||
+ | SN Senegal | ||
+ | SO Somalia | ||
+ | SR Suriname | ||
+ | SS South Sudan | ||
+ | ST Sao Tome and Principe | ||
+ | SU Soviet Union (being phased out) | ||
+ | SV El Salvador | ||
+ | SX Saint Maarten (Dutch part) | ||
+ | SY Syrian Arab Republic | ||
+ | SZ Swaziland | ||
+ | TC Turks and Caicos Islands | ||
+ | TD Chad | ||
+ | TEL businesses and individuals to publish their contact data | ||
+ | TF French Southern Territories | ||
+ | TG Togo | ||
+ | TH Thailand | ||
+ | TJ Tajikistan | ||
+ | TK Tokelau | ||
+ | TL Timor-Leste | ||
+ | TM Turkmenistan | ||
+ | TN Tunisia | ||
+ | TO Tonga | ||
+ | TP Portuguese Timor (being phased out) | ||
+ | TR Turkey | ||
+ | TRAVEL entities whose primary area of activity is in the travel industry | ||
+ | TT Trinidad and Tobago | ||
+ | TV Tuvalu | ||
+ | TW Taiwan, Province of China | ||
+ | TZ Tanzania, United Republic of | ||
+ | UA Ukraine | ||
+ | UG Uganda | ||
+ | UK United Kingdom | ||
+ | UM United States Minor Outlying Islands | ||
+ | US United States | ||
+ | UY Uruguay | ||
+ | UZ Uzbekistan | ||
+ | VA Holy See (Vatican City State) | ||
+ | VC Saint Vincent and the Grenadines | ||
+ | VE Venezuela, Bolivarian Republic of | ||
+ | VG Virgin Islands, British | ||
+ | VI Virgin Islands, US | ||
+ | VN Viet Nam | ||
+ | VU Vanuatu | ||
+ | WF Wallis and Futuna | ||
+ | WS Samoa | ||
+ | XXX the adult entertainment community | ||
+ | YE Yemen | ||
+ | YT Mayotte | ||
+ | ZA South Africa | ||
+ | ZM Zambia | ||
+ | ZW Zimbabwe | ||
+ | |||
+ | Country Code Info Source: | ||
+ | |||
+ | http://en.wikipedia.org/wiki/ISO_3166-1 | ||
+ | http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements | ||
+ | |||
+ | ==Troubleshooting== | ||
+ | |||
+ | At April 2012 there may be some problems with countries not being blocked, possibly related to the way the geo database is updated for free users. User experience and opinion vary, and following a complaint, the original forum post about this has been deleted - http://forums.contribs.org/index.php/topic,48560.0.html | ||
+ | |||
+ | Users are advised to determine the effectiveness of the database for themselves. | ||
+ | |||
+ | ===Db compatibility with other softwares=== | ||
+ | Some software either use or depends on a geoip library, here is a table to help understand: | ||
+ | {| class="wikitable sortable" | ||
+ | !software | ||
+ | !repo | ||
+ | !Geoip 1 support | ||
+ | !Geoip 2 support | ||
+ | !notes on behaviour and default or settings to do | ||
+ | |- | ||
+ | |spamassassin | ||
+ | |smeos | ||
+ | |yes | ||
+ | |3.4.2 or above | ||
+ | | | ||
+ | |- | ||
+ | |smeserver-mailsats | ||
+ | |smecontribs | ||
+ | |yes | ||
+ | |Yes with updates | ||
+ | |Requires updated perl-IO-Socket-INET6 and check_badcountries plugin: https://bugs.contribs.org/show_bug.cgi?id=10523 | ||
+ | |- | ||
+ | |qpsmtpd plugin / smeserver-geoip | ||
+ | |smecontribs | ||
+ | |yes | ||
+ | |smeserver-geoip 1.2 and above | ||
+ | |new bad_countries is a fork of qpsmtpd geoip plugin, default to v2 unless v2 is not available then failback on v1 | ||
+ | |- | ||
+ | |proftpd | ||
+ | |smeos | ||
+ | |only | ||
+ | |no | ||
+ | |no support for v2 yet see https://github.com/proftpd/proftpd/issues/605 | ||
+ | |- | ||
+ | |apache mod_geoip | ||
+ | |smecontribs | ||
+ | |yes | ||
+ | |unknown | ||
+ | |v 1.2.10 requires libGeoIP.so.1 and GeoIP: probably only v1 db supported up there | ||
+ | |- | ||
+ | |apache mod_maxminddb | ||
+ | | | ||
+ | | | ||
+ | |yes | ||
+ | |https://github.com/maxmind/mod_maxminddb available in smecontribs [[Mod maxminddb|smeserver-mod_maxminddb]] | ||
+ | |- | ||
+ | |opensips-mmgeoip | ||
+ | |epel | ||
+ | | | ||
+ | | | ||
+ | |unknown | ||
+ | |- | ||
+ | |php-pecl-geoip | ||
+ | |epel | ||
+ | |yes | ||
+ | |no | ||
+ | |depends on libGeoIP.so.1 | ||
+ | |- | ||
+ | |php*-php-pecl-geoip | ||
+ | |remi-safe | ||
+ | |yes | ||
+ | |no | ||
+ | |depends on libGeoIP.so.1 | ||
+ | |- | ||
+ | |php-maxminddb | ||
+ | |remi | ||
+ | |no | ||
+ | |yes | ||
+ | |need to test if installs with base php. mostly not... | ||
+ | |- | ||
+ | |php*-php-maxminddb | ||
+ | |remi-safe | ||
+ | | | ||
+ | |yes | ||
+ | |depends on libmaxminddb | ||
+ | |- | ||
+ | |lighttpd-mod_geoip | ||
+ | |epel | ||
+ | |yes | ||
+ | | | ||
+ | |depends on libGeoIP.so.1 | ||
+ | |- | ||
+ | |nginx-mod-http-geoip | ||
+ | |epel | ||
+ | |yes | ||
+ | | | ||
+ | |depends on libGeoIP.so.1 ; found a source for geoip2 https://github.com/leev/ngx_http_geoip2_module | ||
+ | |- | ||
+ | |python-GeoIP | ||
+ | |epel | ||
+ | |yes | ||
+ | |no | ||
+ | | | ||
+ | |- | ||
+ | |python-geoip2 python2-maxminddb | ||
+ | | | ||
+ | |no | ||
+ | |yes | ||
+ | |not available on CentOS 6 but 7. | ||
+ | |- | ||
+ | |python-pygeoip | ||
+ | |epel | ||
+ | |yes | ||
+ | |no | ||
+ | |Pure Python GeoIP API | ||
+ | |- | ||
+ | |uwsgi-plugin-geoip | ||
+ | |epel | ||
+ | | | ||
+ | | | ||
+ | |unknown | ||
+ | |- | ||
+ | |perl-Geo-IP | ||
+ | |smecontribs | ||
+ | |only | ||
+ | |no | ||
+ | |libGeoIP.so.1 | ||
+ | |- | ||
+ | |perl-GeoIP2 | ||
+ | |openfusion | ||
+ | |no | ||
+ | |yes | ||
+ | | | ||
+ | |- | ||
+ | |perl-MaxMind-DB-* | ||
+ | |openfusion | ||
+ | |no | ||
+ | |yes | ||
+ | | | ||
+ | |- | ||
+ | |libmaxminddb | ||
+ | |epel | ||
+ | | | ||
+ | | | ||
+ | |1.1.1 needed for mmdblookup | ||
+ | |- | ||
+ | |mmdblookup | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | |provided by libmaxminddb-devel (see https://bugzilla.redhat.com/show_bug.cgi?id=1663670) | ||
+ | |- | ||
+ | |bind-libs /bind-utils | ||
+ | |smeos | ||
+ | |required | ||
+ | |unknown | ||
+ | | | ||
+ | |} | ||
+ | you might want to use legacy db updated with recent Maxmind geoilite2, see: https://www.miyuru.lk/geoiplegacy | ||
+ | |||
+ | ===Bugs=== | ||
+ | Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla] | ||
+ | and select the smeserver-geoip component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-geoip|title=this link}}. | ||
+ | |||
+ | |||
+ | {{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=smeserver-geoip|noresultsmessage="No open bugs found."}} | ||
+ | |||
+ | ===Changelog=== | ||
+ | Only released version in smecontrib are listed here. | ||
+ | |||
+ | {{#smechangelog: smeserver-geoip}} | ||
+ | |||
---- | ---- | ||
− | <noinclude>[[Category:Howto]]</noinclude> | + | <noinclude> |
+ | [[Category:Howto]] | ||
+ | </noinclude> | ||
+ | [[Category: Contrib]] |
Latest revision as of 08:10, 18 April 2021
This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.
Maintainer
stephdl Stéphane de Labrusse AKA Stephdl
Version
Description
The GeoIP plugin for qpsmtpd lets you know where your mail server is receiving mail from. If you're receiving too much spam from a particular location, this will help track it down. You can then use that info to reject connections from that place taking the load off your server.
Installation
yum install smeserver-geoip --enablerepo=smecontribs
Then configure your update key, create a Maxmind account and retrieve an AccountID and LicenseKey properties and keys to the geoip db config.
You can also leave as is and just get the update from rpms every 2 months or so...
Installation of legacy geoip v1 db
those are still available for few time only for back compatibility purpose and to avoid a yum update mess, or if you do not trust third party repo, but be aware thos db are not updated anymore since April 2018 and were already only 80% accurate then.
yum install smeserver-geoip --enablerepo=smecontribs config set UnsavedChanges no signal-event geoip-update
update of geoip v1 db
if you have smeserver-geoip-1.1.2-7 already installed, this will keep you on the legacy version, only change new plugin comaptible with v1 and removal of cron update.
yum update --enablerepo=smecontribs
This is not updated anymore since 2018, you do not need the update key if you want to only use this.
Installation and Updating of geoip v2 db
As a result you will now need the OpenFusion repo to install smeserver-geoip We will be syncing their mirror in due course to speed up installs and updates.
yum --enablerepo=smeaddons install smeserver-extrarepositories-openfusion signal-event yum-modify config set UnsavedChanges no
Updating to v2 with v1 DBs installed
If you have the v1 DBs package smeserver-geoip-1.1.2-7 already installed and do not wish to update to v2 DBs you may perform updates safely, after making sure your smeserver-extrarepositories-openfusion is the latest, the following:
To carry out an install or update of the new v2 DBs you are required to firstly remove the exclude statement from the openfusion repo db
db yum_repositories delprop openfusion Exclude signal-event yum-modify
You may then go ahead with the following to either install or update a v2 DB package
yum install smeserver-geoip2 --enablerepo=smecontribs,openfusion yum update --enablerepo=smecontribs,openfusion config set UnsavedChanges no
A configuration db for geoip has been created as part of the install
# config show geoip geoip=service status=enabled
Fresh Installation of geoip v2 DBs
To carry out an install or update of the new v2 DBs you are required to firstly remove the exclude statement from the openfusion repo db
db yum_repositories delprop openfusion Exclude signal-event yum-modify
You may then go ahead with the following to either install or update a v2 DB package
yum install smeserver-geoip2 --enablerepo=smecontribs,openfusion config set UnsavedChanges no
A configuration db for geoip has been created as part of the install
# config show geoip geoip=service status=enabled
Now add Maxmind AccountID and LicenseKey properties and keys to the geoip db config
Maxmind account to update db
Sign up for a MaxMind account (no purchase required) https://dev.maxmind.com/geoip/geoip2/geolite2/
Important - Note your login details and in particular your AccountID and LicenseKey
Go to Services My Licence key and generate a licence key, carefully note the key details, multiple keys may be created.
The following config property keys and values will be used to set the geoip config db for ongoing updates see below
AccountID ####### LicenseKey xxxxxxxxxxxxxxx
set them in db and expand the config file
db configuration setprop geoip LicenseKey "YOUR LIC KEY" AccountID "YOUR ACCT ID" expand-template /etc/GeoIP.conf
Update the db
signal-event geoip-update
Testing
Now that the package and database are installed, we can test it (refer to Country Code list at end of page as required).
geoiplookup 216.17.211.37
It should return:
GeoIP Country Edition: US, United States
It gives us the country code (US) and the long name (United States). Let's test it again with a domain name.
geoiplookup contribs.org
Same result. So we know it works with ip addresses or domain names. Let's test it again around the world.
geoiplookup gormand.com.au
It should return:
GeoIP Country Edition: AU, Australia
One last time:
geoiplookup swerts-knudsen.dk
It should return:
GeoIP Country Edition: DK, Denmark
Usage
Tracking e-mail
The qpsmtpd GeoIP plugin should now do its work. Check the qpsmtpd logs and you'll see the countries from where mail is sent.
cat /var/log/qpsmtpd/current
We'll use a simple shell script to do the work then we'll run it.
First, create the the script.
vi geoipstats.sh
Insert the following: Code:
#!/bin/sh # Read the qpsmtpd log file. # Read all of the countries and count them. cat /var/log/qpsmtpd/* | \ grep 'GeoIP Country:' | \ sed -e 's/^.*\(..\)$/\1/' | \ sort | uniq -c | sort -n
Now run the script. It will show the number of messages sent by country code.
sh geoipstats.sh
See where your mail is coming from. Now ask the question, "why am I receiving thousands of email from RU -Russia? I don't even know anyone there." Good point. In addition, your server has to process all that mail, taking resources away from the server. In the next section we'll block the countries that we consider bad.
Blocking email
Add the values to the SME CADNHO db. In our case, Russia and Poland seem to causing issues. You can type in any country codes you wish.
config setprop qpsmtpd BadCountries RU,PL
Signal the email-update event.
signal-event email-update
No more mail from domains ending on .ru or .pl. The beauty of this is that the SME Server lookups happen locally on the local database rather than looking up the IP address via dns. This results in very fast responses. In addition, the plugin happens before most other plugins. This means the mail is dropped before the SME Server even has to check to see if it's on a blacklist or if it's spam.
Abbreviated Country Code List
A1 Anonymous Proxy A2 Satellite Provider AC Ascension Island AD Andorra AE United Arab Emirates AERO members of the air-transport industry AF Afghanistan AG Antigua and Barbuda AI Anguilla AL Albania AM Armenia AN Netherlands Antilles (being phased out) AO Angola AQ Antarctica AP Asia/Pacific AR Argentina AS American Samoa ASIA Restricted to the Pan-Asia and Asia Pacific community AT Austria AU Australia AW Aruba AX Aland Islands AZ Azerbaijan BA Bosnia and Herzegovina BB Barbados BD Bangladesh BE Belgium BF Burkina Faso BG Bulgaria BH Bahrain BI Burundi BIZ Restricted for Business BJ Benin BL Saint Barthelemy BM Bermuda BN Brunei Darussalam BO Bolivia BQ Bonaire, Sint Eustatius and Saba BR Brazil BS Bahamas BT Bhutan BV Bouvet Island BW Botswana BY Belarus BZ Belize CA Canada CC Cocos (Keeling) Islands CD Congo, The Democratic Republic of the CF Central African Republic CG Congo CH Switzerland CI Cote d'Ivoire CK Cook Islands CL Chile CM Cameroon CN China CO Colombia COM Generic top-level domain COOP cooperative associations CR Costa Rica CU Cuba CV Cape Verde CW Curaçao CX Christmas Island CY Cyprus CZ Czech Republic DE Germany DJ Djibouti DK Denmark DM Dominica DO Dominican Republic DZ Algeria EC Ecuador EDU Educational Institutions EE Estonia EG Egypt EH Western Sahara ER Eritrea ES Spain ET Ethiopia EU European Union FI Finland FJ Fiji FK Falkland Islands (Malvinas) FM Micronesia, Federated States of FO Faroe Islands FR France GA Gabon GB United Kingdom GD Grenada GE Georgia GF French Guiana GG Guernsey GH Ghana GI Gibraltar GL Greenland GM Gambia GN Guinea GOV United States Government GP Guadeloupe GQ Equatorial Guinea GR Greece GS South Georgia and the South Sandwich Islands GT Guatemala GU Guam GW Guinea-Bissau GY Guyana HK Hong Kong HM Heard Island and McDonald Islands HN Honduras HR Croatia HT Haiti HU Hungary ID Indonesia IE Ireland IL Israel IM Isle of Man IN India INFO Generic top-level domain IO British Indian Ocean Territory IQ Iraq IR Iran, Islamic Republic of IS Iceland IT Italy JE Jersey JM Jamaica JO Jordan JOBS Reserved to serve needs of the international human resource management community JP Japan KE Kenya KG Kyrgyzstan KH Cambodia KI Kiribati KM Comoros KN Saint Kitts and Nevis KP Korea, Democratic People's Republic of KR Korea, Republic of KW Kuwait KY Cayman Islands KZ Kazakhstan LA Lao People's Democratic Republic LB Lebanon LC Saint Lucia LI Liechtenstein LK Sri Lanka LR Liberia LS Lesotho LT Lithuania LU Luxembourg LV Latvia LY Libyan Arab Jamahiriya MA Morocco MC Monaco MD Moldova, Republic of ME Montenegro MF Saint Martin (French part) MG Madagascar MH Marshall Islands MIL United States Military MK Macedonia, The Former Yugoslav Republic of ML Mali MM Myanmar MN Mongolia MO Macao MOBI consumers and providers of mobile products and services MP Northern Mariana Islands MQ Martinique MR Mauritania MS Montserrat MT Malta MU Mauritius MUSEUM museums MV Maldives MW Malawi MX Mexico MY Malaysia MZ Mozambique NA Namibia NAME individuals NC New Caledonia NE Niger NET Generic top-level domain NF Norfolk Island NG Nigeria NI Nicaragua NL Netherlands NO Norway NP Nepal NR Nauru NU Niue NZ New Zealand OM Oman ORG Generic top-level domain PA Panama PE Peru PF French Polynesia PG Papua New Guinea PH Philippines PK Pakistan PL Poland PM Saint Pierre and Miquelon PN Pitcairn PR Puerto Rico PRO Restricted to credentialed professionals and related entities PS Palestinian Territory, Occupied PT Portugal PW Palau PY Paraguay QA Qatar RE Reunion RO Romania RS Serbia RU Russian Federation RW Rwanda SA Saudi Arabia SB Solomon Islands SC Seychelles SD Sudan SE Sweden SG Singapore SH Saint Helena SI Slovenia SJ Svalbard and Jan Mayen SK Slovakia SL Sierra Leone SM San Marino SN Senegal SO Somalia SR Suriname SS South Sudan ST Sao Tome and Principe SU Soviet Union (being phased out) SV El Salvador SX Saint Maarten (Dutch part) SY Syrian Arab Republic SZ Swaziland TC Turks and Caicos Islands TD Chad TEL businesses and individuals to publish their contact data TF French Southern Territories TG Togo TH Thailand TJ Tajikistan TK Tokelau TL Timor-Leste TM Turkmenistan TN Tunisia TO Tonga TP Portuguese Timor (being phased out) TR Turkey TRAVEL entities whose primary area of activity is in the travel industry TT Trinidad and Tobago TV Tuvalu TW Taiwan, Province of China TZ Tanzania, United Republic of UA Ukraine UG Uganda UK United Kingdom UM United States Minor Outlying Islands US United States UY Uruguay UZ Uzbekistan VA Holy See (Vatican City State) VC Saint Vincent and the Grenadines VE Venezuela, Bolivarian Republic of VG Virgin Islands, British VI Virgin Islands, US VN Viet Nam VU Vanuatu WF Wallis and Futuna WS Samoa XXX the adult entertainment community YE Yemen YT Mayotte ZA South Africa ZM Zambia ZW Zimbabwe
Country Code Info Source:
http://en.wikipedia.org/wiki/ISO_3166-1 http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements
Troubleshooting
At April 2012 there may be some problems with countries not being blocked, possibly related to the way the geo database is updated for free users. User experience and opinion vary, and following a complaint, the original forum post about this has been deleted - http://forums.contribs.org/index.php/topic,48560.0.html
Users are advised to determine the effectiveness of the database for themselves.
Db compatibility with other softwares
Some software either use or depends on a geoip library, here is a table to help understand:
software | repo | Geoip 1 support | Geoip 2 support | notes on behaviour and default or settings to do |
---|---|---|---|---|
spamassassin | smeos | yes | 3.4.2 or above | |
smeserver-mailsats | smecontribs | yes | Yes with updates | Requires updated perl-IO-Socket-INET6 and check_badcountries plugin: https://bugs.contribs.org/show_bug.cgi?id=10523 |
qpsmtpd plugin / smeserver-geoip | smecontribs | yes | smeserver-geoip 1.2 and above | new bad_countries is a fork of qpsmtpd geoip plugin, default to v2 unless v2 is not available then failback on v1 |
proftpd | smeos | only | no | no support for v2 yet see https://github.com/proftpd/proftpd/issues/605 |
apache mod_geoip | smecontribs | yes | unknown | v 1.2.10 requires libGeoIP.so.1 and GeoIP: probably only v1 db supported up there |
apache mod_maxminddb | yes | https://github.com/maxmind/mod_maxminddb available in smecontribs smeserver-mod_maxminddb | ||
opensips-mmgeoip | epel | unknown | ||
php-pecl-geoip | epel | yes | no | depends on libGeoIP.so.1 |
php*-php-pecl-geoip | remi-safe | yes | no | depends on libGeoIP.so.1 |
php-maxminddb | remi | no | yes | need to test if installs with base php. mostly not... |
php*-php-maxminddb | remi-safe | yes | depends on libmaxminddb | |
lighttpd-mod_geoip | epel | yes | depends on libGeoIP.so.1 | |
nginx-mod-http-geoip | epel | yes | depends on libGeoIP.so.1 ; found a source for geoip2 https://github.com/leev/ngx_http_geoip2_module | |
python-GeoIP | epel | yes | no | |
python-geoip2 python2-maxminddb | no | yes | not available on CentOS 6 but 7. | |
python-pygeoip | epel | yes | no | Pure Python GeoIP API |
uwsgi-plugin-geoip | epel | unknown | ||
perl-Geo-IP | smecontribs | only | no | libGeoIP.so.1 |
perl-GeoIP2 | openfusion | no | yes | |
perl-MaxMind-DB-* | openfusion | no | yes | |
libmaxminddb | epel | 1.1.1 needed for mmdblookup | ||
mmdblookup | provided by libmaxminddb-devel (see https://bugzilla.redhat.com/show_bug.cgi?id=1663670) | |||
bind-libs /bind-utils | smeos | required | unknown |
you might want to use legacy db updated with recent Maxmind geoilite2, see: https://www.miyuru.lk/geoiplegacy
Bugs
Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-geoip component or use this link .
ID | Product | Version | Status | Summary (2 tasks) ⇒ |
---|---|---|---|---|
11675 | SME Contribs | 10.0rc | CONFIRMED | MULTIPLE_RPM_OWNERS with core rpms |
11546 | SME Contribs | 10.0rc | UNCONFIRMED | Generates FATAL PLUGIN ERROR [check_badcountries]: No record found for IP address x.x.x.x |
Changelog
Only released version in smecontrib are listed here.
- Add expand template for the qpsmtpd peers [SME: 11023]
2021/03/14 Jean-Philippe Pialasse 1.2-17.sme
- merge legacy with main as we have few packages still using legacy [SME: 11023]
2021/03/13 Jean-Philipe Pialasse 1.2-16.sme
- rebuild for SME10 [SME: 11023]
make geoip2 defaultsmeserver-geoip(-legacy)-update events
create geoip-legacy package with old geoip1 stuffs
- Import to SME10 tree [SME: 11023]
2020/01/22 John Crisp 1.2-14.sme
- Change template from EditionID to ProductID