3,250
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − === Maintainer ===+ + + + + − === Version ===+ − + − ===Description===+ + − The GeoIP plugin lets us know where our mail server is receiving mail from. If we're receiving too much spam from a particular location, this will help track it down. We can then use that info to reject connections from that place taking the load off our server.+ + − ==Download and install==+ + − === GeoIP plugin===+ − We need the GeoIP package and the perl interface to the program but this isn't installed on SME Server. We'll have to grab the packages from yum. Yum has access to different public repositories where packages are available. GeoIP is in the '''[[epel]]''' repository. We'll enable the repository and install them. − yum --enablerepo=epel install perl-Geo-IP + − Yum does the magic and knows to install both the program and the interface.+ − === GeoIP database ===+ − For the plugin to work we need the GeoIP database. This database is maintained and updated a company called MaxMind. We'll have to download it every month for the Lite version we are using here or pay for their subscription service to be as accurate as possible and download once a week.+ − The database needs to be in a specific location or it won't work. We'll change to that location. + + + + + + + − cd / + − mkdir /var/lib/GeoIP − cd /var/lib/GeoIP − Now we'll get the latest database. The database is also in the repositories but it's outdated. We'll grab the most recent directly from MaxMind.+ + + + − wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz+ + + − The database is zipped. We'll have to unzip it. + − gunzip GeoIP.dat.gz+ − ==== Creating a cron-job ====+ + + + − We can add a cron-job to automate the monthly process of updating the GeoIP database:+ − mkdir -p /etc/e-smith/templates-custom/etc/crontab+ − Now we will add a custom template fragment:+ − vim /etc/e-smith/templates-custom/etc/crontab/91_Update_GeoIP_db+ + + + + + − Add the following to this fragment, this will download and extract the new database every month:+ − # Updating the GeoIP database monthly on the 5th at 0:00h.+ − 0 0 5 * * root /usr/bin/wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz -O /var/lib/GeoIP/GeoIP.dat.gz; /bin/gunzip -f /var/lib/GeoIP/GeoIP.dat.gz+ − To activate the custom template fragment:+ − expand-template /etc/crontab − + + + + − The email receiving component of SME Server is called qpsmtpd. It's great because it allows us to turn plugins on or off or create our own when we need. The GeoIP plugin is already in SME Server but it's turned off. I've created a RPM but it's not in any of the repoitories, it's attached to a [[bugzilla: 1866]] ([http://bugs.contribs.org/attachment.cgi?id=3539 direct download]).+ − '''NOTE''' As of September 5, 2015, the smeserver-geoip package is in the sme8contribs repository. Please refer to the forum issue [http://forums.contribs.org/index.php/topic,51375.msg261678.html#msg261678 Re:smeserver-geoip] for notes on enabling the repo and downloading the package. + + + + + + + + + − yum install smeserver-geoip --enablerepo=smecontribs + + + + + + + + + + + + + + + + + + Line 91:
Line 141: + − GEOIP plugin should now do its work. Check the qpsmtpd logs and you'll see the countries from where mail is sent. + Line 131:
Line 182: + + Line 143:
Line 196: + Line 416:
Line 470: − + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + − + + + + + + + + + + − {{#bugzilla:columns=id,product,version,status,summary |sort=id|order=desc |component=smeserver-geoip|noresultsmessage="No open bugs found."}} − + + +
→Version
{{Languages}}
{{Languages}}
This product includes GeoLite2 data created by MaxMind, available from
https://www.maxmind.com.
==Maintainer==
[[User:ReetP|john crisp]]
[mailto:stephdl@de-labrusse.fr stephdl] Stéphane de Labrusse AKA [[User:stephdl|Stephdl]]<br />
[mailto:stephdl@de-labrusse.fr stephdl] Stéphane de Labrusse AKA [[User:stephdl|Stephdl]]<br />
==Version==
{{ #smeversion: smeserver-geoip }}
{{#smeversion: smeserver-geoip }}
{{Warning box|From MAXMIND site :
"Due to upcoming data privacy regulations, we are making significant changes to how you access free GeoLite2 databases starting December 30, 2019. Learn more on our blog." https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
Quote
Starting December 30, 2019, we will be requiring users of our GeoLite2 databases to register for a MaxMind account and obtain a license key in order to download GeoLite2 databases. We will continue to offer the GeoLite2 databases without charge, and with the ability to redistribute with proper attribution and in compliance with privacy regulations. In addition, we are introducing a new end-user license agreement to govern your use of the GeoLite2 databases. Previously, GeoLite2 databases were accessible for download to the public on our developer website and were licensed under the Creative Commons Attribution-ShareAlike 4.0 International License.
Starting December 30, 2019, downloads will no longer be served from our public GeoLite2 page, from geolite.maxmind.com/download/geoip/database/*, or from any other public URL.
End Quote
See the section below [[GeoIP#Installation_and_Updating_of_geoip_v2_db|Installation of V2 db ]] for steps on how to migrate to the new download mechanism.}}
==Description==
The GeoIP plugin for qpsmtpd lets you know where your mail server is receiving mail from. If you're receiving too much spam from a particular location, this will help track it down. You can then use that info to reject connections from that place taking the load off your server.
{{Note box|Maxmind have removed support for their legacy v1 DBs and an update to v2 DBs is required. Please see the bugtracker link to bug #9033 below for more information }}
==Installation==
<tabs container><tab name="SME 10">
yum install smeserver-geoip --enablerepo=smecontribs
Then configure your update key, create a Maxmind account and retrieve an AccountID and LicenseKey properties and keys to the geoip db config.
You can also leave as is and just get the update from rpms every 2 months or so...
<br />
</tab>
<tab name="SME 9">
====Installation of legacy geoip v1 db====
those are still available for few time only for back compatibility purpose and to avoid a yum update mess, or if you do not trust third party repo, but be aware thos db are not updated anymore since April 2018 and were already only 80% accurate then.
yum install smeserver-geoip --enablerepo=smecontribs
config set UnsavedChanges no
signal-event geoip-update
====update of geoip v1 db====
if you have smeserver-geoip-1.1.2-7 already installed, this will keep you on the legacy version, only change new plugin comaptible with v1 and removal of cron update.
yum update --enablerepo=smecontribs
This is not updated anymore since 2018, you do not need the update key if you want to only use this.
====Installation and Updating of geoip v2 db====
As a result you will now need the OpenFusion repo to install smeserver-geoip We will be syncing their mirror in due course to speed up installs and updates.
yum --enablerepo=smeaddons install smeserver-extrarepositories-openfusion
signal-event yum-modify
config set UnsavedChanges no
====Updating to v2 with v1 DBs installed====
If you have the v1 DBs package smeserver-geoip-1.1.2-7 already installed and do not wish to update to v2 DBs you may perform updates safely, after making sure your smeserver-extrarepositories-openfusion is the latest, the following:
To carry out an install or update of the new v2 DBs you are required to firstly remove the exclude statement from the openfusion repo db
db yum_repositories delprop openfusion Exclude
signal-event yum-modify
You may then go ahead with the following to either install or update a v2 DB package
yum install smeserver-geoip2 --enablerepo=smecontribs,openfusion
yum update --enablerepo=smecontribs,openfusion
config set UnsavedChanges no
A configuration db for geoip has been created as part of the install
# config show geoip
geoip=service
status=enabled
=== GeoIP qpstmpd plugin ===
====Fresh Installation of geoip v2 DBs====
To carry out an install or update of the new v2 DBs you are required to firstly remove the exclude statement from the openfusion repo db
db yum_repositories delprop openfusion Exclude
signal-event yum-modify
You may then go ahead with the following to either install or update a v2 DB package
yum install smeserver-geoip2 --enablerepo=smecontribs,openfusion
config set UnsavedChanges no
A configuration db for geoip has been created as part of the install
# config show geoip
geoip=service
status=enabled
Now add Maxmind AccountID and LicenseKey properties and keys to the geoip db config
</tab>
</tabs>
==== Maxmind account to update db ====
Sign up for a MaxMind account (no purchase required) https://dev.maxmind.com/geoip/geoip2/geolite2/
Important - Note your login details and in particular your AccountID and LicenseKey
Go to Services My Licence key and generate a licence key, carefully note the key details, multiple keys may be created.
The following config property keys and values will be used to set the geoip config db for ongoing updates see below
AccountID #######
LicenseKey xxxxxxxxxxxxxxx
set them in db and expand the config file
db configuration setprop geoip LicenseKey "YOUR LIC KEY" AccountID "YOUR ACCT ID"
expand-template /etc/GeoIP.conf
====Update the db====
signal-event geoip-update
==Testing==
==Testing==
{{Note box| These tests use the V1 DB which will be increasingly out of date.}}
Now that the package and database are installed, we can test it (refer to Country Code list at end of page as required).
Now that the package and database are installed, we can test it (refer to Country Code list at end of page as required).
==Usage==
==Usage==
===Tracking e-mail===
===Tracking e-mail===
The qpsmtpd GeoIP plugin should now do its work. Check the qpsmtpd logs and you'll see the countries from where mail is sent.
cat /var/log/qpsmtpd/current
cat /var/log/qpsmtpd/current
===Abbreviated Country Code List===
===Abbreviated Country Code List===
A1 Anonymous Proxy
A2 Satellite Provider
AC Ascension Island
AC Ascension Island
AD Andorra
AD Andorra
AO Angola
AO Angola
AQ Antarctica
AQ Antarctica
AP Asia/Pacific
AR Argentina
AR Argentina
AS American Samoa
AS American Samoa
Users are advised to determine the effectiveness of the database for themselves.
Users are advised to determine the effectiveness of the database for themselves.
=== Bugs ===
===Db compatibility with other softwares===
Some software either use or depends on a geoip library, here is a table to help understand:
{| class="wikitable sortable"
!software
!repo
!Geoip 1 support
!Geoip 2 support
!notes on behaviour and default or settings to do
|-
|spamassassin
|smeos
|yes
|3.4.2 or above
|
|-
|smeserver-mailsats
|smecontribs
|yes
|Yes with updates
|Requires updated perl-IO-Socket-INET6 and check_badcountries plugin: https://bugs.contribs.org/show_bug.cgi?id=10523
|-
|qpsmtpd plugin / smeserver-geoip
|smecontribs
|yes
|smeserver-geoip 1.2 and above
|new bad_countries is a fork of qpsmtpd geoip plugin, default to v2 unless v2 is not available then failback on v1
|-
|proftpd
|smeos
|only
|no
|no support for v2 yet see https://github.com/proftpd/proftpd/issues/605
|-
|apache mod_geoip
|smecontribs
|yes
|unknown
|v 1.2.10 requires libGeoIP.so.1 and GeoIP: probably only v1 db supported up there
|-
|apache mod_maxminddb
|
|
|yes
|https://github.com/maxmind/mod_maxminddb available in smecontribs [[Mod maxminddb|smeserver-mod_maxminddb]]
|-
|opensips-mmgeoip
|epel
|
|
|unknown
|-
|php-pecl-geoip
|epel
|yes
|no
|depends on libGeoIP.so.1
|-
|php*-php-pecl-geoip
|remi-safe
|yes
|no
|depends on libGeoIP.so.1
|-
|php-maxminddb
|remi
|no
|yes
|need to test if installs with base php. mostly not...
|-
|php*-php-maxminddb
|remi-safe
|
|yes
|depends on libmaxminddb
|-
|lighttpd-mod_geoip
|epel
|yes
|
|depends on libGeoIP.so.1
|-
|nginx-mod-http-geoip
|epel
|yes
|
|depends on libGeoIP.so.1 ; found a source for geoip2 https://github.com/leev/ngx_http_geoip2_module
|-
|python-GeoIP
|epel
|yes
|no
|
|-
|python-geoip2 python2-maxminddb
|
|no
|yes
|not available on CentOS 6 but 7.
|-
|python-pygeoip
|epel
|yes
|no
|Pure Python GeoIP API
|-
|uwsgi-plugin-geoip
|epel
|
|
|unknown
|-
|perl-Geo-IP
|smecontribs
|only
|no
|libGeoIP.so.1
|-
|perl-GeoIP2
|openfusion
|no
|yes
|
|-
|perl-MaxMind-DB-*
|openfusion
|no
|yes
|
|-
|libmaxminddb
|epel
|
|
|1.1.1 needed for mmdblookup
|-
|mmdblookup
|
|
|
|provided by libmaxminddb-devel (see https://bugzilla.redhat.com/show_bug.cgi?id=1663670)
|-
|bind-libs /bind-utils
|smeos
|required
|unknown
|
|}
you might want to use legacy db updated with recent Maxmind geoilite2, see: https://www.miyuru.lk/geoiplegacy
===Bugs===
Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla]
Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla]
and select the smeserver-geoip component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-geoip|title=this link}}.
and select the smeserver-geoip component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-geoip|title=this link}}.
{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=smeserver-geoip|noresultsmessage="No open bugs found."}}
===Changelog===
Only released version in smecontrib are listed here.
{{#smechangelog: smeserver-geoip}}
----
----
<noinclude>[[Category:Howto]]</noinclude>
<noinclude>
[[Category:Howto]]
</noinclude>
[[Category: Contrib]]
[[Category: Contrib]]