Re: running a private SA-Mirror

Wed, 01 May 2019 08:26:19 -0700 

W dniu 2019-05-01 o 10:05, A. Schulze pisze:
> Hello,
> 
> we've a number of SA instances that need rule updates. For now we configured 
> them to use a proxy. Works...
> But there are also instances that can't us a proxy at all.
> 
> My idea was to setup a private SA-Mirror (apache+rsync) but, I've to manage
> DNS-Data for mirrors.spamassassin-mirror.example and 
> 2.3.4.spamassassin-mirror.example.
> :-/
> 
> Are there other methods to distribute current ruleset to SA-instances using 
> sa-update?

Hi,
I'm using rbldns as dns server (beacuse I've got own bl rbl) so my
script can't be used 1:1. Maybe you will adopt it for your environment.


unbound-control flush_zone sa.mejor.pl # flushing resolver cache
current_version="$(dnsget -q -t txt 0.4.3.sa.mejor.pl)" || { echo
"Error: can't get current rules version" ; exit 1; }

set -e
spamassassin --lint
cd /etc/spamassassin/sa.mejor.pl
new_version="$((${current_version}+1))"
tar --owner=spamassassin --group=spamassassin -czf
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.new *cf
sha1sum
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.new >>
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.sha1.new
sha256sum
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.new >>
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.sha256.new
# remove old versions
rm -f /<path>/sa.mejor.pl/htdocs/sa-updates/*.tar.gz
rm -f /<path>/sa.mejor.pl/htdocs/sa-updates/*.tar.gz.sha1
rm -f /<path>/sa.mejor.pl/htdocs/sa-updates/*.tar.gz.sha256
mv "/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.new
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz
mv
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.sha1.new
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.sha1
mv
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.sha256.new
"/<path>/sa.mejor.pl/htdocs/sa-updates/${new_version}".tar.gz.sha256

echo "Modyfikuję dns"
cat << EOF > /var/db/rbldnsd/sa.mejor.pl.zone
\$TTL 60
\$NS     7200 rb.mejor.pl.

*.4.3   ${new_version}
*.3.3   ${new_version}

mirrors http://update.sa.mejor.pl/MIRRORED.BY
:193.33.111.90:
update
EOF



(You can use rndc to update bind, if you use bind)

Reply via email to