annotate src/dnsbl.cpp @ 278:368572c57013

add limits on unique ip addresses per hour per authenticated user
author Carl Byington <carl@five-ten-sg.com>
date Tue, 17 Dec 2013 15:35:23 -0800
parents a99b6c1f5f67
children 2b77295fb9a7
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1 /*
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
3 Copyright (c) 2013 Carl Byington - 510 Software Group, released under
152
c7fc218686f5 gpl3, block mail to recipients that cannot reply
carl
parents: 150
diff changeset
4 the GPL version 3 or any later version at your choice available at
c7fc218686f5 gpl3, block mail to recipients that cannot reply
carl
parents: 150
diff changeset
5 http://www.gnu.org/licenses/gpl-3.0.txt
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
6
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
7 Based on a sample milter Copyright (c) 2000-2003 Sendmail, Inc. and its
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
8 suppliers. Inspired by the DCC by Rhyolite Software
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
9
177
a4d313c2460b start embedded dcc filtering
carl
parents: 174
diff changeset
10 -b port The port used to talk to the dcc interface daemon
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
11 -r port The port used to talk to our internal dns resolver processes
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
12 -p port The port through which the MTA will connect to this milter.
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
13 -t sec The timeout value.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
14 -c Check the config, and print a copy to stdout. Don't start the
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
15 milter or do anything with the socket.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
16 -s Stress test by loading and deleting the current config in a loop.
163
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
17 -d level set the debug level
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
18 -e f|t Print the results of looking up from address f and to address
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
19 t in the current config
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
20
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
21 */
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
22
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
23
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
24 // from sendmail sample
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
25 #include <sys/types.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
26 #include <sys/stat.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
27 #include <errno.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
28 #include <sysexits.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
29 #include <unistd.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
30
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
31 // needed for socket io
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
32 #include <sys/ioctl.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
33 #include <net/if.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
34 #include <arpa/inet.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
35 #include <netinet/in.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
36 #include <netinet/tcp.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
37 #include <netdb.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
38 #include <sys/socket.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
39 #include <sys/un.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
40
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
41 // needed for thread
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
42 #include <pthread.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
43
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
44 // needed for std c++ collections
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
45 #include <set>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
46 #include <map>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
47 #include <list>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
48
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
49 // for the dns resolver
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
50 #include <netinet/in.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
51 #include <arpa/nameser.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
52 #include <resolv.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
53
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
54 // misc stuff needed here
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
55 #include <ctype.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
56 #include <syslog.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
57 #include <pwd.h>
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
58 #include <sys/wait.h> /* header for waitpid() and various macros */
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
59 #include <signal.h> /* header for signal functions */
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
60
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
61 #include "includes.h"
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
62
211
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
63 #ifndef HAVE_DAEMON
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
64 #include "daemon.h"
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
65 #include "daemon.c"
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
66 #endif
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
67
227
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
68 #ifndef HAVE_MEMRCHR
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
69 void *memrchr(const void *a, int c, size_t len);
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
70 void *memrchr(const void *a, int c, size_t len) {
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
71 const unsigned char *p = (const unsigned char *)a;
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
72 for (p += len-1; (const void *)p >= a; p--)
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
73 if (*p == c)
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
74 return (void *)p;
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
75 return (void *)0;
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
76 }
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
77 #endif
3fee608becbc Fixes to compile on old systems without memrchr or string::clear().
Carl Byington <carl@five-ten-sg.com>
parents: 225
diff changeset
78
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
79 extern "C" {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
80 sfsistat mlfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
81 sfsistat mlfi_helo(SMFICTX * ctx, char *helohost);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
82 sfsistat mlfi_envfrom(SMFICTX *ctx, char **argv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
83 sfsistat mlfi_envrcpt(SMFICTX *ctx, char **argv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
84 sfsistat mlfi_header(SMFICTX* ctx, char* headerf, char* headerv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
85 sfsistat mlfi_body(SMFICTX *ctx, u_char *data, size_t len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
86 sfsistat mlfi_eom(SMFICTX *ctx);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
87 sfsistat mlfi_abort(SMFICTX *ctx);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
88 sfsistat mlfi_close(SMFICTX *ctx);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
89 void sig_chld(int signo);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
90 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
91
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
92 int debug_syslog = 0;
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
93 bool syslog_opened = false;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
94 bool use_syslog = true; // false to printf
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
95 bool loader_run = true; // used to stop the config loader thread
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
96 CONFIG *config = NULL; // protected by the config_mutex
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
97 int generation = 0; // protected by the config_mutex
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
98 const int maxlen = 1000; // used for snprintf buffers
235
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
99 regex_t srs_pattern; // used to detect srs coding in mail addresses
246
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
100 regex_t prvs_pattern; // used to detect prvs coding in mail addresses
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
101
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
102 pthread_mutex_t config_mutex;
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
103 pthread_mutex_t syslog_mutex;
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
104 pthread_mutex_t resolve_mutex;
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
105 pthread_mutex_t fd_pool_mutex;
136
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
106 pthread_mutex_t rate_mutex;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
107
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
108 std::set<int> fd_pool;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
109 int NULL_SOCKET = -1;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
110 const time_t ERROR_SOCKET_TIME = 60; // number of seconds between attempts to open a socket to the dns resolver process
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
111 const char *resolver_port = NULL; // unix domain socket to talk to the dns resolver process
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
112 int resolver_socket = NULL_SOCKET; // socket used to listen for resolver requests
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
113 const char *dccifd_port = NULL; // unix domain socket to talk to the dcc interface daemon
248
b0738685bf51 latest tld list; fix uninitialized variable
Carl Byington <carl@five-ten-sg.com>
parents: 246
diff changeset
114 time_t last_error_time = 0;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
115 int resolver_sock_count = 0; // protected with fd_pool_mutex
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
116 int resolver_pool_size = 0; // protected with fd_pool_mutex
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
117 rates rcpt_hourly_counts; // protected with rate_mutex
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
118 rates rcpt_daily_counts; // protected with rate_mutex
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
119 auth_addresses auth_hourly_addresses; // protected with rate_mutex
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
120 auth_addresses auth_daily_addresses; // protected with rate_mutex
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
121
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
122
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
123 struct ns_map {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
124 // all the strings are owned by the keys/values in the ns_host string map
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
125 string_map ns_host; // nameserver name -> host name that uses this name server
242
d8ee4c97b9ab 64 bit fixes for libresolv.a
Carl Byington <carl@five-ten-sg.com>
parents: 238
diff changeset
126 ns_mapper ns_ip; // nameserver name -> ipv4 address of the name server
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
127 ~ns_map();
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
128 void add(const char *name, const char *refer);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
129 };
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
130
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
131
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
132 ns_map::~ns_map() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
133 for (string_map::iterator i=ns_host.begin(); i!=ns_host.end(); i++) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
134 const char *x = (*i).first;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
135 const char *y = (*i).second;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
136 free((void*)x);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
137 free((void*)y);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
138 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
139 ns_ip.clear();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
140 ns_host.clear();
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
141 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
142
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
143
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
144 void ns_map::add(const char *name, const char *refer) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
145 string_map::iterator i = ns_host.find(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
146 if (i != ns_host.end()) return;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
147 char *x = strdup(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
148 char *y = strdup(refer);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
149 ns_ip[x] = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
150 ns_host[x] = y;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
151
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
152 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
153
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
154 // packed structure to allow a single socket write to dump the
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
155 // length and the following answer. The packing attribute is gcc specific.
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
156 struct glommer {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
157 size_t length;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
158 #ifdef NS_PACKETSZ
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
159 u_char answer[NS_PACKETSZ*4]; // with a resolver, we return resolver answers
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
160 #else
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
161 uint32_t answer; // without a resolver, we return a single ipv4 address in network byte order, 0 == no answer
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
162 #endif
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
163 } __attribute__ ((packed));
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
164
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
165
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
166 ////////////////////////////////////////////////
136
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
167 // helper to manipulate recipient counts
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
168 //
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
169 void incr_rcpt_count(const char *user, int &hourly, int &daily);
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
170 void incr_rcpt_count(const char *user, int &hourly, int &daily) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
171 pthread_mutex_lock(&rate_mutex);
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
172 rates::iterator i = rcpt_hourly_counts.find(user);
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
173 hourly = 1;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
174 if (i == rcpt_hourly_counts.end()) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
175 user = strdup(user);
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
176 rcpt_hourly_counts[user] = hourly;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
177 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
178 else {
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
179 hourly = ++((*i).second);
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
180 }
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
181
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
182 rates::iterator j = rcpt_daily_counts.find(user);
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
183 daily = 1;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
184 if (j == rcpt_daily_counts.end()) {
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
185 user = strdup(user);
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
186 rcpt_daily_counts[user] = daily;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
187 }
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
188 else {
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
189 daily = ++((*j).second);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
190 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
191 pthread_mutex_unlock(&rate_mutex);
136
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
192 }
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
193
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
194
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
195 void add_auth_address(const char *user, int &hourly, int &daily, int32_t ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
196 void add_auth_address(const char *user, int &hourly, int &daily, int32_t ip) {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
197 pthread_mutex_lock(&rate_mutex);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
198 auth_addresses::iterator ii = auth_hourly_addresses.find(user);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
199 if (ii == auth_hourly_addresses.end()) {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
200 auth_hourly_addresses[user] = new int32_t_set;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
201 auth_hourly_addresses[user]->insert(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
202 hourly = 1;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
203 }
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
204 else {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
205 int32_t_set::iterator i = ((*ii).second)->find(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
206 if (i == ((*ii).second)->end()) ((*ii).second)->insert(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
207 hourly = ((*ii).second)->size();
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
208 }
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
209
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
210 auth_addresses::iterator jj = auth_daily_addresses.find(user);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
211 if (jj == auth_daily_addresses.end()) {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
212 auth_daily_addresses[user] = new int32_t_set;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
213 auth_daily_addresses[user]->insert(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
214 daily = 1;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
215 }
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
216 else {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
217 int32_t_set::iterator i = ((*jj).second)->find(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
218 if (i == ((*jj).second)->end()) ((*jj).second)->insert(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
219 daily = ((*jj).second)->size();
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
220 }
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
221 pthread_mutex_unlock(&rate_mutex);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
222 }
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
223
136
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
224 ////////////////////////////////////////////////
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
225 // helper to discard the strings held by a context_map
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
226 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
227 void discard(context_map &cm);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
228 void discard(context_map &cm) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
229 for (context_map::iterator i=cm.begin(); i!=cm.end(); i++) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
230 const char *x = (*i).first;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
231 free((void*)x);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
232 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
233 cm.clear();
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
234 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
235
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
236
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
237 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
238 // helper to register a string in a context_map
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
239 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
240 void register_string(context_map &cm, const char *name, CONTEXT *con);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
241 void register_string(context_map &cm, const char *name, CONTEXT *con) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
242 context_map::iterator i = cm.find(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
243 if (i != cm.end()) return;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
244 char *x = strdup(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
245 cm[x] = con;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
246 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
247
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
248
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
249 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
250 // disconnect the fd from the dns resolver process
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
251 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
252 void my_disconnect(int sock, bool decrement = true);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
253 void my_disconnect(int sock, bool decrement) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
254 if (sock != NULL_SOCKET) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
255 if (decrement) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
256 pthread_mutex_lock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
257 resolver_sock_count--;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
258 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
259 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
260 shutdown(sock, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
261 close(sock);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
262 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
263 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
264
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
265
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
266 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
267 // return fd connected to the dns resolver process
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
268 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
269 int my_connect();
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
270 int my_connect() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
271 // if we have had recent errors, don't even try to open the socket
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
272 if ((time(NULL) - last_error_time) < ERROR_SOCKET_TIME) return NULL_SOCKET;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
273
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
274 // nothing recent, maybe this time it will work
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
275 int sock = NULL_SOCKET;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
276 sockaddr_un server;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
277 memset(&server, '\0', sizeof(server));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
278 server.sun_family = AF_UNIX;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
279 strncpy(server.sun_path, resolver_port, sizeof(server.sun_path)-1);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
280 sock = socket(AF_UNIX, SOCK_STREAM, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
281 if (sock != NULL_SOCKET) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
282 bool rc = (connect(sock, (sockaddr *)&server, sizeof(server)) == 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
283 if (!rc) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
284 my_disconnect(sock, false);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
285 sock = NULL_SOCKET;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
286 last_error_time = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
287 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
288 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
289 else last_error_time = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
290 if (sock != NULL_SOCKET) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
291 pthread_mutex_lock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
292 resolver_sock_count++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
293 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
294 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
295 return sock;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
296 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
297
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
298
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
299 ////////////////////////////////////////////////
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
300 // ask a dns question and get an A record answer in network byte order
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
301 // we don't try very hard, just using the default resolver retry settings.
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
302 // If we cannot get an answer, we just accept the mail.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
303 //
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
304 //
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
305 uint32_t dns_interface(mlfiPriv &priv, const char *question, bool maybe_ip, ns_map *nameservers);
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
306 uint32_t dns_interface(mlfiPriv &priv, const char *question, bool maybe_ip, ns_map *nameservers) {
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
307 // tell sendmail we are still working
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
308 #if _FFR_SMFI_PROGRESS
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
309 if (priv.eom) smfi_progress(priv.ctx);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
310 #endif
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
311
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
312 // this part can be done without locking the resolver mutex. Each
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
313 // milter thread is talking over its own socket to a separate resolver
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
314 // process, which does the actual dns resolution.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
315 if (priv.err) return 0; // cannot ask more questions on this socket.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
316 if (maybe_ip) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
317 // might be a bare ip address, try this first to avoid dns lookups that may not be needed
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
318 in_addr ip;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
319 if (inet_aton(question, &ip)) {
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
320 return ip.s_addr;
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
321 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
322 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
323 int n = strlen(question);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
324 if (question[n-1] == '.') {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
325 priv.my_write(question, n+1); // write the question including the null terminator
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
326 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
327 else {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
328 priv.my_write(question, n); // write the question
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
329 priv.my_write(".", 2); // and the fully qualified . terminator and null string terminator
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
330 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
331 glommer glom;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
332 char *buf = (char *)&glom;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
333 priv.my_read(buf, sizeof(glom.length));
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
334 buf += sizeof(glom.length);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
335 #ifdef RESOLVER_DEBUG
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
336 char text[1000];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
337 snprintf(text, sizeof(text), "dns_interface() wrote question %s and has answer length %d", question, glom.length);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
338 my_syslog(text);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
339 #endif
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
340 if (glom.length == 0) return 0;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
341 if (glom.length > sizeof(glom.answer)) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
342 priv.err = true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
343 return 0; // cannot process overlarge answers
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
344 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
345 priv.my_read(buf, glom.length);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
346
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
347 #ifdef NS_PACKETSZ
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
348 // now we need to lock the resolver mutex to keep the milter threads from
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
349 // stepping on each other while parsing the dns answer.
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
350 uint32_t ret_address = 0;
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
351 pthread_mutex_lock(&resolve_mutex);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
352 // parse the answer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
353 ns_msg handle;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
354 ns_rr rr;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
355 if (ns_initparse(glom.answer, glom.length, &handle) == 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
356 // look for ns names
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
357 if (nameservers) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
358 ns_map &ns = *nameservers;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
359 int rrnum = 0;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
360 while (ns_parserr(&handle, ns_s_ns, rrnum++, &rr) == 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
361 if (ns_rr_type(rr) == ns_t_ns) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
362 char nam[NS_MAXDNAME+1];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
363 char *n = nam;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
364 const u_char *p = ns_rr_rdata(rr);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
365 while (((n-nam) < NS_MAXDNAME) && ((size_t)(p-glom.answer) < glom.length) && *p) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
366 size_t s = *(p++);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
367 if (s > 191) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
368 // compression pointer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
369 s = (s-192)*256 + *(p++);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
370 if (s >= glom.length) break; // pointer outside bounds of answer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
371 p = glom.answer + s;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
372 s = *(p++);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
373 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
374 if (s > 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
375 if ((size_t)(n-nam) >= (NS_MAXDNAME-s)) break; // destination would overflow name buffer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
376 if ((size_t)(p-glom.answer) >= (glom.length-s)) break; // source outside bounds of answer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
377 memcpy(n, p, s);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
378 n += s;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
379 p += s;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
380 *(n++) = '.';
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
381 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
382 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
383 if (n-nam) n--; // remove trailing .
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
384 *n = '\0'; // null terminate it
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
385 ns.add(nam, question); // ns host to lookup later
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
386 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
387 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
388 rrnum = 0;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
389 while (ns_parserr(&handle, ns_s_ar, rrnum++, &rr) == 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
390 if (ns_rr_type(rr) == ns_t_a) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
391 char* nam = (char*)ns_rr_name(rr);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
392 ns_mapper::iterator i = ns.ns_ip.find(nam);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
393 if (i != ns.ns_ip.end()) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
394 // we want this ip address
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
395 uint32_t address;
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
396 memcpy(&address, ns_rr_rdata(rr), sizeof(address));
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
397 ns.ns_ip[nam] = address;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
398 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
399 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
400 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
401 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
402 int rrnum = 0;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
403 while (ns_parserr(&handle, ns_s_an, rrnum++, &rr) == 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
404 if (ns_rr_type(rr) == ns_t_a) {
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
405 uint32_t address;
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
406 memcpy(&address, ns_rr_rdata(rr), sizeof(address));
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
407 ret_address = address;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
408 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
409 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
410 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
411 pthread_mutex_unlock(&resolve_mutex);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
412 #ifdef RESOLVER_DEBUG
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
413 snprintf(text, sizeof(text), "dns_interface() found ip %d", ret_address);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
414 my_syslog(text);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
415 #endif
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
416 return ret_address;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
417 #else
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
418 return glom.answer;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
419 #endif
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
420 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
421
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
422
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
423 ////////////////////////////////////////////////
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
424 // lookup a hostname on the uribl
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
425 //
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
426 // if we find hostname on the uribl, return true and point found to hostname
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
427 // as a string registered in hosts.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
428 // otherwise, return false and preserve the value of found.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
429 //
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
430 bool uriblookup(mlfiPriv &priv, string_set &hosts, const char *hostname, const char *&found) ;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
431 bool uriblookup(mlfiPriv &priv, string_set &hosts, const char *hostname, const char *&found) {
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
432 char buf[maxlen];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
433 snprintf(buf, sizeof(buf), "%s.%s.", hostname, priv.uribl_suffix);
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
434 uint32_t ip = ntohl(dns_interface(priv, buf, false, NULL));
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
435 if (ip and (ip != 0x7f000000)) {
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
436 if (debug_syslog > 2) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
437 char tmp[maxlen];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
438 snprintf(tmp, sizeof(tmp), "found %s on %s", hostname, priv.uribl_suffix);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
439 my_syslog(tmp);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
440 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
441 found = register_string(hosts, hostname);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
442 return true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
443 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
444 return false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
445 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
446
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
447
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
448 ////////////////////////////////////////////////
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
449 // uribl checker
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
450 // -------------
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
451 // hostname MUST not have a trailing dot. Find the tld part of
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
452 // the hostname, and add one more level. If that is listed on
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
453 // the uribl, return true and point found to the part of the
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
454 // hostname that we found as a string registered in hosts.
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
455 // Otherwise, return false and preserve the value of found.
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
456 //
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
457 bool check_uribl(mlfiPriv &priv, string_set &hosts, const char *hostname, const char *&found) ;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
458 bool check_uribl(mlfiPriv &priv, string_set &hosts, const char *hostname, const char *&found) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
459 in_addr ip;
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
460 if (inet_aton(hostname, &ip)) return false; // don't check ip addresses in uribls
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
461 const char* components[maxlen];
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
462 int n = 0; // number of components in the hostname
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
463 while (n < maxlen) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
464 components[n++] = hostname;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
465 const char *c = strchr(hostname, '.');
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
466 if (!c) break;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
467 hostname = c+1;
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
468 }
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
469 string_set *tlds = priv.memory->get_tlds();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
470 string_set *tldwilds = priv.memory->get_tldwilds();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
471 string_set *tldnots = priv.memory->get_tldnots();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
472 string_set::iterator xtlds = tlds->end();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
473 string_set::iterator xtldwilds = tldwilds->end();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
474 string_set::iterator xtldnots = tldnots->end();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
475 for (int i=max(0,n-4); i<n; i++) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
476 const char* name = components[i];
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
477 bool rc = false;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
478 string_set::iterator tt = tldnots->find(name);
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
479 if (tt != xtldnots) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
480 rc = true;
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
481 }
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
482 else {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
483 tt = tldwilds->find(name);
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
484 if (tt != xtldwilds) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
485 if (i > 1) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
486 rc = true;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
487 name = components[i-2];
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
488 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
489 else return false;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
490 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
491 else {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
492 tt = tlds->find(name);
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
493 if (tt != xtlds) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
494 if (i > 0) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
495 rc = true;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
496 name = components[i-1];
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
497 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
498 else return false;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
499 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
500 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
501 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
502 if (rc) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
503 return uriblookup(priv, hosts, name, found);
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
504 }
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
505 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
506 return false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
507 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
508
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
509
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
510 mlfiPriv::mlfiPriv() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
511 pthread_mutex_lock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
512 pc = config;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
513 pc->reference_count++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
514 pthread_mutex_unlock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
515 get_fd();
230
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
516 ctx = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
517 eom = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
518 ip = 0;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
519 helo = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
520 mailaddr = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
521 queueid = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
522 authenticated = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
523 client_name = NULL;
257
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
524 client_dns_name = NULL;
268
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
525 client_dns_forged = false;
238
7b818a4e21a4 produce correct uribl message
Carl Byington <carl@five-ten-sg.com>
parents: 236
diff changeset
526 host_uribl = NULL;
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
527 helo_uribl = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
528 client_uribl = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
529 from_uribl = false;
230
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
530 have_whites = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
531 only_whites = true;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
532 want_spamassassin = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
533 want_dccgrey = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
534 want_dccbulk = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
535 allow_autowhitelisting = true;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
536 content_context = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
537 memory = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
538 scanner = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
539 content_suffix = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
540 content_message = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
541 uribl_suffix = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
542 uribl_message = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
543 content_host_ignore = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
544 assassin = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
545 dccifd = NULL;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
546 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
547
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
548 mlfiPriv::~mlfiPriv() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
549 return_fd();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
550 pthread_mutex_lock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
551 pc->reference_count--;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
552 bool last = (!pc->reference_count) && (pc != config);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
553 pthread_mutex_unlock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
554 if (last) delete pc; // free this config, since we were the last reference to it
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
555 if (helo) free((void*)helo);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
556 reset(true);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
557 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
558
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
559 void mlfiPriv::reset(bool final) {
194
688ec12a3c0c delay autowhitelisting to avoid out of office reply bots
carl
parents: 193
diff changeset
560 while (!delayer.empty()) {
231
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
561 DELAYWHITEP dwp = delayer.front();
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
562 const char *loto = dwp->get_loto();
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
563 if (loto) free((void*)loto);
193
3ea79ef741a0 delay autowhitelisting to avoid out of office reply bots
carl
parents: 192
diff changeset
564 delete dwp;
3ea79ef741a0 delay autowhitelisting to avoid out of office reply bots
carl
parents: 192
diff changeset
565 delayer.pop_front();
3ea79ef741a0 delay autowhitelisting to avoid out of office reply bots
carl
parents: 192
diff changeset
566 }
257
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
567 if (mailaddr) free((void*)mailaddr);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
568 if (queueid) free((void*)queueid);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
569 if (authenticated) free((void*)authenticated);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
570 if (client_name) free((void*)client_name);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
571 if (client_dns_name) free((void*)client_dns_name);
238
7b818a4e21a4 produce correct uribl message
Carl Byington <carl@five-ten-sg.com>
parents: 236
diff changeset
572 discard(hosts_uribl);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
573 delayer.clear();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
574 discard(env_to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
575 if (memory) delete memory;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
576 if (scanner) delete scanner;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
577 if (assassin) delete assassin;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
578 if (dccifd) delete dccifd;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
579 if (!final) {
230
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
580 ctx = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
581 eom = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
582 mailaddr = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
583 queueid = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
584 authenticated = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
585 client_name = NULL;
257
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
586 client_dns_name = NULL;
238
7b818a4e21a4 produce correct uribl message
Carl Byington <carl@five-ten-sg.com>
parents: 236
diff changeset
587 host_uribl = NULL;
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
588 helo_uribl = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
589 client_uribl = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
590 from_uribl = false;
230
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
591 have_whites = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
592 only_whites = true;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
593 want_spamassassin = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
594 want_dccgrey = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
595 want_dccbulk = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
596 allow_autowhitelisting = true;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
597 content_context = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
598 memory = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
599 scanner = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
600 content_suffix = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
601 content_message = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
602 uribl_suffix = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
603 uribl_message = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
604 content_host_ignore = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
605 assassin = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
606 dccifd = NULL;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
607 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
608 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
609
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
610 void mlfiPriv::get_fd() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
611 err = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
612 fd = NULL_SOCKET;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
613 int result = pthread_mutex_lock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
614 if (!result) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
615 std::set<int>::iterator i;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
616 i = fd_pool.begin();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
617 if (i != fd_pool.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
618 // have at least one fd in the pool
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
619 err = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
620 fd = *i;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
621 fd_pool.erase(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
622 resolver_pool_size--;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
623 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
624 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
625 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
626 // pool is empty, get a new fd
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
627 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
628 fd = my_connect();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
629 err = (fd == NULL_SOCKET);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
630 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
631 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
632 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
633 // cannot lock the pool, just get a new fd
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
634 fd = my_connect();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
635 err = (fd == NULL_SOCKET);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
636 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
637 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
638
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
639 void mlfiPriv::return_fd() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
640 if (err) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
641 // this fd got a socket error, so close it, rather than returning it to the pool
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
642 my_disconnect(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
643 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
644 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
645 int result = pthread_mutex_lock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
646 if (!result) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
647 if ((resolver_sock_count > resolver_pool_size*5) || (resolver_pool_size < 5)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
648 // return the fd to the pool
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
649 fd_pool.insert(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
650 resolver_pool_size++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
651 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
652 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
653 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
654 // more than 20% of the open resolver sockets are in the pool, and the
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
655 // pool as at least 5 sockets. that is enough, so just close this one.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
656 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
657 my_disconnect(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
658 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
659 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
660 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
661 // could not lock the pool, so just close the fd
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
662 my_disconnect(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
663 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
664 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
665 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
666
177
a4d313c2460b start embedded dcc filtering
carl
parents: 174
diff changeset
667 size_t mlfiPriv::my_write(const char *buf, size_t len) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
668 if (err) return 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
669 size_t rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
670 while (len) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
671 size_t ws = write(fd, buf, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
672 if (ws > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
673 rs += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
674 len -= ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
675 buf += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
676 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
677 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
678 // peer closed the socket!
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
679 rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
680 err = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
681 break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
682 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
683 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
684 return rs;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
685 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
686
177
a4d313c2460b start embedded dcc filtering
carl
parents: 174
diff changeset
687 size_t mlfiPriv::my_read(char *buf, size_t len) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
688 if (err) return 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
689 size_t rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
690 while (len) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
691 size_t ws = read(fd, buf, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
692 if (ws > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
693 rs += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
694 len -= ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
695 buf += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
696 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
697 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
698 // peer closed the socket!
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
699 rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
700 err = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
701 break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
702 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
703 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
704 return rs;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
705 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
706
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
707 void mlfiPriv::need_content_filter(const char *rcpt, CONTEXT &con) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
708 if (!memory) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
709 // first recipient that needs content filtering sets
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
710 // some of the content filtering parameters
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
711 memory = new recorder(this, con.get_html_tags(), con.get_content_tlds(), con.get_content_tldwilds(), con.get_content_tldnots());
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
712 scanner = new url_scanner(memory);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
713 content_suffix = con.get_content_suffix();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
714 content_message = con.get_content_message();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
715 uribl_suffix = con.get_uribl_suffix();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
716 uribl_message = con.get_uribl_message();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
717 content_host_ignore = &con.get_content_host_ignore();
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
718 // if we are using uribl, test helo and client names here
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
719 if (uribl_suffix) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
720 if (helo) {
238
7b818a4e21a4 produce correct uribl message
Carl Byington <carl@five-ten-sg.com>
parents: 236
diff changeset
721 helo_uribl = check_uribl(*this, hosts_uribl, helo, host_uribl);
257
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
722 }
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
723 if (client_dns_name && !helo_uribl) {
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
724 client_uribl = check_uribl(*this, hosts_uribl, client_dns_name, host_uribl);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
725 }
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
726 if (mailaddr && !client_uribl) {
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
727 const char *f = strchr(mailaddr, '@');
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
728 if (f) from_uribl = check_uribl(*this, hosts_uribl, f+1, host_uribl);
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
729 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
730 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
731 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
732 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
733
186
2a80c9b5d2c9 fix null pointer dereference from missing HELO command
carl
parents: 185
diff changeset
734
2a80c9b5d2c9 fix null pointer dereference from missing HELO command
carl
parents: 185
diff changeset
735 mlfiPriv* fetch_priv_from_ctx(SMFICTX *ctx);
2a80c9b5d2c9 fix null pointer dereference from missing HELO command
carl
parents: 185
diff changeset
736 mlfiPriv* fetch_priv_from_ctx(SMFICTX *ctx)
2a80c9b5d2c9 fix null pointer dereference from missing HELO command
carl
parents: 185
diff changeset
737 {
2a80c9b5d2c9 fix null pointer dereference from missing HELO command
carl
parents: 185
diff changeset
738 mlfiPriv *priv = (struct mlfiPriv *)smfi_getpriv(ctx);
187
f0eda59e8afd fix null pointer dereference from missing HELO command
carl
parents: 186
diff changeset
739 priv->ctx = ctx;
186
2a80c9b5d2c9 fix null pointer dereference from missing HELO command
carl
parents: 185
diff changeset
740 return priv;
2a80c9b5d2c9 fix null pointer dereference from missing HELO command
carl
parents: 185
diff changeset
741 }
2a80c9b5d2c9 fix null pointer dereference from missing HELO command
carl
parents: 185
diff changeset
742 #define MLFIPRIV fetch_priv_from_ctx(ctx)
2a80c9b5d2c9 fix null pointer dereference from missing HELO command
carl
parents: 185
diff changeset
743
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
744
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
745
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
746 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
747 // syslog a message
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
748 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
749 void my_syslog(mlfiPriv *priv, const char *text) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
750 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
751 if (priv) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
752 snprintf(buf, sizeof(buf), "%s: %s", priv->queueid, text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
753 text = buf;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
754 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
755 if (use_syslog) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
756 pthread_mutex_lock(&syslog_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
757 if (!syslog_opened) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
758 openlog("dnsbl", LOG_PID, LOG_MAIL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
759 syslog_opened = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
760 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
761 syslog(LOG_NOTICE, "%s", text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
762 pthread_mutex_unlock(&syslog_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
763 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
764 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
765 printf("%s \n", text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
766 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
767 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
768
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
769 void my_syslog(mlfiPriv *priv, const string text) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
770 if (debug_syslog > 3) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
771 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
772 strncpy(buf, text.c_str(), sizeof(buf));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
773 buf[maxlen-1] = '\0'; // ensure null termination
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
774 my_syslog(priv, buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
775 }
163
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
776 }
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
777
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
778 void my_syslog(const char *text) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
779 my_syslog(NULL, text);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
780 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
781
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
782
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
783 ////////////////////////////////////////////////
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
784 // read a resolver request from the socket, process it, and
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
785 // write the result back to the socket.
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
786
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
787 void process_resolver_requests(int socket);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
788 void process_resolver_requests(int socket) {
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
789 #ifdef NS_MAXDNAME
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
790 char question[NS_MAXDNAME];
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
791 #else
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
792 char question[1000];
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
793 #endif
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
794 glommer glom;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
795
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
796 int maxq = sizeof(question);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
797 while (true) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
798 // read a question
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
799 int rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
800 while (rs < maxq) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
801 int ns = read(socket, question+rs, maxq-rs);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
802 if (ns > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
803 rs += ns;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
804 if (question[rs-1] == '\0') {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
805 // last byte read was the null terminator, we are done
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
806 break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
807 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
808 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
809 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
810 // peer closed the socket
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
811 #ifdef RESOLVER_DEBUG
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
812 my_syslog("process_resolver_requests() peer closed socket while reading question");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
813 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
814 shutdown(socket, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
815 close(socket);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
816 return;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
817 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
818 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
819 question[rs-1] = '\0'; // ensure null termination
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
820
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
821 // find the answer
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
822 #ifdef NS_PACKETSZ
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
823 #ifdef RESOLVER_DEBUG
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
824 char text[1000];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
825 snprintf(text, sizeof(text), "process_resolver_requests() has a question %s", question);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
826 my_syslog(text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
827 #endif
223
da9e7f1c8160 fix unsigned signed compare, back to mixed -lresolv and libresolv.a with auto requires
Carl Byington <carl@five-ten-sg.com>
parents: 222
diff changeset
828 int res_result = res_search(question, ns_c_in, ns_t_a, glom.answer, sizeof(glom.answer));
da9e7f1c8160 fix unsigned signed compare, back to mixed -lresolv and libresolv.a with auto requires
Carl Byington <carl@five-ten-sg.com>
parents: 222
diff changeset
829 if (res_result < 0) glom.length = 0; // represent all errors as zero length answers
da9e7f1c8160 fix unsigned signed compare, back to mixed -lresolv and libresolv.a with auto requires
Carl Byington <carl@five-ten-sg.com>
parents: 222
diff changeset
830 else glom.length = (size_t)res_result;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
831 #else
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
832 glom.length = sizeof(glom.answer);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
833 glom.answer = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
834 struct hostent *host = gethostbyname(question);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
835 if (host && (host->h_addrtype == AF_INET)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
836 memcpy(&glom.answer, host->h_addr, sizeof(glom.answer));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
837 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
838 #endif
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
839
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
840 // write the answer
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
841 char *buf = (char *)&glom;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
842 int len = glom.length + sizeof(glom.length);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
843 #ifdef RESOLVER_DEBUG
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
844 snprintf(text, sizeof(text), "process_resolver_requests() writing answer length %d for total %d", glom.length, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
845 my_syslog(text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
846 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
847 int ws = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
848 while (len > ws) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
849 int ns = write(socket, buf+ws, len-ws);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
850 if (ns > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
851 ws += ns;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
852 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
853 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
854 // peer closed the socket!
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
855 #ifdef RESOLVER_DEBUG
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
856 my_syslog("process_resolver_requests() peer closed socket while writing answer");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
857 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
858 shutdown(socket, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
859 close(socket);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
860 return;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
861 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
862 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
863 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
864 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
865
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
866
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
867 ////////////////////////////////////////////////
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
868 // check a single dns list, return ip address in network byte order
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
869 //
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
870 uint32_t check_single(mlfiPriv &priv, int32_t ip, const char *suffix);
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
871 uint32_t check_single(mlfiPriv &priv, int32_t ip, const char *suffix) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
872 // make a dns question
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
873 const u_char *src = (const u_char *)&ip;
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
874 if (src[0] == 127) return 0; // don't do dns lookups on localhost
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
875 if (src[0] == 10) return 0; // don't do dns lookups on rfc1918 space
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
876 if ((src[0] == 192) && (src[1] == 168)) return 0;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
877 if ((src[0] == 172) && (16 <= src[1]) && (src[1] <= 31)) return 0;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
878 #ifdef NS_MAXDNAME
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
879 char question[NS_MAXDNAME];
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
880 #else
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
881 char question[1000];
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
882 #endif
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
883 snprintf(question, sizeof(question), "%u.%u.%u.%u.%s.", src[3], src[2], src[1], src[0], suffix);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
884 // ask the question, if we get an A record it implies a blacklisted ip address
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
885 return dns_interface(priv, question, false, NULL);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
886 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
887
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
888
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
889 ////////////////////////////////////////////////
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
890 // check a single dnsbl
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
891 //
242
d8ee4c97b9ab 64 bit fixes for libresolv.a
Carl Byington <carl@five-ten-sg.com>
parents: 238
diff changeset
892 bool check_single(mlfiPriv &priv, int32_t ip, DNSBL &bl);
d8ee4c97b9ab 64 bit fixes for libresolv.a
Carl Byington <carl@five-ten-sg.com>
parents: 238
diff changeset
893 bool check_single(mlfiPriv &priv, int32_t ip, DNSBL &bl) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
894 return check_single(priv, ip, bl.suffix);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
895 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
896
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
897
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
898 ////////////////////////////////////////////////
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
899 // check a single dnswl
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
900 //
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
901 bool check_single(mlfiPriv &priv, int32_t ip, DNSWL &wl);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
902 bool check_single(mlfiPriv &priv, int32_t ip, DNSWL &wl) {
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
903 uint32_t r = ntohl(check_single(priv, ip, wl.suffix));
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
904 uint32_t v = (uint32_t)0x7f000000;
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
905 uint32_t m = (uint32_t)0xffff0000;
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
906 uint32_t m2 = (uint32_t)0x000000ff;
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
907 if ((r & m) == v) {
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
908 uint32_t l = r & m2;
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
909 if ((int)l >= wl.level) return true;
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
910 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
911 return false;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
912 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
913
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
914
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
915 ////////////////////////////////////////////////
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
916 // check the dnsbls specified for this recipient
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
917 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
918 bool check_dnsbl(mlfiPriv &priv, dnsblp_list &dnsbll, DNSBLP &rejectlist);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
919 bool check_dnsbl(mlfiPriv &priv, dnsblp_list &dnsbll, DNSBLP &rejectlist) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
920 for (dnsblp_list::iterator i=dnsbll.begin(); i!=dnsbll.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
921 DNSBLP dp = *i; // non null by construction
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
922 bool st;
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
923 map<DNSBLP, bool>::iterator f = priv.checked_black.find(dp);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
924 if (f == priv.checked_black.end()) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
925 // have not checked this list yet
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
926 st = check_single(priv, priv.ip, *dp);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
927 rejectlist = dp;
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
928 priv.checked_black[dp] = st;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
929 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
930 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
931 st = (*f).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
932 rejectlist = (*f).first;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
933 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
934 if (st) return st;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
935 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
936 return false;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
937 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
938
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
939
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
940 ////////////////////////////////////////////////
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
941 // check the dnswls specified for this recipient
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
942 //
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
943 bool check_dnswl(mlfiPriv &priv, dnswlp_list &dnswll, DNSWLP &acceptlist);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
944 bool check_dnswl(mlfiPriv &priv, dnswlp_list &dnswll, DNSWLP &acceptlist) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
945 for (dnswlp_list::iterator i=dnswll.begin(); i!=dnswll.end(); i++) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
946 DNSWLP dp = *i; // non null by construction
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
947 bool st;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
948 map<DNSWLP, bool>::iterator f = priv.checked_white.find(dp);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
949 if (f == priv.checked_white.end()) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
950 // have not checked this list yet
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
951 st = check_single(priv, priv.ip, *dp);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
952 acceptlist = dp;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
953 priv.checked_white[dp] = st;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
954 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
955 else {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
956 st = (*f).second;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
957 acceptlist = (*f).first;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
958 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
959 if (st) return st;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
960 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
961 return false;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
962 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
963
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
964
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
965 ////////////////////////////////////////////////
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
966 // check the hosts from the body against the content filter and uribl dnsbls
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
967 //
124
ea6f9c812faa put hostname in smtp message for uribl style lookups
carl
parents: 123
diff changeset
968 //
242
d8ee4c97b9ab 64 bit fixes for libresolv.a
Carl Byington <carl@five-ten-sg.com>
parents: 238
diff changeset
969 bool check_hosts(mlfiPriv &priv, bool random, int limit, const char *&msg, const char *&host, int32_t &ip, const char *&found);
d8ee4c97b9ab 64 bit fixes for libresolv.a
Carl Byington <carl@five-ten-sg.com>
parents: 238
diff changeset
970 bool check_hosts(mlfiPriv &priv, bool random, int limit, const char *&msg, const char *&host, int32_t &ip, const char *&found) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
971 found = NULL; // normally ip address style
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
972 if (!priv.content_suffix && !priv.uribl_suffix) return false; // nothing to check
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
973 string_set &hosts = priv.memory->get_hosts();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
974 string_set &ignore = *priv.content_host_ignore;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
975
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
976 int count = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
977 int cnt = hosts.size(); // number of hosts we could look at
242
d8ee4c97b9ab 64 bit fixes for libresolv.a
Carl Byington <carl@five-ten-sg.com>
parents: 238
diff changeset
978 int32_t_set ips;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
979 ns_map nameservers;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
980 for (string_set::iterator i=hosts.begin(); i!=hosts.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
981 host = *i; // a reference into hosts, which will live until this smtp transaction is closed
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
982
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
983 // don't bother looking up hosts on the ignore list
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
984 string_set::iterator j = ignore.find(host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
985 if (j != ignore.end()) continue;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
986
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
987 // try to only look at limit/cnt fraction of the available cnt host names in random mode
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
988 if ((cnt > limit) && (limit > 0) && random) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
989 int r = rand() % cnt;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
990 if (r >= limit) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
991 if (debug_syslog > 2) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
992 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
993 snprintf(buf, sizeof(buf), "host %s skipped", host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
994 my_syslog(&priv, buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
995 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
996 continue;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
997 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
998 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
999 count++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1000 ip = dns_interface(priv, host, true, &nameservers);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1001 if (debug_syslog > 2) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1002 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1003 if (ip) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1004 char adr[sizeof "255.255.255.255 "];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1005 adr[0] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1006 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1007 snprintf(buf, sizeof(buf), "host %s found at %s", host, adr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1008 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1009 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1010 snprintf(buf, sizeof(buf), "host %s not found", host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1011 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1012 my_syslog(&priv, buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1013 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1014 if (ip) {
242
d8ee4c97b9ab 64 bit fixes for libresolv.a
Carl Byington <carl@five-ten-sg.com>
parents: 238
diff changeset
1015 int32_t_set::iterator i = ips.find(ip);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1016 if (i == ips.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1017 // we haven't looked this up yet
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1018 ips.insert(ip);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1019 // check dnsbl style list
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1020 if (priv.content_suffix && check_single(priv, ip, priv.content_suffix)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1021 msg = priv.content_message;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1022 return true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1023 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1024 // Check uribl & surbl style list
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1025 if (priv.uribl_suffix && check_uribl(priv, hosts, host, found)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1026 msg = priv.uribl_message;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1027 return true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1028 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1029 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1030 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1031 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1032 limit *= 4; // allow average of 3 ns per host name
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1033 for (ns_mapper::iterator i=nameservers.ns_ip.begin(); i!=nameservers.ns_ip.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1034 count++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1035 if ((count > limit) && (limit > 0)) return false; // too many name servers to check them all
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1036 host = (*i).first; // a transient reference that needs to be replaced before we return it
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1037 ip = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1038 if (!ip) ip = dns_interface(priv, host, false, NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1039 if (debug_syslog > 2) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1040 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1041 if (ip) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1042 char adr[sizeof "255.255.255.255 "];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1043 adr[0] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1044 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1045 snprintf(buf, sizeof(buf), "ns %s found at %s", host, adr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1046 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1047 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1048 snprintf(buf, sizeof(buf), "ns %s not found", host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1049 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1050 my_syslog(&priv, buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1051 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1052 if (ip) {
242
d8ee4c97b9ab 64 bit fixes for libresolv.a
Carl Byington <carl@five-ten-sg.com>
parents: 238
diff changeset
1053 int32_t_set::iterator i = ips.find(ip);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1054 if (i == ips.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1055 ips.insert(ip);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1056 if (check_single(priv, ip, priv.content_suffix)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1057 msg = priv.content_message;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1058 string_map::iterator j = nameservers.ns_host.find(host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1059 if (j != nameservers.ns_host.end()) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1060 const char *refer = (*j).second;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1061 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1062 snprintf(buf, sizeof(buf), "%s with nameserver %s", refer, host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1063 host = register_string(hosts, buf); // put a copy into hosts, and return that reference
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1064 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1065 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1066 host = register_string(hosts, host); // put a copy into hosts, and return that reference
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1067 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1068 return true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1069 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1070 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1071 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1072 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1073 return false;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1074 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1075
127
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
1076
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1077 ////////////////////////////////////////////////
127
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
1078 //
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
1079 // this email address is passed in from sendmail, and will normally be
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1080 // enclosed in <>. I think older versions of sendmail supplied the <>
127
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
1081 // wrapper if the mail client did not, but the current version does not do
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
1082 // that. So the <> wrapper is now optional. It may have mixed case, just
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1083 // as the mail client sent it. We dup the string and convert the duplicate
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1084 // to lower case. Some clients enclose the entire address in single quotes,
246
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1085 // so we strip those as well. We also remove the SRS and prvs coding.
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1086 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1087 const char *to_lower_string(const char *email);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1088 const char *to_lower_string(const char *email) {
266
582cfb9c4031 fix unauthenticated rate limit bug for empty mail from
Carl Byington <carl@five-ten-sg.com>
parents: 263
diff changeset
1089 if (!email) return strdup("<>");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1090 int n = strlen(email);
266
582cfb9c4031 fix unauthenticated rate limit bug for empty mail from
Carl Byington <carl@five-ten-sg.com>
parents: 263
diff changeset
1091 if (n == 0) return strdup("<>");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1092 if (email[0] == '<') {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1093 // assume it also ends with >
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1094 n -= 2;
266
582cfb9c4031 fix unauthenticated rate limit bug for empty mail from
Carl Byington <carl@five-ten-sg.com>
parents: 263
diff changeset
1095 if (n < 1) return strdup("<>");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1096 email++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1097 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1098 if ((email[0] == '\'') && (email[n-1] == '\'') && (n > 2)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1099 n -= 2;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1100 email++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1101 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1102 char *key = strdup(email);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1103 key[n] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1104 for (int i=0; i<n; i++) key[i] = tolower(key[i]);
246
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1105 if ((n > 14) && (strncmp(key, "srs", 3) == 0)) {
235
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1106 // might have srs coding to be removed
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1107 const int nmatch = 6;
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1108 regmatch_t match[nmatch];
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1109 if (0 == regexec(&srs_pattern, key, nmatch, match, 0)) {
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1110 int s4 = match[4].rm_so; // domain
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1111 int e4 = match[4].rm_eo;
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1112 int s5 = match[5].rm_so; // user
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1113 int e5 = match[5].rm_eo;
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1114 if ((s4 != -1) && (s5 != -1)) {
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1115 char *newkey = strdup(key); // large enough
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1116 key[e4] = '\0';
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1117 key[e5] = '\0';
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1118 strcpy(newkey, key+s5); // user
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1119 strcat(newkey, "@"); // @
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1120 strcat(newkey, key+s4); // domain
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1121 free(key);
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1122 key = newkey;
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1123 }
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1124 }
e6c66640f6f9 Add SRS decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
1125 }
246
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1126 if ((n > 7) && (strncmp(key, "prvs", 4) == 0)) {
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1127 // might have prvs coding to be removed
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1128 const int nmatch = 3;
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1129 regmatch_t match[nmatch];
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1130 if (0 == regexec(&prvs_pattern, key, nmatch, match, 0)) {
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1131 int s2 = match[2].rm_so; // user@domain
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1132 if (s2 != -1) {
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1133 char *newkey = strdup(key+s2); // user@domain
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1134 free(key);
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1135 key = newkey;
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1136 }
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1137 }
8b0f16abee53 Add prvs decoding to envelope addresses
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1138 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1139 return key;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1140 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1141
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1142
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1143 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1144 // start of sendmail milter interfaces
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1145 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1146 sfsistat mlfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr)
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1147 {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1148 // allocate some private memory
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1149 mlfiPriv *priv = new mlfiPriv;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1150 if (hostaddr->sa_family == AF_INET) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1151 priv->ip = ((struct sockaddr_in *)hostaddr)->sin_addr.s_addr;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1152 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1153 // save the private data
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1154 smfi_setpriv(ctx, (void*)priv);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1155
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1156 // continue processing
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1157 return SMFIS_CONTINUE;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1158 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1159
163
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1160 sfsistat mlfi_helo(SMFICTX * ctx, char *helohost)
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1161 {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1162 mlfiPriv &priv = *MLFIPRIV;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1163 priv.helo = strdup(helohost);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1164 return SMFIS_CONTINUE;
163
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1165 }
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1166
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1167 sfsistat mlfi_envfrom(SMFICTX *ctx, char **from)
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1168 {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1169 mlfiPriv &priv = *MLFIPRIV;
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1170 CONFIG &dc = *priv.pc;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1171 priv.mailaddr = to_lower_string(from[0]);
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1172 priv.queueid = strdup(smfi_getsymval(ctx, (char*)"i"));
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1173 priv.authenticated = smfi_getsymval(ctx, (char*)"{auth_authen}");
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1174 priv.client_name = smfi_getsymval(ctx, (char*)"_");
191
2a67d31099c3 fix null pointer dereference from missing HELO command
carl
parents: 190
diff changeset
1175 if (!priv.helo) priv.helo = strdup("unknown");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1176 if (priv.authenticated) priv.authenticated = strdup(priv.authenticated);
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1177 {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1178 const char *uid = (priv.authenticated) ? priv.authenticated : priv.mailaddr;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1179 if (priv.authenticated || dc.default_context->is_unauthenticated_limited(priv.mailaddr)) {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1180 int hourly, daily;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1181 add_auth_address(uid, hourly, daily, priv.ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1182 int h_limit = dc.default_context->find_address_limit(uid);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1183 int d_limit = dc.default_context->get_daily_address_multiple() * h_limit;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1184 if (debug_syslog > 1) {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1185 char msg[maxlen];
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1186 snprintf(msg, sizeof(msg), "connect for %s (%d %d addresses, %d %d limits)", uid, hourly, daily, h_limit, d_limit);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1187 my_syslog(&priv, msg);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1188 }
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1189 if ((hourly > h_limit) || (daily > d_limit)){
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1190 //smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"unique connection address limit exceeded");
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1191 //return SMFIS_REJECT;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1192 }
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1193 }
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1194 }
257
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
1195 if (priv.client_name) {
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
1196 priv.client_name = strdup(priv.client_name);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
1197 const char *p = strstr(priv.client_name, " [");
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
1198 if (p) {
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
1199 uint pp = p - priv.client_name;
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
1200 priv.client_dns_name = strdup(priv.client_name);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
1201 priv.client_dns_name[pp] = '\0';
259
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 257
diff changeset
1202 //char text[500];
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 257
diff changeset
1203 //snprintf(text, sizeof(text), "found simple dns client name %s", priv.client_dns_name);
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 257
diff changeset
1204 //my_syslog(text);
257
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
1205 }
268
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1206 p = strstr(priv.client_name, "] (may be forged)");
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1207 if (p) {
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1208 priv.client_dns_forged = true;
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1209 if (priv.client_dns_name) {
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1210 char text[500];
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1211 snprintf(text, sizeof(text), "forged dns client name %s", priv.client_dns_name);
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1212 my_syslog(text);
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1213 }
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1214 }
257
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
1215 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1216 if (spamc != spamc_empty) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1217 priv.assassin = new SpamAssassin(&priv, priv.ip, priv.helo, priv.mailaddr, priv.queueid);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1218 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1219 if (dccifd_port) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1220 priv.dccifd = new DccInterface(dccifd_port, &priv, priv.ip, priv.helo, priv.mailaddr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1221 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1222 return SMFIS_CONTINUE;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1223 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1224
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1225 sfsistat mlfi_envrcpt(SMFICTX *ctx, char **rcpt)
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1226 {
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1227 DNSBLP rejectlist = NULL; // list that caused the reject
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1228 mlfiPriv &priv = *MLFIPRIV;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1229 CONFIG &dc = *priv.pc;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1230 const char *rcptaddr = rcpt[0];
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1231 const char *loto = to_lower_string(rcptaddr);
216
784030ac71f1 Never whitelist self addressed mail. Changes for Fedora 10 and const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
1232 bool self = (strcmp(loto, priv.mailaddr) == 0);
174
da0c41b9f672 don't whitelist addresses with embedded spaces
carl
parents: 173
diff changeset
1233
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1234 // some version of sendmail allowed rcpt to:<> and passed it thru to the milters
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1235 if (strcmp(loto, "<>") == 0) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1236 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"bogus recipient");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1237 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1238 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1239 // priv.mailaddr sending original message to loto
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1240 CONTEXT &con = *(dc.find_context(loto)->find_context(priv.mailaddr));
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1241 VERIFYP ver = con.find_verify(loto);
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 231
diff changeset
1242 const char *fromvalue = con.find_from(priv.mailaddr, true, priv.queueid);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1243 // tell spam assassin and dccifd about this recipient
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1244 if (priv.assassin) priv.assassin->mlfi_envrcpt(ctx, loto);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1245 if (priv.dccifd) priv.dccifd->mlfi_envrcpt(ctx, loto, con.get_grey() && !priv.authenticated);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1246 // loto sending a reply back to priv.mailaddr
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1247 CONTEXT &con2 = *(dc.find_context(priv.mailaddr)->find_context(loto));
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1248 const char *replyvalue = con2.find_from(loto);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1249 if (debug_syslog > 1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1250 char buf[maxlen];
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1251 char buf2[maxlen];
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1252 char msg[maxlen];
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1253 snprintf(msg, sizeof(msg), "from <%s> to <%s> using context %s state %s reply context %s state %s", priv.mailaddr, loto, con.get_full_name(buf,maxlen), fromvalue, con2.get_full_name(buf2,maxlen), replyvalue);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1254 my_syslog(&priv, msg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1255 }
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1256 free((void*)loto);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1257 status st;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1258 if (replyvalue == token_black) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1259 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"recipient can not reply due to blacklisting");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1260 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1261 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1262 if (priv.authenticated) {
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
1263 int hourly, daily;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
1264 incr_rcpt_count(priv.authenticated, hourly, daily);
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1265 int h_limit = dc.default_context->find_rate_limit(priv.authenticated);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1266 int d_limit = dc.default_context->get_daily_rate_multiple() * h_limit;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1267 if (debug_syslog > 1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1268 char msg[maxlen];
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
1269 snprintf(msg, sizeof(msg), "authenticated id %s (%d %d recipients, %d %d limits)", priv.authenticated, hourly, daily, h_limit, d_limit);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1270 my_syslog(&priv, msg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1271 }
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
1272 if ((hourly > h_limit) || (daily > d_limit)){
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1273 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"recipient rate limit exceeded");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1274 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1275 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1276 st = white;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1277 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1278 else if (fromvalue == token_black) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1279 st = black;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1280 }
216
784030ac71f1 Never whitelist self addressed mail. Changes for Fedora 10 and const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
1281 else if ((fromvalue == token_white) && !self) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1282 st = white;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1283 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1284 else {
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1285 // check the dns based lists, whitelist first
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1286 DNSWLP acceptlist = NULL; // list that caused the whitelisting
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1287 if (check_dnswl(priv, con.get_dnswl_list(), acceptlist)) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1288 st = white;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1289 if (debug_syslog > 1) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1290 char msg[maxlen];
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1291 snprintf(msg, sizeof(msg), "whitelisted by %s", acceptlist->name);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1292 my_syslog(&priv, msg);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1293 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1294 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1295 else if (check_dnsbl(priv, con.get_dnsbl_list(), rejectlist)) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1296 st = reject;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1297 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1298 else {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1299 st = oksofar;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 248
diff changeset
1300 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1301 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1302 if (st == reject) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1303 // reject the recipient based on some dnsbl
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1304 char adr[sizeof "255.255.255.255 "];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1305 adr[0] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1306 inet_ntop(AF_INET, (const u_char *)&priv.ip, adr, sizeof(adr));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1307 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1308 snprintf(buf, sizeof(buf), rejectlist->message, adr, adr);
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1309 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1310 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1311 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1312 if (st == oksofar) {
268
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1313 // check forged rdns
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1314 if (con.get_requirerdns() && (!priv.client_dns_name || priv.client_dns_forged)) {
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1315 // reject the recipient based on forged reverse dns
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1316 char buf[maxlen];
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1317 snprintf(buf, sizeof(buf), "%s is not acceptable", priv.client_name);
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1318 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf);
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1319 return SMFIS_REJECT;
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1320 }
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1321 // check generic rdns
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1322 const char *msg = con.generic_match(priv.client_name);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1323 if (msg) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1324 // reject the recipient based on generic reverse dns
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1325 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1326 snprintf(buf, sizeof(buf), msg, priv.client_name);
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1327 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1328 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1329 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1330 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1331 if (st == black) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1332 // reject the recipient based on blacklisting either from or to
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1333 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"no such user");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1334 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1335 }
203
92a5c866bdfa Verify from/to pairs even if they might be explicitly whitelisted.
Carl Byington <carl@five-ten-sg.com>
parents: 194
diff changeset
1336 if (ver) {
92a5c866bdfa Verify from/to pairs even if they might be explicitly whitelisted.
Carl Byington <carl@five-ten-sg.com>
parents: 194
diff changeset
1337 // try to verify this from/to pair of addresses even if it might be explicitly whitelisted
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1338 const char *loto = to_lower_string(rcptaddr);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1339 bool rc = ver->ok(priv.mailaddr, loto);
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1340 free((void*)loto);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1341 if (!rc) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1342 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"no such user");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1343 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1344 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1345 }
263
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1346 if (!priv.authenticated && dc.default_context->is_unauthenticated_limited(priv.mailaddr)) {
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1347 int hourly, daily;
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1348 incr_rcpt_count(priv.mailaddr, hourly, daily);
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1349 int h_limit = dc.default_context->find_rate_limit(priv.mailaddr);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1350 int d_limit = dc.default_context->get_daily_rate_multiple() * h_limit;
263
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1351 if (debug_syslog > 1) {
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1352 char msg[maxlen];
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1353 snprintf(msg, sizeof(msg), "unauthenticated address %s (%d %d recipients, %d %d limits)", priv.mailaddr, hourly, daily, h_limit, d_limit);
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1354 my_syslog(&priv, msg);
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1355 }
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1356 if ((hourly > h_limit) || (daily > d_limit)){
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1357 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"recipient rate limit exceeded");
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1358 return SMFIS_REJECT;
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1359 }
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering
Carl Byington <carl@five-ten-sg.com>
parents: 259
diff changeset
1360 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1361 // we will accept the recipient, but add an auto-whitelist entry
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1362 // if needed to ensure we can accept replies
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1363 loto = to_lower_string(rcptaddr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1364 WHITELISTERP w = con2.find_autowhite(loto, priv.mailaddr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1365 // check if local part is too big
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1366 const int max_local_size = 30;
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1367 const char *p = strchr(loto, '@');
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1368 int len = (p) ? p-loto : max_local_size;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1369 if (len >= max_local_size) w = NULL; // too big, pretend we don't have a whitelister
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1370 // record it if we have a whitelister
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1371 if (w) {
231
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1372 DELAYWHITEP dwp = new DELAYWHITE(loto, w, &con2); // dwp takes ownership of the string
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1373 priv.delayer.push_back(dwp);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1374 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1375 else {
231
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1376 free((void*)loto); // or we free it here
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1377 }
179
8b86a894514d embedded dcc filtering
carl
parents: 178
diff changeset
1378
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1379 // accept the recipient
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1380 if (!con.get_content_filtering()) st = white;
179
8b86a894514d embedded dcc filtering
carl
parents: 178
diff changeset
1381
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1382 if (st == oksofar) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1383 // remember first content filtering context
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1384 if (con.get_content_filtering()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1385 if (!priv.content_context) priv.content_context = &con;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1386 else if (con.get_require() && (priv.content_context != &con)) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1387 smfi_setreply(ctx, (char*)"452", (char*)"4.2.1", (char*)"incompatible filtering contexts");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1388 return SMFIS_TEMPFAIL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1389 }
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1390 priv.need_content_filter(rcptaddr, con);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1391 char bu[maxlen];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1392 bool uri = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1393 // content filtering implies also checking helo name on uribl (if enabled)
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1394 if (priv.helo_uribl) {
238
7b818a4e21a4 produce correct uribl message
Carl Byington <carl@five-ten-sg.com>
parents: 236
diff changeset
1395 snprintf(bu, sizeof(bu), "(helo %s)", priv.host_uribl);
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1396 uri = true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1397 }
268
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1398 // content filtering implies also checking client reverse dns name on uribl (if enabled)
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1399 if (priv.client_uribl) {
238
7b818a4e21a4 produce correct uribl message
Carl Byington <carl@five-ten-sg.com>
parents: 236
diff changeset
1400 snprintf(bu, sizeof(bu), "(rdns %s)", priv.host_uribl);
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1401 uri = true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1402 }
268
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1403 // content filtering implies also checking mail from domain name on uribl (if enabled)
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1404 if (priv.from_uribl) {
238
7b818a4e21a4 produce correct uribl message
Carl Byington <carl@five-ten-sg.com>
parents: 236
diff changeset
1405 snprintf(bu, sizeof(bu), "(from %s)", priv.host_uribl);
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1406 uri = true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1407 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1408 if (uri) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1409 char buf[maxlen];
238
7b818a4e21a4 produce correct uribl message
Carl Byington <carl@five-ten-sg.com>
parents: 236
diff changeset
1410 snprintf(buf, sizeof(buf), priv.uribl_message, bu, priv.host_uribl);
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1411 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1412 return SMFIS_REJECT;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1413 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1414 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1415 // remember the non-whites
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 235
diff changeset
1416 register_string(priv.env_to, rcptaddr, &con);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1417 priv.only_whites = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1418 priv.want_spamassassin |= (priv.assassin) && // have spam assassin available and
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1419 (con.get_spamassassin_limit() != 0); // want to use it with a non-zero score
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1420 priv.want_dccgrey |= (priv.dccifd) && // have dcc interface and
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1421 (con.get_grey()); // want to use it for greylisting
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1422 priv.want_dccbulk |= (priv.dccifd) && // have dcc interface and
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1423 (con.get_bulk() != 0); // want to use it for bulk detection
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1424 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1425 if (st == white) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1426 priv.have_whites = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1427 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1428 return SMFIS_CONTINUE;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1429 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1430
163
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1431 sfsistat mlfi_header(SMFICTX* ctx, char* headerf, char* headerv)
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1432 {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1433 mlfiPriv &priv = *MLFIPRIV;
231
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1434 // headers that avoid autowhitelisting
230
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
1435 if (((strcasecmp(headerf, "precedence") == 0) && (strcasecmp(headerv, "bulk") == 0)) ||
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
1436 ((strcasecmp(headerf, "content-type") == 0) && (strncasecmp(headerv, "multipart/report", 16) == 0))) {
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
1437 priv.allow_autowhitelisting = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
1438 }
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
1439
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1440 // other headers are only needed for content filtering
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1441 if (priv.authenticated) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1442 if (priv.only_whites) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1443 if (priv.want_spamassassin) priv.assassin->mlfi_header(headerf, headerv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1444 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_header(ctx, headerf, headerv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1445 return SMFIS_CONTINUE;
163
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1446 }
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1447
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1448 sfsistat mlfi_eoh(SMFICTX* ctx)
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1449 {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1450 mlfiPriv &priv = *MLFIPRIV;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1451 // delayed autowhitelisting
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1452 while (!priv.delayer.empty()) {
231
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1453 DELAYWHITEP dwp = priv.delayer.front();
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1454 const char *loto = dwp->get_loto();
230
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 227
diff changeset
1455 if (priv.allow_autowhitelisting) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1456 WHITELISTERP w = dwp->get_w();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1457 CONTEXTP con2 = dwp->get_con();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1458 if (debug_syslog > 1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1459 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1460 char msg[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1461 snprintf(msg, sizeof(msg), "whitelist reply from <%s> in context %s", loto, con2->get_full_name(buf,maxlen));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1462 my_syslog(&priv, msg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1463 }
231
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1464 w->sent(loto); // don't free it, the whitelister takes ownership of the string
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1465 }
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1466 else {
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1467 if (debug_syslog > 1) {
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1468 char msg[maxlen];
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1469 snprintf(msg, sizeof(msg), "avoid whitelist reply from <%s> for outgoing auto-responder", loto);
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1470 my_syslog(&priv, msg);
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1471 }
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting.
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
1472 if (loto) free((void*)loto);// or we free it here
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1473 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1474 delete dwp;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1475 priv.delayer.pop_front();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1476 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1477 // content filtering
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1478 if (priv.authenticated) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1479 if (priv.only_whites) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1480 if (priv.want_spamassassin) priv.assassin->mlfi_eoh();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1481 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_eoh();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1482 return SMFIS_CONTINUE;
163
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1483 }
97d7da45fe2a spamassassin changes
carl
parents: 162
diff changeset
1484
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1485 sfsistat mlfi_body(SMFICTX *ctx, u_char *data, size_t len)
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1486 {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1487 mlfiPriv &priv = *MLFIPRIV;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1488 if (priv.authenticated) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1489 if (priv.only_whites) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1490 if (priv.want_spamassassin) priv.assassin->mlfi_body(data, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1491 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_body(data, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1492 priv.scanner->scan(data, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1493 return SMFIS_CONTINUE;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1494 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1495
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1496 sfsistat mlfi_eom(SMFICTX *ctx)
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1497 {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1498 sfsistat rc;
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1499 mlfiPriv &priv = *MLFIPRIV;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1500 const char *host = NULL;
242
d8ee4c97b9ab 64 bit fixes for libresolv.a
Carl Byington <carl@five-ten-sg.com>
parents: 238
diff changeset
1501 int32_t ip;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1502 // process end of message
190
004b855c6c1f fix null pointer dereference from missing HELO command
carl
parents: 188
diff changeset
1503 priv.eom = true;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1504 if (priv.authenticated || priv.only_whites) rc = SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1505 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1506 // assert env_to not empty, it contains the
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1507 // non-whitelisted folks that want content filtering
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1508 int score = (priv.want_spamassassin) ? priv.assassin->mlfi_eom() : 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1509 bool grey = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1510 int bulk = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1511 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_eom(grey, bulk);
178
d6531c702be3 embedded dcc filtering
carl
parents: 177
diff changeset
1512
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1513 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1514 string msg;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1515 string_set alive;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1516 bool random = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1517 int limit = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1518 for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1519 const char *rcpt = (*i).first;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1520 CONTEXT &con = *((*i).second);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1521 if (!con.acceptable_content(*priv.memory, score, bulk, msg)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1522 // bad html tags or excessive hosts or
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1523 // high spam assassin score or dcc bulk threshold exceedeed
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1524 smfi_delrcpt(ctx, (char*)rcpt);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1525 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1526 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1527 alive.insert(rcpt);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1528 random |= con.get_host_random();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1529 limit = max(limit, con.get_host_limit());
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1530 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1531 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1532 bool rejecting = alive.empty(); // if alive is empty, we must have set msg above in acceptable_content()
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1533 if (!rejecting) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1534 const char *fmt;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1535 const char *found;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1536 if (check_hosts(priv, random, limit, fmt, host, ip, found)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1537 if (found) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1538 // uribl style
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset
1539 snprintf(buf, sizeof(buf), fmt, host, found);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 191
diff changeset