dnsbl: src/dnsbl.cpp annotate

annotate src/dnsbl.cpp @ 278:368572c57013

add limits on unique ip addresses per hour per authenticated user

author	Carl Byington <carl@five-ten-sg.com>
date	Tue, 17 Dec 2013 15:35:23 -0800
parents	a99b6c1f5f67
children	2b77295fb9a7

rev	line source
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1 /*
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	2
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	3 Copyright (c) 2013 Carl Byington - 510 Software Group, released under
152 c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	4 the GPL version 3 or any later version at your choice available at
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	5 http://www.gnu.org/licenses/gpl-3.0.txt
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	6
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	7 Based on a sample milter Copyright (c) 2000-2003 Sendmail, Inc. and its
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	8 suppliers. Inspired by the DCC by Rhyolite Software
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	9
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	10 -b port The port used to talk to the dcc interface daemon
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	11 -r port The port used to talk to our internal dns resolver processes
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	12 -p port The port through which the MTA will connect to this milter.
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	13 -t sec The timeout value.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	14 -c Check the config, and print a copy to stdout. Don't start the
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	15 milter or do anything with the socket.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	16 -s Stress test by loading and deleting the current config in a loop.
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	17 -d level set the debug level
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	18 -e f\|t Print the results of looking up from address f and to address
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	19 t in the current config
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	20
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	21 */
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	22
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	23
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	24 // from sendmail sample
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	25 #include <sys/types.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	26 #include <sys/stat.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	27 #include <errno.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	28 #include <sysexits.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	29 #include <unistd.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	30
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	31 // needed for socket io
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	32 #include <sys/ioctl.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	33 #include <net/if.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	34 #include <arpa/inet.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	35 #include <netinet/in.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	36 #include <netinet/tcp.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	37 #include <netdb.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	38 #include <sys/socket.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	39 #include <sys/un.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	40
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	41 // needed for thread
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	42 #include <pthread.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	43
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	44 // needed for std c++ collections
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	45 #include <set>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	46 #include <map>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	47 #include <list>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	48
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	49 // for the dns resolver
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	50 #include <netinet/in.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	51 #include <arpa/nameser.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	52 #include <resolv.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	53
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	54 // misc stuff needed here
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	55 #include <ctype.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	56 #include <syslog.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	57 #include <pwd.h>
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	58 #include <sys/wait.h> /* header for waitpid() and various macros */
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	59 #include <signal.h> /* header for signal functions */
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	60
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	61 #include "includes.h"
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	62
211 4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context. Carl Byington <carl@five-ten-sg.com> parents: 203 diff changeset	63 #ifndef HAVE_DAEMON
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context. Carl Byington <carl@five-ten-sg.com> parents: 203 diff changeset	64 #include "daemon.h"
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context. Carl Byington <carl@five-ten-sg.com> parents: 203 diff changeset	65 #include "daemon.c"
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context. Carl Byington <carl@five-ten-sg.com> parents: 203 diff changeset	66 #endif
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	67
227 3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	68 #ifndef HAVE_MEMRCHR
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	69 void memrchr(const void a, int c, size_t len);
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	70 void memrchr(const void a, int c, size_t len) {
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	71 const unsigned char p = (const unsigned char )a;
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	72 for (p += len-1; (const void *)p >= a; p--)
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	73 if (*p == c)
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	74 return (void *)p;
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	75 return (void *)0;
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	76 }
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	77 #endif
3fee608becbc Fixes to compile on old systems without memrchr or string::clear(). Carl Byington <carl@five-ten-sg.com> parents: 225 diff changeset	78
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	79 extern "C" {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	80 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	81 sfsistat mlfi_helo(SMFICTX * ctx, char *helohost);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	82 sfsistat mlfi_envfrom(SMFICTX ctx, char *argv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	83 sfsistat mlfi_envrcpt(SMFICTX ctx, char *argv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	84 sfsistat mlfi_header(SMFICTX* ctx, char* headerf, char* headerv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	85 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	86 sfsistat mlfi_eom(SMFICTX *ctx);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	87 sfsistat mlfi_abort(SMFICTX *ctx);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	88 sfsistat mlfi_close(SMFICTX *ctx);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	89 void sig_chld(int signo);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	90 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	91
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	92 int debug_syslog = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	93 bool syslog_opened = false;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	94 bool use_syslog = true; // false to printf
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	95 bool loader_run = true; // used to stop the config loader thread
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	96 CONFIG *config = NULL; // protected by the config_mutex
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	97 int generation = 0; // protected by the config_mutex
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	98 const int maxlen = 1000; // used for snprintf buffers
235 e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	99 regex_t srs_pattern; // used to detect srs coding in mail addresses
246 8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	100 regex_t prvs_pattern; // used to detect prvs coding in mail addresses
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	101
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	102 pthread_mutex_t config_mutex;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	103 pthread_mutex_t syslog_mutex;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	104 pthread_mutex_t resolve_mutex;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	105 pthread_mutex_t fd_pool_mutex;
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	106 pthread_mutex_t rate_mutex;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	107
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	108 std::set<int> fd_pool;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	109 int NULL_SOCKET = -1;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	110 const time_t ERROR_SOCKET_TIME = 60; // number of seconds between attempts to open a socket to the dns resolver process
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	111 const char *resolver_port = NULL; // unix domain socket to talk to the dns resolver process
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	112 int resolver_socket = NULL_SOCKET; // socket used to listen for resolver requests
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	113 const char *dccifd_port = NULL; // unix domain socket to talk to the dcc interface daemon
248 b0738685bf51 latest tld list; fix uninitialized variable Carl Byington <carl@five-ten-sg.com> parents: 246 diff changeset	114 time_t last_error_time = 0;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	115 int resolver_sock_count = 0; // protected with fd_pool_mutex
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	116 int resolver_pool_size = 0; // protected with fd_pool_mutex
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	117 rates rcpt_hourly_counts; // protected with rate_mutex
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	118 rates rcpt_daily_counts; // protected with rate_mutex
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	119 auth_addresses auth_hourly_addresses; // protected with rate_mutex
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	120 auth_addresses auth_daily_addresses; // protected with rate_mutex
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	121
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	122
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	123 struct ns_map {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	124 // all the strings are owned by the keys/values in the ns_host string map
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	125 string_map ns_host; // nameserver name -> host name that uses this name server
242 d8ee4c97b9ab 64 bit fixes for libresolv.a Carl Byington <carl@five-ten-sg.com> parents: 238 diff changeset	126 ns_mapper ns_ip; // nameserver name -> ipv4 address of the name server
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	127 ~ns_map();
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	128 void add(const char name, const char refer);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	129 };
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	130
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	131
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	132 ns_map::~ns_map() {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	133 for (string_map::iterator i=ns_host.begin(); i!=ns_host.end(); i++) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	134 const char x = (i).first;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	135 const char y = (i).second;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	136 free((void*)x);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	137 free((void*)y);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	138 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	139 ns_ip.clear();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	140 ns_host.clear();
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	141 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	142
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	143
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	144 void ns_map::add(const char name, const char refer) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	145 string_map::iterator i = ns_host.find(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	146 if (i != ns_host.end()) return;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	147 char *x = strdup(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	148 char *y = strdup(refer);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	149 ns_ip[x] = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	150 ns_host[x] = y;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	151
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	152 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	153
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	154 // packed structure to allow a single socket write to dump the
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	155 // length and the following answer. The packing attribute is gcc specific.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	156 struct glommer {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	157 size_t length;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	158 #ifdef NS_PACKETSZ
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	159 u_char answer[NS_PACKETSZ*4]; // with a resolver, we return resolver answers
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	160 #else
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	161 uint32_t answer; // without a resolver, we return a single ipv4 address in network byte order, 0 == no answer
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	162 #endif
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	163 } __attribute__ ((packed));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	164
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	165
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	166 ////////////////////////////////////////////////
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	167 // helper to manipulate recipient counts
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	168 //
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	169 void incr_rcpt_count(const char *user, int &hourly, int &daily);
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	170 void incr_rcpt_count(const char *user, int &hourly, int &daily) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	171 pthread_mutex_lock(&rate_mutex);
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	172 rates::iterator i = rcpt_hourly_counts.find(user);
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	173 hourly = 1;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	174 if (i == rcpt_hourly_counts.end()) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	175 user = strdup(user);
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	176 rcpt_hourly_counts[user] = hourly;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	177 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	178 else {
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	179 hourly = ++((*i).second);
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	180 }
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	181
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	182 rates::iterator j = rcpt_daily_counts.find(user);
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	183 daily = 1;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	184 if (j == rcpt_daily_counts.end()) {
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	185 user = strdup(user);
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	186 rcpt_daily_counts[user] = daily;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	187 }
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	188 else {
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	189 daily = ++((*j).second);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	190 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	191 pthread_mutex_unlock(&rate_mutex);
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	192 }
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	193
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	194
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	195 void add_auth_address(const char *user, int &hourly, int &daily, int32_t ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	196 void add_auth_address(const char *user, int &hourly, int &daily, int32_t ip) {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	197 pthread_mutex_lock(&rate_mutex);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	198 auth_addresses::iterator ii = auth_hourly_addresses.find(user);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	199 if (ii == auth_hourly_addresses.end()) {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	200 auth_hourly_addresses[user] = new int32_t_set;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	201 auth_hourly_addresses[user]->insert(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	202 hourly = 1;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	203 }
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	204 else {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	205 int32_t_set::iterator i = ((*ii).second)->find(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	206 if (i == ((ii).second)->end()) ((ii).second)->insert(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	207 hourly = ((*ii).second)->size();
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	208 }
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	209
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	210 auth_addresses::iterator jj = auth_daily_addresses.find(user);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	211 if (jj == auth_daily_addresses.end()) {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	212 auth_daily_addresses[user] = new int32_t_set;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	213 auth_daily_addresses[user]->insert(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	214 daily = 1;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	215 }
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	216 else {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	217 int32_t_set::iterator i = ((*jj).second)->find(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	218 if (i == ((jj).second)->end()) ((jj).second)->insert(ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	219 daily = ((*jj).second)->size();
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	220 }
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	221 pthread_mutex_unlock(&rate_mutex);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	222 }
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	223
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	224 ////////////////////////////////////////////////
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	225 // helper to discard the strings held by a context_map
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	226 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	227 void discard(context_map &cm);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	228 void discard(context_map &cm) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	229 for (context_map::iterator i=cm.begin(); i!=cm.end(); i++) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	230 const char x = (i).first;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	231 free((void*)x);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	232 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	233 cm.clear();
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	234 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	235
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	236
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	237 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	238 // helper to register a string in a context_map
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	239 //
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	240 void register_string(context_map &cm, const char name, CONTEXT con);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	241 void register_string(context_map &cm, const char name, CONTEXT con) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	242 context_map::iterator i = cm.find(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	243 if (i != cm.end()) return;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	244 char *x = strdup(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	245 cm[x] = con;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	246 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	247
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	248
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	249 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	250 // disconnect the fd from the dns resolver process
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	251 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	252 void my_disconnect(int sock, bool decrement = true);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	253 void my_disconnect(int sock, bool decrement) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	254 if (sock != NULL_SOCKET) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	255 if (decrement) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	256 pthread_mutex_lock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	257 resolver_sock_count--;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	258 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	259 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	260 shutdown(sock, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	261 close(sock);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	262 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	263 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	264
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	265
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	266 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	267 // return fd connected to the dns resolver process
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	268 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	269 int my_connect();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	270 int my_connect() {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	271 // if we have had recent errors, don't even try to open the socket
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	272 if ((time(NULL) - last_error_time) < ERROR_SOCKET_TIME) return NULL_SOCKET;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	273
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	274 // nothing recent, maybe this time it will work
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	275 int sock = NULL_SOCKET;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	276 sockaddr_un server;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	277 memset(&server, '\0', sizeof(server));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	278 server.sun_family = AF_UNIX;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	279 strncpy(server.sun_path, resolver_port, sizeof(server.sun_path)-1);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	280 sock = socket(AF_UNIX, SOCK_STREAM, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	281 if (sock != NULL_SOCKET) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	282 bool rc = (connect(sock, (sockaddr *)&server, sizeof(server)) == 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	283 if (!rc) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	284 my_disconnect(sock, false);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	285 sock = NULL_SOCKET;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	286 last_error_time = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	287 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	288 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	289 else last_error_time = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	290 if (sock != NULL_SOCKET) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	291 pthread_mutex_lock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	292 resolver_sock_count++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	293 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	294 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	295 return sock;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	296 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	297
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	298
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	299 ////////////////////////////////////////////////
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	300 // ask a dns question and get an A record answer in network byte order
836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	301 // we don't try very hard, just using the default resolver retry settings.
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	302 // If we cannot get an answer, we just accept the mail.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	303 //
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	304 //
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	305 uint32_t dns_interface(mlfiPriv &priv, const char question, bool maybe_ip, ns_map nameservers);
836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	306 uint32_t dns_interface(mlfiPriv &priv, const char question, bool maybe_ip, ns_map nameservers) {
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	307 // tell sendmail we are still working
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	308 #if _FFR_SMFI_PROGRESS
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	309 if (priv.eom) smfi_progress(priv.ctx);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	310 #endif
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	311
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	312 // this part can be done without locking the resolver mutex. Each
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	313 // milter thread is talking over its own socket to a separate resolver
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	314 // process, which does the actual dns resolution.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	315 if (priv.err) return 0; // cannot ask more questions on this socket.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	316 if (maybe_ip) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	317 // might be a bare ip address, try this first to avoid dns lookups that may not be needed
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	318 in_addr ip;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	319 if (inet_aton(question, &ip)) {
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	320 return ip.s_addr;
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	321 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	322 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	323 int n = strlen(question);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	324 if (question[n-1] == '.') {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	325 priv.my_write(question, n+1); // write the question including the null terminator
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	326 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	327 else {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	328 priv.my_write(question, n); // write the question
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	329 priv.my_write(".", 2); // and the fully qualified . terminator and null string terminator
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	330 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	331 glommer glom;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	332 char buf = (char )&glom;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	333 priv.my_read(buf, sizeof(glom.length));
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	334 buf += sizeof(glom.length);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	335 #ifdef RESOLVER_DEBUG
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	336 char text[1000];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	337 snprintf(text, sizeof(text), "dns_interface() wrote question %s and has answer length %d", question, glom.length);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	338 my_syslog(text);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	339 #endif
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	340 if (glom.length == 0) return 0;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	341 if (glom.length > sizeof(glom.answer)) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	342 priv.err = true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	343 return 0; // cannot process overlarge answers
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	344 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	345 priv.my_read(buf, glom.length);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	346
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	347 #ifdef NS_PACKETSZ
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	348 // now we need to lock the resolver mutex to keep the milter threads from
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	349 // stepping on each other while parsing the dns answer.
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	350 uint32_t ret_address = 0;
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	351 pthread_mutex_lock(&resolve_mutex);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	352 // parse the answer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	353 ns_msg handle;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	354 ns_rr rr;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	355 if (ns_initparse(glom.answer, glom.length, &handle) == 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	356 // look for ns names
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	357 if (nameservers) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	358 ns_map &ns = *nameservers;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	359 int rrnum = 0;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	360 while (ns_parserr(&handle, ns_s_ns, rrnum++, &rr) == 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	361 if (ns_rr_type(rr) == ns_t_ns) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	362 char nam[NS_MAXDNAME+1];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	363 char *n = nam;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	364 const u_char *p = ns_rr_rdata(rr);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	365 while (((n-nam) < NS_MAXDNAME) && ((size_t)(p-glom.answer) < glom.length) && *p) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	366 size_t s = *(p++);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	367 if (s > 191) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	368 // compression pointer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	369 s = (s-192)256 + (p++);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	370 if (s >= glom.length) break; // pointer outside bounds of answer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	371 p = glom.answer + s;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	372 s = *(p++);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	373 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	374 if (s > 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	375 if ((size_t)(n-nam) >= (NS_MAXDNAME-s)) break; // destination would overflow name buffer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	376 if ((size_t)(p-glom.answer) >= (glom.length-s)) break; // source outside bounds of answer
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	377 memcpy(n, p, s);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	378 n += s;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	379 p += s;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	380 *(n++) = '.';
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	381 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	382 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	383 if (n-nam) n--; // remove trailing .
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	384 *n = '\0'; // null terminate it
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	385 ns.add(nam, question); // ns host to lookup later
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	386 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	387 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	388 rrnum = 0;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	389 while (ns_parserr(&handle, ns_s_ar, rrnum++, &rr) == 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	390 if (ns_rr_type(rr) == ns_t_a) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	391 char* nam = (char*)ns_rr_name(rr);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	392 ns_mapper::iterator i = ns.ns_ip.find(nam);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	393 if (i != ns.ns_ip.end()) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	394 // we want this ip address
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	395 uint32_t address;
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	396 memcpy(&address, ns_rr_rdata(rr), sizeof(address));
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	397 ns.ns_ip[nam] = address;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	398 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	399 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	400 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	401 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	402 int rrnum = 0;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	403 while (ns_parserr(&handle, ns_s_an, rrnum++, &rr) == 0) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	404 if (ns_rr_type(rr) == ns_t_a) {
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	405 uint32_t address;
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	406 memcpy(&address, ns_rr_rdata(rr), sizeof(address));
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	407 ret_address = address;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	408 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	409 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	410 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	411 pthread_mutex_unlock(&resolve_mutex);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	412 #ifdef RESOLVER_DEBUG
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	413 snprintf(text, sizeof(text), "dns_interface() found ip %d", ret_address);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	414 my_syslog(text);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	415 #endif
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	416 return ret_address;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	417 #else
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	418 return glom.answer;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	419 #endif
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	420 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	421
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	422
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	423 ////////////////////////////////////////////////
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	424 // lookup a hostname on the uribl
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	425 //
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	426 // if we find hostname on the uribl, return true and point found to hostname
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	427 // as a string registered in hosts.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	428 // otherwise, return false and preserve the value of found.
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	429 //
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	430 bool uriblookup(mlfiPriv &priv, string_set &hosts, const char hostname, const char &found) ;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	431 bool uriblookup(mlfiPriv &priv, string_set &hosts, const char hostname, const char &found) {
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	432 char buf[maxlen];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	433 snprintf(buf, sizeof(buf), "%s.%s.", hostname, priv.uribl_suffix);
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	434 uint32_t ip = ntohl(dns_interface(priv, buf, false, NULL));
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	435 if (ip and (ip != 0x7f000000)) {
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	436 if (debug_syslog > 2) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	437 char tmp[maxlen];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	438 snprintf(tmp, sizeof(tmp), "found %s on %s", hostname, priv.uribl_suffix);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	439 my_syslog(tmp);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	440 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	441 found = register_string(hosts, hostname);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	442 return true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	443 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	444 return false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	445 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	446
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	447
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	448 ////////////////////////////////////////////////
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	449 // uribl checker
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	450 // -------------
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	451 // hostname MUST not have a trailing dot. Find the tld part of
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	452 // the hostname, and add one more level. If that is listed on
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	453 // the uribl, return true and point found to the part of the
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	454 // hostname that we found as a string registered in hosts.
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	455 // Otherwise, return false and preserve the value of found.
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	456 //
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	457 bool check_uribl(mlfiPriv &priv, string_set &hosts, const char hostname, const char &found) ;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	458 bool check_uribl(mlfiPriv &priv, string_set &hosts, const char hostname, const char &found) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	459 in_addr ip;
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	460 if (inet_aton(hostname, &ip)) return false; // don't check ip addresses in uribls
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	461 const char* components[maxlen];
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	462 int n = 0; // number of components in the hostname
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	463 while (n < maxlen) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	464 components[n++] = hostname;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	465 const char *c = strchr(hostname, '.');
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	466 if (!c) break;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	467 hostname = c+1;
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	468 }
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	469 string_set *tlds = priv.memory->get_tlds();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	470 string_set *tldwilds = priv.memory->get_tldwilds();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	471 string_set *tldnots = priv.memory->get_tldnots();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	472 string_set::iterator xtlds = tlds->end();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	473 string_set::iterator xtldwilds = tldwilds->end();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	474 string_set::iterator xtldnots = tldnots->end();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	475 for (int i=max(0,n-4); i<n; i++) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	476 const char* name = components[i];
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	477 bool rc = false;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	478 string_set::iterator tt = tldnots->find(name);
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	479 if (tt != xtldnots) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	480 rc = true;
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	481 }
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	482 else {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	483 tt = tldwilds->find(name);
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	484 if (tt != xtldwilds) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	485 if (i > 1) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	486 rc = true;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	487 name = components[i-2];
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	488 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	489 else return false;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	490 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	491 else {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	492 tt = tlds->find(name);
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	493 if (tt != xtlds) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	494 if (i > 0) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	495 rc = true;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	496 name = components[i-1];
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	497 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	498 else return false;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	499 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	500 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	501 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	502 if (rc) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	503 return uriblookup(priv, hosts, name, found);
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	504 }
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	505 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	506 return false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	507 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	508
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	509
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	510 mlfiPriv::mlfiPriv() {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	511 pthread_mutex_lock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	512 pc = config;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	513 pc->reference_count++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	514 pthread_mutex_unlock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	515 get_fd();
230 ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	516 ctx = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	517 eom = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	518 ip = 0;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	519 helo = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	520 mailaddr = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	521 queueid = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	522 authenticated = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	523 client_name = NULL;
257 d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	524 client_dns_name = NULL;
268 f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	525 client_dns_forged = false;
238 7b818a4e21a4 produce correct uribl message Carl Byington <carl@five-ten-sg.com> parents: 236 diff changeset	526 host_uribl = NULL;
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	527 helo_uribl = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	528 client_uribl = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	529 from_uribl = false;
230 ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	530 have_whites = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	531 only_whites = true;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	532 want_spamassassin = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	533 want_dccgrey = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	534 want_dccbulk = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	535 allow_autowhitelisting = true;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	536 content_context = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	537 memory = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	538 scanner = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	539 content_suffix = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	540 content_message = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	541 uribl_suffix = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	542 uribl_message = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	543 content_host_ignore = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	544 assassin = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	545 dccifd = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	546 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	547
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	548 mlfiPriv::~mlfiPriv() {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	549 return_fd();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	550 pthread_mutex_lock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	551 pc->reference_count--;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	552 bool last = (!pc->reference_count) && (pc != config);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	553 pthread_mutex_unlock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	554 if (last) delete pc; // free this config, since we were the last reference to it
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	555 if (helo) free((void*)helo);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	556 reset(true);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	557 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	558
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	559 void mlfiPriv::reset(bool final) {
194 688ec12a3c0c delay autowhitelisting to avoid out of office reply bots carl parents: 193 diff changeset	560 while (!delayer.empty()) {
231 4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	561 DELAYWHITEP dwp = delayer.front();
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	562 const char *loto = dwp->get_loto();
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	563 if (loto) free((void*)loto);
193 3ea79ef741a0 delay autowhitelisting to avoid out of office reply bots carl parents: 192 diff changeset	564 delete dwp;
3ea79ef741a0 delay autowhitelisting to avoid out of office reply bots carl parents: 192 diff changeset	565 delayer.pop_front();
3ea79ef741a0 delay autowhitelisting to avoid out of office reply bots carl parents: 192 diff changeset	566 }
257 d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	567 if (mailaddr) free((void*)mailaddr);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	568 if (queueid) free((void*)queueid);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	569 if (authenticated) free((void*)authenticated);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	570 if (client_name) free((void*)client_name);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	571 if (client_dns_name) free((void*)client_dns_name);
238 7b818a4e21a4 produce correct uribl message Carl Byington <carl@five-ten-sg.com> parents: 236 diff changeset	572 discard(hosts_uribl);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	573 delayer.clear();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	574 discard(env_to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	575 if (memory) delete memory;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	576 if (scanner) delete scanner;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	577 if (assassin) delete assassin;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	578 if (dccifd) delete dccifd;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	579 if (!final) {
230 ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	580 ctx = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	581 eom = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	582 mailaddr = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	583 queueid = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	584 authenticated = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	585 client_name = NULL;
257 d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	586 client_dns_name = NULL;
238 7b818a4e21a4 produce correct uribl message Carl Byington <carl@five-ten-sg.com> parents: 236 diff changeset	587 host_uribl = NULL;
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	588 helo_uribl = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	589 client_uribl = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	590 from_uribl = false;
230 ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	591 have_whites = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	592 only_whites = true;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	593 want_spamassassin = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	594 want_dccgrey = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	595 want_dccbulk = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	596 allow_autowhitelisting = true;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	597 content_context = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	598 memory = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	599 scanner = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	600 content_suffix = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	601 content_message = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	602 uribl_suffix = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	603 uribl_message = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	604 content_host_ignore = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	605 assassin = NULL;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	606 dccifd = NULL;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	607 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	608 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	609
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	610 void mlfiPriv::get_fd() {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	611 err = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	612 fd = NULL_SOCKET;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	613 int result = pthread_mutex_lock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	614 if (!result) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	615 std::set<int>::iterator i;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	616 i = fd_pool.begin();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	617 if (i != fd_pool.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	618 // have at least one fd in the pool
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	619 err = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	620 fd = *i;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	621 fd_pool.erase(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	622 resolver_pool_size--;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	623 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	624 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	625 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	626 // pool is empty, get a new fd
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	627 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	628 fd = my_connect();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	629 err = (fd == NULL_SOCKET);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	630 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	631 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	632 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	633 // cannot lock the pool, just get a new fd
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	634 fd = my_connect();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	635 err = (fd == NULL_SOCKET);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	636 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	637 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	638
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	639 void mlfiPriv::return_fd() {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	640 if (err) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	641 // this fd got a socket error, so close it, rather than returning it to the pool
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	642 my_disconnect(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	643 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	644 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	645 int result = pthread_mutex_lock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	646 if (!result) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	647 if ((resolver_sock_count > resolver_pool_size*5) \|\| (resolver_pool_size < 5)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	648 // return the fd to the pool
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	649 fd_pool.insert(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	650 resolver_pool_size++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	651 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	652 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	653 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	654 // more than 20% of the open resolver sockets are in the pool, and the
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	655 // pool as at least 5 sockets. that is enough, so just close this one.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	656 pthread_mutex_unlock(&fd_pool_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	657 my_disconnect(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	658 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	659 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	660 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	661 // could not lock the pool, so just close the fd
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	662 my_disconnect(fd);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	663 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	664 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	665 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	666
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	667 size_t mlfiPriv::my_write(const char *buf, size_t len) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	668 if (err) return 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	669 size_t rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	670 while (len) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	671 size_t ws = write(fd, buf, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	672 if (ws > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	673 rs += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	674 len -= ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	675 buf += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	676 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	677 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	678 // peer closed the socket!
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	679 rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	680 err = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	681 break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	682 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	683 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	684 return rs;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	685 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	686
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	687 size_t mlfiPriv::my_read(char *buf, size_t len) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	688 if (err) return 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	689 size_t rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	690 while (len) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	691 size_t ws = read(fd, buf, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	692 if (ws > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	693 rs += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	694 len -= ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	695 buf += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	696 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	697 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	698 // peer closed the socket!
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	699 rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	700 err = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	701 break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	702 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	703 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	704 return rs;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	705 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	706
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	707 void mlfiPriv::need_content_filter(const char *rcpt, CONTEXT &con) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	708 if (!memory) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	709 // first recipient that needs content filtering sets
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	710 // some of the content filtering parameters
270 f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists Carl Byington <carl@five-ten-sg.com> parents: 268 diff changeset	711 memory = new recorder(this, con.get_html_tags(), con.get_content_tlds(), con.get_content_tldwilds(), con.get_content_tldnots());
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	712 scanner = new url_scanner(memory);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	713 content_suffix = con.get_content_suffix();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	714 content_message = con.get_content_message();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	715 uribl_suffix = con.get_uribl_suffix();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	716 uribl_message = con.get_uribl_message();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	717 content_host_ignore = &con.get_content_host_ignore();
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	718 // if we are using uribl, test helo and client names here
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	719 if (uribl_suffix) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	720 if (helo) {
238 7b818a4e21a4 produce correct uribl message Carl Byington <carl@five-ten-sg.com> parents: 236 diff changeset	721 helo_uribl = check_uribl(*this, hosts_uribl, helo, host_uribl);
257 d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	722 }
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	723 if (client_dns_name && !helo_uribl) {
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	724 client_uribl = check_uribl(*this, hosts_uribl, client_dns_name, host_uribl);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	725 }
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	726 if (mailaddr && !client_uribl) {
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	727 const char *f = strchr(mailaddr, '@');
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	728 if (f) from_uribl = check_uribl(*this, hosts_uribl, f+1, host_uribl);
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	729 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	730 }
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	731 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	732 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	733
186 2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	734
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	735 mlfiPriv* fetch_priv_from_ctx(SMFICTX *ctx);
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	736 mlfiPriv* fetch_priv_from_ctx(SMFICTX *ctx)
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	737 {
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	738 mlfiPriv priv = (struct mlfiPriv )smfi_getpriv(ctx);
187 f0eda59e8afd fix null pointer dereference from missing HELO command carl parents: 186 diff changeset	739 priv->ctx = ctx;
186 2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	740 return priv;
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	741 }
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	742 #define MLFIPRIV fetch_priv_from_ctx(ctx)
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	743
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	744
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	745
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	746 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	747 // syslog a message
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	748 //
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	749 void my_syslog(mlfiPriv priv, const char text) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	750 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	751 if (priv) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	752 snprintf(buf, sizeof(buf), "%s: %s", priv->queueid, text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	753 text = buf;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	754 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	755 if (use_syslog) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	756 pthread_mutex_lock(&syslog_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	757 if (!syslog_opened) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	758 openlog("dnsbl", LOG_PID, LOG_MAIL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	759 syslog_opened = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	760 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	761 syslog(LOG_NOTICE, "%s", text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	762 pthread_mutex_unlock(&syslog_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	763 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	764 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	765 printf("%s \n", text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	766 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	767 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	768
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	769 void my_syslog(mlfiPriv *priv, const string text) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	770 if (debug_syslog > 3) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	771 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	772 strncpy(buf, text.c_str(), sizeof(buf));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	773 buf[maxlen-1] = '\0'; // ensure null termination
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	774 my_syslog(priv, buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	775 }
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	776 }
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	777
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	778 void my_syslog(const char *text) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	779 my_syslog(NULL, text);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	780 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	781
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	782
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	783 ////////////////////////////////////////////////
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	784 // read a resolver request from the socket, process it, and
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	785 // write the result back to the socket.
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	786
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	787 void process_resolver_requests(int socket);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	788 void process_resolver_requests(int socket) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	789 #ifdef NS_MAXDNAME
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	790 char question[NS_MAXDNAME];
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	791 #else
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	792 char question[1000];
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	793 #endif
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	794 glommer glom;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	795
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	796 int maxq = sizeof(question);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	797 while (true) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	798 // read a question
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	799 int rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	800 while (rs < maxq) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	801 int ns = read(socket, question+rs, maxq-rs);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	802 if (ns > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	803 rs += ns;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	804 if (question[rs-1] == '\0') {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	805 // last byte read was the null terminator, we are done
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	806 break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	807 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	808 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	809 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	810 // peer closed the socket
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	811 #ifdef RESOLVER_DEBUG
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	812 my_syslog("process_resolver_requests() peer closed socket while reading question");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	813 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	814 shutdown(socket, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	815 close(socket);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	816 return;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	817 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	818 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	819 question[rs-1] = '\0'; // ensure null termination
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	820
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	821 // find the answer
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	822 #ifdef NS_PACKETSZ
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	823 #ifdef RESOLVER_DEBUG
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	824 char text[1000];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	825 snprintf(text, sizeof(text), "process_resolver_requests() has a question %s", question);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	826 my_syslog(text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	827 #endif
223 da9e7f1c8160 fix unsigned signed compare, back to mixed -lresolv and libresolv.a with auto requires Carl Byington <carl@five-ten-sg.com> parents: 222 diff changeset	828 int res_result = res_search(question, ns_c_in, ns_t_a, glom.answer, sizeof(glom.answer));
da9e7f1c8160 fix unsigned signed compare, back to mixed -lresolv and libresolv.a with auto requires Carl Byington <carl@five-ten-sg.com> parents: 222 diff changeset	829 if (res_result < 0) glom.length = 0; // represent all errors as zero length answers
da9e7f1c8160 fix unsigned signed compare, back to mixed -lresolv and libresolv.a with auto requires Carl Byington <carl@five-ten-sg.com> parents: 222 diff changeset	830 else glom.length = (size_t)res_result;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	831 #else
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	832 glom.length = sizeof(glom.answer);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	833 glom.answer = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	834 struct hostent *host = gethostbyname(question);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	835 if (host && (host->h_addrtype == AF_INET)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	836 memcpy(&glom.answer, host->h_addr, sizeof(glom.answer));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	837 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	838 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	839
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	840 // write the answer
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	841 char buf = (char )&glom;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	842 int len = glom.length + sizeof(glom.length);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	843 #ifdef RESOLVER_DEBUG
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	844 snprintf(text, sizeof(text), "process_resolver_requests() writing answer length %d for total %d", glom.length, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	845 my_syslog(text);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	846 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	847 int ws = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	848 while (len > ws) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	849 int ns = write(socket, buf+ws, len-ws);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	850 if (ns > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	851 ws += ns;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	852 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	853 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	854 // peer closed the socket!
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	855 #ifdef RESOLVER_DEBUG
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	856 my_syslog("process_resolver_requests() peer closed socket while writing answer");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	857 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	858 shutdown(socket, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	859 close(socket);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	860 return;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	861 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	862 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	863 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	864 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	865
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	866
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	867 ////////////////////////////////////////////////
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	868 // check a single dns list, return ip address in network byte order
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	869 //
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	870 uint32_t check_single(mlfiPriv &priv, int32_t ip, const char *suffix);
836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	871 uint32_t check_single(mlfiPriv &priv, int32_t ip, const char *suffix) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	872 // make a dns question
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	873 const u_char src = (const u_char )&ip;
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	874 if (src[0] == 127) return 0; // don't do dns lookups on localhost
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	875 if (src[0] == 10) return 0; // don't do dns lookups on rfc1918 space
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	876 if ((src[0] == 192) && (src[1] == 168)) return 0;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	877 if ((src[0] == 172) && (16 <= src[1]) && (src[1] <= 31)) return 0;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	878 #ifdef NS_MAXDNAME
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	879 char question[NS_MAXDNAME];
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	880 #else
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	881 char question[1000];
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	882 #endif
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	883 snprintf(question, sizeof(question), "%u.%u.%u.%u.%s.", src[3], src[2], src[1], src[0], suffix);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	884 // ask the question, if we get an A record it implies a blacklisted ip address
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	885 return dns_interface(priv, question, false, NULL);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	886 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	887
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	888
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	889 ////////////////////////////////////////////////
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	890 // check a single dnsbl
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	891 //
242 d8ee4c97b9ab 64 bit fixes for libresolv.a Carl Byington <carl@five-ten-sg.com> parents: 238 diff changeset	892 bool check_single(mlfiPriv &priv, int32_t ip, DNSBL &bl);
d8ee4c97b9ab 64 bit fixes for libresolv.a Carl Byington <carl@five-ten-sg.com> parents: 238 diff changeset	893 bool check_single(mlfiPriv &priv, int32_t ip, DNSBL &bl) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	894 return check_single(priv, ip, bl.suffix);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	895 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	896
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	897
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	898 ////////////////////////////////////////////////
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	899 // check a single dnswl
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	900 //
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	901 bool check_single(mlfiPriv &priv, int32_t ip, DNSWL &wl);
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	902 bool check_single(mlfiPriv &priv, int32_t ip, DNSWL &wl) {
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	903 uint32_t r = ntohl(check_single(priv, ip, wl.suffix));
836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	904 uint32_t v = (uint32_t)0x7f000000;
836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	905 uint32_t m = (uint32_t)0xffff0000;
836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	906 uint32_t m2 = (uint32_t)0x000000ff;
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	907 if ((r & m) == v) {
252 836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	908 uint32_t l = r & m2;
836b7f2357f9 need ntohl() before using masks that are defined in host byte order Carl Byington <carl@five-ten-sg.com> parents: 249 diff changeset	909 if ((int)l >= wl.level) return true;
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	910 }
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	911 return false;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	912 }
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	913
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	914
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	915 ////////////////////////////////////////////////
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	916 // check the dnsbls specified for this recipient
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	917 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	918 bool check_dnsbl(mlfiPriv &priv, dnsblp_list &dnsbll, DNSBLP &rejectlist);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	919 bool check_dnsbl(mlfiPriv &priv, dnsblp_list &dnsbll, DNSBLP &rejectlist) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	920 for (dnsblp_list::iterator i=dnsbll.begin(); i!=dnsbll.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	921 DNSBLP dp = *i; // non null by construction
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	922 bool st;
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	923 map<DNSBLP, bool>::iterator f = priv.checked_black.find(dp);
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	924 if (f == priv.checked_black.end()) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	925 // have not checked this list yet
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	926 st = check_single(priv, priv.ip, *dp);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	927 rejectlist = dp;
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	928 priv.checked_black[dp] = st;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	929 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	930 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	931 st = (*f).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	932 rejectlist = (*f).first;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	933 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	934 if (st) return st;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	935 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	936 return false;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	937 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	938
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	939
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	940 ////////////////////////////////////////////////
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	941 // check the dnswls specified for this recipient
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	942 //
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	943 bool check_dnswl(mlfiPriv &priv, dnswlp_list &dnswll, DNSWLP &acceptlist);
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	944 bool check_dnswl(mlfiPriv &priv, dnswlp_list &dnswll, DNSWLP &acceptlist) {
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	945 for (dnswlp_list::iterator i=dnswll.begin(); i!=dnswll.end(); i++) {
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	946 DNSWLP dp = *i; // non null by construction
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	947 bool st;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	948 map<DNSWLP, bool>::iterator f = priv.checked_white.find(dp);
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	949 if (f == priv.checked_white.end()) {
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	950 // have not checked this list yet
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	951 st = check_single(priv, priv.ip, *dp);
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	952 acceptlist = dp;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	953 priv.checked_white[dp] = st;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	954 }
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	955 else {
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	956 st = (*f).second;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	957 acceptlist = (*f).first;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	958 }
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	959 if (st) return st;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	960 }
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	961 return false;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	962 }
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	963
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	964
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	965 ////////////////////////////////////////////////
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	966 // check the hosts from the body against the content filter and uribl dnsbls
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	967 //
124 ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	968 //
242 d8ee4c97b9ab 64 bit fixes for libresolv.a Carl Byington <carl@five-ten-sg.com> parents: 238 diff changeset	969 bool check_hosts(mlfiPriv &priv, bool random, int limit, const char &msg, const char &host, int32_t &ip, const char *&found);
d8ee4c97b9ab 64 bit fixes for libresolv.a Carl Byington <carl@five-ten-sg.com> parents: 238 diff changeset	970 bool check_hosts(mlfiPriv &priv, bool random, int limit, const char &msg, const char &host, int32_t &ip, const char *&found) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	971 found = NULL; // normally ip address style
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	972 if (!priv.content_suffix && !priv.uribl_suffix) return false; // nothing to check
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	973 string_set &hosts = priv.memory->get_hosts();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	974 string_set &ignore = *priv.content_host_ignore;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	975
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	976 int count = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	977 int cnt = hosts.size(); // number of hosts we could look at
242 d8ee4c97b9ab 64 bit fixes for libresolv.a Carl Byington <carl@five-ten-sg.com> parents: 238 diff changeset	978 int32_t_set ips;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	979 ns_map nameservers;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	980 for (string_set::iterator i=hosts.begin(); i!=hosts.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	981 host = *i; // a reference into hosts, which will live until this smtp transaction is closed
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	982
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	983 // don't bother looking up hosts on the ignore list
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	984 string_set::iterator j = ignore.find(host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	985 if (j != ignore.end()) continue;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	986
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	987 // try to only look at limit/cnt fraction of the available cnt host names in random mode
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	988 if ((cnt > limit) && (limit > 0) && random) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	989 int r = rand() % cnt;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	990 if (r >= limit) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	991 if (debug_syslog > 2) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	992 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	993 snprintf(buf, sizeof(buf), "host %s skipped", host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	994 my_syslog(&priv, buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	995 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	996 continue;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	997 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	998 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	999 count++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1000 ip = dns_interface(priv, host, true, &nameservers);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1001 if (debug_syslog > 2) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1002 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1003 if (ip) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1004 char adr[sizeof "255.255.255.255 "];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1005 adr[0] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1006 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1007 snprintf(buf, sizeof(buf), "host %s found at %s", host, adr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1008 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1009 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1010 snprintf(buf, sizeof(buf), "host %s not found", host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1011 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1012 my_syslog(&priv, buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1013 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1014 if (ip) {
242 d8ee4c97b9ab 64 bit fixes for libresolv.a Carl Byington <carl@five-ten-sg.com> parents: 238 diff changeset	1015 int32_t_set::iterator i = ips.find(ip);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1016 if (i == ips.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1017 // we haven't looked this up yet
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1018 ips.insert(ip);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1019 // check dnsbl style list
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1020 if (priv.content_suffix && check_single(priv, ip, priv.content_suffix)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1021 msg = priv.content_message;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1022 return true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1023 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1024 // Check uribl & surbl style list
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1025 if (priv.uribl_suffix && check_uribl(priv, hosts, host, found)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1026 msg = priv.uribl_message;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1027 return true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1028 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1029 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1030 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1031 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1032 limit *= 4; // allow average of 3 ns per host name
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1033 for (ns_mapper::iterator i=nameservers.ns_ip.begin(); i!=nameservers.ns_ip.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1034 count++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1035 if ((count > limit) && (limit > 0)) return false; // too many name servers to check them all
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1036 host = (*i).first; // a transient reference that needs to be replaced before we return it
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1037 ip = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1038 if (!ip) ip = dns_interface(priv, host, false, NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1039 if (debug_syslog > 2) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1040 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1041 if (ip) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1042 char adr[sizeof "255.255.255.255 "];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1043 adr[0] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1044 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1045 snprintf(buf, sizeof(buf), "ns %s found at %s", host, adr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1046 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1047 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1048 snprintf(buf, sizeof(buf), "ns %s not found", host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1049 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1050 my_syslog(&priv, buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1051 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1052 if (ip) {
242 d8ee4c97b9ab 64 bit fixes for libresolv.a Carl Byington <carl@five-ten-sg.com> parents: 238 diff changeset	1053 int32_t_set::iterator i = ips.find(ip);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1054 if (i == ips.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1055 ips.insert(ip);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1056 if (check_single(priv, ip, priv.content_suffix)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1057 msg = priv.content_message;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1058 string_map::iterator j = nameservers.ns_host.find(host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1059 if (j != nameservers.ns_host.end()) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1060 const char refer = (j).second;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1061 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1062 snprintf(buf, sizeof(buf), "%s with nameserver %s", refer, host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1063 host = register_string(hosts, buf); // put a copy into hosts, and return that reference
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1064 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1065 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1066 host = register_string(hosts, host); // put a copy into hosts, and return that reference
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1067 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1068 return true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1069 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1070 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1071 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1072 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1073 return false;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1074 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1075
127 2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	1076
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1077 ////////////////////////////////////////////////
127 2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	1078 //
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	1079 // this email address is passed in from sendmail, and will normally be
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1080 // enclosed in <>. I think older versions of sendmail supplied the <>
127 2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	1081 // wrapper if the mail client did not, but the current version does not do
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	1082 // that. So the <> wrapper is now optional. It may have mixed case, just
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1083 // as the mail client sent it. We dup the string and convert the duplicate
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1084 // to lower case. Some clients enclose the entire address in single quotes,
246 8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1085 // so we strip those as well. We also remove the SRS and prvs coding.
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1086 //
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1087 const char to_lower_string(const char email);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1088 const char to_lower_string(const char email) {
266 582cfb9c4031 fix unauthenticated rate limit bug for empty mail from Carl Byington <carl@five-ten-sg.com> parents: 263 diff changeset	1089 if (!email) return strdup("<>");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1090 int n = strlen(email);
266 582cfb9c4031 fix unauthenticated rate limit bug for empty mail from Carl Byington <carl@five-ten-sg.com> parents: 263 diff changeset	1091 if (n == 0) return strdup("<>");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1092 if (email[0] == '<') {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1093 // assume it also ends with >
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1094 n -= 2;
266 582cfb9c4031 fix unauthenticated rate limit bug for empty mail from Carl Byington <carl@five-ten-sg.com> parents: 263 diff changeset	1095 if (n < 1) return strdup("<>");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1096 email++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1097 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1098 if ((email[0] == '\'') && (email[n-1] == '\'') && (n > 2)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1099 n -= 2;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1100 email++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1101 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1102 char *key = strdup(email);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1103 key[n] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1104 for (int i=0; i<n; i++) key[i] = tolower(key[i]);
246 8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1105 if ((n > 14) && (strncmp(key, "srs", 3) == 0)) {
235 e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1106 // might have srs coding to be removed
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1107 const int nmatch = 6;
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1108 regmatch_t match[nmatch];
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1109 if (0 == regexec(&srs_pattern, key, nmatch, match, 0)) {
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1110 int s4 = match[4].rm_so; // domain
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1111 int e4 = match[4].rm_eo;
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1112 int s5 = match[5].rm_so; // user
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1113 int e5 = match[5].rm_eo;
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1114 if ((s4 != -1) && (s5 != -1)) {
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1115 char *newkey = strdup(key); // large enough
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1116 key[e4] = '\0';
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1117 key[e5] = '\0';
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1118 strcpy(newkey, key+s5); // user
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1119 strcat(newkey, "@"); // @
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1120 strcat(newkey, key+s4); // domain
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1121 free(key);
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1122 key = newkey;
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1123 }
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1124 }
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1125 }
246 8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1126 if ((n > 7) && (strncmp(key, "prvs", 4) == 0)) {
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1127 // might have prvs coding to be removed
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1128 const int nmatch = 3;
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1129 regmatch_t match[nmatch];
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1130 if (0 == regexec(&prvs_pattern, key, nmatch, match, 0)) {
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1131 int s2 = match[2].rm_so; // user@domain
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1132 if (s2 != -1) {
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1133 char *newkey = strdup(key+s2); // user@domain
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1134 free(key);
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1135 key = newkey;
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1136 }
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1137 }
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1138 }
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1139 return key;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1140 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1141
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1142
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1143 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1144 // start of sendmail milter interfaces
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1145 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1146 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1147 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1148 // allocate some private memory
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1149 mlfiPriv *priv = new mlfiPriv;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1150 if (hostaddr->sa_family == AF_INET) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1151 priv->ip = ((struct sockaddr_in *)hostaddr)->sin_addr.s_addr;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1152 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1153 // save the private data
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1154 smfi_setpriv(ctx, (void*)priv);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1155
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1156 // continue processing
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1157 return SMFIS_CONTINUE;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1158 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1159
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1160 sfsistat mlfi_helo(SMFICTX * ctx, char *helohost)
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1161 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1162 mlfiPriv &priv = *MLFIPRIV;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1163 priv.helo = strdup(helohost);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1164 return SMFIS_CONTINUE;
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1165 }
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1166
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1167 sfsistat mlfi_envfrom(SMFICTX ctx, char *from)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1168 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1169 mlfiPriv &priv = *MLFIPRIV;
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1170 CONFIG &dc = *priv.pc;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1171 priv.mailaddr = to_lower_string(from[0]);
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1172 priv.queueid = strdup(smfi_getsymval(ctx, (char*)"i"));
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1173 priv.authenticated = smfi_getsymval(ctx, (char*)"{auth_authen}");
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1174 priv.client_name = smfi_getsymval(ctx, (char*)"_");
191 2a67d31099c3 fix null pointer dereference from missing HELO command carl parents: 190 diff changeset	1175 if (!priv.helo) priv.helo = strdup("unknown");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1176 if (priv.authenticated) priv.authenticated = strdup(priv.authenticated);
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1177 {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1178 const char *uid = (priv.authenticated) ? priv.authenticated : priv.mailaddr;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1179 if (priv.authenticated \|\| dc.default_context->is_unauthenticated_limited(priv.mailaddr)) {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1180 int hourly, daily;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1181 add_auth_address(uid, hourly, daily, priv.ip);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1182 int h_limit = dc.default_context->find_address_limit(uid);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1183 int d_limit = dc.default_context->get_daily_address_multiple() * h_limit;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1184 if (debug_syslog > 1) {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1185 char msg[maxlen];
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1186 snprintf(msg, sizeof(msg), "connect for %s (%d %d addresses, %d %d limits)", uid, hourly, daily, h_limit, d_limit);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1187 my_syslog(&priv, msg);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1188 }
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1189 if ((hourly > h_limit) \|\| (daily > d_limit)){
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1190 //smfi_setreply(ctx, (char)"550", (char)"5.7.1", (char*)"unique connection address limit exceeded");
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1191 //return SMFIS_REJECT;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1192 }
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1193 }
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1194 }
257 d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	1195 if (priv.client_name) {
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	1196 priv.client_name = strdup(priv.client_name);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	1197 const char *p = strstr(priv.client_name, " [");
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	1198 if (p) {
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	1199 uint pp = p - priv.client_name;
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	1200 priv.client_dns_name = strdup(priv.client_name);
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	1201 priv.client_dns_name[pp] = '\0';
259 be939802c64e add recipient rate limits by email from address or domain Carl Byington <carl@five-ten-sg.com> parents: 257 diff changeset	1202 //char text[500];
be939802c64e add recipient rate limits by email from address or domain Carl Byington <carl@five-ten-sg.com> parents: 257 diff changeset	1203 //snprintf(text, sizeof(text), "found simple dns client name %s", priv.client_dns_name);
be939802c64e add recipient rate limits by email from address or domain Carl Byington <carl@five-ten-sg.com> parents: 257 diff changeset	1204 //my_syslog(text);
257 d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	1205 }
268 f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1206 p = strstr(priv.client_name, "] (may be forged)");
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1207 if (p) {
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1208 priv.client_dns_forged = true;
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1209 if (priv.client_dns_name) {
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1210 char text[500];
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1211 snprintf(text, sizeof(text), "forged dns client name %s", priv.client_dns_name);
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1212 my_syslog(text);
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1213 }
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1214 }
257 d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets Carl Byington <carl@five-ten-sg.com> parents: 255 diff changeset	1215 }
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1216 if (spamc != spamc_empty) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1217 priv.assassin = new SpamAssassin(&priv, priv.ip, priv.helo, priv.mailaddr, priv.queueid);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1218 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1219 if (dccifd_port) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1220 priv.dccifd = new DccInterface(dccifd_port, &priv, priv.ip, priv.helo, priv.mailaddr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1221 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1222 return SMFIS_CONTINUE;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1223 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1224
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1225 sfsistat mlfi_envrcpt(SMFICTX ctx, char *rcpt)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1226 {
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1227 DNSBLP rejectlist = NULL; // list that caused the reject
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1228 mlfiPriv &priv = *MLFIPRIV;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1229 CONFIG &dc = *priv.pc;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1230 const char *rcptaddr = rcpt[0];
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1231 const char *loto = to_lower_string(rcptaddr);
216 784030ac71f1 Never whitelist self addressed mail. Changes for Fedora 10 and const correctness. Carl Byington <carl@five-ten-sg.com> parents: 214 diff changeset	1232 bool self = (strcmp(loto, priv.mailaddr) == 0);
174 da0c41b9f672 don't whitelist addresses with embedded spaces carl parents: 173 diff changeset	1233
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1234 // some version of sendmail allowed rcpt to:<> and passed it thru to the milters
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1235 if (strcmp(loto, "<>") == 0) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1236 smfi_setreply(ctx, (char)"550", (char)"5.7.1", (char*)"bogus recipient");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1237 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1238 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1239 // priv.mailaddr sending original message to loto
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1240 CONTEXT &con = *(dc.find_context(loto)->find_context(priv.mailaddr));
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1241 VERIFYP ver = con.find_verify(loto);
233 5c3e9bf45bb5 Add whitelisting by regex expression filtering. Carl Byington <carl@five-ten-sg.com> parents: 231 diff changeset	1242 const char *fromvalue = con.find_from(priv.mailaddr, true, priv.queueid);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1243 // tell spam assassin and dccifd about this recipient
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1244 if (priv.assassin) priv.assassin->mlfi_envrcpt(ctx, loto);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1245 if (priv.dccifd) priv.dccifd->mlfi_envrcpt(ctx, loto, con.get_grey() && !priv.authenticated);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1246 // loto sending a reply back to priv.mailaddr
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1247 CONTEXT &con2 = *(dc.find_context(priv.mailaddr)->find_context(loto));
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1248 const char *replyvalue = con2.find_from(loto);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1249 if (debug_syslog > 1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1250 char buf[maxlen];
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1251 char buf2[maxlen];
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1252 char msg[maxlen];
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1253 snprintf(msg, sizeof(msg), "from <%s> to <%s> using context %s state %s reply context %s state %s", priv.mailaddr, loto, con.get_full_name(buf,maxlen), fromvalue, con2.get_full_name(buf2,maxlen), replyvalue);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1254 my_syslog(&priv, msg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1255 }
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1256 free((void*)loto);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1257 status st;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1258 if (replyvalue == token_black) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1259 smfi_setreply(ctx, (char)"550", (char)"5.7.1", (char*)"recipient can not reply due to blacklisting");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1260 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1261 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1262 if (priv.authenticated) {
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1263 int hourly, daily;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1264 incr_rcpt_count(priv.authenticated, hourly, daily);
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1265 int h_limit = dc.default_context->find_rate_limit(priv.authenticated);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1266 int d_limit = dc.default_context->get_daily_rate_multiple() * h_limit;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1267 if (debug_syslog > 1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1268 char msg[maxlen];
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1269 snprintf(msg, sizeof(msg), "authenticated id %s (%d %d recipients, %d %d limits)", priv.authenticated, hourly, daily, h_limit, d_limit);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1270 my_syslog(&priv, msg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1271 }
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1272 if ((hourly > h_limit) \|\| (daily > d_limit)){
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1273 smfi_setreply(ctx, (char)"550", (char)"5.7.1", (char*)"recipient rate limit exceeded");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1274 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1275 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1276 st = white;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1277 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1278 else if (fromvalue == token_black) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1279 st = black;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1280 }
216 784030ac71f1 Never whitelist self addressed mail. Changes for Fedora 10 and const correctness. Carl Byington <carl@five-ten-sg.com> parents: 214 diff changeset	1281 else if ((fromvalue == token_white) && !self) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1282 st = white;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1283 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1284 else {
249 15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1285 // check the dns based lists, whitelist first
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1286 DNSWLP acceptlist = NULL; // list that caused the whitelisting
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1287 if (check_dnswl(priv, con.get_dnswl_list(), acceptlist)) {
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1288 st = white;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1289 if (debug_syslog > 1) {
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1290 char msg[maxlen];
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1291 snprintf(msg, sizeof(msg), "whitelisted by %s", acceptlist->name);
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1292 my_syslog(&priv, msg);
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1293 }
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1294 }
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1295 else if (check_dnsbl(priv, con.get_dnsbl_list(), rejectlist)) {
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1296 st = reject;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1297 }
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1298 else {
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1299 st = oksofar;
15bf4f68a0b2 Add dnswl support Carl Byington <carl@five-ten-sg.com> parents: 248 diff changeset	1300 }
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1301 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1302 if (st == reject) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1303 // reject the recipient based on some dnsbl
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1304 char adr[sizeof "255.255.255.255 "];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1305 adr[0] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1306 inet_ntop(AF_INET, (const u_char *)&priv.ip, adr, sizeof(adr));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1307 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1308 snprintf(buf, sizeof(buf), rejectlist->message, adr, adr);
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1309 smfi_setreply(ctx, (char)"550", (char)"5.7.1", buf);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1310 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1311 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1312 if (st == oksofar) {
268 f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1313 // check forged rdns
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1314 if (con.get_requirerdns() && (!priv.client_dns_name \|\| priv.client_dns_forged)) {
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1315 // reject the recipient based on forged reverse dns
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1316 char buf[maxlen];
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1317 snprintf(buf, sizeof(buf), "%s is not acceptable", priv.client_name);
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1318 smfi_setreply(ctx, (char)"550", (char)"5.7.1", buf);
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1319 return SMFIS_REJECT;
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1320 }
f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1321 // check generic rdns
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1322 const char *msg = con.generic_match(priv.client_name);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1323 if (msg) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1324 // reject the recipient based on generic reverse dns
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1325 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1326 snprintf(buf, sizeof(buf), msg, priv.client_name);
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1327 smfi_setreply(ctx, (char)"550", (char)"5.7.1", buf);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1328 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1329 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1330 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1331 if (st == black) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1332 // reject the recipient based on blacklisting either from or to
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1333 smfi_setreply(ctx, (char)"550", (char)"5.7.1", (char*)"no such user");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1334 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1335 }
203 92a5c866bdfa Verify from/to pairs even if they might be explicitly whitelisted. Carl Byington <carl@five-ten-sg.com> parents: 194 diff changeset	1336 if (ver) {
92a5c866bdfa Verify from/to pairs even if they might be explicitly whitelisted. Carl Byington <carl@five-ten-sg.com> parents: 194 diff changeset	1337 // try to verify this from/to pair of addresses even if it might be explicitly whitelisted
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1338 const char *loto = to_lower_string(rcptaddr);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1339 bool rc = ver->ok(priv.mailaddr, loto);
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1340 free((void*)loto);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1341 if (!rc) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1342 smfi_setreply(ctx, (char)"550", (char)"5.7.1", (char*)"no such user");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1343 return SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1344 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1345 }
263 e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1346 if (!priv.authenticated && dc.default_context->is_unauthenticated_limited(priv.mailaddr)) {
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1347 int hourly, daily;
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1348 incr_rcpt_count(priv.mailaddr, hourly, daily);
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1349 int h_limit = dc.default_context->find_rate_limit(priv.mailaddr);
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1350 int d_limit = dc.default_context->get_daily_rate_multiple() * h_limit;
263 e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1351 if (debug_syslog > 1) {
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1352 char msg[maxlen];
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1353 snprintf(msg, sizeof(msg), "unauthenticated address %s (%d %d recipients, %d %d limits)", priv.mailaddr, hourly, daily, h_limit, d_limit);
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1354 my_syslog(&priv, msg);
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1355 }
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1356 if ((hourly > h_limit) \|\| (daily > d_limit)){
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1357 smfi_setreply(ctx, (char)"550", (char)"5.7.1", (char*)"recipient rate limit exceeded");
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1358 return SMFIS_REJECT;
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1359 }
e118fd2c6af0 fix unauthenticated rate limit bug for empty mail from; move unauthenticate rate limit checks after spam filtering Carl Byington <carl@five-ten-sg.com> parents: 259 diff changeset	1360 }
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1361 // we will accept the recipient, but add an auto-whitelist entry
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1362 // if needed to ensure we can accept replies
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1363 loto = to_lower_string(rcptaddr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1364 WHITELISTERP w = con2.find_autowhite(loto, priv.mailaddr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1365 // check if local part is too big
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1366 const int max_local_size = 30;
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1367 const char *p = strchr(loto, '@');
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1368 int len = (p) ? p-loto : max_local_size;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1369 if (len >= max_local_size) w = NULL; // too big, pretend we don't have a whitelister
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1370 // record it if we have a whitelister
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1371 if (w) {
231 4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1372 DELAYWHITEP dwp = new DELAYWHITE(loto, w, &con2); // dwp takes ownership of the string
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1373 priv.delayer.push_back(dwp);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1374 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1375 else {
231 4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1376 free((void*)loto); // or we free it here
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1377 }
179 8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1378
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1379 // accept the recipient
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1380 if (!con.get_content_filtering()) st = white;
179 8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1381
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1382 if (st == oksofar) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1383 // remember first content filtering context
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1384 if (con.get_content_filtering()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1385 if (!priv.content_context) priv.content_context = &con;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1386 else if (con.get_require() && (priv.content_context != &con)) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1387 smfi_setreply(ctx, (char)"452", (char)"4.2.1", (char*)"incompatible filtering contexts");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1388 return SMFIS_TEMPFAIL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1389 }
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1390 priv.need_content_filter(rcptaddr, con);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1391 char bu[maxlen];
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1392 bool uri = false;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1393 // content filtering implies also checking helo name on uribl (if enabled)
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1394 if (priv.helo_uribl) {
238 7b818a4e21a4 produce correct uribl message Carl Byington <carl@five-ten-sg.com> parents: 236 diff changeset	1395 snprintf(bu, sizeof(bu), "(helo %s)", priv.host_uribl);
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1396 uri = true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1397 }
268 f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1398 // content filtering implies also checking client reverse dns name on uribl (if enabled)
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1399 if (priv.client_uribl) {
238 7b818a4e21a4 produce correct uribl message Carl Byington <carl@five-ten-sg.com> parents: 236 diff changeset	1400 snprintf(bu, sizeof(bu), "(rdns %s)", priv.host_uribl);
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1401 uri = true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1402 }
268 f941563c2a95 Add require_rdns checking Carl Byington <carl@five-ten-sg.com> parents: 266 diff changeset	1403 // content filtering implies also checking mail from domain name on uribl (if enabled)
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1404 if (priv.from_uribl) {
238 7b818a4e21a4 produce correct uribl message Carl Byington <carl@five-ten-sg.com> parents: 236 diff changeset	1405 snprintf(bu, sizeof(bu), "(from %s)", priv.host_uribl);
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1406 uri = true;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1407 }
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1408 if (uri) {
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1409 char buf[maxlen];
238 7b818a4e21a4 produce correct uribl message Carl Byington <carl@five-ten-sg.com> parents: 236 diff changeset	1410 snprintf(buf, sizeof(buf), priv.uribl_message, bu, priv.host_uribl);
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1411 smfi_setreply(ctx, (char)"550", (char)"5.7.1", buf);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1412 return SMFIS_REJECT;
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1413 }
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1414 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1415 // remember the non-whites
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1416 register_string(priv.env_to, rcptaddr, &con);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1417 priv.only_whites = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1418 priv.want_spamassassin \|= (priv.assassin) && // have spam assassin available and
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1419 (con.get_spamassassin_limit() != 0); // want to use it with a non-zero score
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1420 priv.want_dccgrey \|= (priv.dccifd) && // have dcc interface and
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1421 (con.get_grey()); // want to use it for greylisting
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1422 priv.want_dccbulk \|= (priv.dccifd) && // have dcc interface and
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1423 (con.get_bulk() != 0); // want to use it for bulk detection
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1424 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1425 if (st == white) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1426 priv.have_whites = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1427 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1428 return SMFIS_CONTINUE;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1429 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1430
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1431 sfsistat mlfi_header(SMFICTX* ctx, char* headerf, char* headerv)
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1432 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1433 mlfiPriv &priv = *MLFIPRIV;
231 4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1434 // headers that avoid autowhitelisting
230 ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	1435 if (((strcasecmp(headerf, "precedence") == 0) && (strcasecmp(headerv, "bulk") == 0)) \|\|
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	1436 ((strcasecmp(headerf, "content-type") == 0) && (strncasecmp(headerv, "multipart/report", 16) == 0))) {
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	1437 priv.allow_autowhitelisting = false;
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	1438 }
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	1439
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1440 // other headers are only needed for content filtering
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1441 if (priv.authenticated) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1442 if (priv.only_whites) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1443 if (priv.want_spamassassin) priv.assassin->mlfi_header(headerf, headerv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1444 if (priv.want_dccgrey \|\| priv.want_dccbulk) priv.dccifd->mlfi_header(ctx, headerf, headerv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1445 return SMFIS_CONTINUE;
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1446 }
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1447
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1448 sfsistat mlfi_eoh(SMFICTX* ctx)
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1449 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1450 mlfiPriv &priv = *MLFIPRIV;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1451 // delayed autowhitelisting
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1452 while (!priv.delayer.empty()) {
231 4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1453 DELAYWHITEP dwp = priv.delayer.front();
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1454 const char *loto = dwp->get_loto();
230 ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications. Carl Byington <carl@five-ten-sg.com> parents: 227 diff changeset	1455 if (priv.allow_autowhitelisting) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1456 WHITELISTERP w = dwp->get_w();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1457 CONTEXTP con2 = dwp->get_con();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1458 if (debug_syslog > 1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1459 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1460 char msg[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1461 snprintf(msg, sizeof(msg), "whitelist reply from <%s> in context %s", loto, con2->get_full_name(buf,maxlen));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1462 my_syslog(&priv, msg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1463 }
231 4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1464 w->sent(loto); // don't free it, the whitelister takes ownership of the string
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1465 }
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1466 else {
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1467 if (debug_syslog > 1) {
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1468 char msg[maxlen];
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1469 snprintf(msg, sizeof(msg), "avoid whitelist reply from <%s> for outgoing auto-responder", loto);
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1470 my_syslog(&priv, msg);
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1471 }
4d6bd04d93fa Fix memory leak in suppressed auto whitelisting. Carl Byington <carl@five-ten-sg.com> parents: 230 diff changeset	1472 if (loto) free((void*)loto);// or we free it here
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1473 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1474 delete dwp;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1475 priv.delayer.pop_front();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1476 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1477 // content filtering
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1478 if (priv.authenticated) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1479 if (priv.only_whites) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1480 if (priv.want_spamassassin) priv.assassin->mlfi_eoh();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1481 if (priv.want_dccgrey \|\| priv.want_dccbulk) priv.dccifd->mlfi_eoh();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1482 return SMFIS_CONTINUE;
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1483 }
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1484
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1485 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1486 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1487 mlfiPriv &priv = *MLFIPRIV;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1488 if (priv.authenticated) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1489 if (priv.only_whites) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1490 if (priv.want_spamassassin) priv.assassin->mlfi_body(data, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1491 if (priv.want_dccgrey \|\| priv.want_dccbulk) priv.dccifd->mlfi_body(data, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1492 priv.scanner->scan(data, len);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1493 return SMFIS_CONTINUE;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1494 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1495
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1496 sfsistat mlfi_eom(SMFICTX *ctx)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1497 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1498 sfsistat rc;
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1499 mlfiPriv &priv = *MLFIPRIV;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1500 const char *host = NULL;
242 d8ee4c97b9ab 64 bit fixes for libresolv.a Carl Byington <carl@five-ten-sg.com> parents: 238 diff changeset	1501 int32_t ip;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1502 // process end of message
190 004b855c6c1f fix null pointer dereference from missing HELO command carl parents: 188 diff changeset	1503 priv.eom = true;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1504 if (priv.authenticated \|\| priv.only_whites) rc = SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1505 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1506 // assert env_to not empty, it contains the
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1507 // non-whitelisted folks that want content filtering
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1508 int score = (priv.want_spamassassin) ? priv.assassin->mlfi_eom() : 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1509 bool grey = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1510 int bulk = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1511 if (priv.want_dccgrey \|\| priv.want_dccbulk) priv.dccifd->mlfi_eom(grey, bulk);
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1512
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1513 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1514 string msg;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1515 string_set alive;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1516 bool random = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1517 int limit = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1518 for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1519 const char rcpt = (i).first;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1520 CONTEXT &con = ((i).second);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1521 if (!con.acceptable_content(*priv.memory, score, bulk, msg)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1522 // bad html tags or excessive hosts or
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1523 // high spam assassin score or dcc bulk threshold exceedeed
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1524 smfi_delrcpt(ctx, (char*)rcpt);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1525 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1526 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1527 alive.insert(rcpt);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1528 random \|= con.get_host_random();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1529 limit = max(limit, con.get_host_limit());
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1530 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1531 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1532 bool rejecting = alive.empty(); // if alive is empty, we must have set msg above in acceptable_content()
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1533 if (!rejecting) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1534 const char *fmt;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1535 const char *found;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1536 if (check_hosts(priv, random, limit, fmt, host, ip, found)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1537 if (found) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1538 // uribl style
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1539 snprintf(buf, sizeof(buf), fmt, host, found);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1540 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1541 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1542 // dnsbl style
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1543 char adr[sizeof "255.255.255.255 "];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1544 adr[0] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1545 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1546 snprintf(buf, sizeof(buf), fmt, host, adr);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1547 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1548 msg = string(buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1549 rejecting = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1550 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1551 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1552 if (!rejecting) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1553 if (priv.want_dccgrey && grey) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1554 smfi_setreply(ctx, (char)"452", (char)"4.2.1", (char*)"temporary greylist embargoed");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1555 rc = SMFIS_TEMPFAIL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1556 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1557 else rc = SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1558 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1559 else if (!priv.have_whites) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1560 // can reject the entire message
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1561 snprintf(buf, sizeof(buf), "%s", msg.c_str());
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1562 smfi_setreply(ctx, (char)"550", (char)"5.7.1", buf);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1563 rc = SMFIS_REJECT;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1564 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1565 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1566 // need to accept it but remove the recipients that don't want it
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1567 for (string_set::iterator i=alive.begin(); i!=alive.end(); i++) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1568 const char rcpt = i;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1569 smfi_delrcpt(ctx, (char*)rcpt);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1570 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1571 rc = SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1572 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1573 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1574 // reset for a new message on the same connection
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1575 mlfi_abort(ctx);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1576 return rc;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1577 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1578
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1579 sfsistat mlfi_abort(SMFICTX *ctx)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1580 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1581 mlfiPriv &priv = *MLFIPRIV;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1582 priv.reset();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1583 return SMFIS_CONTINUE;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1584 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1585
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1586 sfsistat mlfi_close(SMFICTX *ctx)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1587 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1588 mlfiPriv *priv = MLFIPRIV;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1589 if (!priv) return SMFIS_CONTINUE;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1590 delete priv;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1591 smfi_setpriv(ctx, NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1592 return SMFIS_CONTINUE;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1593 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1594
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1595 struct smfiDesc smfilter =
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1596 {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1597 (char*)"DNSBL", // filter name
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1598 SMFI_VERSION, // version code -- do not change
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1599 SMFIF_DELRCPT, // flags
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1600 mlfi_connect, // connection info filter
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1601 mlfi_helo, // SMTP HELO command filter
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1602 mlfi_envfrom, // envelope sender filter
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1603 mlfi_envrcpt, // envelope recipient filter
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1604 mlfi_header, // header filter
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1605 mlfi_eoh, // end of header
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1606 mlfi_body, // body block filter
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1607 mlfi_eom, // end of message
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1608 mlfi_abort, // message aborted
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1609 mlfi_close, // connection cleanup
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1610 };
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1611
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1612
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1613 ////////////////////////////////////////////////
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1614 // reload the config
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1615 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1616 CONFIG* new_conf();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1617 CONFIG* new_conf() {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1618 CONFIG *newc = new CONFIG;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1619 pthread_mutex_lock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1620 newc->generation = generation++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1621 pthread_mutex_unlock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1622 if (debug_syslog) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1623 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1624 snprintf(buf, sizeof(buf), "loading configuration generation %d", newc->generation);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1625 my_syslog(buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1626 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1627 if (load_conf(*newc, "dnsbl.conf")) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1628 newc->load_time = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1629 return newc;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1630 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1631 delete newc;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1632 return NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1633 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1634
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1635
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1636 ////////////////////////////////////////////////
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1637 // thread to watch the old config files for changes
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1638 // and reload when needed.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1639 // we also clear the SMTP AUTH recipient counts hourly
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1640 //
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1641 extern "C" {void* config_loader(void *arg);}
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1642 void* config_loader(void *arg) {
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1643 int loop1 = 0;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1644 int loop2 = 0;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1645 while (loader_run) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1646 sleep(180); // look for modifications every 3 minutes
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1647 if (!loader_run) break;
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1648 loop1++;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1649 loop2++;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1650 if (loop1 == 20) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1651 // three minutes thru each loop, 20 loops per hour
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1652 // clear the recipient hourly counts
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1653 pthread_mutex_lock(&rate_mutex);
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1654 for (rates::iterator i=rcpt_hourly_counts.begin(); i!=rcpt_hourly_counts.end(); i++) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1655 (*i).second = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1656 }
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1657 for (auth_addresses::iterator j=auth_hourly_addresses.begin(); j!=auth_hourly_addresses.end(); j++) {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1658 delete (*j).second;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1659 }
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1660 pthread_mutex_unlock(&rate_mutex);
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1661 loop1 = 0;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1662 }
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1663 if (loop2 == 480) {
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1664 // three minutes thru each loop, 480 loops per day
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1665 // clear the recipient daily counts
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1666 pthread_mutex_lock(&rate_mutex);
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1667 for (rates::iterator i=rcpt_daily_counts.begin(); i!=rcpt_daily_counts.end(); i++) {
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1668 (*i).second = 0;
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1669 }
278 368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1670 for (auth_addresses::iterator j=auth_daily_addresses.begin(); j!=auth_daily_addresses.end(); j++) {
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1671 delete (*j).second;
368572c57013 add limits on unique ip addresses per hour per authenticated user Carl Byington <carl@five-ten-sg.com> parents: 272 diff changeset	1672 }
255 d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1673 pthread_mutex_unlock(&rate_mutex);
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits. Carl Byington <carl@five-ten-sg.com> parents: 252 diff changeset	1674 loop2 = 0;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1675 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1676 CONFIG &dc = *config;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1677 time_t then = dc.load_time;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1678 struct stat st;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1679 bool reload = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1680 for (string_set::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1681 const char fn = i;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1682 if (stat(fn, &st)) reload = true; // file disappeared
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1683 else if (st.st_mtime > then) reload = true; // file modified
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1684 if (reload) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1685 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1686 if (reload) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1687 CONFIG *newc = new_conf();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1688 if (newc) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1689 // replace the global config pointer
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1690 pthread_mutex_lock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1691 CONFIG *pc = config;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1692 bool last = pc && (!pc->reference_count);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1693 config = newc;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1694 pthread_mutex_unlock(&config_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1695 if (last) delete pc; // there were no references to this config
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1696 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1697 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1698 // failed to load new config
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1699 my_syslog("failed to load new configuration");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1700 system("echo 'failed to load new dnsbl configuration from /etc/dnsbl' \| mail -s 'error in /etc/dnsbl configuration' root");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1701 // update the load time on the current config to prevent complaining every 3 minutes
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1702 dc.load_time = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1703 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1704 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1705 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1706 return NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1707 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1708
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1709
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1710 void usage(const char *prog);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1711 void usage(const char *prog)
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1712 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1713 fprintf(stderr, "Usage: %s [-d [level]] [-c] [-s] [-e from\|to] [-b dccifd-addr] -r port -p sm-sock-addr [-t timeout]\n", prog);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1714 fprintf(stderr, "where dccifd_addr is for the connection to dccifd\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1715 fprintf(stderr, " and should be local-domain-socket-file-name\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1716 fprintf(stderr, "where port is for the connection to our own dns resolver processes\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1717 fprintf(stderr, " and should be local-domain-socket-file-name\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1718 fprintf(stderr, "where sm-sock-addr is for the connection to sendmail\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1719 fprintf(stderr, " and should be one of\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1720 fprintf(stderr, " inet:port@ip-address\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1721 fprintf(stderr, " local:local-domain-socket-file-name\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1722 fprintf(stderr, "-c will load and dump the config to stdout\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1723 fprintf(stderr, "-s will stress test the config loading code by repeating the load/free cycle\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1724 fprintf(stderr, " in an infinte loop.\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1725 fprintf(stderr, "-d will set the syslog message level, currently 0 to 3\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1726 fprintf(stderr, "-e will print the results of looking up the from and to addresses in the\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1727 fprintf(stderr, " current config. The \| character is used to separate the from and to\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1728 fprintf(stderr, " addresses in the argument to the -e switch\n");
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1729 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1730
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1731
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1732
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1733 void setup_socket(const char *sock);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1734 void setup_socket(const char *sock) {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1735 unlink(sock);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1736 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1737
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1738
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1739 /*
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1740 * The signal handler function -- only gets called when a SIGCHLD
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1741 * is received, ie when a child terminates
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1742 */
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1743 void sig_chld(int signo)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1744 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1745 int status;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1746 /* Wait for any child without blocking */
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1747 while (waitpid(-1, &status, WNOHANG) > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1748 // ignore child exit status, we only do this to cleanup zombies
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1749 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1750 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1751
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1752
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1753 int main(int argc, char**argv)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1754 {
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1755 token_init();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1756 bool check = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1757 bool stress = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1758 bool setconn = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1759 bool setreso = false;
244 ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions Carl Byington <carl@five-ten-sg.com> parents: 242 diff changeset	1760 char *email = NULL;
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1761 int c;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1762 const char *args = "b:r:p:t:e:d:chs";
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1763 extern char *optarg;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1764
235 e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1765 // setup srs coding detection
246 8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1766 if (regcomp(&srs_pattern, "^srs(0\|1)=([^=]+)=([^=]+)=([^=]+)=([^@]+)@", REG_ICASE \| REG_EXTENDED)) {
235 e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1767 printf("cannot compile regex pattern to find srs coding in mail addresses\n");
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1768 exit(3);
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1769 }
e6c66640f6f9 Add SRS decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 233 diff changeset	1770
246 8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1771 // setup prvs coding detection
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1772 if (regcomp(&prvs_pattern, "^prvs=([^=]+)=(.+)$", REG_ICASE \| REG_EXTENDED)) {
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1773 printf("cannot compile regex pattern to find prvs coding in mail addresses\n");
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1774 exit(3);
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1775 }
8b0f16abee53 Add prvs decoding to envelope addresses Carl Byington <carl@five-ten-sg.com> parents: 244 diff changeset	1776
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1777 // Process command line options
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1778 while ((c = getopt(argc, argv, args)) != -1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1779 switch (c) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1780 case 'b':
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1781 if (optarg == NULL \|\| *optarg == '\0') {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1782 fprintf(stderr, "Illegal dccifd socket: %s\n", optarg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1783 exit(EX_USAGE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1784 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1785 dccifd_port = strdup(optarg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1786 break;
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1787
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1788 case 'r':
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1789 if (optarg == NULL \|\| *optarg == '\0') {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1790 fprintf(stderr, "Illegal resolver socket: %s\n", optarg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1791 exit(EX_USAGE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1792 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1793 resolver_port = strdup(optarg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1794 setup_socket(resolver_port);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1795 setreso = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1796 break;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1797
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1798 case 'p':
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1799 if (optarg == NULL \|\| *optarg == '\0') {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1800 fprintf(stderr, "Illegal sendmail socket: %s\n", optarg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1801 exit(EX_USAGE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1802 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1803 if (smfi_setconn(optarg) == MI_FAILURE) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1804 fprintf(stderr, "smfi_setconn failed\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1805 exit(EX_SOFTWARE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1806 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1807 if (strncasecmp(optarg, "unix:", 5) == 0) setup_socket(optarg + 5);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1808 else if (strncasecmp(optarg, "local:", 6) == 0) setup_socket(optarg + 6);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1809 setconn = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1810 break;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1811
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1812 case 't':
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1813 if (optarg == NULL \|\| *optarg == '\0') {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1814 fprintf(stderr, "Illegal timeout: %s\n", optarg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1815 exit(EX_USAGE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1816 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1817 if (smfi_settimeout(atoi(optarg)) == MI_FAILURE) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1818 fprintf(stderr, "smfi_settimeout failed\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1819 exit(EX_SOFTWARE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1820 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1821 break;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1822
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1823 case 'e':
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1824 if (email) free((void*)email);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1825 email = strdup(optarg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1826 break;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1827
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1828 case 'c':
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1829 check = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1830 break;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1831
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1832 case 's':
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1833 stress = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1834 break;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1835
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1836 case 'd':
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1837 if (optarg == NULL \|\| *optarg == '\0') debug_syslog = 1;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1838 else debug_syslog = atoi(optarg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1839 break;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1840
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1841 case 'h':
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1842 default:
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1843 usage(argv[0]);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1844 exit(EX_USAGE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1845 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1846 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1847
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1848 if (check) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1849 use_syslog = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1850 debug_syslog = 10;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1851 CONFIG *conf = new_conf();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1852 if (conf) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1853 conf->dump();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1854 delete conf;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1855 clear_strings(); // for valgrind checking
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1856 return 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1857 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1858 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1859 return 1; // config failed to load
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1860 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1861 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1862
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1863 if (stress) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1864 fprintf(stdout, "stress testing\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1865 while (1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1866 for (int i=0; i<10; i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1867 CONFIG *conf = new_conf();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1868 if (conf) delete conf;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1869 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1870 fprintf(stdout, ".");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1871 fflush(stdout);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1872 sleep(1);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1873 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1874 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1875
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1876 if (email) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1877 char *x = strchr(email, '\|');
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1878 if (x) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1879 *x = '\0';
236 c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1880 const char *from = to_lower_string(email);
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name Carl Byington <carl@five-ten-sg.com> parents: 235 diff changeset	1881 const char *to = to_lower_string(x+1);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1882 use_syslog = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1883 CONFIG *conf = new_conf();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1884 if (conf) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1885 CONTEXTP con = conf->find_context(to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1886 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1887 fprintf(stdout, "envelope to <%s> finds context %s\n", to, con->get_full_name(buf,maxlen));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1888 CONTEXTP fc = con->find_context(from);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1889 fprintf(stdout, "envelope from <%s> finds context %s\n", from, fc->get_full_name(buf,maxlen));
214 82886d4dd71f Fixes to compile on Fedora 9 and for const correctness. Carl Byington <carl@five-ten-sg.com> parents: 211 diff changeset	1890 const char *st = fc->find_from(from);
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1891 fprintf(stdout, "envelope from <%s> finds status %s\n", from, st);
216 784030ac71f1 Never whitelist self addressed mail. Changes for Fedora 10 and const correctness. Carl Byington <carl@five-ten-sg.com> parents: 214 diff changeset	1892 bool self = (strcmp(from, to) == 0);
784030ac71f1 Never whitelist self addressed mail. Changes for Fedora 10 and const correctness. Carl Byington <carl@five-ten-sg.com> parents: 214 diff changeset	1893 if ((st == token_white) && self) fprintf(stdout, "ignore self whitelisting\n");
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1894 delete conf;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1895 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1896 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1897 return 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1898 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1899
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1900 if (!setconn) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1901 fprintf(stderr, "%s: Missing required -p argument\n", argv[0]);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1902 usage(argv[0]);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1903 exit(EX_USAGE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1904 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1905
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1906 if (!setreso) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1907 fprintf(stderr, "%s: Missing required -r argument\n", argv[0]);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1908 usage(argv[0]);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1909 exit(EX_USAGE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1910 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1911
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1912 if (smfi_register(smfilter) == MI_FAILURE) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1913 fprintf(stderr, "smfi_register failed\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1914 exit(EX_UNAVAILABLE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1915 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1916
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1917 // switch to background mode
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1918 if (daemon(1,0) < 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1919 fprintf(stderr, "daemon() call failed\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1920 exit(EX_UNAVAILABLE);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1921 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1922
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1923 // write the pid
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1924 const char *pidpath = "/var/run/dnsbl.pid";
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1925 unlink(pidpath);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1926 FILE *f = fopen(pidpath, "w");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1927 if (f) {
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1928 #ifdef linux
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1929 // from a comment in the DCC source code:
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1930 // Linux threads are broken. Signals given the
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1931 // original process are delivered to only the
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1932 // thread that happens to have that PID. The
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1933 // sendmail libmilter thread that needs to hear
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1934 // SIGINT and other signals does not, and that breaks
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1935 // scripts that need to stop milters.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1936 // However, signaling the process group works.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1937 fprintf(f, "-%d\n", (u_int)getpgrp());
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1938 #else
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1939 fprintf(f, "%d\n", (u_int)getpid());
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1940 #endif
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1941 fclose(f);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1942 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1943
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1944 // initialize the thread sync objects
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1945 pthread_mutex_init(&config_mutex, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1946 pthread_mutex_init(&syslog_mutex, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1947 pthread_mutex_init(&resolve_mutex, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1948 pthread_mutex_init(&fd_pool_mutex, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1949 pthread_mutex_init(&verifier_mutex, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1950 pthread_mutex_init(&whitelister_mutex, 0);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1951
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1952 // drop root privs
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1953 struct passwd *pw = getpwnam("dnsbl");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1954 if (pw) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1955 if (setgid(pw->pw_gid) == -1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1956 my_syslog("failed to switch to group dnsbl");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1957 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1958 if (setuid(pw->pw_uid) == -1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1959 my_syslog("failed to switch to user dnsbl");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1960 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1961 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1962
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1963 // load the initial config
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1964 config = new_conf();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1965 if (!config) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1966 my_syslog("failed to load initial configuration, quitting");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1967 exit(1);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1968 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1969
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1970 // fork off the resolver listener process
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1971 pid_t child = fork();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1972 if (child < 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1973 my_syslog("failed to create resolver listener process");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1974 exit(0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1975 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1976 if (child == 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1977 // we are the child - dns resolver listener process
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1978 resolver_socket = socket(AF_UNIX, SOCK_STREAM, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1979 if (resolver_socket < 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1980 my_syslog("child failed to create resolver socket");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1981 exit(0); // failed
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1982 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1983 sockaddr_un server;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1984 memset(&server, '\0', sizeof(server));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1985 server.sun_family = AF_UNIX;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1986 strncpy(server.sun_path, resolver_port, sizeof(server.sun_path)-1);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1987 //try to bind the address to the socket.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1988 if (bind(resolver_socket, (sockaddr *)&server, sizeof(server)) < 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1989 // bind failed
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1990 shutdown(resolver_socket, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1991 close(resolver_socket);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1992 my_syslog("child failed to bind resolver socket");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1993 exit(0); // failed
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1994 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1995 //listen on the socket.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1996 if (listen(resolver_socket, 10) < 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1997 // listen failed
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1998 shutdown(resolver_socket, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	1999 close(resolver_socket);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2000 my_syslog("child failed to listen to resolver socket");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2001 exit(0); // failed
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2002 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2003 // setup sigchld handler to prevent zombies
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2004 struct sigaction act;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2005 act.sa_handler = sig_chld; // Assign sig_chld as our SIGCHLD handler
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2006 sigemptyset(&act.sa_mask); // We don't want to block any other signals in this example
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2007 act.sa_flags = SA_NOCLDSTOP; // only want children that have terminated
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2008 if (sigaction(SIGCHLD, &act, NULL) < 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2009 my_syslog("child failed to setup SIGCHLD handler");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2010 exit(0); // failed
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2011 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2012 while (true) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2013 sockaddr_un client;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2014 socklen_t clientlen = sizeof(client);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2015 int s = accept(resolver_socket, (sockaddr *)&client, &clientlen);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2016 if (s > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2017 // accept worked, it did not get cancelled before we could accept it
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2018 // fork off a process to handle this connection
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2019 int newchild = fork();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2020 if (newchild == 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2021 // this is the worker process
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2022 // child does not need the listening socket
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2023 close(resolver_socket);
220 495cfe5caead try to allow mixed -lresolv and libresolv.a for ns_parserr Carl Byington <carl@five-ten-sg.com> parents: 216 diff changeset	2024 #ifdef NS_PACKETSZ
495cfe5caead try to allow mixed -lresolv and libresolv.a for ns_parserr Carl Byington <carl@five-ten-sg.com> parents: 216 diff changeset	2025 res_init();
495cfe5caead try to allow mixed -lresolv and libresolv.a for ns_parserr Carl Byington <carl@five-ten-sg.com> parents: 216 diff changeset	2026 _res.retry = 2;
495cfe5caead try to allow mixed -lresolv and libresolv.a for ns_parserr Carl Byington <carl@five-ten-sg.com> parents: 216 diff changeset	2027 _res.retrans = RES_TIMEOUT;
495cfe5caead try to allow mixed -lresolv and libresolv.a for ns_parserr Carl Byington <carl@five-ten-sg.com> parents: 216 diff changeset	2028 #endif
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2029 process_resolver_requests(s);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2030 exit(0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2031 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2032 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2033 // this is the parent
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2034 // parent does not need the accepted socket
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2035 close(s);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2036 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2037 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2038 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2039 exit(0); // make sure we don't fall thru.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2040 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2041 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2042 sleep(2); // allow child to get started
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2043 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	2044
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2045 // only create threads after the fork() in daemon
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2046 pthread_t tid;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2047 if (pthread_create(&tid, 0, config_loader, 0))
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2048 my_syslog("failed to create config loader thread");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2049 if (pthread_detach(tid))
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2050 my_syslog("failed to detach config loader thread");
153 8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	2051
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2052 if (pthread_create(&tid, 0, verify_closer, 0))
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2053 my_syslog("failed to create verify closer thread");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2054 if (pthread_detach(tid))
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2055 my_syslog("failed to detach verify closer thread");
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	2056
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2057 if (pthread_create(&tid, 0, whitelister_writer, 0))
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2058 my_syslog("failed to create autowhite writer thread");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2059 if (pthread_detach(tid))
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2060 my_syslog("failed to detach autowhite writer thread");
153 8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	2061
192 8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2062 time_t starting = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2063 int rc = smfi_main();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2064 if ((rc != MI_SUCCESS) && (time(NULL) > starting+5*60)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2065 my_syslog("trying to restart after smfi_main()");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2066 loader_run = false; // eventually the config loader thread will terminate
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2067 execvp(argv[0], argv);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2068 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots carl parents: 191 diff changeset	2069 exit((rc == MI_SUCCESS) ? 0 : EX_UNAVAILABLE);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	2070 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	2071

Mercurial > dnsbl

annotate src/dnsbl.cpp @ 278:368572c57013