Mercurial > dnsbl
annotate src/context.h @ 185:505283ab296c stable-6-0-12
smtp rejections take precendence over greylisting
author | carl |
---|---|
date | Sat, 13 Oct 2007 17:42:30 -0700 |
parents | 8b86a894514d |
children | 8f4a9a37d4d9 |
rev | line source |
---|---|
143 | 1 /* |
2 | |
152 | 3 Copyright (c) 2007 Carl Byington - 510 Software Group, released under |
4 the GPL version 3 or any later version at your choice available at | |
5 http://www.gnu.org/licenses/gpl-3.0.txt | |
143 | 6 |
7 */ | |
8 | |
94 | 9 #ifndef context_include |
10 #define context_include | |
11 | |
12 #include "tokenizer.h" | |
13 #include <map> | |
168 | 14 #include <regex.h> |
94 | 15 |
16 | |
17 enum status {oksofar, // not rejected yet | |
18 white, // whitelisted | |
19 black, // blacklisted | |
20 reject}; // rejected by a dns list | |
21 | |
22 class DNSBL; | |
23 class CONTEXT; | |
24 class VERIFY; | |
25 class SMTP; | |
153 | 26 class WHITELISTER; |
94 | 27 class recorder; |
28 | |
29 typedef map<char *, char *, ltstr> string_map; | |
30 typedef set<int> int_set; | |
31 typedef list<SMTP *> smtp_list; | |
32 typedef list<char *> string_list; | |
33 typedef DNSBL * DNSBLP; | |
34 typedef VERIFY * VERIFYP; | |
153 | 35 typedef WHITELISTER * WHITELISTERP; |
94 | 36 typedef list<DNSBLP> dnsblp_list; |
37 typedef map<char *, DNSBLP, ltstr> dnsblp_map; | |
38 typedef CONTEXT * CONTEXTP; | |
39 typedef list<CONTEXTP> context_list; | |
40 typedef map<char *, CONTEXTP, ltstr> context_map; | |
41 typedef map<char *, int, ltstr> ns_mapper; | |
136 | 42 typedef map<char *, int, ltstr> rcpt_rates; |
160 | 43 typedef map<char *, time_t, ltstr> autowhite_sent; |
94 | 44 typedef map<char *, VERIFYP, ltstr> verify_map; |
153 | 45 typedef map<char *, WHITELISTERP, ltstr> whitelister_map; |
94 | 46 |
47 class SMTP { | |
48 static const int maxlen = 1000; | |
49 int fd; | |
50 bool error; | |
51 time_t stamp; | |
52 char efrom[maxlen]; // last envelope from sent on this socket | |
53 int pending; // unread bytes in buffer, not including the null terminator | |
54 char buffer[maxlen]; | |
55 public: | |
99 | 56 SMTP(int f) {fd = f; error = false; now(); efrom[0] = '\0'; init();}; |
94 | 57 ~SMTP() {if (!error) quit(); closefd();}; |
58 void init() {pending = 0; buffer[0] = '\0';}; | |
59 void append(char *c) {strncat(buffer, c, max(0, maxlen-1-(int)strlen(c)));}; | |
60 bool err() {return error;}; | |
61 void now() {stamp = time(NULL);}; | |
62 time_t get_stamp() {return stamp;}; | |
63 int get_fd() {return fd;}; | |
64 int writer(); | |
65 int reader(); | |
66 int read_line(); | |
67 int read_response(); | |
97 | 68 void flush_line(int r); |
94 | 69 int cmd(char *c); |
70 int helo(); | |
71 int rset(); | |
72 int from(char *f); | |
73 int rcpt(char *t); | |
74 int quit(); | |
75 void closefd(); | |
76 #ifdef VERIFY_DEBUG | |
77 static void log(char *m, int v); | |
78 static void log(char *m, char *v); | |
79 #endif | |
80 }; | |
81 | |
82 class VERIFY { | |
83 char *host; // host to be used to verify recipient addresses | |
84 time_t last_err; // time of last socket error | |
85 pthread_mutex_t mutex; // protect the lists of sockets and timestamps | |
86 smtp_list connections;// open sockets, ready to be used | |
87 public: | |
88 VERIFY(char *h); | |
153 | 89 void closer(); // if the oldest socket is ancient, close it |
94 | 90 SMTP *get_connection(); |
91 void put_connection(SMTP *conn); | |
92 bool ok(char *from, char *to); | |
93 }; | |
94 | |
153 | 95 class WHITELISTER { |
96 char *fn; // file to use | |
97 int days; // how long do we keep entries | |
98 pthread_mutex_t mutex; // protect the flag and map | |
160 | 99 time_t loaded; // when we loaded this file |
153 | 100 bool need; // force writing on new entries |
101 autowhite_sent rcpts; // recipient map to remember when we sent them mail | |
102 public: | |
103 WHITELISTER(char *f, int d); | |
160 | 104 void merge(); |
153 | 105 void writer(); // dump any changes back to the file |
106 void sent(char *to); | |
107 bool is_white(char *from); // should we white list this sender (did we send them anything recently) | |
156 | 108 int get_days() {return days;}; |
109 void set_days(int d) {days = d;}; | |
153 | 110 }; |
111 | |
94 | 112 struct DNSBL { |
113 char *name; // nickname for this dns based list | |
114 char *suffix; // blacklist suffix like blackholes.five-ten-sg.com | |
115 char *message; // error message with one or two %s operators for the ip address replacement | |
116 DNSBL(char *n, char *s, char *m); | |
117 bool operator==(const DNSBL &rhs); | |
118 }; | |
119 | |
120 class CONTEXT { | |
121 CONTEXTP parent; | |
122 char * name; | |
123 context_map children; // map child context names to their contexts | |
124 string_set env_to; // this context applies to these envelope recipients | |
125 char * verify_host; // use this smtp host to verify email addresses | |
153 | 126 VERIFYP verifier; // pointer to the verifier structure |
168 | 127 char * generic_regx; // pointer to generic regular expression |
128 char * generic_message; // pointer to generic message with one %s | |
170 | 129 regex_t generic_pattern; // compiled regex pattern |
153 | 130 char * autowhite_file; // file to use for automatic whitelisting |
131 WHITELISTERP whitelister; // pointer to the auto whitelister structure | |
94 | 132 string_map env_from; // map senders to white/black/unknown |
133 context_map env_from_context; // map senders to a child context | |
134 char * env_from_default; // default value for senders that are not found in the map white/black/unknown/inherit | |
135 bool content_filtering; // | |
119 | 136 char * content_suffix; // for url body filtering based on ip addresses of hostnames in the body |
94 | 137 char * content_message; // "" |
119 | 138 char * uribl_suffix; // for uribl body filtering based on hostnames in the body |
139 char * uribl_message; // "" | |
94 | 140 string_set content_host_ignore;// hosts to ignore for content sbl checking |
141 string_set content_tlds; // | |
117 | 142 string_set content_cctlds; // |
94 | 143 string_set html_tags; // set of valid html tags |
144 int host_limit; // limit on host names | |
145 char * host_limit_message; // error message for excessive host names | |
146 bool host_random; // pick a random selection of host names rather than error for excessive hosts | |
147 int tag_limit; // limit on bad html tags | |
148 char * tag_limit_message; // error message for excessive bad html tags | |
163 | 149 int spamassassin_limit; // max score from spamassassin |
178 | 150 bool require_match; // require matching context filtering context |
151 bool dcc_greylist; // should we do dcc greylisting? | |
152 int dcc_bulk_threshold; // off = 0, many = 1000 | |
94 | 153 dnsblp_map dnsbl_names; // name to dnsbl mapping for lists that are available in this context and children |
154 dnsblp_list dnsbl_list; // list of dnsbls to be used in this context | |
140 | 155 int default_rcpt_rate; // if not specified per user |
136 | 156 rcpt_rates rcpt_per_hour; // per user limits on number of recipients per hour |
157 | |
94 | 158 |
159 public: | |
160 CONTEXT(CONTEXTP parent_, char *name_); | |
161 ~CONTEXT(); | |
162 CONTEXTP get_parent() {return parent;}; | |
163 bool is_parent(CONTEXTP p); // is p a parent of this? | |
164 char* get_full_name(char *buf, int size); | |
165 void add_context(CONTEXTP child) {children[child->name] = child;}; | |
166 bool allow_env_to(char *to) {return (parent) ? parent->cover_env_to(to) : true;}; | |
167 bool cover_env_to(char *to); | |
168 | |
153 | 169 void set_verifier(VERIFYP v) {verifier = v;}; |
94 | 170 void set_verify(char *host) {verify_host = host;}; |
171 char* get_verify() {return verify_host;}; | |
172 VERIFYP find_verify(char *to); | |
173 | |
168 | 174 |
153 | 175 void set_whitelister(WHITELISTERP v) {whitelister = v;}; |
176 void set_autowhite(char *fn) {autowhite_file = fn;}; | |
177 char* get_autowhite() {return autowhite_file;}; | |
162 | 178 WHITELISTERP find_autowhite(char *from, char *to); |
153 | 179 |
140 | 180 void set_default_rate(int limit) {default_rcpt_rate = limit;}; |
136 | 181 void add_rate(char *user, int limit) {rcpt_per_hour[user] = limit;}; |
182 int find_rate(char *user); | |
183 | |
94 | 184 void add_to(char *to) {env_to.insert(to);}; |
185 void add_from(char *from, char *status) {env_from[from] = status;}; | |
186 void add_from_context(char *from, CONTEXTP con) {env_from_context[from] = con;}; | |
187 void set_from_default(char *status) {env_from_default = status;}; | |
173
83fe0be032c1
fix leak, update timestamps when receiving auto-whitelisted sender
carl
parents:
170
diff
changeset
|
188 char* find_from(char *from, bool update_white = false); |
94 | 189 CONTEXTP find_context(char *from); |
190 CONTEXTP find_from_context_name(char *name); | |
191 | |
163 | 192 void set_content_filtering(bool filter) {content_filtering = filter; }; |
193 void set_content_suffix(char *suffix) {content_suffix = suffix; }; | |
194 void set_content_message(char *message) {content_message = message; }; | |
195 void set_uribl_suffix(char *suffix) {uribl_suffix = suffix; }; | |
196 void set_uribl_message(char *message) {uribl_message = message; }; | |
94 | 197 void add_ignore(char *host) {content_host_ignore.insert(host);}; |
163 | 198 void add_tld(char *tld) {content_tlds.insert(tld); }; |
199 void add_cctld(char *cctld) {content_cctlds.insert(cctld); }; | |
94 | 200 |
163 | 201 void set_host_limit(int limit) {host_limit = limit; }; |
94 | 202 void set_host_message(char *message) {host_limit_message = message;}; |
163 | 203 void set_host_random(bool random) {host_random = random; }; |
167
9b129ed78d7d
actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it.
carl
parents:
164
diff
changeset
|
204 void set_spamassassin_limit(int limit) {spamassassin_limit = limit; }; |
163 | 205 void set_tag_limit(int limit) {tag_limit = limit; }; |
94 | 206 void set_tag_message(char *message) {tag_limit_message = message;}; |
163 | 207 void add_tag(char *tag) {html_tags.insert(tag); }; |
94 | 208 |
163 | 209 void add_dnsbl(char *name, DNSBLP dns) {dnsbl_names[name] = dns; }; |
94 | 210 void add_dnsbl(DNSBLP dns) {dnsbl_list.push_back(dns);}; |
211 DNSBLP find_dnsbl(char *name); | |
212 | |
168 | 213 bool set_generic(char *regx, char *msg); |
214 char* generic_match(char *client); | |
215 | |
178 | 216 void set_require(bool r) {require_match = r; }; |
217 void set_grey(bool g) {dcc_greylist = g; }; | |
218 void set_bulk(int b) {dcc_bulk_threshold = b; }; | |
219 | |
163 | 220 bool get_content_filtering() {return content_filtering; }; |
179 | 221 bool get_require() {return content_filtering && require_match; }; |
222 bool get_grey() {return content_filtering && dcc_greylist; }; | |
223 int get_bulk() {return (content_filtering) ? dcc_bulk_threshold : 0;}; | |
224 int get_host_limit() {return (content_filtering) ? host_limit : 0;}; | |
225 bool get_host_random() {return (content_filtering) ? host_random : 0;}; | |
167
9b129ed78d7d
actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it.
carl
parents:
164
diff
changeset
|
226 int get_spamassassin_limit() {return (content_filtering) ? spamassassin_limit : 0;}; |
94 | 227 char* get_content_suffix(); |
228 char* get_content_message(); | |
119 | 229 char* get_uribl_suffix(); |
230 char* get_uribl_message(); | |
94 | 231 string_set& get_content_host_ignore(); |
232 string_set& get_content_tlds(); | |
117 | 233 string_set& get_content_cctlds(); |
94 | 234 string_set& get_html_tags(); |
235 dnsblp_list& get_dnsbl_list(); | |
236 | |
178 | 237 bool acceptable_content(recorder &memory, int score, int bulk, string& msg); |
94 | 238 bool ignore_host(char *host); |
239 | |
167
9b129ed78d7d
actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it.
carl
parents:
164
diff
changeset
|
240 void dump(bool isdefault, bool &spamass, int level = 0); |
94 | 241 }; |
242 | |
243 | |
244 struct CONFIG { | |
245 // the only mutable stuff once it has been loaded from the config file | |
246 int reference_count; // protected by the global config_mutex | |
247 // all the rest is constant after loading from the config file | |
248 int generation; | |
249 time_t load_time; | |
250 string_set config_files; | |
251 context_list contexts; // owns all the contexts, not just top level contexts | |
252 context_map env_to; // map recipient to a filtering context | |
253 CONTEXTP default_context;// for env_to values that don't have their own specific filtering context | |
254 // the default context is also used for some of the content filtering values | |
255 | |
256 CONFIG(); | |
257 ~CONFIG(); | |
258 void add_context(CONTEXTP con); | |
259 void add_to(char *to, CONTEXTP con); | |
260 CONTEXTP find_context(char *to); | |
261 void dump(); | |
262 }; | |
263 | |
136 | 264 struct RATELIMIT { |
265 | |
266 }; | |
267 | |
153 | 268 extern char *token_autowhite; |
94 | 269 extern char *token_black; |
117 | 270 extern char *token_cctld; |
94 | 271 extern char *token_content; |
272 extern char *token_context; | |
178 | 273 extern char *token_dccbulk; |
94 | 274 extern char *token_dccfrom; |
178 | 275 extern char *token_dccgrey; |
94 | 276 extern char *token_dccto; |
277 extern char *token_default; | |
278 extern char *token_dnsbl; | |
279 extern char *token_dnsbll; | |
280 extern char *token_envfrom; | |
281 extern char *token_envto; | |
282 extern char *token_filter; | |
168 | 283 extern char *token_generic; |
94 | 284 extern char *token_host_limit; |
285 extern char *token_html_limit; | |
286 extern char *token_html_tags; | |
287 extern char *token_ignore; | |
288 extern char *token_include; | |
289 extern char *token_inherit; | |
290 extern char *token_lbrace; | |
291 extern char *token_mailhost; | |
292 extern char *token_many; | |
178 | 293 extern char *token_no; |
94 | 294 extern char *token_off; |
178 | 295 extern char *token_ok; |
117 | 296 extern char *token_ok2; |
94 | 297 extern char *token_on; |
136 | 298 extern char *token_rate; |
94 | 299 extern char *token_rbrace; |
178 | 300 extern char *token_require; |
94 | 301 extern char *token_semi; |
302 extern char *token_soft; | |
163 | 303 extern char *token_spamassassin; |
94 | 304 extern char *token_substitute; |
305 extern char *token_tld; | |
306 extern char *token_unknown; | |
119 | 307 extern char *token_uribl; |
178 | 308 extern char *token_verify; |
94 | 309 extern char *token_white; |
178 | 310 extern char *token_yes; |
94 | 311 |
153 | 312 extern pthread_mutex_t verifier_mutex; // protect the verifier map |
313 extern pthread_mutex_t whitelister_mutex; // protect the | |
94 | 314 |
315 void discard(string_set &s); | |
316 char* register_string(string_set &s, char *name); | |
317 char* register_string(char *name); | |
164 | 318 void clear_strings(); |
94 | 319 CONFIG *parse_config(char *fn); |
320 bool load_conf(CONFIG &dc, char *fn); | |
321 void* verify_closer(void *arg); | |
153 | 322 void* whitelister_writer(void *arg); |
94 | 323 void token_init(); |
324 | |
325 #endif |