Mercurial > dnsbl
annotate src/dnsbl.h @ 410:6b03435868cb stable-6-0-55
require 3 dots in bare ip addresses
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Sun, 16 Apr 2017 09:12:08 -0700 |
parents | c378e9d03f37 |
children | f9165d9aa689 |
rev | line source |
---|---|
143 | 1 /* |
2 | |
152 | 3 Copyright (c) 2007 Carl Byington - 510 Software Group, released under |
4 the GPL version 3 or any later version at your choice available at | |
5 http://www.gnu.org/licenses/gpl-3.0.txt | |
143 | 6 |
7 */ | |
8 | |
119 | 9 #ifndef dnsbl_include |
10 #define dnsbl_include | |
74 | 11 |
12 #include "context.h" | |
163 | 13 #include "spamass.h" |
178 | 14 #include "dccifd.h" |
74 | 15 |
86
c1280cd3e248
add multiple debug syslog levels, remove duplicate dnsbl definitions
carl
parents:
76
diff
changeset
|
16 extern int debug_syslog; |
180 | 17 #define dccbulk 1000 |
74 | 18 |
19 class recorder; | |
20 class url_scanner; | |
21 | |
322
9f8411f3919c
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
321
diff
changeset
|
22 |
74 | 23 //////////////////////////////////////////////// |
119 | 24 // mail filter private data, held for us by sendmail |
74 | 25 // |
26 struct mlfiPriv | |
27 { | |
187
f0eda59e8afd
fix null pointer dereference from missing HELO command
carl
parents:
180
diff
changeset
|
28 // callback specific data |
f0eda59e8afd
fix null pointer dereference from missing HELO command
carl
parents:
180
diff
changeset
|
29 SMFICTX *ctx; // updated everytime we fetch this priv pointer from the ctx |
190
004b855c6c1f
fix null pointer dereference from missing HELO command
carl
parents:
187
diff
changeset
|
30 bool eom; // are we in eom function, so progress function can be called? |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
31 // connection specific data |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
32 CONFIG *pc; // global filtering configuration |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
33 int fd; // to talk to dns resolver process |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
34 bool err; // did we get any errors on the resolver socket? |
252
836b7f2357f9
need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents:
249
diff
changeset
|
35 uint32_t ip; // ip4 address of the smtp client in network order |
236
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
36 const char *helo; // helo from client |
249 | 37 map<DNSBLP, bool> checked_black; // map of dnsblp to result of (ip listed on that dnsbl) |
38 map<DNSWLP, bool> checked_white; // map of dnswlp to result of (ip listed on that dnswl) | |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
39 // message specific data |
350
f4ca91f49cb6
send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents:
326
diff
changeset
|
40 const char *origaddr; // envelope from value, lowercase, no srs/pvrs unwrapping |
f4ca91f49cb6
send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents:
326
diff
changeset
|
41 const char *mailaddr; // envelope from value, lowercase, srs/pvrs unwapped |
321
e172dc10fe24
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
310
diff
changeset
|
42 const char *fromaddr; // header from value, set by mlfi_header() |
e172dc10fe24
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
310
diff
changeset
|
43 int header_count; // count of headers already seen |
322
9f8411f3919c
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
321
diff
changeset
|
44 bool dkim_ok; // ok to proceed with dkim checking |
326
5e4b5540c8cc
allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents:
322
diff
changeset
|
45 string_set dkim_signers; // non empty if message was validly signed, set of signers |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
46 const char *queueid; // sendmail queue id |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
47 const char *authenticated; // client authenticated? if so, suppress all dnsbl checks, but check rate limits |
257
d11b529ce9c5
Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents:
252
diff
changeset
|
48 const char *client_name; // fully qualified host name of the smtp client xxx [ip.ad.dr.es] (may be forged) |
d11b529ce9c5
Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents:
252
diff
changeset
|
49 char *client_dns_name; // fully qualified host name of the smtp client xxx |
268
f941563c2a95
Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents:
257
diff
changeset
|
50 bool client_dns_forged; // rdns mismatch |
377
7fd39f029936
reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents:
350
diff
changeset
|
51 const char *host_uribl; // pointer to helo/client/from/signer host name if found on uribl |
7fd39f029936
reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents:
350
diff
changeset
|
52 string_set hosts_uribl; // string set to hold the helo/client/from/signer host name if found on uribl |
236
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
53 bool helo_uribl; // helo value on uribl |
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
54 bool client_uribl; // client_name on uribl |
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
55 bool from_uribl; // envelope from value on uribl |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
56 bool have_whites; // have at least one whitelisted recipient? need to accept content and remove all non-whitelisted recipients if it fails |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
57 bool only_whites; // every recipient is whitelisted? |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
58 bool want_spamassassin; // at least one non-whitelisted recipient has a non zero spamassassin limit |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
59 bool want_dccgrey; // at least one non-whitelisted recipient wants dcc greylisting |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
60 bool want_dccbulk; // at least one non-whitelisted recipient wants dcc bulk filtering |
230
ad38575e98ca
Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents:
214
diff
changeset
|
61 bool allow_autowhitelisting; // precedence:bulk or content-type:multipart/report headers prevent autowhitelisting |
192
8f4a9a37d4d9
delay autowhitelisting to avoid out of office reply bots
carl
parents:
190
diff
changeset
|
62 delay_whitelist delayer; // to remember autowhitelisting until we see headers |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
63 CONTEXT *content_context; // first non-whitelisted recipient with a content filtering context |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
64 context_map env_to; // map each non-whitelisted recipient to their filtering context |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
65 recorder *memory; // memory for the content scanner |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
66 url_scanner *scanner; // object to handle body scanning |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
67 const char *content_suffix; // for url body filtering based on ip addresses of hostnames in the body |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
68 const char *content_message; // "" |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
69 const char *uribl_suffix; // for uribl body filtering based on hostnames in the body |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
70 const char *uribl_message; // "" |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
71 string_set *content_host_ignore; // "" |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
72 SpamAssassin *assassin; |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
73 DccInterface *dccifd; |
76 | 74 |
74 | 75 |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
76 mlfiPriv(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
77 ~mlfiPriv(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
78 void reset(bool final = false); // for a new message |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
79 void get_fd(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
80 void return_fd(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
81 size_t my_read(char *buf, size_t len); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
82 size_t my_write(const char *buf, size_t len); |
377
7fd39f029936
reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents:
350
diff
changeset
|
83 const char *check_uribl_signers(); |
350
f4ca91f49cb6
send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents:
326
diff
changeset
|
84 void need_content_filter(CONTEXT &con); |
74 | 85 }; |
86 | |
382
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
87 struct ns_map { |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
88 // all the strings are owned by the keys/values in the ns_host string map |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
89 string_map ns_host; // nameserver name -> host name that uses this name server |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
90 ns_mapper ns_ip; // nameserver name -> ipv4 address of the name server |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
91 ~ns_map(); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
92 void add(const char *name, const char *refer); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
93 }; |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
94 |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
95 void my_syslog(const char *queueid, const char *text); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
96 void my_syslog(mlfiPriv *priv, const char *text); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
97 void my_syslog(mlfiPriv *priv, const string text); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
98 void my_syslog(const char *text); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
99 uint32_t dns_interface(mlfiPriv &priv, const char *question, int qtype, bool maybe_ip = false, ns_map *nameservers = NULL, char *txt_answer = NULL, size_t txt_size = 0); |
74 | 100 |
101 #endif |