Mercurial > dnsbl
annotate src/context.h @ 168:6bac960af6b4
add generic reverse dns filtering regex
author | carl |
---|---|
date | Thu, 30 Aug 2007 11:08:46 -0700 |
parents | 9b129ed78d7d |
children | bd33eaccfed8 |
rev | line source |
---|---|
143 | 1 /* |
2 | |
152 | 3 Copyright (c) 2007 Carl Byington - 510 Software Group, released under |
4 the GPL version 3 or any later version at your choice available at | |
5 http://www.gnu.org/licenses/gpl-3.0.txt | |
143 | 6 |
7 */ | |
8 | |
94 | 9 #ifndef context_include |
10 #define context_include | |
11 | |
12 #include "tokenizer.h" | |
13 #include <map> | |
168 | 14 #include <regex.h> |
94 | 15 |
16 | |
17 enum status {oksofar, // not rejected yet | |
18 white, // whitelisted | |
19 black, // blacklisted | |
20 reject}; // rejected by a dns list | |
21 | |
22 class DNSBL; | |
23 class CONTEXT; | |
24 class VERIFY; | |
25 class SMTP; | |
153 | 26 class WHITELISTER; |
94 | 27 class recorder; |
28 | |
29 typedef map<char *, char *, ltstr> string_map; | |
30 typedef set<int> int_set; | |
31 typedef list<SMTP *> smtp_list; | |
32 typedef list<char *> string_list; | |
33 typedef DNSBL * DNSBLP; | |
34 typedef VERIFY * VERIFYP; | |
153 | 35 typedef WHITELISTER * WHITELISTERP; |
94 | 36 typedef list<DNSBLP> dnsblp_list; |
37 typedef map<char *, DNSBLP, ltstr> dnsblp_map; | |
38 typedef CONTEXT * CONTEXTP; | |
39 typedef list<CONTEXTP> context_list; | |
40 typedef map<char *, CONTEXTP, ltstr> context_map; | |
41 typedef map<char *, int, ltstr> ns_mapper; | |
136 | 42 typedef map<char *, int, ltstr> rcpt_rates; |
160 | 43 typedef map<char *, time_t, ltstr> autowhite_sent; |
94 | 44 typedef map<char *, VERIFYP, ltstr> verify_map; |
153 | 45 typedef map<char *, WHITELISTERP, ltstr> whitelister_map; |
94 | 46 |
47 class SMTP { | |
48 static const int maxlen = 1000; | |
49 int fd; | |
50 bool error; | |
51 time_t stamp; | |
52 char efrom[maxlen]; // last envelope from sent on this socket | |
53 int pending; // unread bytes in buffer, not including the null terminator | |
54 char buffer[maxlen]; | |
55 public: | |
99 | 56 SMTP(int f) {fd = f; error = false; now(); efrom[0] = '\0'; init();}; |
94 | 57 ~SMTP() {if (!error) quit(); closefd();}; |
58 void init() {pending = 0; buffer[0] = '\0';}; | |
59 void append(char *c) {strncat(buffer, c, max(0, maxlen-1-(int)strlen(c)));}; | |
60 bool err() {return error;}; | |
61 void now() {stamp = time(NULL);}; | |
62 time_t get_stamp() {return stamp;}; | |
63 int get_fd() {return fd;}; | |
64 int writer(); | |
65 int reader(); | |
66 int read_line(); | |
67 int read_response(); | |
97 | 68 void flush_line(int r); |
94 | 69 int cmd(char *c); |
70 int helo(); | |
71 int rset(); | |
72 int from(char *f); | |
73 int rcpt(char *t); | |
74 int quit(); | |
75 void closefd(); | |
76 #ifdef VERIFY_DEBUG | |
77 static void log(char *m, int v); | |
78 static void log(char *m, char *v); | |
79 #endif | |
80 }; | |
81 | |
82 class VERIFY { | |
83 char *host; // host to be used to verify recipient addresses | |
84 time_t last_err; // time of last socket error | |
85 pthread_mutex_t mutex; // protect the lists of sockets and timestamps | |
86 smtp_list connections;// open sockets, ready to be used | |
87 public: | |
88 VERIFY(char *h); | |
153 | 89 void closer(); // if the oldest socket is ancient, close it |
94 | 90 SMTP *get_connection(); |
91 void put_connection(SMTP *conn); | |
92 bool ok(char *from, char *to); | |
93 }; | |
94 | |
153 | 95 class WHITELISTER { |
96 char *fn; // file to use | |
97 int days; // how long do we keep entries | |
98 pthread_mutex_t mutex; // protect the flag and map | |
160 | 99 time_t loaded; // when we loaded this file |
153 | 100 bool need; // force writing on new entries |
101 autowhite_sent rcpts; // recipient map to remember when we sent them mail | |
102 public: | |
103 WHITELISTER(char *f, int d); | |
160 | 104 void merge(); |
153 | 105 void writer(); // dump any changes back to the file |
106 void sent(char *to); | |
107 bool is_white(char *from); // should we white list this sender (did we send them anything recently) | |
156 | 108 int get_days() {return days;}; |
109 void set_days(int d) {days = d;}; | |
153 | 110 }; |
111 | |
94 | 112 struct DNSBL { |
113 char *name; // nickname for this dns based list | |
114 char *suffix; // blacklist suffix like blackholes.five-ten-sg.com | |
115 char *message; // error message with one or two %s operators for the ip address replacement | |
116 DNSBL(char *n, char *s, char *m); | |
117 bool operator==(const DNSBL &rhs); | |
118 }; | |
119 | |
120 class CONTEXT { | |
121 CONTEXTP parent; | |
122 char * name; | |
123 context_map children; // map child context names to their contexts | |
124 string_set env_to; // this context applies to these envelope recipients | |
125 char * verify_host; // use this smtp host to verify email addresses | |
153 | 126 VERIFYP verifier; // pointer to the verifier structure |
168 | 127 char * generic_regx; // pointer to generic regular expression |
128 char * generic_message; // pointer to generic message with one %s | |
129 regex_t generic_pattern; // compiled regular expression | |
153 | 130 char * autowhite_file; // file to use for automatic whitelisting |
131 WHITELISTERP whitelister; // pointer to the auto whitelister structure | |
94 | 132 string_map env_from; // map senders to white/black/unknown |
133 context_map env_from_context; // map senders to a child context | |
134 char * env_from_default; // default value for senders that are not found in the map white/black/unknown/inherit | |
135 bool content_filtering; // | |
119 | 136 char * content_suffix; // for url body filtering based on ip addresses of hostnames in the body |
94 | 137 char * content_message; // "" |
119 | 138 char * uribl_suffix; // for uribl body filtering based on hostnames in the body |
139 char * uribl_message; // "" | |
94 | 140 string_set content_host_ignore;// hosts to ignore for content sbl checking |
141 string_set content_tlds; // | |
117 | 142 string_set content_cctlds; // |
94 | 143 string_set html_tags; // set of valid html tags |
144 int host_limit; // limit on host names | |
145 char * host_limit_message; // error message for excessive host names | |
146 bool host_random; // pick a random selection of host names rather than error for excessive hosts | |
147 int tag_limit; // limit on bad html tags | |
148 char * tag_limit_message; // error message for excessive bad html tags | |
163 | 149 int spamassassin_limit; // max score from spamassassin |
94 | 150 dnsblp_map dnsbl_names; // name to dnsbl mapping for lists that are available in this context and children |
151 dnsblp_list dnsbl_list; // list of dnsbls to be used in this context | |
140 | 152 int default_rcpt_rate; // if not specified per user |
136 | 153 rcpt_rates rcpt_per_hour; // per user limits on number of recipients per hour |
154 | |
94 | 155 |
156 public: | |
157 CONTEXT(CONTEXTP parent_, char *name_); | |
158 ~CONTEXT(); | |
159 CONTEXTP get_parent() {return parent;}; | |
160 bool is_parent(CONTEXTP p); // is p a parent of this? | |
161 char* get_full_name(char *buf, int size); | |
162 void add_context(CONTEXTP child) {children[child->name] = child;}; | |
163 bool allow_env_to(char *to) {return (parent) ? parent->cover_env_to(to) : true;}; | |
164 bool cover_env_to(char *to); | |
165 | |
153 | 166 void set_verifier(VERIFYP v) {verifier = v;}; |
94 | 167 void set_verify(char *host) {verify_host = host;}; |
168 char* get_verify() {return verify_host;}; | |
169 VERIFYP find_verify(char *to); | |
170 | |
168 | 171 |
153 | 172 void set_whitelister(WHITELISTERP v) {whitelister = v;}; |
173 void set_autowhite(char *fn) {autowhite_file = fn;}; | |
174 char* get_autowhite() {return autowhite_file;}; | |
162 | 175 WHITELISTERP find_autowhite(char *from, char *to); |
153 | 176 |
140 | 177 void set_default_rate(int limit) {default_rcpt_rate = limit;}; |
136 | 178 void add_rate(char *user, int limit) {rcpt_per_hour[user] = limit;}; |
179 int find_rate(char *user); | |
180 | |
94 | 181 void add_to(char *to) {env_to.insert(to);}; |
182 void add_from(char *from, char *status) {env_from[from] = status;}; | |
183 void add_from_context(char *from, CONTEXTP con) {env_from_context[from] = con;}; | |
184 void set_from_default(char *status) {env_from_default = status;}; | |
185 char* find_from(char *from); | |
186 CONTEXTP find_context(char *from); | |
187 CONTEXTP find_from_context_name(char *name); | |
188 | |
163 | 189 void set_content_filtering(bool filter) {content_filtering = filter; }; |
190 void set_content_suffix(char *suffix) {content_suffix = suffix; }; | |
191 void set_content_message(char *message) {content_message = message; }; | |
192 void set_uribl_suffix(char *suffix) {uribl_suffix = suffix; }; | |
193 void set_uribl_message(char *message) {uribl_message = message; }; | |
94 | 194 void add_ignore(char *host) {content_host_ignore.insert(host);}; |
163 | 195 void add_tld(char *tld) {content_tlds.insert(tld); }; |
196 void add_cctld(char *cctld) {content_cctlds.insert(cctld); }; | |
94 | 197 |
163 | 198 void set_host_limit(int limit) {host_limit = limit; }; |
94 | 199 void set_host_message(char *message) {host_limit_message = message;}; |
163 | 200 void set_host_random(bool random) {host_random = random; }; |
167
9b129ed78d7d
actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it.
carl
parents:
164
diff
changeset
|
201 void set_spamassassin_limit(int limit) {spamassassin_limit = limit; }; |
163 | 202 void set_tag_limit(int limit) {tag_limit = limit; }; |
94 | 203 void set_tag_message(char *message) {tag_limit_message = message;}; |
163 | 204 void add_tag(char *tag) {html_tags.insert(tag); }; |
94 | 205 |
163 | 206 void add_dnsbl(char *name, DNSBLP dns) {dnsbl_names[name] = dns; }; |
94 | 207 void add_dnsbl(DNSBLP dns) {dnsbl_list.push_back(dns);}; |
208 DNSBLP find_dnsbl(char *name); | |
209 | |
168 | 210 bool set_generic(char *regx, char *msg); |
211 char* generic_match(char *client); | |
212 | |
163 | 213 bool get_content_filtering() {return content_filtering; }; |
214 int get_host_limit() {return host_limit; }; | |
215 bool get_host_random() {return host_random; }; | |
167
9b129ed78d7d
actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it.
carl
parents:
164
diff
changeset
|
216 int get_spamassassin_limit() {return (content_filtering) ? spamassassin_limit : 0;}; |
94 | 217 char* get_content_suffix(); |
218 char* get_content_message(); | |
119 | 219 char* get_uribl_suffix(); |
220 char* get_uribl_message(); | |
94 | 221 string_set& get_content_host_ignore(); |
222 string_set& get_content_tlds(); | |
117 | 223 string_set& get_content_cctlds(); |
94 | 224 string_set& get_html_tags(); |
225 dnsblp_list& get_dnsbl_list(); | |
226 | |
167
9b129ed78d7d
actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it.
carl
parents:
164
diff
changeset
|
227 bool acceptable_content(recorder &memory, int score, string& msg); |
94 | 228 bool ignore_host(char *host); |
229 | |
167
9b129ed78d7d
actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it.
carl
parents:
164
diff
changeset
|
230 void dump(bool isdefault, bool &spamass, int level = 0); |
94 | 231 }; |
232 | |
233 | |
234 struct CONFIG { | |
235 // the only mutable stuff once it has been loaded from the config file | |
236 int reference_count; // protected by the global config_mutex | |
237 // all the rest is constant after loading from the config file | |
238 int generation; | |
239 time_t load_time; | |
240 string_set config_files; | |
241 context_list contexts; // owns all the contexts, not just top level contexts | |
242 context_map env_to; // map recipient to a filtering context | |
243 CONTEXTP default_context;// for env_to values that don't have their own specific filtering context | |
244 // the default context is also used for some of the content filtering values | |
245 | |
246 CONFIG(); | |
247 ~CONFIG(); | |
248 void add_context(CONTEXTP con); | |
249 void add_to(char *to, CONTEXTP con); | |
250 CONTEXTP find_context(char *to); | |
251 void dump(); | |
252 }; | |
253 | |
136 | 254 struct RATELIMIT { |
255 | |
256 }; | |
257 | |
153 | 258 extern char *token_autowhite; |
94 | 259 extern char *token_black; |
117 | 260 extern char *token_cctld; |
94 | 261 extern char *token_content; |
262 extern char *token_context; | |
263 extern char *token_dccfrom; | |
264 extern char *token_dccto; | |
265 extern char *token_default; | |
266 extern char *token_dnsbl; | |
267 extern char *token_dnsbll; | |
268 extern char *token_envfrom; | |
269 extern char *token_envto; | |
270 extern char *token_filter; | |
168 | 271 extern char *token_generic; |
94 | 272 extern char *token_host_limit; |
273 extern char *token_html_limit; | |
274 extern char *token_html_tags; | |
275 extern char *token_ignore; | |
276 extern char *token_include; | |
277 extern char *token_inherit; | |
278 extern char *token_lbrace; | |
279 extern char *token_mailhost; | |
280 extern char *token_many; | |
281 extern char *token_off; | |
117 | 282 extern char *token_ok2; |
94 | 283 extern char *token_ok; |
284 extern char *token_on; | |
136 | 285 extern char *token_rate; |
94 | 286 extern char *token_rbrace; |
287 extern char *token_semi; | |
288 extern char *token_soft; | |
163 | 289 extern char *token_spamassassin; |
94 | 290 extern char *token_substitute; |
291 extern char *token_tld; | |
292 extern char *token_unknown; | |
119 | 293 extern char *token_uribl; |
94 | 294 extern char *token_white; |
295 | |
153 | 296 extern pthread_mutex_t verifier_mutex; // protect the verifier map |
297 extern pthread_mutex_t whitelister_mutex; // protect the | |
94 | 298 |
299 void discard(string_set &s); | |
300 char* register_string(string_set &s, char *name); | |
301 char* register_string(char *name); | |
164 | 302 void clear_strings(); |
94 | 303 CONFIG *parse_config(char *fn); |
304 bool load_conf(CONFIG &dc, char *fn); | |
305 void* verify_closer(void *arg); | |
153 | 306 void* whitelister_writer(void *arg); |
94 | 307 void token_init(); |
308 | |
309 #endif |