Mercurial > dnsbl
annotate src/dnsbl.h @ 477:331facb7b970 default tip
Added tag stable-6-0-78 for changeset fcf66a7aead5
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Sat, 20 Feb 2021 10:59:24 -0800 |
parents | 5209e92b4885 |
children |
rev | line source |
---|---|
143 | 1 /* |
2 | |
473
5209e92b4885
opendkim headers changed, pass smtp verify 4xy codes back to sender
Carl Byington <carl@five-ten-sg.com>
parents:
440
diff
changeset
|
3 Copyright (c) 2007, 2021 Carl Byington - 510 Software Group, released under |
152 | 4 the GPL version 3 or any later version at your choice available at |
5 http://www.gnu.org/licenses/gpl-3.0.txt | |
143 | 6 |
7 */ | |
8 | |
119 | 9 #ifndef dnsbl_include |
10 #define dnsbl_include | |
74 | 11 |
86
c1280cd3e248
add multiple debug syslog levels, remove duplicate dnsbl definitions
carl
parents:
76
diff
changeset
|
12 extern int debug_syslog; |
180 | 13 #define dccbulk 1000 |
74 | 14 |
15 class recorder; | |
16 class url_scanner; | |
17 | |
322
9f8411f3919c
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
321
diff
changeset
|
18 |
74 | 19 //////////////////////////////////////////////// |
119 | 20 // mail filter private data, held for us by sendmail |
74 | 21 // |
22 struct mlfiPriv | |
23 { | |
187
f0eda59e8afd
fix null pointer dereference from missing HELO command
carl
parents:
180
diff
changeset
|
24 // callback specific data |
f0eda59e8afd
fix null pointer dereference from missing HELO command
carl
parents:
180
diff
changeset
|
25 SMFICTX *ctx; // updated everytime we fetch this priv pointer from the ctx |
190
004b855c6c1f
fix null pointer dereference from missing HELO command
carl
parents:
187
diff
changeset
|
26 bool eom; // are we in eom function, so progress function can be called? |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
27 // connection specific data |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
28 CONFIG *pc; // global filtering configuration |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
29 int fd; // to talk to dns resolver process |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
30 bool err; // did we get any errors on the resolver socket? |
252
836b7f2357f9
need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents:
249
diff
changeset
|
31 uint32_t ip; // ip4 address of the smtp client in network order |
236
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
32 const char *helo; // helo from client |
249 | 33 map<DNSBLP, bool> checked_black; // map of dnsblp to result of (ip listed on that dnsbl) |
34 map<DNSWLP, bool> checked_white; // map of dnswlp to result of (ip listed on that dnswl) | |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
35 // message specific data |
350
f4ca91f49cb6
send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents:
326
diff
changeset
|
36 const char *origaddr; // envelope from value, lowercase, no srs/pvrs unwrapping |
f4ca91f49cb6
send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents:
326
diff
changeset
|
37 const char *mailaddr; // envelope from value, lowercase, srs/pvrs unwapped |
321
e172dc10fe24
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
310
diff
changeset
|
38 const char *fromaddr; // header from value, set by mlfi_header() |
e172dc10fe24
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
310
diff
changeset
|
39 int header_count; // count of headers already seen |
322
9f8411f3919c
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
321
diff
changeset
|
40 bool dkim_ok; // ok to proceed with dkim checking |
326
5e4b5540c8cc
allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents:
322
diff
changeset
|
41 string_set dkim_signers; // non empty if message was validly signed, set of signers |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
42 const char *queueid; // sendmail queue id |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
43 const char *authenticated; // client authenticated? if so, suppress all dnsbl checks, but check rate limits |
257
d11b529ce9c5
Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents:
252
diff
changeset
|
44 const char *client_name; // fully qualified host name of the smtp client xxx [ip.ad.dr.es] (may be forged) |
d11b529ce9c5
Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents:
252
diff
changeset
|
45 char *client_dns_name; // fully qualified host name of the smtp client xxx |
268
f941563c2a95
Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents:
257
diff
changeset
|
46 bool client_dns_forged; // rdns mismatch |
377
7fd39f029936
reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents:
350
diff
changeset
|
47 const char *host_uribl; // pointer to helo/client/from/signer host name if found on uribl |
7fd39f029936
reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents:
350
diff
changeset
|
48 string_set hosts_uribl; // string set to hold the helo/client/from/signer host name if found on uribl |
236
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
49 bool helo_uribl; // helo value on uribl |
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
50 bool client_uribl; // client_name on uribl |
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
51 bool from_uribl; // envelope from value on uribl |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
52 bool have_whites; // have at least one whitelisted recipient? need to accept content and remove all non-whitelisted recipients if it fails |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
53 bool only_whites; // every recipient is whitelisted? |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
54 bool want_spamassassin; // at least one non-whitelisted recipient has a non zero spamassassin limit |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
55 bool want_dccgrey; // at least one non-whitelisted recipient wants dcc greylisting |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
56 bool want_dccbulk; // at least one non-whitelisted recipient wants dcc bulk filtering |
230
ad38575e98ca
Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents:
214
diff
changeset
|
57 bool allow_autowhitelisting; // precedence:bulk or content-type:multipart/report headers prevent autowhitelisting |
192
8f4a9a37d4d9
delay autowhitelisting to avoid out of office reply bots
carl
parents:
190
diff
changeset
|
58 delay_whitelist delayer; // to remember autowhitelisting until we see headers |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
59 CONTEXT *content_context; // first non-whitelisted recipient with a content filtering context |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
60 context_map env_to; // map each non-whitelisted recipient to their filtering context |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
61 recorder *memory; // memory for the content scanner |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
62 url_scanner *scanner; // object to handle body scanning |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
63 const char *content_suffix; // for url body filtering based on ip addresses of hostnames in the body |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
64 const char *content_message; // "" |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
65 const char *uribl_suffix; // for uribl body filtering based on hostnames in the body |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
66 const char *uribl_message; // "" |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
67 string_set *content_host_ignore; // "" |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
68 SpamAssassin *assassin; |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
69 DccInterface *dccifd; |
76 | 70 |
74 | 71 |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
72 mlfiPriv(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
73 ~mlfiPriv(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
74 void reset(bool final = false); // for a new message |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
75 void get_fd(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
76 void return_fd(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
77 size_t my_read(char *buf, size_t len); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
78 size_t my_write(const char *buf, size_t len); |
377
7fd39f029936
reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents:
350
diff
changeset
|
79 const char *check_uribl_signers(); |
350
f4ca91f49cb6
send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents:
326
diff
changeset
|
80 void need_content_filter(CONTEXT &con); |
74 | 81 }; |
82 | |
382
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
83 struct ns_map { |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
84 // all the strings are owned by the keys/values in the ns_host string map |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
85 string_map ns_host; // nameserver name -> host name that uses this name server |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
86 ns_mapper ns_ip; // nameserver name -> ipv4 address of the name server |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
87 ~ns_map(); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
88 void add(const char *name, const char *refer); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
89 }; |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
90 |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
91 void my_syslog(const char *queueid, const char *text); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
92 void my_syslog(mlfiPriv *priv, const char *text); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
93 void my_syslog(mlfiPriv *priv, const string text); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
94 void my_syslog(const char *text); |
c378e9d03f37
start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents:
377
diff
changeset
|
95 uint32_t dns_interface(mlfiPriv &priv, const char *question, int qtype, bool maybe_ip = false, ns_map *nameservers = NULL, char *txt_answer = NULL, size_t txt_size = 0); |
74 | 96 |
97 #endif |