annotate src/dnsbl.h @ 477:331facb7b970 default tip

Added tag stable-6-0-78 for changeset fcf66a7aead5
author Carl Byington <carl@five-ten-sg.com>
date Sat, 20 Feb 2021 10:59:24 -0800
parents 5209e92b4885
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
143
ecb40aa3eaa5 require two periods for ip addresses
carl
parents: 136
diff changeset
1 /*
ecb40aa3eaa5 require two periods for ip addresses
carl
parents: 136
diff changeset
2
473
5209e92b4885 opendkim headers changed, pass smtp verify 4xy codes back to sender
Carl Byington <carl@five-ten-sg.com>
parents: 440
diff changeset
3 Copyright (c) 2007, 2021 Carl Byington - 510 Software Group, released under
152
c7fc218686f5 gpl3, block mail to recipients that cannot reply
carl
parents: 143
diff changeset
4 the GPL version 3 or any later version at your choice available at
c7fc218686f5 gpl3, block mail to recipients that cannot reply
carl
parents: 143
diff changeset
5 http://www.gnu.org/licenses/gpl-3.0.txt
143
ecb40aa3eaa5 require two periods for ip addresses
carl
parents: 136
diff changeset
6
ecb40aa3eaa5 require two periods for ip addresses
carl
parents: 136
diff changeset
7 */
ecb40aa3eaa5 require two periods for ip addresses
carl
parents: 136
diff changeset
8
119
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 86
diff changeset
9 #ifndef dnsbl_include
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 86
diff changeset
10 #define dnsbl_include
74
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
11
86
c1280cd3e248 add multiple debug syslog levels, remove duplicate dnsbl definitions
carl
parents: 76
diff changeset
12 extern int debug_syslog;
180
7a722f482bfb embedded dcc filtering
carl
parents: 178
diff changeset
13 #define dccbulk 1000
74
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
14
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
15 class recorder;
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
16 class url_scanner;
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
17
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
18
74
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
19 ////////////////////////////////////////////////
119
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 86
diff changeset
20 // mail filter private data, held for us by sendmail
74
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
21 //
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
22 struct mlfiPriv
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
23 {
187
f0eda59e8afd fix null pointer dereference from missing HELO command
carl
parents: 180
diff changeset
24 // callback specific data
f0eda59e8afd fix null pointer dereference from missing HELO command
carl
parents: 180
diff changeset
25 SMFICTX *ctx; // updated everytime we fetch this priv pointer from the ctx
190
004b855c6c1f fix null pointer dereference from missing HELO command
carl
parents: 187
diff changeset
26 bool eom; // are we in eom function, so progress function can be called?
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
27 // connection specific data
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
28 CONFIG *pc; // global filtering configuration
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
29 int fd; // to talk to dns resolver process
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
30 bool err; // did we get any errors on the resolver socket?
252
836b7f2357f9 need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
31 uint32_t ip; // ip4 address of the smtp client in network order
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
32 const char *helo; // helo from client
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 242
diff changeset
33 map<DNSBLP, bool> checked_black; // map of dnsblp to result of (ip listed on that dnsbl)
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 242
diff changeset
34 map<DNSWLP, bool> checked_white; // map of dnswlp to result of (ip listed on that dnswl)
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
35 // message specific data
350
f4ca91f49cb6 send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents: 326
diff changeset
36 const char *origaddr; // envelope from value, lowercase, no srs/pvrs unwrapping
f4ca91f49cb6 send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents: 326
diff changeset
37 const char *mailaddr; // envelope from value, lowercase, srs/pvrs unwapped
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
38 const char *fromaddr; // header from value, set by mlfi_header()
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
39 int header_count; // count of headers already seen
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
40 bool dkim_ok; // ok to proceed with dkim checking
326
5e4b5540c8cc allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents: 322
diff changeset
41 string_set dkim_signers; // non empty if message was validly signed, set of signers
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
42 const char *queueid; // sendmail queue id
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
43 const char *authenticated; // client authenticated? if so, suppress all dnsbl checks, but check rate limits
257
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
44 const char *client_name; // fully qualified host name of the smtp client xxx [ip.ad.dr.es] (may be forged)
d11b529ce9c5 Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents: 252
diff changeset
45 char *client_dns_name; // fully qualified host name of the smtp client xxx
268
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 257
diff changeset
46 bool client_dns_forged; // rdns mismatch
377
7fd39f029936 reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents: 350
diff changeset
47 const char *host_uribl; // pointer to helo/client/from/signer host name if found on uribl
7fd39f029936 reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents: 350
diff changeset
48 string_set hosts_uribl; // string set to hold the helo/client/from/signer host name if found on uribl
236
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
49 bool helo_uribl; // helo value on uribl
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
50 bool client_uribl; // client_name on uribl
c0d2e99c0a1d Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents: 230
diff changeset
51 bool from_uribl; // envelope from value on uribl
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
52 bool have_whites; // have at least one whitelisted recipient? need to accept content and remove all non-whitelisted recipients if it fails
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
53 bool only_whites; // every recipient is whitelisted?
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
54 bool want_spamassassin; // at least one non-whitelisted recipient has a non zero spamassassin limit
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
55 bool want_dccgrey; // at least one non-whitelisted recipient wants dcc greylisting
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
56 bool want_dccbulk; // at least one non-whitelisted recipient wants dcc bulk filtering
230
ad38575e98ca Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
57 bool allow_autowhitelisting; // precedence:bulk or content-type:multipart/report headers prevent autowhitelisting
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 190
diff changeset
58 delay_whitelist delayer; // to remember autowhitelisting until we see headers
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
59 CONTEXT *content_context; // first non-whitelisted recipient with a content filtering context
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
60 context_map env_to; // map each non-whitelisted recipient to their filtering context
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
61 recorder *memory; // memory for the content scanner
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
62 url_scanner *scanner; // object to handle body scanning
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
63 const char *content_suffix; // for url body filtering based on ip addresses of hostnames in the body
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
64 const char *content_message; // ""
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
65 const char *uribl_suffix; // for uribl body filtering based on hostnames in the body
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
66 const char *uribl_message; // ""
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
67 string_set *content_host_ignore; // ""
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
68 SpamAssassin *assassin;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
69 DccInterface *dccifd;
76
81f1e400e8ab start coding on new config syntax
carl
parents: 74
diff changeset
70
74
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
71
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
72 mlfiPriv();
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
73 ~mlfiPriv();
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
74 void reset(bool final = false); // for a new message
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
75 void get_fd();
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
76 void return_fd();
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
77 size_t my_read(char *buf, size_t len);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 192
diff changeset
78 size_t my_write(const char *buf, size_t len);
377
7fd39f029936 reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents: 350
diff changeset
79 const char *check_uribl_signers();
350
f4ca91f49cb6 send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents: 326
diff changeset
80 void need_content_filter(CONTEXT &con);
74
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
81 };
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
82
382
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
83 struct ns_map {
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
84 // all the strings are owned by the keys/values in the ns_host string map
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
85 string_map ns_host; // nameserver name -> host name that uses this name server
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
86 ns_mapper ns_ip; // nameserver name -> ipv4 address of the name server
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
87 ~ns_map();
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
88 void add(const char *name, const char *refer);
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
89 };
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
90
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
91 void my_syslog(const char *queueid, const char *text);
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
92 void my_syslog(mlfiPriv *priv, const char *text);
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
93 void my_syslog(mlfiPriv *priv, const string text);
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
94 void my_syslog(const char *text);
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 377
diff changeset
95 uint32_t dns_interface(mlfiPriv &priv, const char *question, int qtype, bool maybe_ip = false, ns_map *nameservers = NULL, char *txt_answer = NULL, size_t txt_size = 0);
74
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
96
b7449114ebb0 start coding on new config syntax
carl
parents:
diff changeset
97 #endif