annotate src/context.cpp @ 467:f5b394bec28c

allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
author Carl Byington <carl@five-ten-sg.com>
date Wed, 16 Dec 2020 10:25:37 -0800
parents 79e944269c0b
children 5209e92b4885
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1 /*
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
3 Copyright (c) 2013 Carl Byington - 510 Software Group, released under
152
c7fc218686f5 gpl3, block mail to recipients that cannot reply
carl
parents: 149
diff changeset
4 the GPL version 3 or any later version at your choice available at
c7fc218686f5 gpl3, block mail to recipients that cannot reply
carl
parents: 149
diff changeset
5 http://www.gnu.org/licenses/gpl-3.0.txt
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
6
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
7 */
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
8
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
9 #include "includes.h"
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
10
160
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
11 #include <arpa/inet.h>
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
12 #include <net/if.h>
160
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
13 #include <netdb.h>
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
14 #include <netinet/in.h>
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
15 #include <netinet/tcp.h>
160
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
16 #include <sys/ioctl.h>
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
17 #include <sys/socket.h>
160
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
18 #include <sys/stat.h>
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
19 #include <sys/un.h>
160
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
20 #include <unistd.h>
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
21 #include <climits>
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
22
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
23 const char *token_asterisk;
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
24 const char *token_autowhite;
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
25 const char *token_bang;
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
26 const char *token_black;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
27 const char *token_content;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
28 const char *token_context;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
29 const char *token_dccbulk;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
30 const char *token_dccfrom;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
31 const char *token_dccgrey;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
32 const char *token_dccto;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
33 const char *token_default;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
34 const char *token_dnsbl;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
35 const char *token_dnsbll;
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
36 const char *token_dnswl;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
37 const char *token_dnswll;
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
38 const char *token_envfrom;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
39 const char *token_envto;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
40 const char *token_filter;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
41 const char *token_generic;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
42 const char *token_host_limit;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
43 const char *token_html_limit;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
44 const char *token_html_tags;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
45 const char *token_ignore;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
46 const char *token_include;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
47 const char *token_inherit;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
48 const char *token_lbrace;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
49 const char *token_mailhost;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
50 const char *token_many;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
51 const char *token_no;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
52 const char *token_off;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
53 const char *token_ok;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
54 const char *token_ok2;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
55 const char *token_on;
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
56 const char *token_period;
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
57 const char *token_rate;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
58 const char *token_rbrace;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
59 const char *token_require;
268
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
60 const char *token_requirerdns;
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
61 const char *token_semi;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
62 const char *token_soft;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
63 const char *token_spamassassin;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
64 const char *token_substitute;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
65 const char *token_tld;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
66 const char *token_unknown;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
67 const char *token_uribl;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
68 const char *token_verify;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
69 const char *token_white;
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
70 const char *token_white_regex;
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
71 const char *token_yes;
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
72 const char *token_dkim_signer;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
73 const char *token_dkim_from;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
74 const char *token_signed_white;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
75 const char *token_signed_black;
451
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
76 const char *token_unsigned_black;
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
77 const char *token_require_signed;
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
78 const char *token_myhostname;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
79
96
1edd4e8d3a60 fix missing include, not all systems define HOST_NAME_MAX
carl
parents: 94
diff changeset
80 #ifndef HOST_NAME_MAX
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
81 #define HOST_NAME_MAX 255
96
1edd4e8d3a60 fix missing include, not all systems define HOST_NAME_MAX
carl
parents: 94
diff changeset
82 #endif
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
83 char myhostname[HOST_NAME_MAX+1];
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
84
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
85 pthread_mutex_t verifier_mutex; // protect the verifier map
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
86 verify_map verifiers;
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
87
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
88 pthread_mutex_t whitelister_mutex; // protect the whitelisters map
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
89 whitelister_map whitelisters;
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
90
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
91 string_set all_strings; // owns all the strings, only modified by the config loader thread
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
92 const int maxlen = 1000; // used for snprintf buffers
178
d6531c702be3 embedded dcc filtering
carl
parents: 175
diff changeset
93 const int maxsmtp_age = 60;// smtp verify sockets older than this are ancient
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
94 const int maxauto_age = 600;// auto whitelister delay before flushing to file
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
95 extern int NULL_SOCKET;
129
c5cd1261394d ignore smtp connection attempts for 10 minutes when getting connection errors on verify hosts
carl
parents: 119
diff changeset
96 const time_t ERROR_SMTP_SOCKET_TIME = 600; // number of seconds between attempts to open a socket to an smtp server
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
97
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
98
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
99 int SMTP::writer() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
100 #ifdef VERIFY_DEBUG
316
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
101 log("writer(%d) sees buffer with '%s'", buffer);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
102 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
103 int rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
104 if (!error) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
105 int len = strlen(buffer);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
106 while (rs < len) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
107 int ws = write(fd, buffer+rs, len-rs);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
108 if (ws > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
109 rs += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
110 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
111 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
112 // peer closed the socket!
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
113 rs = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
114 error = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
115 break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
116 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
117 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
118 }
316
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
119 #ifdef VERIFY_DEBUG
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
120 log("writer(%d) sees error %d", (int)error);
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
121 #endif
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
122 return rs;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
123 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
124
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
125
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
126 int SMTP::reader() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
127 // read some bytes terminated by lf or end of buffer.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
128 // we may have a multi line response or part thereof in the buffer.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
129 #ifdef VERIFY_DEBUG
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
130 log("reader(%d) sees error %d", (int)error);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
131 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
132 if (error) return 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
133 int len = maxlen-1; // room for null terminator
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
134 while (pending < len) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
135 int ws = read(fd, buffer+pending, len-pending);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
136 if (ws > 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
137 pending += ws;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
138 if (buffer[pending-1] == '\n') break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
139 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
140 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
141 // peer closed the socket!
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
142 pending = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
143 error = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
144 break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
145 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
146 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
147 buffer[pending] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
148 #ifdef VERIFY_DEBUG
316
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
149 log("reader(%d) sees buffer with '%s'", buffer);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
150 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
151 return pending;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
152 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
153
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
154
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
155 int SMTP::read_line() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
156 char *lf = strchr(buffer, '\n');
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
157 if (!lf) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
158 reader(); // get a lf
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
159 lf = strchr(buffer, '\n');
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
160 if (!lf) lf = buffer + pending - 1;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
161 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
162 return (lf-buffer)+1; // number of bytes in this line
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
163 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
164
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
165
97
cc3b79349c9c fix int function not returning value
carl
parents: 96
diff changeset
166 void SMTP::flush_line(int r) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
167 if (pending > r) memmove(buffer, buffer+r, pending-r);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
168 pending -= r;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
169 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
170
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
171
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
172 int SMTP::read_response() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
173 pending = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
174 buffer[pending] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
175 while (true) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
176 int r = read_line();
316
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
177 log("verify::read_response(%d) sees line with '%s'", buffer);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
178 if (r == 0) return 0; // failed to read any bytes
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
179 if ((r > 4) && (buffer[3] == '-')) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
180 flush_line(r);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
181 continue;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
182 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
183 return atoi(buffer);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
184 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
185 return 0;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
186 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
187
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
188
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
189 int SMTP::cmd(const char *c) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
190 if (c) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
191 init();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
192 append(c);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
193 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
194 append("\r\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
195 writer();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
196 return read_response();
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
197 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
198
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
199
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
200 int SMTP::helo() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
201 if (read_response() != 220) return 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
202 init();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
203 append("HELO ");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
204 append(token_myhostname);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
205 return cmd(NULL);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
206 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
207
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
208
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
209 int SMTP::rset() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
210 efrom[0] = '\0';
316
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
211 return cmd("RSET");
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
212 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
213
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
214
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
215 int SMTP::from(const char *f) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
216 // the mail from address was originally passed in from sendmail enclosed in
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
217 // <>. to_lower_string() removed the <> and converted the rest to lowercase,
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
218 // except in the case of an empty return path, which was left as the two
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
219 // character string <>.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
220 if (strncmp(efrom, f, maxlen)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
221 strncpy(efrom, f, maxlen);
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
222 efrom[maxlen-1] = '\0'; // ensure null termination
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
223 init();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
224 append("MAIL FROM:<");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
225 if (*f != '<') append(f);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
226 append(">");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
227 return cmd(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
228 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
229 return 250; // pretend it worked
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
230 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
231
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
232
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
233 int SMTP::rcpt(const char *t) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
234 init();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
235 append("RCPT TO:<");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
236 append(t);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
237 append(">");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
238 return cmd(NULL);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
239 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
240
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
241
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
242 int SMTP::quit() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
243 return cmd("QUIT");
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
244 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
245
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
246
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
247 void SMTP::closefd() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
248 shutdown(fd, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
249 close(fd);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
250 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
251
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
252
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
253 void SMTP::log(const char *m, int v) {
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
254 char buf[maxlen];
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
255 snprintf(buf, maxlen, m, get_fd(), v);
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
256 my_syslog(queueid, buf);
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
257 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
258
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
259
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
260 void SMTP::log(const char *m, const char *v) {
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
261 char buf[maxlen];
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
262 snprintf(buf, maxlen, m, get_fd(), v);
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
263 my_syslog(queueid, buf);
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
264 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
265
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
266
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
267 ////////////////////////////////////////////////
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
268 // smtp verifier so backup mx machines can see the valid users
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
269 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
270 VERIFY::VERIFY(const char *h) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
271 host = h;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
272 last_err = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
273 pthread_mutex_init(&mutex, 0);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
274 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
275
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
276
320
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
277 void VERIFY::log(const char *m, const char *q, const char *v) {
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
278 char buf[maxlen];
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
279 snprintf(buf, maxlen, m, v, host);
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
280 my_syslog(q, buf);
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
281 }
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
282
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
283
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
284 void VERIFY::closer() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
285 bool ok = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
286 while (ok) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
287 SMTP *conn = NULL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
288 pthread_mutex_lock(&mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
289 if (connections.empty()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
290 ok = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
291 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
292 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
293 conn = connections.front();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
294 time_t now = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
295 if ((now - conn->get_stamp()) > maxsmtp_age) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
296 // this connection is ancient, remove it
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
297 connections.pop_front();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
298 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
299 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
300 ok = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
301 conn = NULL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
302 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
303 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
304 pthread_mutex_unlock(&mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
305 // avoid doing this work inside the mutex lock
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
306 if (conn) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
307 #ifdef VERIFY_DEBUG
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
308 conn->log("closer(%d) closes ancient socket %s", "");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
309 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
310 delete conn;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
311 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
312 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
313 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
314
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
315
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
316 SMTP* VERIFY::get_connection(const char *queueid) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
317 SMTP *conn = NULL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
318 pthread_mutex_lock(&mutex);
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
319 while (!connections.empty()) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
320 conn = connections.front();
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
321 time_t now = time(NULL);
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
322 if ((now - conn->get_stamp()) > maxsmtp_age) {
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
323 // this connection is ancient, remove it
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
324 conn->log("verify::get_connection(%d) closes ancient socket %s", "");
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
325 connections.pop_front();
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
326 delete conn;
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
327 conn = NULL;
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
328 }
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
329 else {
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
330 conn->set_id(queueid);
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
331 connections.pop_front();
318
e2dc882839f6 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 316
diff changeset
332 conn->log("verify::get_connection(%d) from cache %s", "");
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
333 break;
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
334 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
335 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
336 pthread_mutex_unlock(&mutex);
316
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
337 if (conn) {
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
338 int rc = conn->rset();
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
339 conn->log("verify::getconnection(%d) rset sees %d", rc);
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
340 if (rc == 250) return conn;
318
e2dc882839f6 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 316
diff changeset
341 delete conn;
e2dc882839f6 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 316
diff changeset
342 // old connection from cache was unusable, fall thru and make a new one
316
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
343 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
344 int sock = NULL_SOCKET;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
345 if ((time(NULL) - last_err) > ERROR_SMTP_SOCKET_TIME) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
346 // nothing recent, maybe this time it will work
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
347 hostent *h = gethostbyname(host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
348 if (h) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
349 sockaddr_in server;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
350 server.sin_family = h->h_addrtype;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
351 server.sin_port = htons(25);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
352 memcpy(&server.sin_addr, h->h_addr_list[0], h->h_length);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
353 sock = socket(PF_INET, SOCK_STREAM, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
354 if (sock != NULL_SOCKET) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
355 bool rc = (connect(sock, (sockaddr *)&server, sizeof(server)) == 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
356 if (!rc) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
357 shutdown(sock, SHUT_RDWR);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
358 close(sock);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
359 sock = NULL_SOCKET;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
360 last_err = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
361 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
362 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
363 else last_err = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
364 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
365 else last_err = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
366 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
367 if (sock != NULL_SOCKET) {
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
368 struct timeval tv;
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
369 tv.tv_sec = 15;
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
370 tv.tv_usec = 0;
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
371 setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, (char *)&tv, sizeof(struct timeval));
316
f7c5cfb76e86 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 314
diff changeset
372 setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, (char *)&tv, sizeof(struct timeval));
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
373 conn = new SMTP(sock);
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
374 conn->set_id(queueid);
318
e2dc882839f6 better smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 316
diff changeset
375 conn->log("get_connection(%d) new socket %s", "");
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
376 int rc = conn->helo();
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
377 conn->log("verify::get_connection(%d) helo sees %d", rc);
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
378 if (rc == 250) return conn;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
379 delete conn;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
380 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
381 return NULL;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
382 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
383
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
384
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
385 void VERIFY::put_connection(SMTP *conn) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
386 if (conn->err()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
387 #ifdef VERIFY_DEBUG
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
388 conn->log("put_socket(%d) with error %s", "");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
389 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
390 delete conn;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
391 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
392 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
393 #ifdef VERIFY_DEBUG
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
394 conn->log("put_socket(%d) no error %s", "");
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
395 #endif
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
396 conn->now();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
397 pthread_mutex_lock(&mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
398 connections.push_back(conn);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
399 pthread_mutex_unlock(&mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
400 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
401 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
402
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
403
310
802e2b779ed1 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
404 bool VERIFY::ok(const char *queueid, const char *from, const char *to) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
405 if (host == token_myhostname) return true;
311
f5547e7b3a09 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 310
diff changeset
406 SMTP *conn = get_connection(queueid);
320
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
407 if (!conn) {
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
408 log("unable to verify %s with %s due to socket errors", queueid, to);
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
409 return true; // cannot verify right now, we have socket errors
e27c24c1974a more smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 318
diff changeset
410 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
411 int rc;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
412 rc = conn->from(from);
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
413 conn->log("verify::ok(%d) from sees %d", rc);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
414 if (rc != 250) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
415 put_connection(conn);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
416 return (rc >= 500) ? false : true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
417 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
418 rc = conn->rcpt(to);
314
ef5a6099cbe7 enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents: 311
diff changeset
419 conn->log("verify::ok(%d) rcpt sees %d", rc);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
420 put_connection(conn);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
421 return (rc >= 500) ? false : true;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
422 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
423
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
424
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
425 ////////////////////////////////////////////////
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
426 // setup a new smtp verify host
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
427 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
428 VERIFYP add_verify_host(const char *host);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
429 VERIFYP add_verify_host(const char *host) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
430 VERIFYP rc = NULL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
431 pthread_mutex_lock(&verifier_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
432 verify_map::iterator i = verifiers.find(host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
433 if (i == verifiers.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
434 rc = new VERIFY(host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
435 verifiers[host] = rc;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
436 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
437 else rc = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
438 pthread_mutex_unlock(&verifier_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
439 return rc;
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
440 }
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
441
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
442
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
443 ////////////////////////////////////////////////
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
444 // thread to check for verify hosts with old sockets that we can close
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
445 //
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
446 void* verify_closer(void *arg) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
447 while (true) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
448 sleep(maxsmtp_age);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
449 pthread_mutex_lock(&verifier_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
450 for (verify_map::iterator i=verifiers.begin(); i!=verifiers.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
451 VERIFYP v = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
452 v->closer();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
453 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
454 pthread_mutex_unlock(&verifier_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
455 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
456 return NULL;
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
457 }
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
458
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
459
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
460 ////////////////////////////////////////////////
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
461 // automatic whitelister
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
462 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
463 WHITELISTER::WHITELISTER(const char *f, int d) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
464 fn = f;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
465 days = d;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
466 pthread_mutex_init(&mutex, 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
467 need = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
468 loaded = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
469 merge();
160
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
470 }
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
471
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
472
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
473 void WHITELISTER::merge() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
474 time_t now = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
475 ifstream ifs;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
476 ifs.open(fn);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
477 if (!ifs.fail()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
478 const int maxlen = 1000;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
479 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
480 while (ifs.getline(buf, maxlen)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
481 char *p = strchr(buf, ' ');
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
482 if (p) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
483 *p = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
484 char *who = strdup(buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
485 time_t when = atoi(p+1);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
486 if ((when == 0) || (when > now)) when = now;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
487 autowhite_sent::iterator i = rcpts.find(who);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
488 if (i == rcpts.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
489 rcpts[who] = when;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
490 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
491 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
492 time_t wh = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
493 if ((when == 1) || (when > wh)) (*i).second = when;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
494 free(who);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
495 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
496 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
497 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
498 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
499 ifs.close();
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
500 }
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
501
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
502
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
503 void WHITELISTER::writer() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
504 pthread_mutex_lock(&mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
505 time_t limit = time(NULL) - days*86400;
160
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
506
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
507 // check for manually modified autowhitelist file
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
508 struct stat st;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
509 if (stat(fn, &st)) need = true; // file has disappeared
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
510 else if (st.st_mtime > loaded) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
511 // file has been manually updated, merge new entries
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
512 merge();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
513 need = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
514 }
160
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
515
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
516 // purge old entries
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
517 for (autowhite_sent::iterator i=rcpts.begin(); i!=rcpts.end();) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
518 time_t when = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
519 if (when < limit) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
520 const char *who = (*i).first;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
521 free((void*)who);
195
797299e9fffc fix null dereference if missing _ macro
carl
parents: 192
diff changeset
522 rcpts.erase(i++);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
523 need = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
524 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
525 else i++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
526 }
160
b3ed72ee6564 allow manual updates to auto whitelist files
carl
parents: 156
diff changeset
527
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
528 if (need) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
529 // dump the file
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
530 ofstream ofs;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
531 ofs.open(fn);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
532 if (!ofs.fail()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
533 for (autowhite_sent::iterator i=rcpts.begin(); i!=rcpts.end(); i++) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
534 const char *who = (*i).first;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
535 int when = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
536 if (!strchr(who, ' ')) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
537 ofs << who << " " << when << endl;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
538 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
539 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
540 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
541 ofs.close();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
542 need = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
543 loaded = time(NULL); // update load time
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
544 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
545 pthread_mutex_unlock(&mutex);
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
546 }
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
547
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
548
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
549 void WHITELISTER::sent(const char *to) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
550 // we take ownership of the string
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
551 pthread_mutex_lock(&mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
552 need = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
553 autowhite_sent::iterator i = rcpts.find(to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
554 if (i == rcpts.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
555 rcpts[to] = time(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
556 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
557 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
558 (*i).second = time(NULL);
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
559 free((void*)to);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
560 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
561 pthread_mutex_unlock(&mutex);
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
562 }
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
563
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
564
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
565 bool WHITELISTER::is_white(const char *from) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
566 pthread_mutex_lock(&mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
567 autowhite_sent::iterator i = rcpts.find(from);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
568 bool rc = (i != rcpts.end());
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
569 pthread_mutex_unlock(&mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
570 return rc;
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
571 }
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
572
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
573
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
574 ////////////////////////////////////////////////
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
575 // setup a new auto whitelister file
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
576 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
577 WHITELISTERP add_whitelister_file(const char *fn, int days);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
578 WHITELISTERP add_whitelister_file(const char *fn, int days) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
579 WHITELISTERP rc = NULL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
580 pthread_mutex_lock(&whitelister_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
581 whitelister_map::iterator i = whitelisters.find(fn);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
582 if (i == whitelisters.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
583 rc = new WHITELISTER(fn, days);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
584 whitelisters[fn] = rc;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
585 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
586 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
587 rc = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
588 rc->set_days(days);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
589 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
590 pthread_mutex_unlock(&whitelister_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
591 return rc;
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
592 }
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
593
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
594
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
595 ////////////////////////////////////////////////
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
596 // thread to check for whitelister hosts with old sockets that we can close
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
597 //
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
598 void* whitelister_writer(void *arg) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
599 while (true) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
600 sleep(maxauto_age);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
601 pthread_mutex_lock(&whitelister_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
602 for (whitelister_map::iterator i=whitelisters.begin(); i!=whitelisters.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
603 WHITELISTERP v = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
604 v->writer();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
605 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
606 pthread_mutex_unlock(&whitelister_mutex);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
607 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
608 return NULL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
609 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
610
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
611
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
612 DELAYWHITE::DELAYWHITE(const char *loto_, WHITELISTERP w_, CONTEXTP con_) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
613 loto = loto_;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
614 w = w_;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
615 con = con_;
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
616 }
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
617
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
618
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
619 DKIM::DKIM(const char *action_, const char *signer_, const char*extraspf_) {
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
620 action = action_;
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
621 signer = signer_;
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
622 extraspf = extraspf_;
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
623 }
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
624
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
625
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
626 DNSBL::DNSBL(const char *n, const char *s, const char *m) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
627 name = n;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
628 suffix = s;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
629 message = m;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
630 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
631
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
632
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
633 bool DNSBL::operator==(const DNSBL &rhs) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
634 return (strcmp(name, rhs.name) == 0) &&
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
635 (strcmp(suffix, rhs.suffix) == 0) &&
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
636 (strcmp(message, rhs.message) == 0);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
637 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
638
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
639
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
640 DNSWL::DNSWL(const char *n, const char *s, const int l) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
641 name = n;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
642 suffix = s;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
643 level = l;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
644 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
645
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
646
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
647 bool DNSWL::operator==(const DNSWL &rhs) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
648 return (strcmp(name, rhs.name) == 0) &&
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
649 (strcmp(suffix, rhs.suffix) == 0) &&
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
650 (level == rhs.level);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
651 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
652
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
653
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
654 CONFIG::CONFIG() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
655 reference_count = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
656 generation = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
657 load_time = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
658 default_context = NULL;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
659 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
660
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
661
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
662 CONFIG::~CONFIG() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
663 if (debug_syslog) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
664 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
665 snprintf(buf, sizeof(buf), "freeing memory for old configuration generation %d", generation);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
666 my_syslog(buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
667 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
668 for (context_list::iterator i=contexts.begin(); i!=contexts.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
669 CONTEXT *c = *i;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
670 delete c;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
671 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
672 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
673
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
674
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
675 void CONFIG::add_context(CONTEXTP con) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
676 contexts.push_back(con);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
677 if (!default_context && !con->get_parent()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
678 // first global context
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
679 default_context = con;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
680 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
681 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
682
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
683
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
684 void CONFIG::add_to(const char *to, CONTEXTP con) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
685 context_map::iterator i = env_to.find(to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
686 if (i != env_to.end()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
687 CONTEXTP c = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
688 if ((c != con) && (c != con->get_parent())) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
689 if (debug_syslog) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
690 char oldname[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
691 char newname[maxlen];
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
692 const char *oldn = c->get_full_name(oldname, maxlen);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
693 const char *newn = con->get_full_name(newname, maxlen);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
694 char buf[maxlen*3];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
695 snprintf(buf, maxlen*3, "both %s and %s claim envelope to %s, the second one wins", oldn, newn, to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
696 my_syslog(buf);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
697 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
698 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
699 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
700 env_to[to] = con;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
701 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
702
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
703
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
704 CONTEXTP CONFIG::find_context(const char *to) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
705 context_map::iterator i = env_to.find(to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
706 if (i != env_to.end()) return (*i).second; // found user@domain key
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
707 const char *x = strchr(to, '@');
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
708 if (x) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
709 x++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
710 i = env_to.find(x);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
711 if (i != env_to.end()) return (*i).second; // found domain key
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
712 size_t len = x - to;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
713 char user[len+1];
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
714 memcpy(user, to, len);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
715 user[len] = '\0';
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
716 i = env_to.find(user);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
717 if (i != env_to.end()) return (*i).second; // found user@ key
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
718 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
719 return default_context;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
720 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
721
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
722
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
723 void CONFIG::dump() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
724 bool spamass = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
725 if (default_context) default_context->dump(true, spamass);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
726 for (context_list::iterator i=contexts.begin(); i!=contexts.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
727 CONTEXTP c = *i;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
728 CONTEXTP p = c->get_parent();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
729 if (!p && (c != default_context)) c->dump(false, spamass);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
730 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
731 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
732 for (context_map::iterator i=env_to.begin(); i!=env_to.end(); i++) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
733 const char *to = (*i).first;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
734 CONTEXTP con = (*i).second;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
735 printf("// envelope to %s \t-> context %s \n", to, con->get_full_name(buf,maxlen));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
736 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
737 if (spamass && (spamc == spamc_empty)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
738 printf("// *** warning - spamassassin filtering requested, but spamc not found by autoconf.\n");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
739 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
740 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
741
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
742
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
743 CONTEXT::CONTEXT(CONTEXTP parent_, const char *name_) {
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
744 parent = parent_;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
745 name = name_;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
746 verify_host = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
747 verifier = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
748 generic_regx = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
749 generic_message = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
750 white_regx = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
751 autowhite_file = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
752 whitelister = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
753 env_from_default = (parent) ? token_inherit : token_unknown;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
754 content_filtering = (parent) ? parent->content_filtering : false;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
755 content_suffix = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
756 content_message = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
757 uribl_suffix = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
758 uribl_message = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
759 host_limit = (parent) ? parent->host_limit : 0;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
760 host_limit_message = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
761 host_random = (parent) ? parent->host_random : false;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
762 tag_limit = (parent) ? parent->tag_limit : 0;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
763 tag_limit_message = NULL;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
764 spamassassin_limit = (parent) ? parent->spamassassin_limit : 0;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
765 require_match = (parent) ? parent->require_match : false;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
766 require_rdns = (parent) ? parent->require_rdns : false;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
767 dcc_greylist = (parent) ? parent->dcc_greylist : false;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
768 dcc_bulk_threshold = (parent) ? parent->dcc_bulk_threshold : 0;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
769 dnsbl_list_parsed = false;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
770 dnswl_list_parsed = false;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
771 default_rate_limit = 36000; // 10 per second
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
772 default_address_limit = 10;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
773 daily_rate_multiple = 3;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
774 daily_address_multiple = 3;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
775 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
776
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
777
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
778 CONTEXT::~CONTEXT() {
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
779 for (dkimp_map::iterator i=dkim_from_names.begin(); i!=dkim_from_names.end(); i++) {
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
780 DKIMP d = (*i).second;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
781 // delete the underlying DKIM objects.
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
782 delete d;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
783 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
784 for (dnsblp_map::iterator i=dnsbl_names.begin(); i!=dnsbl_names.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
785 DNSBLP d = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
786 // delete the underlying DNSBL objects.
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
787 delete d;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
788 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
789 if (generic_regx) regfree(&generic_pattern);
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
790 if (white_regx) regfree(&white_pattern);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
791 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
792
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
793
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
794 bool CONTEXT::is_parent(CONTEXTP p) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
795 if (p == parent) return true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
796 if (!parent) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
797 return parent->is_parent(p);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
798 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
799
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
800
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
801 const char *CONTEXT::get_full_name(char *buffer, int size) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
802 if (!parent) return name;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
803 char buf[maxlen];
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
804 snprintf(buffer, size, "%s.%s", parent->get_full_name(buf, maxlen-strlen(name)-2), name);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
805 return buffer;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
806 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
807
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
808
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
809 bool CONTEXT::set_white(const char *regx)
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
810 {
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
811 int rc = 0;
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
812 if (white_regx) regfree(&white_pattern);
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
813 white_regx = regx;
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
814 if (white_regx) {
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
815 rc = regcomp(&white_pattern, regx, REG_NOSUB | REG_ICASE | REG_EXTENDED);
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
816 }
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
817 return rc; // true iff bad pattern
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
818 }
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
819
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
820
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
821 bool CONTEXT::white_match(const char *from)
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
822 {
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
823 return (from &&
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
824 white_regx &&
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
825 (0 == regexec(&white_pattern, from, 0, NULL, 0)));
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
826 }
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
827
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
828
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
829 bool CONTEXT::set_generic(const char *regx, const char *msg)
168
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
830 {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
831 int rc = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
832 if (generic_regx) regfree(&generic_pattern);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
833 generic_regx = regx;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
834 generic_message = msg;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
835 if (generic_regx) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
836 rc = regcomp(&generic_pattern, regx, REG_NOSUB | REG_ICASE | REG_EXTENDED);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
837 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
838 return rc; // true iff bad pattern
168
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
839 }
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
840
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
841
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
842 const char *CONTEXT::generic_match(const char *client)
168
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
843 {
195
797299e9fffc fix null dereference if missing _ macro
carl
parents: 192
diff changeset
844 if (!client) return NULL; // allow missing _ macro, which will disable generic checking
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
845 if (parent && !generic_regx) return parent->generic_match(client);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
846 if (!generic_regx) return NULL;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
847 if (0 == regexec(&generic_pattern, client, 0, NULL, 0)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
848 return generic_message;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
849 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
850 return NULL;
168
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
851 }
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
852
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
853
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
854 bool CONTEXT::cover_env_to(const char *to) {
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
855 const char *x = strchr(to, '@');
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
856 if (x) x++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
857 else x = to;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
858 if (*x == '\0') return true; // always allow covering addresses with no domain name, eg abuse@
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
859 if (!parent && env_to.empty()) return true; // empty env_to at global level covers everything
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
860 string_set::iterator i = env_to.find(x);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
861 if (i != env_to.end()) return true; // we cover the entire domain
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
862 if (x != to) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
863 i = env_to.find(to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
864 if (i != env_to.end()) return true; // we cover the specific email address
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
865 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
866 return false;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
867 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
868
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
869
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
870 VERIFYP CONTEXT::find_verify(const char *to) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
871 if (verifier && (verify_host != token_myhostname) && cover_env_to(to))
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
872 return verifier;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
873 else if (parent)
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
874 return parent->find_verify(to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
875 else
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
876 return NULL;
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
877 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
878
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
879
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
880 WHITELISTERP CONTEXT::find_autowhite(const char *from, const char *to) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
881 if (whitelister && cover_env_to(to) && !cover_env_to(from))
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
882 return whitelister;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
883 else if (parent)
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
884 return parent->find_autowhite(from, to);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
885 else
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
886 return NULL;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
887 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
888
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
889
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
890 int CONTEXT::find_rate_limit(const char *user) {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
891 if (rcpt_per_hour.empty()) return default_rate_limit;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
892 rates::iterator i = rcpt_per_hour.find(user); // look for authen id, or sender user@email limiting
259
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
893 if (i != rcpt_per_hour.end()) return (*i).second; // found authen id, or user@email limiting
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
894 const char *f = strchr(user, '@');
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
895 if (!f) return default_rate_limit;
259
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
896 i = rcpt_per_hour.find(f); // look for @domain limiting
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
897 if (i != rcpt_per_hour.end()) return (*i).second; // found @domain limiting
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
898 return default_rate_limit;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
899 }
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
900
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
901
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
902 int CONTEXT::find_address_limit(const char *user) {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
903 if (addresses_per_hour.empty()) return default_address_limit;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
904 rates::iterator i = addresses_per_hour.find(user); // look for authen id, or sender user@email limiting
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
905 if (i != addresses_per_hour.end()) return (*i).second; // found authen id, or user@email limiting
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
906 const char *f = strchr(user, '@');
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
907 if (!f) return default_address_limit;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
908 i = addresses_per_hour.find(f); // look for @domain limiting
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
909 if (i != addresses_per_hour.end()) return (*i).second; // found @domain limiting
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
910 return default_address_limit;
259
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
911 }
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
912
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
913
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
914 bool CONTEXT::is_unauthenticated_limited(const char *user) {
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
915 rates::iterator i = rcpt_per_hour.find(user); // look for sender user@email limiting
259
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
916 if (i != rcpt_per_hour.end()) return true; // found user@email limiting
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
917 const char *f = strchr(user, '@');
266
582cfb9c4031 fix unauthenticated rate limit bug for empty mail from
Carl Byington <carl@five-ten-sg.com>
parents: 263
diff changeset
918 if (!f) return false;
259
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
919 i = rcpt_per_hour.find(f); // look for sender @domain limiting
be939802c64e add recipient rate limits by email from address or domain
Carl Byington <carl@five-ten-sg.com>
parents: 255
diff changeset
920 return (i != rcpt_per_hour.end()); // found @domain limiting
136
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
921 }
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
922
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
923
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
924 const char *CONTEXT::find_from(const char *from, bool update_white, const char *queueid) {
211
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
925 WHITELISTERP w = whitelister;
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
926 CONTEXTP p = parent;
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
927 while (!w && p) {
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
928 w = p->whitelister;
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
929 p = p->parent;
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
930 }
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
931 if (w && w->is_white(from)) {
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
932 if (update_white && queueid) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
933 // update senders timestamp to extend the whitelisting period
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
934 if (debug_syslog > 1) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
935 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
936 char msg[maxlen];
438
1686cb639269 code cleanup
Carl Byington <carl@five-ten-sg.com>
parents: 436
diff changeset
937 snprintf(msg, sizeof(msg), "extend whitelist reply from <%s> in context %s", from, get_full_name(buf,maxlen));
1686cb639269 code cleanup
Carl Byington <carl@five-ten-sg.com>
parents: 436
diff changeset
938 my_syslog(queueid, msg);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
939 }
211
4db1457cd11a Extend auto-whitelisting when receiving mail even if the auto whitelist is specified in a parent context.
Carl Byington <carl@five-ten-sg.com>
parents: 203
diff changeset
940 w->sent(strdup(from));
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
941 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
942 return token_white;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
943 }
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
944 const char *rc = env_from_default;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
945 string_map::iterator i = env_from.find(from);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
946 if (i != env_from.end()) rc = (*i).second; // found user@domain key
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
947 else {
244
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
948 const char *x = strchr(from, '@');
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
949 if (x) {
244
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
950 char buf[200];
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
951 x++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
952 i = env_from.find(x);
244
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
953 size_t n = x - from; // length of user name plus @
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
954 if (i != env_from.end()) rc = (*i).second; // found domain key
244
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
955 else if (n < sizeof(buf)) {
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
956 // we only test reasonably short user names, since we need
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
957 // to copy them to a buffer to avoid a dup/free cycle on every
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
958 // test here.
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
959 strncpy(buf, from, n);
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
960 buf[n] = '\0';
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
961 i = env_from.find(buf);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
962 if (i != env_from.end()) rc = (*i).second; // found user@ key
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
963 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
964 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
965 }
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
966 if ((rc == token_inherit) || (rc == token_unknown)) {
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
967 bool ok = white_match(from);
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
968 if (ok) rc = token_white;
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
969 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
970 if ((rc == token_inherit) && parent) return parent->find_from(from);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
971 return (rc == token_inherit) ? token_unknown : rc;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
972 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
973
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
974
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
975 CONTEXTP CONTEXT::find_context(const char *from) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
976 context_map::iterator i = env_from_context.find(from);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
977 if (i != env_from_context.end()) return (*i).second; // found user@domain key
244
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
978 const char *x = strchr(from, '@');
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
979 if (x) {
244
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
980 char buf[200];
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
981 x++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
982 i = env_from_context.find(x);
244
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
983 size_t n = x - from; // length of user name plus @
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
984 if (i != env_from_context.end()) return (*i).second; // found domain key
244
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
985 else if (n < sizeof(buf)) {
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
986 // we only test reasonably short user names, since we need
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
987 // to copy them to a buffer to avoid a dup/free cycle on every
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
988 // test here.
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
989 strncpy(buf, from, n);
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
990 buf[n] = '\0';
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
991 i = env_from_context.find(buf);
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
992 if (i != env_from_context.end()) return (*i).second; // found user@ key
ef97c7cd4a6e const correctness fixes from new gcc, libresolv.a moved to glibc-static on newer distributions
Carl Byington <carl@five-ten-sg.com>
parents: 233
diff changeset
993 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
994 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
995 return this;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
996 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
997
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
998
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
999 CONTEXTP CONTEXT::find_from_context_name(const char *name) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1000 context_map::iterator i = children.find(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1001 if (i != children.end()) return (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1002 return NULL;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1003 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1004
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1005
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1006 const char *CONTEXT::find_dkim_signer(const char *name) {
332
ed04479a8e12 allow missing domain in header from value
Carl Byington <carl@five-ten-sg.com>
parents: 331
diff changeset
1007 if (!name) return NULL;
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1008 string_map::iterator i = dkim_signer_names.find(name);
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1009 if (i != dkim_signer_names.end()) return (*i).second;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1010 if (parent) return parent->find_dkim_signer(name);
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1011 return NULL;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1012 }
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1013
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1014
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1015 DKIMP CONTEXT::find_dkim_from(const char *name) {
332
ed04479a8e12 allow missing domain in header from value
Carl Byington <carl@five-ten-sg.com>
parents: 331
diff changeset
1016 if (!name) return NULL;
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1017 dkimp_map::iterator i = dkim_from_names.find(name);
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1018 if (i != dkim_from_names.end()) return (*i).second;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1019 if (parent) return parent->find_dkim_from(name);
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1020 return NULL;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1021 }
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1022
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
1023
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1024 DNSBLP CONTEXT::find_dnsbl(const char *name) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1025 dnsblp_map::iterator i = dnsbl_names.find(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1026 if (i != dnsbl_names.end()) return (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1027 if (parent) return parent->find_dnsbl(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1028 return NULL;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1029 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1030
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1031
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1032 DNSWLP CONTEXT::find_dnswl(const char *name) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1033 dnswlp_map::iterator i = dnswl_names.find(name);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1034 if (i != dnswl_names.end()) return (*i).second;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1035 if (parent) return parent->find_dnswl(name);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1036 return NULL;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1037 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1038
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1039
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1040 const char* CONTEXT::get_content_suffix() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1041 if (!content_suffix && parent) return parent->get_content_suffix();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1042 return content_suffix;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1043 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1044
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1045
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1046 const char* CONTEXT::get_uribl_suffix() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1047 if (!uribl_suffix && parent) return parent->get_uribl_suffix();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1048 return uribl_suffix;
119
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
1049 }
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
1050
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
1051
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1052 const char* CONTEXT::get_content_message() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1053 if (!content_message && parent) return parent->get_content_message();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1054 return content_message;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1055 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1056
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1057
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1058 const char* CONTEXT::get_uribl_message() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1059 if (!uribl_message && parent) return parent->get_uribl_message();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1060 return uribl_message;
119
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
1061 }
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
1062
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
1063
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1064 string_set& CONTEXT::get_content_host_ignore() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1065 if (content_host_ignore.empty() && parent) return parent->get_content_host_ignore();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1066 return content_host_ignore;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1067 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1068
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1069
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1070 string_set& CONTEXT::get_content_tlds() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1071 if (content_tlds.empty() && parent) return parent->get_content_tlds();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1072 return content_tlds;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1073 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1074
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1075
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1076 string_set& CONTEXT::get_content_tldwilds() {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1077 if (content_tldwilds.empty() && parent) return parent->get_content_tldwilds();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1078 return content_tldwilds;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1079 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1080
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1081
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1082 string_set& CONTEXT::get_content_tldnots() {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1083 if (content_tldnots.empty() && parent) return parent->get_content_tldnots();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1084 return content_tldnots;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1085 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1086
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1087
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1088 string_set& CONTEXT::get_html_tags() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1089 if (html_tags.empty() && parent) return parent->get_html_tags();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1090 return html_tags;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1091 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1092
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1093
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1094 dnsblp_list& CONTEXT::get_dnsbl_list() {
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
1095 if (!dnsbl_list_parsed && parent) return parent->get_dnsbl_list();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1096 return dnsbl_list;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1097 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1098
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1099
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1100 dnswlp_list& CONTEXT::get_dnswl_list() {
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
1101 if (!dnswl_list_parsed && parent) return parent->get_dnswl_list();
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1102 return dnswl_list;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1103 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1104
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1105
329
c9932c4d8053 allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents: 326
diff changeset
1106 void CONTEXT::log(const char *queueid, const char *msg, const char *v) {
330
b5b93a7e1e6d ignore envelope-from based whitelisting if we have a dkim requirement for that domain
Carl Byington <carl@five-ten-sg.com>
parents: 329
diff changeset
1107 if (debug_syslog > 1) {
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1108 char buf[maxdnslength+100];
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1109 snprintf(buf, sizeof(buf), msg, v);
330
b5b93a7e1e6d ignore envelope-from based whitelisting if we have a dkim requirement for that domain
Carl Byington <carl@five-ten-sg.com>
parents: 329
diff changeset
1110 my_syslog(queueid, buf);
b5b93a7e1e6d ignore envelope-from based whitelisting if we have a dkim requirement for that domain
Carl Byington <carl@five-ten-sg.com>
parents: 329
diff changeset
1111 }
329
c9932c4d8053 allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents: 326
diff changeset
1112 }
c9932c4d8053 allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents: 326
diff changeset
1113
c9932c4d8053 allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents: 326
diff changeset
1114
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1115 bool CONTEXT::in_signing_set(const char *s, const char *signers) {
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1116 // s is an actual signer
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1117 // signers is the set of acceptable signers, separated by commas
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1118 size_t n = strlen(s);
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1119 const char *p = signers;
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1120 do {
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1121 const char *c = strchr(p, ',');
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1122 size_t m = (c) ? c-p : strlen(p); // length of this element in the signing set
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1123 if ((m == n) && (strncasecmp(p, s, n) == 0)) return true; // exact match
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1124 if ((*p == '*') && (n >= m)) {
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1125 if (strncasecmp(p+1, s+n-(m-1), m-1) == 0) return true; // wildcard match
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1126 }
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1127 if (!c) return false;
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1128 p = c + 1;
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1129 } while (true);
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1130 }
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1131
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1132
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1133 void CONTEXT::replace(char *buf, char *p, int nn, const char *what)
421
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1134 {
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1135 // replace nn chars in buf starting at p with what
421
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1136 char repl[maxlen];
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1137 size_t bn = strlen(buf);
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1138 size_t wn = strlen(what);
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1139 if ((bn - nn + wn) < (size_t)maxlen) {
421
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1140 size_t n = p - buf; // leading part length
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1141 strncpy(repl, buf, n); // leading part
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1142 strcpy(repl+n, what); // replacement
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1143 strcpy(repl+n+wn, buf+n+nn); // trailing part
421
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1144 strcpy(buf, repl);
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1145 }
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1146 }
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1147
423
c9b7b6dd1206 use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 421
diff changeset
1148
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1149 bool CONTEXT::resolve_spf(const char *from, uint32_t ip, mlfiPriv *priv, const char *extraspf)
381
879a470c6ac3 fetch spf txt records for required dkim signers
Carl Byington <carl@five-ten-sg.com>
parents: 368
diff changeset
1150 {
397
d08da4b058e8 only ntohl() once during recursive spf txt processing
Carl Byington <carl@five-ten-sg.com>
parents: 395
diff changeset
1151 // ip is in host order
423
c9b7b6dd1206 use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 421
diff changeset
1152 if (priv->mailaddr) {
421
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1153 const char *f = strchr(priv->mailaddr, '@');
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1154 if (f) {
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1155 f++;
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1156 size_t efl = strlen(f); // envelope from domain
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1157 size_t hfl = strlen(from); // header from domain
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1158 if (efl > hfl) {
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1159 size_t off = efl - hfl;
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1160 if ((f[off-1] == '.') && (strcmp(f+off,from) == 0)) {
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1161 // envelope from is a strict child of header from
423
c9b7b6dd1206 use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 421
diff changeset
1162 // use envelope from rather than header from
462
f3f1ece619ba change dkim_from syntax to allow "signer1,signer2;spf data"
Carl Byington <carl@five-ten-sg.com>
parents: 460
diff changeset
1163 if (resolve_one_spf(f, ip, priv, extraspf)) return true;
421
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1164 }
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1165 }
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1166 }
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1167 }
462
f3f1ece619ba change dkim_from syntax to allow "signer1,signer2;spf data"
Carl Byington <carl@five-ten-sg.com>
parents: 460
diff changeset
1168 return resolve_one_spf(from, ip, priv, extraspf);
423
c9b7b6dd1206 use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 421
diff changeset
1169 }
c9b7b6dd1206 use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 421
diff changeset
1170
c9b7b6dd1206 use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 421
diff changeset
1171
462
f3f1ece619ba change dkim_from syntax to allow "signer1,signer2;spf data"
Carl Byington <carl@five-ten-sg.com>
parents: 460
diff changeset
1172 bool CONTEXT::resolve_one_spf(const char *from, uint32_t ip, mlfiPriv *priv, const char *extraspf, int level)
423
c9b7b6dd1206 use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 421
diff changeset
1173 {
428
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1174 char buf[maxdnslength];
384
7b7066a51c33 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 382
diff changeset
1175 log(priv->queueid, "looking for %s txt record", from);
428
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1176 dns_interface(*priv, from, ns_t_txt, false, NULL, buf, maxdnslength);
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1177 if ((level == 0) && extraspf && ((strlen(buf) + strlen(extraspf) + 1) < sizeof(buf))) {
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1178 if (strlen(buf) >= 7) {
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1179 // modify existing spf record
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1180 replace(buf, buf+7, 0, extraspf);
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1181 replace(buf, buf+7+strlen(extraspf), 0, " ");
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1182 }
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1183 else {
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1184 // synthesize full spf record
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1185 strcat(buf, "v=spf1 ");
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1186 strcat(buf, extraspf);
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1187 }
462
f3f1ece619ba change dkim_from syntax to allow "signer1,signer2;spf data"
Carl Byington <carl@five-ten-sg.com>
parents: 460
diff changeset
1188 }
381
879a470c6ac3 fetch spf txt records for required dkim signers
Carl Byington <carl@five-ten-sg.com>
parents: 368
diff changeset
1189 if (*buf) {
384
7b7066a51c33 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 382
diff changeset
1190 log(priv->queueid, "found txt record %s", buf);
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1191 // expand some macros here - a very restricted subset of all possible spf macros
421
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1192 // only expand the first instance of each.
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1193 char *p = strstr(buf, "%{i}");
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1194 if (p) {
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1195 char adr[sizeof "255.255.255.255 "];
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1196 adr[0] = '\0';
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1197 inet_ntop(AF_INET, (const u_char *)&priv->ip, adr, sizeof(adr));
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1198 replace(buf, p, 4, adr);
421
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1199 log(priv->queueid, "have txt record %s", buf);
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1200 }
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1201 p = strstr(buf, "%{h}");
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1202 if (p) {
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1203 replace(buf, p, 4, priv->helo);
421
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1204 log(priv->queueid, "have txt record %s", buf);
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1205 }
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1206 p = strstr(buf, "%{d}");
22027ad2a28f spf code now handles %{d} and %{h} macros; use envelope from value for spf if it is a subdomain of the header from domain
Carl Byington <carl@five-ten-sg.com>
parents: 419
diff changeset
1207 if (p) {
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1208 replace(buf, p, 4, from);
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1209 log(priv->queueid, "have txt record %s", buf);
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1210 }
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1211 //
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1212 p = strchr(buf, ' '); // must start with 'v=spf1 '
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1213 if (!p) return false; // broken spf
382
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 381
diff changeset
1214 char *e = p + strlen(p); // point to trailing null
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1215 while (true) {
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1216 while (*p == ' ') p++;
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1217 if (p >= e) break;
382
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 381
diff changeset
1218 char *b = strchr(p, ' ');
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 381
diff changeset
1219 if (b) *b = '\0';
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1220 if ((*p != '-') && (*p != '~') && (*p != '?')) {
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1221 if (*p == '+') p++;
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1222 if (strncasecmp(p, "ip4:", 4) == 0) {
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1223 p += 4;
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1224 char *s = strchr(p, '/');
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1225 if (s) *s = '\0';
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1226 in_addr ipx;
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1227 if (inet_aton(p, &ipx)) {
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1228 uint32_t ipy = ntohl(ipx.s_addr);
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1229 int mask = (s) ? atoi(s+1) : 32;
460
ad05c61d6372 add debug code for spf check with microsoft /14
Carl Byington <carl@five-ten-sg.com>
parents: 455
diff changeset
1230 if ((mask >= 14) && (mask <= 32)) { // microsoft has a /14
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1231 uint32_t low = (1 << (32-mask)) - 1;
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1232 ipy &= low ^ 0xffffffff;
465
79e944269c0b SA needs original rfc5321 envelope from to do proper spf checking. Remove some debug code.
Carl Byington <carl@five-ten-sg.com>
parents: 464
diff changeset
1233 //{
79e944269c0b SA needs original rfc5321 envelope from to do proper spf checking. Remove some debug code.
Carl Byington <carl@five-ten-sg.com>
parents: 464
diff changeset
1234 // char buf[maxlen];
79e944269c0b SA needs original rfc5321 envelope from to do proper spf checking. Remove some debug code.
Carl Byington <carl@five-ten-sg.com>
parents: 464
diff changeset
1235 // snprintf(buf, maxlen, "ip=%08x, spf=%08x/%d, mask=%08x", ip, ipy, mask, low);
79e944269c0b SA needs original rfc5321 envelope from to do proper spf checking. Remove some debug code.
Carl Byington <carl@five-ten-sg.com>
parents: 464
diff changeset
1236 // log(priv->queueid, "spf check %s", buf);
79e944269c0b SA needs original rfc5321 envelope from to do proper spf checking. Remove some debug code.
Carl Byington <carl@five-ten-sg.com>
parents: 464
diff changeset
1237 //}
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1238 if ((ipy <= ip) && (ip <= ipy + low)) {
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1239 if (s) *s = '/';
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1240 log(priv->queueid, "match ip4:%s", p);
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1241 return true;
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1242 }
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1243 }
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1244 }
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1245 }
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1246 else if (strncasecmp(p, "all", 3) == 0) {
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1247 // ignore it before looking for (a or a:) below
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1248 }
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1249 else if (strncasecmp(p, "exists:", 7) == 0) {
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1250 p += 7;
428
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1251 char buf[maxdnslength];
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1252 dns_interface(*priv, p, ns_t_a, false, NULL, buf, maxdnslength);
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1253 uint32_t *a = (uint32_t *)buf;
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1254 if (a[0]) {
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1255 log(priv->queueid, "match exists:%s", p);
388
2354a1944e49 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 384
diff changeset
1256 return true;
382
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 381
diff changeset
1257 }
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 381
diff changeset
1258 }
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1259 else if (strncasecmp(p, "mx", 2) == 0) {
449
d4275f26241c fix spf mx:domain.tld token parsing
Carl Byington <carl@five-ten-sg.com>
parents: 445
diff changeset
1260 const char *name = (p[2] == ':') ? p+3 : from;
428
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1261 char buf[maxdnslength];
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1262 dns_interface(*priv, name, ns_t_mx, false, NULL, buf, maxdnslength);
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1263 char *b = buf;
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1264 while (*b) {
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1265 log(priv->queueid, "found mx %s", b);
428
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1266 char buf[maxdnslength];
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1267 dns_interface(*priv, b, ns_t_a, false, NULL, buf, maxdnslength);
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1268 uint32_t *a = (uint32_t *)buf;
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1269 size_t c = a[0];
415
16451edcb962 spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 414
diff changeset
1270 for (size_t i=1; i<=c; i++) {
416
7431e948b5c3 spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 415
diff changeset
1271 uint32_t ipy = ntohl(a[i]);
419
91f2a127ec69 spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 417
diff changeset
1272 char adr[sizeof "255.255.255.255 "]; //!!
91f2a127ec69 spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 417
diff changeset
1273 adr[0] = '\0'; //!!
91f2a127ec69 spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 417
diff changeset
1274 inet_ntop(AF_INET, (const u_char *)&(a[i]), adr, sizeof(adr)); //!!
91f2a127ec69 spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 417
diff changeset
1275 log(priv->queueid, "found mx a %s", adr); //!!
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1276 if (ipy == ip) {
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1277 log(priv->queueid, "match mx:%s", name);
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1278 return true;
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1279 }
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1280 }
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1281 b += strlen(b) + 1;
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1282 }
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1283 }
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1284 else if (p[0] == 'a') {
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1285 const char *name = (p[1] == ':') ? p+2 : from;
428
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1286 char buf[maxdnslength];
6f2db3d19a34 allow 4000 byte spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 423
diff changeset
1287 dns_interface(*priv, name, ns_t_a, false, NULL, buf, maxdnslength);
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1288 uint32_t *a = (uint32_t *)buf;
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1289 size_t c = a[0];
415
16451edcb962 spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 414
diff changeset
1290 for (size_t i=1; i<=c; i++) {
416
7431e948b5c3 spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 415
diff changeset
1291 uint32_t ipy = ntohl(a[i]);
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1292 if (ipy == ip) {
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1293 log(priv->queueid, "match a:%s", name);
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1294 return true;
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1295 }
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1296 }
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1297 }
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1298 else if (priv->client_dns_name && (!priv->client_dns_forged) && (strncasecmp(p, "ptr", 3) == 0)) {
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1299 const char *name = (p[3] == ':') ? p+4 : from;
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1300 size_t n = strlen(name);
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1301 size_t d = strlen(priv->client_dns_name);
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1302 if (d >= n) {
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1303 if ((strncasecmp(priv->client_dns_name+d-n, name, n) == 0) && // trailing part matches
414
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1304 ((d == n) || (priv->client_dns_name[d-n-1] == '.'))) { // same length, or dot just before match
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1305 log(priv->queueid, "match ptr:%s", priv->client_dns_name);
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1306 return true;
d5a1ed33d3ae spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
Carl Byington <carl@five-ten-sg.com>
parents: 412
diff changeset
1307 }
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1308 }
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1309 }
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1310 else if ((level < 5) && (strncasecmp(p, "redirect=", 9) == 0)) {
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1311 p += 9;
462
f3f1ece619ba change dkim_from syntax to allow "signer1,signer2;spf data"
Carl Byington <carl@five-ten-sg.com>
parents: 460
diff changeset
1312 if (resolve_one_spf(p, ip, priv, NULL, level+1)) return true;
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1313 }
467
f5b394bec28c allow checking names without A records on uribl lists; improve extraction of fake TLDs from our RPZ zone
Carl Byington <carl@five-ten-sg.com>
parents: 465
diff changeset
1314 else if ((level < 5) && (strncasecmp(p, "include:", 8) == 0)) {
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1315 p += 8;
462
f3f1ece619ba change dkim_from syntax to allow "signer1,signer2;spf data"
Carl Byington <carl@five-ten-sg.com>
parents: 460
diff changeset
1316 if (resolve_one_spf(p, ip, priv, NULL, level+1)) return true;
400
b48ee4bc431b handle a and a: elements in spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 398
diff changeset
1317 }
b48ee4bc431b handle a and a: elements in spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 398
diff changeset
1318 }
412
e63c6b4835ef refactor spf code; allow wildcard *.example.com in dkim signing restrictions
Carl Byington <carl@five-ten-sg.com>
parents: 407
diff changeset
1319 p = (b) ? b+1 : e;
382
c378e9d03f37 start parsing spf txt records
Carl Byington <carl@five-ten-sg.com>
parents: 381
diff changeset
1320 }
381
879a470c6ac3 fetch spf txt records for required dkim signers
Carl Byington <carl@five-ten-sg.com>
parents: 368
diff changeset
1321 }
879a470c6ac3 fetch spf txt records for required dkim signers
Carl Byington <carl@five-ten-sg.com>
parents: 368
diff changeset
1322 return false;
879a470c6ac3 fetch spf txt records for required dkim signers
Carl Byington <carl@five-ten-sg.com>
parents: 368
diff changeset
1323 }
879a470c6ac3 fetch spf txt records for required dkim signers
Carl Byington <carl@five-ten-sg.com>
parents: 368
diff changeset
1324
879a470c6ac3 fetch spf txt records for required dkim signers
Carl Byington <carl@five-ten-sg.com>
parents: 368
diff changeset
1325
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1326 const char *CONTEXT::acceptable_content(bool local_source, recorder &memory, int score, int bulk, const char *queueid, string_set &signers, const char *from, mlfiPriv *priv, string& msg) {
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1327 if (!local_source) {
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1328 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) {
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1329 const char *st = find_dkim_signer(*s);
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1330 // signed by a white listed signer
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1331 if (st == token_white) {
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1332 log(queueid, "whitelisted dkim signer %s", *s);
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1333 return token_white;
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1334 }
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1335 }
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1336
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1337 DKIMP dk = find_dkim_from(from);
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1338 if (dk) {
455
48cfa55cd73b add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 453
diff changeset
1339 char buf[maxlen];
48cfa55cd73b add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 453
diff changeset
1340 snprintf(buf, sizeof(buf), "context %s found dkim from %s action %s", name, from, dk->action);
48cfa55cd73b add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 453
diff changeset
1341 my_syslog(queueid, buf);
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1342 const char *st = dk->action;
451
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1343 bool dmarc = false;
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1344 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) {
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1345 // signed by a white listed signer
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1346 if ((st == token_signed_white) && in_signing_set(*s,dk->signer)) {
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1347 log(queueid, "whitelisted dkim signer %s", *s);
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1348 return token_white;
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1349 }
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1350 // signed by a required signer
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1351 if ((st == token_require_signed) && in_signing_set(*s,dk->signer)) {
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1352 log(queueid, "required dkim signer %s", *s);
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1353 return token_white;
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1354 }
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1355 // signed by a black listed signer
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1356 if ((st == token_signed_black) && in_signing_set(*s,dk->signer)) {
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1357 char buf[maxlen];
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1358 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", *s);
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1359 msg = string(buf);
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1360 return token_black;
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1361 }
451
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1362 if ((st == token_unsigned_black) && in_signing_set(*s,dk->signer)) {
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1363 dmarc = true;
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1364 }
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1365 }
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1366 if (st == token_unsigned_black) {
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1367 // enforce dmarc
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1368 if (!dmarc) {
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1369 dmarc = resolve_spf(from, ntohl(priv->ip), priv, dk->extraspf);
451
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1370 }
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1371 if (!dmarc) {
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1372 // not signed and does not pass spf, reject it
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1373 char buf[maxlen];
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1374 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer);
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1375 msg = string(buf);
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1376 return token_black;
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
1377 }
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1378 }
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1379 if (st == token_signed_white) {
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1380 // not signed by a white listed signer, but maybe passes strong spf check
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1381 if (resolve_spf(from, ntohl(priv->ip), priv, dk->extraspf)) {
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1382 log(queueid, "spf pass for %s rather than whitelisted dkim signer", from);
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1383 return token_white;
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1384 }
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1385 }
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1386 if (st == token_require_signed) {
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1387 // not signed by a required signer, but maybe passes strong spf check
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1388 // only check spf if the list of required signers is not a single dot.
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1389 if (strcmp(dk->signer, ".") && resolve_spf(from, ntohl(priv->ip), priv, dk->extraspf)) {
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1390 log(queueid, "spf pass for %s rather than required dkim signer", from);
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1391 return token_white;
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1392 }
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1393 // todo - we could also check spf for the rfc5321 envelope from domain,
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1394 // if it is dmarc aligned (relaxed) with the rfc5322 header from domain.
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1395 char buf[maxlen];
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1396 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer);
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1397 msg = string(buf);
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1398 return token_black;
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1399 }
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1400 }
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1401
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1402 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) {
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1403 const char *st = find_dkim_signer(*s);
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1404 // signed by a black listed signer
436
7b072e16bd69 fix syslog for long messages, supress dkim checks for mail from localhost
Carl Byington <carl@five-ten-sg.com>
parents: 430
diff changeset
1405 if (st == token_black) {
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1406 char buf[maxlen];
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1407 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", *s);
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1408 msg = string(buf);
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1409 return token_black;
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1410 }
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1411 }
326
5e4b5540c8cc allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents: 324
diff changeset
1412 }
5e4b5540c8cc allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents: 324
diff changeset
1413
445
78eedbbce636 round spamassassin scores; check >= rather than >
Carl Byington <carl@five-ten-sg.com>
parents: 438
diff changeset
1414 if (spamassassin_limit && (score >= spamassassin_limit)) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1415 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1416 snprintf(buf, sizeof(buf), "Mail rejected - spam assassin score %d", score);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1417 msg = string(buf);
331
9800776436b9 allow dkim whitelisting to override uribl hosts in the mail body
Carl Byington <carl@five-ten-sg.com>
parents: 330
diff changeset
1418 return token_black;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1419 }
203
92a5c866bdfa Verify from/to pairs even if they might be explicitly whitelisted.
Carl Byington <carl@five-ten-sg.com>
parents: 195
diff changeset
1420 if (dcc_bulk_threshold && (bulk >= dcc_bulk_threshold)) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1421 char buf[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1422 snprintf(buf, sizeof(buf), "Mail rejected - dcc score %d", bulk);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1423 msg = string(buf);
331
9800776436b9 allow dkim whitelisting to override uribl hosts in the mail body
Carl Byington <carl@five-ten-sg.com>
parents: 330
diff changeset
1424 return token_black;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1425 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1426 if (memory.excessive_bad_tags(tag_limit)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1427 msg = string(tag_limit_message);
331
9800776436b9 allow dkim whitelisting to override uribl hosts in the mail body
Carl Byington <carl@five-ten-sg.com>
parents: 330
diff changeset
1428 return token_black;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1429 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1430 if (!host_random && memory.excessive_hosts(host_limit)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1431 msg = string(host_limit_message);
331
9800776436b9 allow dkim whitelisting to override uribl hosts in the mail body
Carl Byington <carl@five-ten-sg.com>
parents: 330
diff changeset
1432 return token_black;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1433 }
331
9800776436b9 allow dkim whitelisting to override uribl hosts in the mail body
Carl Byington <carl@five-ten-sg.com>
parents: 330
diff changeset
1434 return token_unknown;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1435 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1436
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1437
167
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it.
carl
parents: 164
diff changeset
1438 void CONTEXT::dump(bool isdefault, bool &spamass, int level) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1439 char indent[maxlen];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1440 int i = min(maxlen-1, level*4);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1441 memset(indent, ' ', i);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1442 indent[i] = '\0';
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1443 char buf[maxlen];
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1444 const char *fullname = get_full_name(buf,maxlen);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1445 printf("%s context %s { \t// %s\n", indent, name, fullname);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1446
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1447 for (dnsblp_map::iterator i=dnsbl_names.begin(); i!=dnsbl_names.end(); i++) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1448 const char *n = (*i).first;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1449 DNSBL &d = *(*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1450 printf("%s dnsbl %s %s \"%s\"; \n", indent, n, d.suffix, d.message);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1451 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1452
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1453 for (dnswlp_map::iterator i=dnswl_names.begin(); i!=dnswl_names.end(); i++) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1454 const char *n = (*i).first;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1455 DNSWL &d = *(*i).second;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1456 printf("%s dnswl %s %s %d; \n", indent, n, d.suffix, d.level);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1457 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1458
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1459 {
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
1460 dnsblp_list dl = get_dnsbl_list();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1461 printf("%s dnsbl_list", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1462 for (dnsblp_list::iterator i=dl.begin(); i!=dl.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1463 DNSBL &d = *(*i);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1464 printf(" %s", d.name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1465 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1466 printf("; \n");
268
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1467 printf("%s require_rdns %s; \n", indent, (require_rdns) ? "yes" : "no");
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
1468 }
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1469
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1470 {
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
1471 dnswlp_list dl = get_dnswl_list();
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1472 printf("%s dnswl_list", indent);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1473 for (dnswlp_list::iterator i=dl.begin(); i!=dl.end(); i++) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1474 DNSWL &d = *(*i);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1475 printf(" %s", d.name);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1476 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1477 printf("; \n");
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
1478 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1479
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1480 if (content_filtering) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1481 printf("%s content on { \n", indent);
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1482 printf("%s dkim_signer { \n", indent);
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1483 for (string_map::iterator i=dkim_signer_names.begin(); i!=dkim_signer_names.end(); i++) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1484 const char *n = (*i).first;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1485 const char *a = (*i).second;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1486 printf("%s %s %s; \n", indent, n, a);
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1487 }
329
c9932c4d8053 allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents: 326
diff changeset
1488 printf("%s }; \n", indent);
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1489 printf("%s dkim_from { \n", indent);
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1490 for (dkimp_map::iterator i=dkim_from_names.begin(); i!=dkim_from_names.end(); i++) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1491 const char *n = (*i).first;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1492 DKIM &d = *(*i).second;
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1493 if (d.extraspf) {
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1494 printf("%s %s %s \"%s;%s\"; \n", indent, n, d.action, d.signer, d.extraspf);
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1495 }
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1496 else {
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1497 printf("%s %s %s \"%s\"; \n", indent, n, d.action, d.signer);
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1498 }
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1499 }
329
c9932c4d8053 allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents: 326
diff changeset
1500 printf("%s }; \n", indent);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1501 if (content_suffix) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1502 printf("%s filter %s \"%s\"; \n", indent, content_suffix, content_message);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1503 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1504 if (uribl_suffix) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1505 printf("%s uribl %s \"%s\"; \n", indent, uribl_suffix, uribl_message);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1506 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1507 if (!content_host_ignore.empty()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1508 printf("%s ignore { \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1509 for (string_set::iterator i=content_host_ignore.begin(); i!=content_host_ignore.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1510 printf("%s %s; \n", indent, *i);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1511 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1512 printf("%s }; \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1513 }
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1514 if (!content_tlds.empty() || !content_tldwilds.empty() || !content_tldnots.empty()) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1515 printf("%s tld { \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1516 printf("%s ", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1517 for (string_set::iterator i=content_tlds.begin(); i!=content_tlds.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1518 printf("%s; ", *i);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1519 }
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1520 for (string_set::iterator i=content_tldwilds.begin(); i!=content_tldwilds.end(); i++) {
274
bdcf203e3f7b fix -c printing config
Carl Byington <carl@five-ten-sg.com>
parents: 272
diff changeset
1521 printf("*.%s; ", *i);
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1522 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1523 for (string_set::iterator i=content_tldnots.begin(); i!=content_tldnots.end(); i++) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1524 printf("!%s; ", *i);
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1525 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1526 printf("\n%s }; \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1527 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1528 if (!html_tags.empty()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1529 printf("%s html_tags { \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1530 printf("%s ", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1531 for (string_set::iterator i=html_tags.begin(); i!=html_tags.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1532 printf("%s; ", *i);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1533 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1534 printf("\n%s }; \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1535 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1536 if (host_limit_message) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1537 printf("%s host_limit on %d \"%s\"; \n", indent, host_limit, host_limit_message);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1538 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1539 else if (host_random) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1540 printf("%s host_limit soft %d; \n", indent, host_limit);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1541 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1542 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1543 printf("%s host_limit off; \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1544 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1545 if (tag_limit_message) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1546 printf("%s html_limit on %d \"%s\"; \n", indent, tag_limit, tag_limit_message);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1547 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1548 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1549 printf("%s html_limit off; \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1550 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1551 printf("%s spamassassin %d; \n", indent, spamassassin_limit);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1552 printf("%s require_match %s; \n", indent, (require_match) ? "yes" : "no");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1553 printf("%s dcc_greylist %s; \n", indent, (dcc_greylist) ? "yes" : "no");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1554 if (dcc_bulk_threshold == 0) printf("%s dcc_bulk_threshold off; \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1555 else if (dcc_bulk_threshold >= dccbulk) printf("%s dcc_bulk_threshold many; \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1556 else printf("%s dcc_bulk_threshold %d; \n", indent, dcc_bulk_threshold);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1557 printf("%s }; \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1558 spamass |= (spamassassin_limit != 0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1559 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1560 else {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1561 printf("%s content off {}; \n", indent);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1562 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1563
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1564 printf("%s env_to { \t// %s\n", indent, fullname);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1565 for (string_set::iterator i=env_to.begin(); i!=env_to.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1566 printf("%s %s; \n", indent, *i);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1567 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1568 printf("%s }; \n", indent);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1569
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1570 if (verify_host) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1571 printf("%s verify %s; \n", indent, verify_host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1572 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1573
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1574 if (generic_regx) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1575 printf("%s generic \"%s\" \n", indent, generic_regx);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1576 printf("%s \"%s\"; \n", indent, generic_message);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1577 }
168
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
1578
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
1579 if (white_regx) {
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
1580 printf("%s white_regex \"%s\"; \n", indent, white_regx);
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
1581 }
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
1582
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1583 if (autowhite_file && whitelister) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1584 printf("%s autowhite %d %s; \n", indent, whitelister->get_days(), autowhite_file);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1585 }
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
1586
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1587 for (context_map::iterator i=children.begin(); i!=children.end(); i++) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1588 CONTEXTP c = (*i).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1589 c->dump(false, spamass, level+1);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1590 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1591
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1592 printf("%s env_from %s { \t// %s\n", indent, env_from_default, fullname);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1593 if (!env_from.empty()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1594 printf("%s // white/black/unknown \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1595 for (string_map::iterator i=env_from.begin(); i!=env_from.end(); i++) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1596 const char *f = (*i).first;
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1597 const char *t = (*i).second;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1598 printf("%s %s \t%s; \n", indent, f, t);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1599 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1600 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1601 if (!env_from_context.empty()) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1602 printf("%s // child contexts \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1603 for (context_map::iterator j=env_from_context.begin(); j!=env_from_context.end(); j++) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1604 const char *f = (*j).first;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1605 CONTEXTP t = (*j).second;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1606 printf("%s %s \t%s; \n", indent, f, t->name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1607 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1608 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1609 printf("%s }; \n", indent);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1610
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1611 if (isdefault) {
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
1612 printf("%s rate_limit %d %d %d %d { \n", indent, default_rate_limit, daily_rate_multiple, default_address_limit, daily_address_multiple);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
1613 for (rates::iterator j=rcpt_per_hour.begin(); j!=rcpt_per_hour.end(); j++) {
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
1614 const char *u = (*j).first;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
1615 int l = (*j).second;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
1616 rates::iterator k = addresses_per_hour.find(u);
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
1617 int a = (k==addresses_per_hour.end()) ? default_address_limit : (*k).second;
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
1618 printf("%s \"%s\" \t%d %d; \n", indent, u, l, a);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1619 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1620 printf("%s }; \n", indent);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1621 }
136
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
1622
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1623 printf("%s }; \n", indent);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1624 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1625
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1626
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1627 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1628 // helper to discard the strings held by a string_set
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1629 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1630 void discard(string_set &s) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1631 for (string_set::iterator i=s.begin(); i!=s.end(); i++) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1632 free((void*)*i);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1633 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1634 s.clear();
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1635 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1636
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1637
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1638 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1639 // helper to register a string in a string set
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1640 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1641 const char* register_string(string_set &s, const char *name) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1642 string_set::iterator i = s.find(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1643 if (i != s.end()) return *i;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1644 char *x = strdup(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1645 s.insert(x);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1646 return x;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1647 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1648
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1649
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1650 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1651 // register a global string
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1652 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1653 const char* register_string(const char *name) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1654 return register_string(all_strings, name);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1655 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1656
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1657
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1658 ////////////////////////////////////////////////
164
5809bcdc325b spamassassin changes
carl
parents: 163
diff changeset
1659 // clear all global strings, helper for valgrind checking
5809bcdc325b spamassassin changes
carl
parents: 163
diff changeset
1660 //
5809bcdc325b spamassassin changes
carl
parents: 163
diff changeset
1661 void clear_strings() {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1662 discard(all_strings);
164
5809bcdc325b spamassassin changes
carl
parents: 163
diff changeset
1663 }
5809bcdc325b spamassassin changes
carl
parents: 163
diff changeset
1664
5809bcdc325b spamassassin changes
carl
parents: 163
diff changeset
1665
5809bcdc325b spamassassin changes
carl
parents: 163
diff changeset
1666 ////////////////////////////////////////////////
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1667 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1668 bool tsa(TOKEN &tok, const char *token);
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1669 bool tsa(TOKEN &tok, const char *token) {
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1670 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1671 if (have == token) return true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1672 tok.token_error(token, have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1673 return false;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1674 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1675
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1676
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1677 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1678 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1679 bool parse_dnsbl(TOKEN &tok, CONFIG &dc, CONTEXT &me);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1680 bool parse_dnsbl(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1681 const char *name = tok.next();
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1682 const char *suf = tok.next();
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1683 const char *msg = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1684 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1685 DNSBLP dnsnew = new DNSBL(name, suf, msg);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1686 DNSBLP dnsold = me.find_dnsbl(name);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1687 if (dnsold && (*dnsold == *dnsnew)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1688 // duplicate redefinition, ignore it
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1689 delete dnsnew;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1690 return true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1691 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1692 me.add_dnsbl(name, dnsnew);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1693 return true;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1694 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1695
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1696
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1697 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1698 //
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1699 bool parse_dnswl(TOKEN &tok, CONFIG &dc, CONTEXT &me);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1700 bool parse_dnswl(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1701 const char *name = tok.next();
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1702 const char *suf = tok.next();
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1703 const int lev = tok.nextint();
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1704 if (!tsa(tok, token_semi)) return false;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1705 DNSWLP dnsnew = new DNSWL(name, suf, lev);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1706 DNSWLP dnsold = me.find_dnswl(name);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1707 if (dnsold && (*dnsold == *dnsnew)) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1708 // duplicate redefinition, ignore it
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1709 delete dnsnew;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1710 return true;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1711 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1712 me.add_dnswl(name, dnsnew);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1713 return true;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1714 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1715
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1716
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1717 ////////////////////////////////////////////////
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1718 //
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1719 bool parse_dnsbll(TOKEN &tok, CONFIG &dc, CONTEXT &me);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1720 bool parse_dnsbll(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1721 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1722 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1723 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1724 if (have == token_semi) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1725 DNSBLP dns = me.find_dnsbl(have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1726 if (dns) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1727 me.add_dnsbl(dns);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1728 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1729 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1730 tok.token_error("dnsbl name", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1731 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1732 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1733 }
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
1734 me.set_dnsbll_parsed();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1735 return true;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1736 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1737
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1738
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1739 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1740 //
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1741 bool parse_dnswll(TOKEN &tok, CONFIG &dc, CONTEXT &me);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1742 bool parse_dnswll(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1743 while (true) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1744 const char *have = tok.next();
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1745 if (!have) break;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1746 if (have == token_semi) break;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1747 DNSWLP dns = me.find_dnswl(have);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1748 if (dns) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1749 me.add_dnswl(dns);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1750 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1751 else {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1752 tok.token_error("dnswl name", have);
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1753 return false;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1754 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1755 }
255
d6d5c50b9278 Allow dnswl_list and dnsbl_list to be empty, to override lists specified in the ancestor contexts. Add daily recipient limits as a multiple of the hourly limits.
Carl Byington <carl@five-ten-sg.com>
parents: 249
diff changeset
1756 me.set_dnswll_parsed();
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1757 return true;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1758 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1759
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1760
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1761 ////////////////////////////////////////////////
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
1762 //
268
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1763 bool parse_requirerdns(TOKEN &tok, CONFIG &dc, CONTEXT &me);
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1764 bool parse_requirerdns(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1765 const char *have = tok.next();
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1766 if (have == token_yes) me.set_requirerdns(true);
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1767 else if (have == token_no) me.set_requirerdns(false);
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1768 else {
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1769 tok.token_error("yes/no", have);
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1770 return false;
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1771 }
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1772 if (!tsa(tok, token_semi)) return false;
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1773 return true;
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1774 }
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1775
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1776
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1777 ////////////////////////////////////////////////
f941563c2a95 Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents: 266
diff changeset
1778 //
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1779 bool parse_dkim_signer(TOKEN &tok, CONFIG &dc, CONTEXT &me);
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1780 bool parse_dkim_signer(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1781 if (!tsa(tok, token_lbrace)) return false;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1782 while (true) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1783 const char *have = tok.next();
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1784 if (!have) break;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1785 if (have == token_rbrace) break;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1786 if (have == token_semi) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1787 // optional separators
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1788 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1789 else {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1790 const char *signer = have;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1791 const char *action = tok.next();
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1792 if ((action == token_white) || (action == token_black) || (action == token_unknown)) {
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1793 me.add_dkim_signer(signer, action);
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1794 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1795 else {
360
17f21fcd44a8 allow quoted comma separated multiple signers in the dkim_from config entries
Carl Byington <carl@five-ten-sg.com>
parents: 332
diff changeset
1796 tok.token_error("white/black/unknown", action);
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1797 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1798 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1799 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1800 return tsa(tok, token_semi);
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1801 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1802
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1803
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1804 ////////////////////////////////////////////////
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1805 //
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1806 bool parse_dkim_from(TOKEN &tok, CONFIG &dc, CONTEXT &me);
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1807 bool parse_dkim_from(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1808 if (!tsa(tok, token_lbrace)) return false;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1809 while (true) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1810 const char *have = tok.next();
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1811 if (!have) break;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1812 if (have == token_rbrace) break;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1813 if (have == token_semi) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1814 // optional separators
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1815 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1816 else {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1817 const char *from = have;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1818 const char *action = tok.next();
453
8393ce4658cc add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 451
diff changeset
1819 if ((action == token_signed_white) || (action == token_signed_black) || (action == token_unsigned_black) || (action == token_require_signed)) {
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1820 const char *signer = tok.next();
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1821 if (!signer) break;
464
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1822 else {
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1823 const char *extraspf = NULL;
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1824 if (strchr(signer, ';')) {
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1825 char *x = strdup(signer);
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1826 char *e = strchr(x, ';');
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1827 *e = '\0';
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1828 signer = register_string(x);
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1829 extraspf = register_string(e+1);
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1830 free(x);
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1831 }
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1832 me.add_dkim_from(from, action, signer, extraspf);
428de28b34b7 cleanup code for adding extra spf data in dkim_from
Carl Byington <carl@five-ten-sg.com>
parents: 462
diff changeset
1833 }
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1834 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1835 else {
453
8393ce4658cc add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 451
diff changeset
1836 tok.token_error("signed_white/signed_black/unsigned_black/require_signed", action);
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1837 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1838 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1839 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1840 return tsa(tok, token_semi);
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1841 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1842
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1843
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1844 ////////////////////////////////////////////////
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
1845 //
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1846 bool parse_content(TOKEN &tok, CONFIG &dc, CONTEXT &me);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
1847 bool parse_content(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1848 const char *setting = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1849 if (setting == token_on) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1850 me.set_content_filtering(true);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1851 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1852 else if (setting == token_off) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1853 me.set_content_filtering(false);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1854 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1855 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1856 tok.token_error("on/off", setting);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1857 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1858 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1859 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1860 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1861 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1862 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1863 if (have == token_filter) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1864 const char *suffix = tok.next();
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1865 const char *messag = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1866 me.set_content_suffix(suffix);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1867 me.set_content_message(messag);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1868 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1869 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1870 else if (have == token_uribl) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1871 const char *suffix = tok.next();
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1872 const char *messag = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1873 me.set_uribl_suffix(suffix);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1874 me.set_uribl_message(messag);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1875 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1876 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1877 else if (have == token_ignore) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1878 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1879 while (true) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1880 if (!have) break;
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1881 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1882 if (have == token_rbrace) break; // done
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1883 me.add_ignore(have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1884 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1885 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1886 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1887 else if (have == token_tld) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1888 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1889 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1890 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1891 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1892 if (have == token_rbrace) break; // done
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1893 if (have == token_bang) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1894 have = tok.next();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1895 if (!have) break;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1896 if (have == token_rbrace) break; // done
272
a99b6c1f5f67 Code cleanup, increase minimum hostname length for uribl checking
Carl Byington <carl@five-ten-sg.com>
parents: 270
diff changeset
1897 me.add_tldnot(have);
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1898 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1899 else if (have == token_asterisk) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1900 have = tok.next();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1901 if (!have) break;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1902 if (have == token_rbrace) break; // done
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1903 if (have == token_period) {
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1904 have = tok.next();
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1905 if (!have) break;
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1906 if (have == token_rbrace) break; // done
272
a99b6c1f5f67 Code cleanup, increase minimum hostname length for uribl checking
Carl Byington <carl@five-ten-sg.com>
parents: 270
diff changeset
1907 me.add_tldwild(have);
270
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1908 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1909 }
f92f24950bd3 Use mozilla prefix list for tld checking, Enable surbl/uribl/dbl rhs lists
Carl Byington <carl@five-ten-sg.com>
parents: 268
diff changeset
1910 else me.add_tld(have);
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1911 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1912 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1913 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1914 else if (have == token_html_tags) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1915 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1916 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
1917 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1918 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1919 if (have == token_rbrace) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1920 break; // done
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1921 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1922 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1923 me.add_tag(have); // base version
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1924 char buf[200];
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1925 snprintf(buf, sizeof(buf), "/%s", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1926 me.add_tag(register_string(buf)); // leading /
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1927 snprintf(buf, sizeof(buf), "%s/", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1928 me.add_tag(register_string(buf)); // trailing /
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1929 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1930 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1931 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1932 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1933 else if (have == token_html_limit) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1934 have = tok.next();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1935 if (have == token_on) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1936 me.set_tag_limit(tok.nextint());
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1937 me.set_tag_message(tok.next());
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1938 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1939 else if (have == token_off) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1940 me.set_tag_limit(0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1941 me.set_tag_message(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1942 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1943 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1944 tok.token_error("on/off", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1945 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1946 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1947 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1948 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1949 else if (have == token_host_limit) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1950 have = tok.next();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1951 if (have == token_on) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1952 me.set_host_limit(tok.nextint());
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1953 me.set_host_message(tok.next());
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1954 me.set_host_random(false);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1955 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1956 else if (have == token_off) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1957 me.set_host_limit(0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1958 me.set_host_message(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1959 me.set_host_random(false);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1960 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1961 else if (have == token_soft) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1962 me.set_host_limit(tok.nextint());
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1963 me.set_host_message(NULL);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1964 me.set_host_random(true);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1965 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1966 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1967 tok.token_error("on/off/soft", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1968 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1969 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1970 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1971 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1972 else if (have == token_spamassassin) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1973 me.set_spamassassin_limit(tok.nextint());
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1974 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1975 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1976 else if (have == token_require) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1977 have = tok.next();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1978 if (have == token_yes) me.set_require(true);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1979 else if (have == token_no) me.set_require(false);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1980 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1981 tok.token_error("yes/no", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1982 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1983 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1984 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1985 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1986 else if (have == token_dccgrey) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1987 have = tok.next();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1988 if (have == token_yes) me.set_grey(true);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1989 else if (have == token_no) me.set_grey(false);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1990 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1991 tok.token_error("yes/no", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1992 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1993 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1994 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1995 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1996 else if (have == token_dccbulk) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1997 have = tok.next();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1998 if (have == token_off) me.set_bulk(0);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
1999 else if (have == token_many) me.set_bulk(dccbulk);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2000 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2001 char *e;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2002 long i = strtol(have, &e, 10);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2003 if (*e != '\0') {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2004 tok.token_error("integer", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2005 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2006 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2007 me.set_bulk((int)i);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2008 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2009 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2010 }
322
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
2011 else if (have == token_dkim_signer) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
2012 if (!parse_dkim_signer(tok, dc, me)) return false;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
2013 }
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
2014 else if (have == token_dkim_from) {
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
2015 if (!parse_dkim_from(tok, dc, me)) return false;
9f8411f3919c add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 321
diff changeset
2016 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2017 else if (have == token_rbrace) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2018 break; // done
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2019 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2020 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2021 tok.token_error("content keyword", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2022 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2023 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2024 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2025 return tsa(tok, token_semi);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2026 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2027
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2028
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2029 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2030 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2031 bool parse_envto(TOKEN &tok, CONFIG &dc, CONTEXT &me);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2032 bool parse_envto(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2033 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2034 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2035 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2036 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2037 if (have == token_rbrace) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2038 if (have == token_semi) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2039 // optional separators
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2040 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2041 else if (have == token_dccto) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2042 const char *flavor = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2043 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2044 bool keeping = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2045 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2046 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2047 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2048 if (have == token_rbrace) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2049 if (have == flavor) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2050 keeping = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2051 continue;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2052 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2053 else if ((have == token_ok) || (have == token_ok2) || (have == token_many)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2054 keeping = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2055 continue;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2056 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2057 if (have == token_envto) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2058 have = tok.next();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2059 if (keeping) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2060 if (me.allow_env_to(have)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2061 me.add_to(have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2062 dc.add_to(have, &me);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2063 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2064 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2065 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2066 //else if (have == token_substitute) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2067 // if (tok.next() == token_mailhost) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2068 // have = tok.next();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2069 // if (keeping) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2070 // if (me.allow_env_to(have)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2071 // me.add_to(have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2072 // dc.add_to(have, &me);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2073 // }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2074 // }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2075 // }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2076 //}
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2077 tok.skipeol();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2078 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2079 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2080 else if (me.allow_env_to(have)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2081 me.add_to(have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2082 dc.add_to(have, &me);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2083 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2084 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2085 tok.token_error("user@ or user@domain.tld or domain.tld where domain.tld allowed by parent context", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2086 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2087 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2088 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2089 return tsa(tok, token_semi);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2090 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2091
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2092
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2093 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2094 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2095 bool parse_verify(TOKEN &tok, CONFIG &dc, CONTEXT &me);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2096 bool parse_verify(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2097 const char *host = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2098 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2099 me.set_verify(host);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2100 me.set_verifier(add_verify_host(host));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2101 return true;
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
2102 }
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
2103
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
2104
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
2105 ////////////////////////////////////////////////
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
2106 //
168
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
2107 bool parse_generic(TOKEN &tok, CONFIG &dc, CONTEXT &me);
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
2108 bool parse_generic(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2109 const char *regx = tok.next();
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2110 const char *msg = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2111 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2112 if (me.set_generic(regx, msg)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2113 tok.token_error("invalid regular expression %s", regx, regx);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2114 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2115 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2116 return true;
168
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
2117 }
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
2118
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
2119
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
2120 ////////////////////////////////////////////////
6bac960af6b4 add generic reverse dns filtering regex
carl
parents: 167
diff changeset
2121 //
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2122 bool parse_white(TOKEN &tok, CONFIG &dc, CONTEXT &me);
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2123 bool parse_white(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2124 const char *regx = tok.next();
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2125 if (!tsa(tok, token_semi)) return false;
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2126 if (me.set_white(regx)) {
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2127 tok.token_error("invalid regular expression %s", regx, regx);
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2128 return false;
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2129 }
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2130 return true;
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2131 }
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2132
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2133
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2134 ////////////////////////////////////////////////
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2135 //
153
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
2136 bool parse_autowhite(TOKEN &tok, CONFIG &dc, CONTEXT &me);
8d7c439bb6fa add auto whitelisting
carl
parents: 152
diff changeset
2137 bool parse_autowhite(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2138 int days = tok.nextint();
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2139 const char *fn = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2140 if (!tsa(tok, token_semi)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2141 me.set_autowhite(fn);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2142 me.set_whitelister(add_whitelister_file(fn, days));
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2143 return true;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2144 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2145
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2146
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2147 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2148 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2149 bool parse_envfrom(TOKEN &tok, CONFIG &dc, CONTEXT &me);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2150 bool parse_envfrom(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2151 const char *st = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2152 if ((st == token_black) || (st == token_white) || (st == token_unknown) || (st == token_inherit)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2153 me.set_from_default(st);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2154 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2155 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2156 tok.push(st);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2157 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2158 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2159 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2160 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2161 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2162 if (have == token_rbrace) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2163 if (have == token_semi) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2164 // optional separators
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2165 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2166 else if (have == token_dccfrom) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2167 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2168 bool keeping = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2169 bool many = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2170 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2171 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2172 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2173 if (have == token_rbrace) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2174 if (have == token_ok) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2175 keeping = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2176 many = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2177 continue;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2178 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2179 else if (have == token_many) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2180 keeping = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2181 many = true;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2182 continue;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2183 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2184 else if (have == token_ok2) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2185 keeping = false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2186 continue;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2187 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2188 if (have == token_envfrom) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2189 have = tok.next();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2190 if (keeping) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2191 me.add_from(have, (many) ? token_black : token_white);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2192 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2193 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2194 else if (have == token_substitute) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2195 if (tok.next() == token_mailhost) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2196 have = tok.next();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2197 me.add_from(have, (many) ? token_black : token_white);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2198 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2199 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2200 tok.skipeol();
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2201 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2202 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2203 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2204 // may be a valid email address or domain name
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2205 const char *st = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2206 if ((st == token_white) || (st == token_black) || (st == token_unknown) || (st == token_inherit)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2207 me.add_from(have, st);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2208 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2209 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2210 CONTEXTP con = me.find_from_context_name(st);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2211 if (con) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2212 me.add_from_context(have, con);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2213 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2214 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2215 tok.token_error("white/black/unknown/inherit or child context name", st);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2216 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2217 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2218 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2219 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2220 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2221 return tsa(tok, token_semi);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2222 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2223
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2224
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2225 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2226 //
136
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
2227 bool parse_rate(TOKEN &tok, CONFIG &dc, CONTEXT &me);
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
2228 bool parse_rate(TOKEN &tok, CONFIG &dc, CONTEXT &me) {
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
2229 me.set_default_rate_limit(tok.nextint());
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
2230 me.set_daily_rate_multiple(tok.nextint());
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
2231 me.set_default_address_limit(tok.nextint());
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
2232 me.set_daily_address_multiple(tok.nextint());
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2233 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2234 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2235 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2236 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2237 if (have == token_rbrace) break;
278
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
2238 me.add_rate_limit(have, tok.nextint());
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
2239 me.add_address_limit(have, tok.nextint());
368572c57013 add limits on unique ip addresses per hour per authenticated user
Carl Byington <carl@five-ten-sg.com>
parents: 274
diff changeset
2240 if (!tsa(tok, token_semi)) return false;
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2241 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2242 return tsa(tok, token_semi);
136
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
2243 }
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
2244
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
2245
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
2246 ////////////////////////////////////////////////
f4746d8a12a3 add smtp auth rate limits
carl
parents: 129
diff changeset
2247 //
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2248 bool parse_context(TOKEN &tok, CONFIG &dc, CONTEXTP parent);
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2249 bool parse_context(TOKEN &tok, CONFIG &dc, CONTEXTP parent) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2250 const char *name = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2251 if (!tsa(tok, token_lbrace)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2252 CONTEXTP con = new CONTEXT(parent, name);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2253
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2254 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2255 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2256 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2257 if (have == token_rbrace) break; // done
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2258 if (have == token_dnsbl) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2259 if (!parse_dnsbl(tok, dc, *con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2260 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2261 else if (have == token_dnsbll) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2262 if (!parse_dnsbll(tok, dc, *con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2263 }
249
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
2264 else if (have == token_dnswl) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
2265 if (!parse_dnswl(tok, dc, *con)) return false;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
2266 }
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
2267 else if (have == token_dnswll) {
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
2268 if (!parse_dnswll(tok, dc, *con)) return false;
15bf4f68a0b2 Add dnswl support
Carl Byington <carl@five-ten-sg.com>
parents: 244
diff changeset
2269 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2270 else if (have == token_content) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2271 if (!parse_content(tok, dc, *con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2272 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2273 else if (have == token_envto) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2274 if (!parse_envto(tok, dc, *con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2275 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2276 else if (have == token_verify) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2277 if (!parse_verify(tok, dc, *con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2278 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2279 else if (have == token_generic) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2280 if (!parse_generic(tok, dc, *con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2281 }
233
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2282 else if (have == token_white_regex) {
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2283 if (!parse_white(tok, dc, *con)) return false;
5c3e9bf45bb5 Add whitelisting by regex expression filtering.
Carl Byington <carl@five-ten-sg.com>
parents: 214
diff changeset
2284 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2285 else if (have == token_autowhite) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2286 if (!parse_autowhite(tok, dc, *con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2287 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2288 else if (have == token_envfrom) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2289 if (!parse_envfrom(tok, dc, *con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2290 }
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2291 else if (have == token_dkim_signer) {
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2292 if (!parse_dkim_signer(tok, dc, *con)) return false;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2293 }
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2294 else if (have == token_dkim_from) {
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2295 if (!parse_dkim_from(tok, dc, *con)) return false;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2296 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2297 else if (have == token_rate) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2298 if (parent || dc.default_context) tok.token_error("rate limit ignored in non default context");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2299 if (!parse_rate(tok, dc, *con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2300 }
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2301 else if (have == token_requirerdns) {
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2302 if (!parse_requirerdns(tok, dc, *con)) return false;
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2303 }
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2304 else if (have == token_context) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2305 if (!parse_context(tok, dc, con)) return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2306 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2307 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2308 tok.token_error("context keyword", have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2309 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2310 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2311 }
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2312
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2313 if (!tsa(tok, token_semi)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2314 delete con;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2315 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2316 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2317 dc.add_context(con);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2318 if (parent) parent->add_context(con);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2319 return true;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2320 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2321
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2322
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2323 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2324 // parse a config file
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2325 //
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2326 bool load_conf(CONFIG &dc, const char *fn) {
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2327 int count = 0;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2328 TOKEN tok(fn, &dc.config_files);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2329 while (true) {
214
82886d4dd71f Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents: 211
diff changeset
2330 const char *have = tok.next();
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2331 if (!have) break;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2332 if (have == token_context) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2333 if (!parse_context(tok, dc, NULL)) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2334 tok.token_error("load_conf() failed to parse context");
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2335 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2336 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2337 else count++;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2338 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2339 else {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2340 tok.token_error(token_context, have);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2341 return false;
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2342 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2343 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2344 tok.token_error("load_conf() found %d contexts in %s", count, fn);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2345 return (dc.default_context) ? true : false;
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2346 }
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2347
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2348
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2349 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2350 // init the tokens
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2351 //
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2352 void token_init() {
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2353 token_asterisk = register_string("*");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2354 token_autowhite = register_string("autowhite");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2355 token_bang = register_string("!");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2356 token_black = register_string("black");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2357 token_content = register_string("content");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2358 token_context = register_string("context");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2359 token_dccbulk = register_string("dcc_bulk_threshold");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2360 token_dccfrom = register_string("dcc_from");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2361 token_dccgrey = register_string("dcc_greylist");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2362 token_dccto = register_string("dcc_to");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2363 token_default = register_string("default");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2364 token_dnsbl = register_string("dnsbl");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2365 token_dnsbll = register_string("dnsbl_list");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2366 token_dnswl = register_string("dnswl");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2367 token_dnswll = register_string("dnswl_list");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2368 token_envfrom = register_string("env_from");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2369 token_envto = register_string("env_to");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2370 token_filter = register_string("filter");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2371 token_generic = register_string("generic");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2372 token_host_limit = register_string("host_limit");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2373 token_html_limit = register_string("html_limit");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2374 token_html_tags = register_string("html_tags");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2375 token_ignore = register_string("ignore");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2376 token_include = register_string("include");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2377 token_inherit = register_string("inherit");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2378 token_lbrace = register_string("{");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2379 token_mailhost = register_string("mail_host");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2380 token_many = register_string("many");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2381 token_no = register_string("no");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2382 token_off = register_string("off");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2383 token_ok = register_string("ok");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2384 token_ok2 = register_string("ok2");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2385 token_on = register_string("on");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2386 token_period = register_string(".");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2387 token_rate = register_string("rate_limit");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2388 token_rbrace = register_string("}");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2389 token_require = register_string("require_match");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2390 token_requirerdns = register_string("require_rdns");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2391 token_semi = register_string(";");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2392 token_soft = register_string("soft");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2393 token_spamassassin = register_string("spamassassin");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2394 token_substitute = register_string("substitute");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2395 token_tld = register_string("tld");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2396 token_unknown = register_string("unknown");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2397 token_uribl = register_string("uribl");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2398 token_verify = register_string("verify");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2399 token_white = register_string("white");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2400 token_white_regex = register_string("white_regex");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2401 token_yes = register_string("yes");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2402 token_dkim_signer = register_string("dkim_signer");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2403 token_dkim_from = register_string("dkim_from");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2404 token_signed_white = register_string("signed_white");
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2405 token_signed_black = register_string("signed_black");
451
f2bc221240e8 add unsigned_black for enforcement of dmarc policy
Carl Byington <carl@five-ten-sg.com>
parents: 449
diff changeset
2406 token_unsigned_black = register_string("unsigned_black");
321
e172dc10fe24 add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents: 320
diff changeset
2407 token_require_signed = register_string("require_signed");
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2408
192
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2409 if (gethostname(myhostname, HOST_NAME_MAX+1) != 0) {
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2410 strncpy(myhostname, "localhost", HOST_NAME_MAX+1);
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2411 }
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2412 myhostname[HOST_NAME_MAX] = '\0'; // ensure null termination
8f4a9a37d4d9 delay autowhitelisting to avoid out of office reply bots
carl
parents: 180
diff changeset
2413 token_myhostname = register_string(myhostname);
94
e107ade3b1c0 fix dos line terminators
carl
parents: 92
diff changeset
2414 }