Mercurial > dnsbl
comparison src/dnsbl.cpp @ 185:505283ab296c stable-6-0-12
smtp rejections take precendence over greylisting
| author | carl |
|---|---|
| date | Sat, 13 Oct 2007 17:42:30 -0700 |
| parents | 2b06183b9b25 |
| children | 2a80c9b5d2c9 |
comparison
equal
deleted
inserted
replaced
| 184:0e15a805d295 | 185:505283ab296c |
|---|---|
| 1181 int score = (priv.want_spamassassin) ? priv.assassin->mlfi_eom() : 0; | 1181 int score = (priv.want_spamassassin) ? priv.assassin->mlfi_eom() : 0; |
| 1182 bool grey = false; | 1182 bool grey = false; |
| 1183 int bulk = 0; | 1183 int bulk = 0; |
| 1184 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_eom(grey, bulk); | 1184 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_eom(grey, bulk); |
| 1185 | 1185 |
| 1186 if (priv.want_dccgrey && grey) { | 1186 char buf[maxlen]; |
| 1187 smfi_setreply(ctx, "452", "4.2.1", "temporary greylist embargoed"); | 1187 string msg; |
| 1188 rc = SMFIS_TEMPFAIL; | 1188 string_set alive; |
| 1189 } | 1189 bool random = false; |
| 1190 else { | 1190 int limit = 0; |
| 1191 char buf[maxlen]; | 1191 for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) { |
| 1192 string msg; | 1192 char *rcpt = (*i).first; |
| 1193 string_set alive; | 1193 CONTEXT &con = *((*i).second); |
| 1194 bool random = false; | 1194 if (!con.acceptable_content(*priv.memory, score, bulk, msg)) { |
| 1195 int limit = 0; | 1195 // bad html tags or excessive hosts or |
| 1196 for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) { | 1196 // high spam assassin score or dcc bulk threshold exceedeed |
| 1197 char *rcpt = (*i).first; | 1197 smfi_delrcpt(ctx, rcpt); |
| 1198 CONTEXT &con = *((*i).second); | 1198 } |
| 1199 if (!con.acceptable_content(*priv.memory, score, bulk, msg)) { | 1199 else { |
| 1200 // bad html tags or excessive hosts or | 1200 alive.insert(rcpt); |
| 1201 // high spam assassin score or dcc bulk threshold exceedeed | 1201 random |= con.get_host_random(); |
| 1202 smfi_delrcpt(ctx, rcpt); | 1202 limit = max(limit, con.get_host_limit()); |
| 1203 } | |
| 1204 } | |
| 1205 bool rejecting = alive.empty(); // if alive is empty, we must have set msg above in acceptable_content() | |
| 1206 if (!rejecting) { | |
| 1207 char *fmt, *found; | |
| 1208 if (check_hosts(priv, random, limit, fmt, host, ip, found)) { | |
| 1209 if (found) { | |
| 1210 // uribl style | |
| 1211 snprintf(buf, sizeof(buf), fmt, host, found); | |
| 1203 } | 1212 } |
| 1204 else { | 1213 else { |
| 1205 alive.insert(rcpt); | 1214 // dnsbl style |
| 1206 random |= con.get_host_random(); | 1215 char adr[sizeof "255.255.255.255 "]; |
| 1207 limit = max(limit, con.get_host_limit()); | 1216 adr[0] = '\0'; |
| 1217 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr)); | |
| 1218 snprintf(buf, sizeof(buf), fmt, host, adr); | |
| 1208 } | 1219 } |
| 1209 } | 1220 msg = string(buf); |
| 1210 bool rejecting = alive.empty(); // if alive is empty, we must have set msg above in acceptable_content() | 1221 rejecting = true; |
| 1211 if (!rejecting) { | 1222 } |
| 1212 char *fmt, *found; | 1223 } |
| 1213 if (check_hosts(priv, random, limit, fmt, host, ip, found)) { | 1224 if (!rejecting) { |
| 1214 if (found) { | 1225 if (priv.want_dccgrey && grey) { |
| 1215 // uribl style | 1226 smfi_setreply(ctx, "452", "4.2.1", "temporary greylist embargoed"); |
| 1216 snprintf(buf, sizeof(buf), fmt, host, found); | 1227 rc = SMFIS_TEMPFAIL; |
| 1217 } | 1228 } |
| 1218 else { | 1229 else rc = SMFIS_CONTINUE; |
| 1219 // dnsbl style | 1230 } |
| 1220 char adr[sizeof "255.255.255.255 "]; | 1231 else if (!priv.have_whites) { |
| 1221 adr[0] = '\0'; | 1232 // can reject the entire message |
| 1222 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr)); | 1233 snprintf(buf, sizeof(buf), "%s", msg.c_str()); |
| 1223 snprintf(buf, sizeof(buf), fmt, host, adr); | 1234 smfi_setreply(ctx, "550", "5.7.1", buf); |
| 1224 } | 1235 rc = SMFIS_REJECT; |
| 1225 msg = string(buf); | 1236 } |
| 1226 rejecting = true; | 1237 else { |
| 1227 } | 1238 // need to accept it but remove the recipients that don't want it |
| 1228 } | 1239 for (string_set::iterator i=alive.begin(); i!=alive.end(); i++) { |
| 1229 if (!rejecting) { | 1240 char *rcpt = *i; |
| 1230 rc = SMFIS_CONTINUE; | 1241 smfi_delrcpt(ctx, rcpt); |
| 1231 } | 1242 } |
| 1232 else if (!priv.have_whites) { | 1243 rc = SMFIS_CONTINUE; |
| 1233 // can reject the entire message | |
| 1234 snprintf(buf, sizeof(buf), "%s", msg.c_str()); | |
| 1235 smfi_setreply(ctx, "550", "5.7.1", buf); | |
| 1236 rc = SMFIS_REJECT; | |
| 1237 } | |
| 1238 else { | |
| 1239 // need to accept it but remove the recipients that don't want it | |
| 1240 for (string_set::iterator i=alive.begin(); i!=alive.end(); i++) { | |
| 1241 char *rcpt = *i; | |
| 1242 smfi_delrcpt(ctx, rcpt); | |
| 1243 } | |
| 1244 rc = SMFIS_CONTINUE; | |
| 1245 } | |
| 1246 } | 1244 } |
| 1247 } | 1245 } |
| 1248 // reset for a new message on the same connection | 1246 // reset for a new message on the same connection |
| 1249 mlfi_abort(ctx); | 1247 mlfi_abort(ctx); |
| 1250 return rc; | 1248 return rc; |