Mercurial > dnsbl
comparison src/dnsbl.cpp @ 379:e42923f8f3fd stable-6-0-50
better message for dkim signers listed on surbl
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Mon, 20 Feb 2017 08:38:48 -0800 |
| parents | 7fd39f029936 |
| children | 879a470c6ac3 |
comparison
equal
deleted
inserted
replaced
| 378:5c3a3ddc1526 | 379:e42923f8f3fd |
|---|---|
| 1633 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_eom(grey, bulk); | 1633 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_eom(grey, bulk); |
| 1634 | 1634 |
| 1635 char buf[maxlen]; | 1635 char buf[maxlen]; |
| 1636 string msg; | 1636 string msg; |
| 1637 string_set unknowns; | 1637 string_set unknowns; |
| 1638 string_set whites; | |
| 1639 bool random = false; | 1638 bool random = false; |
| 1640 int limit = 0; | 1639 int limit = 0; |
| 1641 const char *signer = NULL; | 1640 const char *signer = NULL; |
| 1642 bool checked_signers = false; | 1641 bool checked_signers = false; |
| 1643 if (priv.dkim_signers.empty()) { | 1642 if (priv.dkim_signers.empty()) { |
| 1667 else if (st == token_unknown) { | 1666 else if (st == token_unknown) { |
| 1668 if (!checked_signers) { | 1667 if (!checked_signers) { |
| 1669 signer = priv.check_uribl_signers(); | 1668 signer = priv.check_uribl_signers(); |
| 1670 checked_signers = true; | 1669 checked_signers = true; |
| 1671 if (signer) { | 1670 if (signer) { |
| 1672 snprintf(buf, sizeof(buf), "dkim signer %s on uribl", signer); | 1671 snprintf(buf, sizeof(buf), "dkim signer %s listed on %s", signer, priv.uribl_suffix); |
| 1673 my_syslog(&priv, buf); | 1672 my_syslog(&priv, buf); |
| 1674 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", signer); | 1673 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s listed on %s", signer, priv.uribl_suffix); |
| 1675 msg = string(buf); | 1674 msg = string(buf); |
| 1676 } | 1675 } |
| 1677 } | 1676 } |
| 1678 if (signer) { | 1677 if (signer) { |
| 1679 // dkim signer is on the uribl | 1678 // dkim signer is on the uribl |
| 1685 random |= con.get_host_random(); | 1684 random |= con.get_host_random(); |
| 1686 limit = max(limit, con.get_host_limit()); | 1685 limit = max(limit, con.get_host_limit()); |
| 1687 } | 1686 } |
| 1688 } | 1687 } |
| 1689 else if (st == token_white) { | 1688 else if (st == token_white) { |
| 1690 whites.insert(rcpt); | 1689 priv.have_whites = true; |
| 1691 } | 1690 } |
| 1692 } | 1691 } |
| 1693 bool rejecting = unknowns.empty() && whites.empty(); | 1692 bool rejecting_unknowns = unknowns.empty(); |
| 1694 if (!unknowns.empty()) { | 1693 if (!rejecting_unknowns) { |
| 1695 // check hosts for those recipients | 1694 // check hosts for those recipients |
| 1696 const char *fmt; | 1695 const char *fmt; |
| 1697 const char *found; | 1696 const char *found; |
| 1698 if (check_hosts(priv, random, limit, fmt, host, ip, found)) { | 1697 if (check_hosts(priv, random, limit, fmt, host, ip, found)) { |
| 1699 if (found) { | 1698 if (found) { |
| 1706 adr[0] = '\0'; | 1705 adr[0] = '\0'; |
| 1707 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr)); | 1706 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr)); |
| 1708 snprintf(buf, sizeof(buf), fmt, host, adr); | 1707 snprintf(buf, sizeof(buf), fmt, host, adr); |
| 1709 } | 1708 } |
| 1710 msg = string(buf); | 1709 msg = string(buf); |
| 1711 rejecting = true; | 1710 rejecting_unknowns = true; |
| 1712 } | 1711 } |
| 1713 } | 1712 } |
| 1714 if (!rejecting) { | 1713 if (!rejecting_unknowns) { |
| 1715 // only greylist if we don't have any whitelisted recipients | 1714 // greylist the unknowns if we don't have any whitelisted recipients |
| 1716 if (priv.want_dccgrey && grey && !priv.have_whites && whites.empty()) { | 1715 if (priv.want_dccgrey && grey && !priv.have_whites) { |
| 1717 smfi_setreply(ctx, (char*)"452", (char*)"4.2.1", (char*)"temporary greylist embargoed"); | 1716 smfi_setreply(ctx, (char*)"452", (char*)"4.2.1", (char*)"temporary greylist embargoed"); |
| 1718 rc = SMFIS_TEMPFAIL; | 1717 rc = SMFIS_TEMPFAIL; |
| 1719 } | 1718 } |
| 1720 else rc = SMFIS_CONTINUE; | 1719 else rc = SMFIS_CONTINUE; |
| 1721 } | 1720 } |
| 1722 else if (!priv.have_whites && whites.empty()) { | 1721 else if (!priv.have_whites) { |
| 1723 // can reject the entire message | 1722 // can reject the entire message |
| 1724 snprintf(buf, sizeof(buf), "%s", msg.c_str()); | 1723 snprintf(buf, sizeof(buf), "%s", msg.c_str()); |
| 1725 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); | 1724 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); |
| 1726 rc = SMFIS_REJECT; | 1725 rc = SMFIS_REJECT; |
| 1727 } | 1726 } |