Mercurial > dnsbl
comparison src/dnsbl.cpp @ 379:e42923f8f3fd stable-6-0-50
better message for dkim signers listed on surbl
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Mon, 20 Feb 2017 08:38:48 -0800 |
parents | 7fd39f029936 |
children | 879a470c6ac3 |
comparison
equal
deleted
inserted
replaced
378:5c3a3ddc1526 | 379:e42923f8f3fd |
---|---|
1633 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_eom(grey, bulk); | 1633 if (priv.want_dccgrey || priv.want_dccbulk) priv.dccifd->mlfi_eom(grey, bulk); |
1634 | 1634 |
1635 char buf[maxlen]; | 1635 char buf[maxlen]; |
1636 string msg; | 1636 string msg; |
1637 string_set unknowns; | 1637 string_set unknowns; |
1638 string_set whites; | |
1639 bool random = false; | 1638 bool random = false; |
1640 int limit = 0; | 1639 int limit = 0; |
1641 const char *signer = NULL; | 1640 const char *signer = NULL; |
1642 bool checked_signers = false; | 1641 bool checked_signers = false; |
1643 if (priv.dkim_signers.empty()) { | 1642 if (priv.dkim_signers.empty()) { |
1667 else if (st == token_unknown) { | 1666 else if (st == token_unknown) { |
1668 if (!checked_signers) { | 1667 if (!checked_signers) { |
1669 signer = priv.check_uribl_signers(); | 1668 signer = priv.check_uribl_signers(); |
1670 checked_signers = true; | 1669 checked_signers = true; |
1671 if (signer) { | 1670 if (signer) { |
1672 snprintf(buf, sizeof(buf), "dkim signer %s on uribl", signer); | 1671 snprintf(buf, sizeof(buf), "dkim signer %s listed on %s", signer, priv.uribl_suffix); |
1673 my_syslog(&priv, buf); | 1672 my_syslog(&priv, buf); |
1674 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", signer); | 1673 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s listed on %s", signer, priv.uribl_suffix); |
1675 msg = string(buf); | 1674 msg = string(buf); |
1676 } | 1675 } |
1677 } | 1676 } |
1678 if (signer) { | 1677 if (signer) { |
1679 // dkim signer is on the uribl | 1678 // dkim signer is on the uribl |
1685 random |= con.get_host_random(); | 1684 random |= con.get_host_random(); |
1686 limit = max(limit, con.get_host_limit()); | 1685 limit = max(limit, con.get_host_limit()); |
1687 } | 1686 } |
1688 } | 1687 } |
1689 else if (st == token_white) { | 1688 else if (st == token_white) { |
1690 whites.insert(rcpt); | 1689 priv.have_whites = true; |
1691 } | 1690 } |
1692 } | 1691 } |
1693 bool rejecting = unknowns.empty() && whites.empty(); | 1692 bool rejecting_unknowns = unknowns.empty(); |
1694 if (!unknowns.empty()) { | 1693 if (!rejecting_unknowns) { |
1695 // check hosts for those recipients | 1694 // check hosts for those recipients |
1696 const char *fmt; | 1695 const char *fmt; |
1697 const char *found; | 1696 const char *found; |
1698 if (check_hosts(priv, random, limit, fmt, host, ip, found)) { | 1697 if (check_hosts(priv, random, limit, fmt, host, ip, found)) { |
1699 if (found) { | 1698 if (found) { |
1706 adr[0] = '\0'; | 1705 adr[0] = '\0'; |
1707 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr)); | 1706 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr)); |
1708 snprintf(buf, sizeof(buf), fmt, host, adr); | 1707 snprintf(buf, sizeof(buf), fmt, host, adr); |
1709 } | 1708 } |
1710 msg = string(buf); | 1709 msg = string(buf); |
1711 rejecting = true; | 1710 rejecting_unknowns = true; |
1712 } | 1711 } |
1713 } | 1712 } |
1714 if (!rejecting) { | 1713 if (!rejecting_unknowns) { |
1715 // only greylist if we don't have any whitelisted recipients | 1714 // greylist the unknowns if we don't have any whitelisted recipients |
1716 if (priv.want_dccgrey && grey && !priv.have_whites && whites.empty()) { | 1715 if (priv.want_dccgrey && grey && !priv.have_whites) { |
1717 smfi_setreply(ctx, (char*)"452", (char*)"4.2.1", (char*)"temporary greylist embargoed"); | 1716 smfi_setreply(ctx, (char*)"452", (char*)"4.2.1", (char*)"temporary greylist embargoed"); |
1718 rc = SMFIS_TEMPFAIL; | 1717 rc = SMFIS_TEMPFAIL; |
1719 } | 1718 } |
1720 else rc = SMFIS_CONTINUE; | 1719 else rc = SMFIS_CONTINUE; |
1721 } | 1720 } |
1722 else if (!priv.have_whites && whites.empty()) { | 1721 else if (!priv.have_whites) { |
1723 // can reject the entire message | 1722 // can reject the entire message |
1724 snprintf(buf, sizeof(buf), "%s", msg.c_str()); | 1723 snprintf(buf, sizeof(buf), "%s", msg.c_str()); |
1725 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); | 1724 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); |
1726 rc = SMFIS_REJECT; | 1725 rc = SMFIS_REJECT; |
1727 } | 1726 } |