Mercurial > dnsbl
comparison src/dnsbl.cpp @ 268:f941563c2a95 stable-6-0-34
Add require_rdns checking
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Wed, 22 May 2013 11:29:44 -0700 |
| parents | 582cfb9c4031 |
| children | f92f24950bd3 |
comparison
equal
deleted
inserted
replaced
| 267:db12f6028f8b | 268:f941563c2a95 |
|---|---|
| 486 mailaddr = NULL; | 486 mailaddr = NULL; |
| 487 queueid = NULL; | 487 queueid = NULL; |
| 488 authenticated = NULL; | 488 authenticated = NULL; |
| 489 client_name = NULL; | 489 client_name = NULL; |
| 490 client_dns_name = NULL; | 490 client_dns_name = NULL; |
| 491 client_dns_forged = false; | |
| 491 host_uribl = NULL; | 492 host_uribl = NULL; |
| 492 helo_uribl = false; | 493 helo_uribl = false; |
| 493 client_uribl = false; | 494 client_uribl = false; |
| 494 from_uribl = false; | 495 from_uribl = false; |
| 495 have_whites = false; | 496 have_whites = false; |
| 1147 priv.client_dns_name[pp] = '\0'; | 1148 priv.client_dns_name[pp] = '\0'; |
| 1148 //char text[500]; | 1149 //char text[500]; |
| 1149 //snprintf(text, sizeof(text), "found simple dns client name %s", priv.client_dns_name); | 1150 //snprintf(text, sizeof(text), "found simple dns client name %s", priv.client_dns_name); |
| 1150 //my_syslog(text); | 1151 //my_syslog(text); |
| 1151 } | 1152 } |
| 1153 p = strstr(priv.client_name, "] (may be forged)"); | |
| 1154 if (p) { | |
| 1155 priv.client_dns_forged = true; | |
| 1156 if (priv.client_dns_name) { | |
| 1157 char text[500]; | |
| 1158 snprintf(text, sizeof(text), "forged dns client name %s", priv.client_dns_name); | |
| 1159 my_syslog(text); | |
| 1160 } | |
| 1161 } | |
| 1152 } | 1162 } |
| 1153 if (spamc != spamc_empty) { | 1163 if (spamc != spamc_empty) { |
| 1154 priv.assassin = new SpamAssassin(&priv, priv.ip, priv.helo, priv.mailaddr, priv.queueid); | 1164 priv.assassin = new SpamAssassin(&priv, priv.ip, priv.helo, priv.mailaddr, priv.queueid); |
| 1155 } | 1165 } |
| 1156 if (dccifd_port) { | 1166 if (dccifd_port) { |
| 1245 snprintf(buf, sizeof(buf), rejectlist->message, adr, adr); | 1255 snprintf(buf, sizeof(buf), rejectlist->message, adr, adr); |
| 1246 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); | 1256 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); |
| 1247 return SMFIS_REJECT; | 1257 return SMFIS_REJECT; |
| 1248 } | 1258 } |
| 1249 if (st == oksofar) { | 1259 if (st == oksofar) { |
| 1260 // check forged rdns | |
| 1261 if (con.get_requirerdns() && (!priv.client_dns_name || priv.client_dns_forged)) { | |
| 1262 // reject the recipient based on forged reverse dns | |
| 1263 char buf[maxlen]; | |
| 1264 snprintf(buf, sizeof(buf), "%s is not acceptable", priv.client_name); | |
| 1265 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); | |
| 1266 return SMFIS_REJECT; | |
| 1267 } | |
| 1268 // check generic rdns | |
| 1250 const char *msg = con.generic_match(priv.client_name); | 1269 const char *msg = con.generic_match(priv.client_name); |
| 1251 if (msg) { | 1270 if (msg) { |
| 1252 // reject the recipient based on generic reverse dns | 1271 // reject the recipient based on generic reverse dns |
| 1253 char buf[maxlen]; | 1272 char buf[maxlen]; |
| 1254 snprintf(buf, sizeof(buf), msg, priv.client_name); | 1273 snprintf(buf, sizeof(buf), msg, priv.client_name); |
| 1321 // content filtering implies also checking helo name on uribl (if enabled) | 1340 // content filtering implies also checking helo name on uribl (if enabled) |
| 1322 if (priv.helo_uribl) { | 1341 if (priv.helo_uribl) { |
| 1323 snprintf(bu, sizeof(bu), "(helo %s)", priv.host_uribl); | 1342 snprintf(bu, sizeof(bu), "(helo %s)", priv.host_uribl); |
| 1324 uri = true; | 1343 uri = true; |
| 1325 } | 1344 } |
| 1326 // content filterint implies also checking client reverse dns name on uribl (if enabled) | 1345 // content filtering implies also checking client reverse dns name on uribl (if enabled) |
| 1327 if (priv.client_uribl) { | 1346 if (priv.client_uribl) { |
| 1328 snprintf(bu, sizeof(bu), "(rdns %s)", priv.host_uribl); | 1347 snprintf(bu, sizeof(bu), "(rdns %s)", priv.host_uribl); |
| 1329 uri = true; | 1348 uri = true; |
| 1330 } | 1349 } |
| 1331 // content filterint implies also checking mail from domain name on uribl (if enabled) | 1350 // content filtering implies also checking mail from domain name on uribl (if enabled) |
| 1332 if (priv.from_uribl) { | 1351 if (priv.from_uribl) { |
| 1333 snprintf(bu, sizeof(bu), "(from %s)", priv.host_uribl); | 1352 snprintf(bu, sizeof(bu), "(from %s)", priv.host_uribl); |
| 1334 uri = true; | 1353 uri = true; |
| 1335 } | 1354 } |
| 1336 if (uri) { | 1355 if (uri) { |