# HG changeset patch # User carl # Date 1146157543 25200 # Node ID 9ab51896447f5ad2055eee23213d55f4b813312e # Parent 2b1a4701e85661a3cae66c91079f4d7c8959225c don't do uribl lookups on rfc1918 address space diff -r 2b1a4701e856 -r 9ab51896447f ChangeLog --- a/ChangeLog Sat Apr 08 10:06:09 2006 -0700 +++ b/ChangeLog Thu Apr 27 10:05:43 2006 -0700 @@ -1,6 +1,6 @@ $Id$ -5.18 2006-04-08 +5.18 2006-04-27 Bug fix - newer sendmail versions don't guarantee envelope addresses enclosed in <> wrapper. @@ -8,6 +8,8 @@ used to mainly spam filter and then forward to mail to the internal server. + Never ask uribl blacklists about rfc1918 address space. + 5.17 2006-03-25 Never ask dns blacklists about rfc1918 address space. diff -r 2b1a4701e856 -r 9ab51896447f NEWS --- a/NEWS Sat Apr 08 10:06:09 2006 -0700 +++ b/NEWS Thu Apr 27 10:05:43 2006 -0700 @@ -1,6 +1,6 @@ $Id$ -5.18 2006-04-08 sendmail no longer guarantees <> wrapper on envelopes +5.18 2006-04-27 sendmail no longer guarantees <> wrapper on envelopes, don't ask uribls about rfc1918 space either 5.17 2006-03-25 never ask dns blacklists about rfc1918 address space 5.16 2006-03-16 bug fix, smtp error message for uribl filtering needs host name, not ip address 5.15 2006-03-15 bug fix, failed to set reason code when rejecting mail from content filtering diff -r 2b1a4701e856 -r 9ab51896447f src/dnsbl.cpp --- a/src/dnsbl.cpp Sat Apr 08 10:06:09 2006 -0700 +++ b/src/dnsbl.cpp Thu Apr 27 10:05:43 2006 -0700 @@ -709,6 +709,10 @@ in_addr ip; if (inet_aton(hostname, &ip)) { const u_char *src = (const u_char *)&ip.s_addr; + if (src[0] == 127) return false; // don't do dns lookups on localhost + if (src[0] == 10) return false; // don't do dns lookups on rfc1918 space + if ((src[0] == 192) && (src[1] == 168)) return false; + if ((src[0] == 172) && (16 <= src[1]) && (src[1] <= 31)) return false; static char adr[sizeof "255.255.255.255"]; snprintf(adr, sizeof(adr), "%u.%u.%u.%u", src[3], src[2], src[1], src[0]); return (uriblookup(priv, adr, NULL, found));