# HG changeset patch # User carl # Date 1191173234 25200 # Node ID a4d313c2460b141e54add6c0334766ca0e13bc17 # Parent 4ec928b24bab9a56af7326de67dd21de26eeb893 start embedded dcc filtering diff -r 4ec928b24bab -r a4d313c2460b ChangeLog --- a/ChangeLog Sun Sep 23 14:33:00 2007 -0700 +++ b/ChangeLog Sun Sep 30 10:27:14 2007 -0700 @@ -1,5 +1,8 @@ $Id$ +6.11 2007-09-30 + Add DCC filtering via dccifd. + 6.10 2007-09-23 Don't whitelist addresses with embedded blanks, or the empty path. Allow manual removal of auto whitelist entries. diff -r 4ec928b24bab -r a4d313c2460b Makefile.am --- a/Makefile.am Sun Sep 23 14:33:00 2007 -0700 +++ b/Makefile.am Sun Sep 30 10:27:14 2007 -0700 @@ -3,7 +3,7 @@ hack_SCRIPTS = dnsbl hack_DATA = dnsbl.conf hosts-ignore.conf html-tags.conf tld.conf cctld.conf CLEANFILES = dnsbl xml/dnsbl xml/Makefile -EXTRA_DIST = dnsbl.rc $(hack_DATA) dnsbl.spec $(wildcard xml/h*) $(wildcard xml/M*) $(wildcard xml/d*) +EXTRA_DIST = $(hack_DATA) dnsbl.spec $(wildcard xml/h*) $(wildcard xml/M*) $(wildcard xml/d*) dnsbl: dnsbl.rc cat dnsbl.rc | \ diff -r 4ec928b24bab -r a4d313c2460b NEWS --- a/NEWS Sun Sep 23 14:33:00 2007 -0700 +++ b/NEWS Sun Sep 30 10:27:14 2007 -0700 @@ -1,5 +1,6 @@ $Id$ +6.11 2007-09-30 Add DCC filtering via dccifd. 6.10 2007-09-23 Don't whitelist addresses with embedded blanks, or the empty path. 6.09 2007-09-06 Fix memory leak. Update timestamps when receiving from auto-whitelisted sender. 6.08 2007-08-30 Don't do generic reverse dns filtering on authenticated connections. diff -r 4ec928b24bab -r a4d313c2460b configure.in --- a/configure.in Sun Sep 23 14:33:00 2007 -0700 +++ b/configure.in Sun Sep 30 10:27:14 2007 -0700 @@ -1,6 +1,6 @@ AC_PREREQ(2.59) -AC_INIT(dnsbl,6.10,carl@five-ten-sg.com) +AC_INIT(dnsbl,6.11,carl@five-ten-sg.com) AC_CONFIG_SRCDIR([config.h.in]) AC_CONFIG_HEADER([config.h]) @@ -13,7 +13,7 @@ fi AC_PATH_PROG(SPAMC, spamc) if test "x$SPAMC" = x ; then - AC_MSG_WARN([Spamc not found. SpamAssassin filtering disabled]) + AC_MSG_WARN([spamc not found. SpamAssassin filtering disabled]) fi AC_PROG_CXX AC_PROG_CC diff -r 4ec928b24bab -r a4d313c2460b src/dnsbl.cpp --- a/src/dnsbl.cpp Sun Sep 23 14:33:00 2007 -0700 +++ b/src/dnsbl.cpp Sun Sep 30 10:27:14 2007 -0700 @@ -7,6 +7,7 @@ Based on a sample milter Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers. Inspired by the DCC by Rhyolite Software +-b port The port used to talk to the dcc interface daemon -r port The port used to talk to our internal dns resolver processes -p port The port through which the MTA will connect to this milter. -t sec The timeout value. @@ -95,6 +96,7 @@ const time_t ERROR_SOCKET_TIME = 60; // number of seconds between attempts to open a socket to the dns resolver process char *resolver_port = NULL; // unix domain socket to talk to the dns resolver process int resolver_socket = NULL_SOCKET; // socket used to listen for resolver requests +char *dccifd_port = NULL; // unix domain socket to talk to the dcc interface daemon time_t last_error_time; int resolver_sock_count = 0; // protected with fd_pool_mutex int resolver_pool_size = 0; // protected with fd_pool_mutex @@ -359,11 +361,11 @@ } } -int mlfiPriv::my_write(char *buf, int len) { +size_t mlfiPriv::my_write(const char *buf, size_t len) { if (err) return 0; - int rs = 0; + size_t rs = 0; while (len) { - int ws = write(fd, buf, len); + size_t ws = write(fd, buf, len); if (ws > 0) { rs += ws; len -= ws; @@ -379,11 +381,11 @@ return rs; } -int mlfiPriv::my_read(char *buf, int len) { +size_t mlfiPriv::my_read(char *buf, size_t len) { if (err) return 0; - int rs = 0; + size_t rs = 0; while (len) { - int ws = read(fd, buf, len); + size_t ws = read(fd, buf, len); if (ws > 0) { rs += ws; len -= ws; @@ -1319,7 +1321,9 @@ void usage(char *prog); void usage(char *prog) { - fprintf(stderr, "Usage: %s [-d [level]] [-c] [-s] [-e from|to] -r port -p sm-sock-addr [-t timeout]\n", prog); + fprintf(stderr, "Usage: %s [-d [level]] [-c] [-s] [-e from|to] [-b dccifd-addr] -r port -p sm-sock-addr [-t timeout]\n", prog); + fprintf(stderr, "where dccifd_addr is for the connection to dccifd\n"); + fprintf(stderr, " and should be local-domain-socket-file-name\n"); fprintf(stderr, "where port is for the connection to our own dns resolver processes\n"); fprintf(stderr, " and should be local-domain-socket-file-name\n"); fprintf(stderr, "where sm-sock-addr is for the connection to sendmail\n"); @@ -1366,12 +1370,20 @@ bool setreso = false; char *email = NULL; int c; - const char *args = "r:p:t:e:d:chs"; + const char *args = "b:r:p:t:e:d:chs"; extern char *optarg; // Process command line options while ((c = getopt(argc, argv, args)) != -1) { switch (c) { + case 'b': + if (optarg == NULL || *optarg == '\0') { + fprintf(stderr, "Illegal dccifd socket: %s\n", optarg); + exit(EX_USAGE); + } + dccifd_port = strdup(optarg); + break; + case 'r': if (optarg == NULL || *optarg == '\0') { fprintf(stderr, "Illegal resolver socket: %s\n", optarg); diff -r 4ec928b24bab -r a4d313c2460b src/dnsbl.h --- a/src/dnsbl.h Sun Sep 23 14:33:00 2007 -0700 +++ b/src/dnsbl.h Sun Sep 30 10:27:14 2007 -0700 @@ -24,7 +24,7 @@ { // connection specific data CONFIG *pc; // global filtering configuration - int fd; // to talk to dns resolvers process + int fd; // to talk to dns resolver process bool err; // did we get any errors on the resolver socket? int ip; // ip4 address of the smtp client char *helo; // helo from client @@ -53,8 +53,8 @@ void reset(bool final = false); // for a new message void get_fd(); void return_fd(); - int my_read(char *buf, int len); - int my_write(char *buf, int len); + size_t my_read(char *buf, size_t len); + size_t my_write(const char *buf, size_t len); void need_content_filter(char *rcpt, CONTEXT &con); }; diff -r 4ec928b24bab -r a4d313c2460b src/includes.h --- a/src/includes.h Sun Sep 23 14:33:00 2007 -0700 +++ b/src/includes.h Sun Sep 30 10:27:14 2007 -0700 @@ -11,8 +11,13 @@ #undef VERIFY_DEBUG #undef RESOLVER_DEBUG +#ifdef HAVE_CONFIG_H + #include "config.h" +#endif + #include "tokenizer.h" #include "context.h" #include "dnsbl.h" #include "scanner.h" #include "spamass.h" +#include "dccifd.h" diff -r 4ec928b24bab -r a4d313c2460b src/spamass.cpp.in --- a/src/spamass.cpp.in Sun Sep 23 14:33:00 2007 -0700 +++ b/src/spamass.cpp.in Sun Sep 30 10:27:14 2007 -0700 @@ -8,8 +8,7 @@ */ -#include "config.h" -#include "dnsbl.h" +#include "includes.h" #include #include #include @@ -24,7 +23,7 @@ char *spamc = "@SPAMC@"; char *spamc_empty = ""; -bool warnedmacro = false; /* have we logged that we couldn't fetch a macro? */ +static bool warnedmacro = false; // have we logged that we couldn't fetch a macro? const int maxlen = 1000; // used for snprintf buffers @@ -70,6 +69,7 @@ void SpamAssassin::mlfi_envrcpt(SMFICTX *ctx, char *envrcpt) { if (first_recipient) { + first_recipient = false; /* Send the envelope headers as X-Envelope-From: and X-Envelope-To: so that SpamAssassin can use them in its whitelist checks. Also forge as complete a dummy @@ -122,19 +122,21 @@ output(string("X-Envelope-From: ") + envfrom + "\r\n"); } output(string("X-Envelope-To: ") + envrcpt + "\r\n"); - first_recipient = false; } void SpamAssassin::mlfi_header(char* headerf, char* headerv) { if (!running) Connect(); + if (running) { output(spamc_input); + spamc_input.empty(); + } + output(headerf); output(": "); output(headerv); output("\r\n"); - spamc_input.empty(); } diff -r 4ec928b24bab -r a4d313c2460b src/spamass.h --- a/src/spamass.h Sun Sep 23 14:33:00 2007 -0700 +++ b/src/spamass.h Sun Sep 30 10:27:14 2007 -0700 @@ -8,8 +8,8 @@ */ -#ifndef _SPAMASS_MILTER_H -#define _SPAMASS_MILTER_H +#ifndef _SPAMASS_H +#define _SPAMASS_H extern "C" { #include @@ -54,7 +54,7 @@ public: bool error; // spamc died or cannot work bool running; // running implies (connected and pid) - bool first_recipient; // have we seen any recipients? + bool first_recipient; // have we not seen any recipients? // connection back to main dnsbl priv structure for logging mlfiPriv *priv;