Mercurial > dnsbl
annotate src/dnsbl.h @ 377:7fd39f029936
reject if dkim signer is listed on surbl
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Sat, 18 Feb 2017 15:06:32 -0800 |
parents | f4ca91f49cb6 |
children | c378e9d03f37 |
rev | line source |
---|---|
143 | 1 /* |
2 | |
152 | 3 Copyright (c) 2007 Carl Byington - 510 Software Group, released under |
4 the GPL version 3 or any later version at your choice available at | |
5 http://www.gnu.org/licenses/gpl-3.0.txt | |
143 | 6 |
7 */ | |
8 | |
119 | 9 #ifndef dnsbl_include |
10 #define dnsbl_include | |
74 | 11 |
12 #include "context.h" | |
163 | 13 #include "spamass.h" |
178 | 14 #include "dccifd.h" |
252
836b7f2357f9
need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents:
249
diff
changeset
|
15 #include <stdint.h> |
74 | 16 |
86
c1280cd3e248
add multiple debug syslog levels, remove duplicate dnsbl definitions
carl
parents:
76
diff
changeset
|
17 extern int debug_syslog; |
180 | 18 #define dccbulk 1000 |
74 | 19 |
20 class recorder; | |
21 class url_scanner; | |
22 | |
322
9f8411f3919c
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
321
diff
changeset
|
23 |
74 | 24 //////////////////////////////////////////////// |
119 | 25 // mail filter private data, held for us by sendmail |
74 | 26 // |
27 struct mlfiPriv | |
28 { | |
187
f0eda59e8afd
fix null pointer dereference from missing HELO command
carl
parents:
180
diff
changeset
|
29 // callback specific data |
f0eda59e8afd
fix null pointer dereference from missing HELO command
carl
parents:
180
diff
changeset
|
30 SMFICTX *ctx; // updated everytime we fetch this priv pointer from the ctx |
190
004b855c6c1f
fix null pointer dereference from missing HELO command
carl
parents:
187
diff
changeset
|
31 bool eom; // are we in eom function, so progress function can be called? |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
32 // connection specific data |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
33 CONFIG *pc; // global filtering configuration |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
34 int fd; // to talk to dns resolver process |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
35 bool err; // did we get any errors on the resolver socket? |
252
836b7f2357f9
need ntohl() before using masks that are defined in host byte order
Carl Byington <carl@five-ten-sg.com>
parents:
249
diff
changeset
|
36 uint32_t ip; // ip4 address of the smtp client in network order |
236
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
37 const char *helo; // helo from client |
249 | 38 map<DNSBLP, bool> checked_black; // map of dnsblp to result of (ip listed on that dnsbl) |
39 map<DNSWLP, bool> checked_white; // map of dnswlp to result of (ip listed on that dnswl) | |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
40 // message specific data |
350
f4ca91f49cb6
send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents:
326
diff
changeset
|
41 const char *origaddr; // envelope from value, lowercase, no srs/pvrs unwrapping |
f4ca91f49cb6
send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents:
326
diff
changeset
|
42 const char *mailaddr; // envelope from value, lowercase, srs/pvrs unwapped |
321
e172dc10fe24
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
310
diff
changeset
|
43 const char *fromaddr; // header from value, set by mlfi_header() |
e172dc10fe24
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
310
diff
changeset
|
44 int header_count; // count of headers already seen |
322
9f8411f3919c
add dkim white/black listing
Carl Byington <carl@five-ten-sg.com>
parents:
321
diff
changeset
|
45 bool dkim_ok; // ok to proceed with dkim checking |
326
5e4b5540c8cc
allow multiple dkim signers in authentication results
Carl Byington <carl@five-ten-sg.com>
parents:
322
diff
changeset
|
46 string_set dkim_signers; // non empty if message was validly signed, set of signers |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
47 const char *queueid; // sendmail queue id |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
48 const char *authenticated; // client authenticated? if so, suppress all dnsbl checks, but check rate limits |
257
d11b529ce9c5
Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents:
252
diff
changeset
|
49 const char *client_name; // fully qualified host name of the smtp client xxx [ip.ad.dr.es] (may be forged) |
d11b529ce9c5
Fix uribl lookups on client dns name, need to strip the ip address in brackets
Carl Byington <carl@five-ten-sg.com>
parents:
252
diff
changeset
|
50 char *client_dns_name; // fully qualified host name of the smtp client xxx |
268
f941563c2a95
Add require_rdns checking
Carl Byington <carl@five-ten-sg.com>
parents:
257
diff
changeset
|
51 bool client_dns_forged; // rdns mismatch |
377
7fd39f029936
reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents:
350
diff
changeset
|
52 const char *host_uribl; // pointer to helo/client/from/signer host name if found on uribl |
7fd39f029936
reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents:
350
diff
changeset
|
53 string_set hosts_uribl; // string set to hold the helo/client/from/signer host name if found on uribl |
236
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
54 bool helo_uribl; // helo value on uribl |
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
55 bool client_uribl; // client_name on uribl |
c0d2e99c0a1d
Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name
Carl Byington <carl@five-ten-sg.com>
parents:
230
diff
changeset
|
56 bool from_uribl; // envelope from value on uribl |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
57 bool have_whites; // have at least one whitelisted recipient? need to accept content and remove all non-whitelisted recipients if it fails |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
58 bool only_whites; // every recipient is whitelisted? |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
59 bool want_spamassassin; // at least one non-whitelisted recipient has a non zero spamassassin limit |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
60 bool want_dccgrey; // at least one non-whitelisted recipient wants dcc greylisting |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
61 bool want_dccbulk; // at least one non-whitelisted recipient wants dcc bulk filtering |
230
ad38575e98ca
Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
Carl Byington <carl@five-ten-sg.com>
parents:
214
diff
changeset
|
62 bool allow_autowhitelisting; // precedence:bulk or content-type:multipart/report headers prevent autowhitelisting |
192
8f4a9a37d4d9
delay autowhitelisting to avoid out of office reply bots
carl
parents:
190
diff
changeset
|
63 delay_whitelist delayer; // to remember autowhitelisting until we see headers |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
64 CONTEXT *content_context; // first non-whitelisted recipient with a content filtering context |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
65 context_map env_to; // map each non-whitelisted recipient to their filtering context |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
66 recorder *memory; // memory for the content scanner |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
67 url_scanner *scanner; // object to handle body scanning |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
68 const char *content_suffix; // for url body filtering based on ip addresses of hostnames in the body |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
69 const char *content_message; // "" |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
70 const char *uribl_suffix; // for uribl body filtering based on hostnames in the body |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
71 const char *uribl_message; // "" |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
72 string_set *content_host_ignore; // "" |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
73 SpamAssassin *assassin; |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
74 DccInterface *dccifd; |
76 | 75 |
74 | 76 |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
77 mlfiPriv(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
78 ~mlfiPriv(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
79 void reset(bool final = false); // for a new message |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
80 void get_fd(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
81 void return_fd(); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
82 size_t my_read(char *buf, size_t len); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
83 size_t my_write(const char *buf, size_t len); |
377
7fd39f029936
reject if dkim signer is listed on surbl
Carl Byington <carl@five-ten-sg.com>
parents:
350
diff
changeset
|
84 const char *check_uribl_signers(); |
350
f4ca91f49cb6
send the original mail from address to the verify server, not the srs/pvrs unwrapped version; recognize our own dkim signatures
Carl Byington <carl@five-ten-sg.com>
parents:
326
diff
changeset
|
85 void need_content_filter(CONTEXT &con); |
74 | 86 }; |
87 | |
310
802e2b779ed1
enable smtp verify logging
Carl Byington <carl@five-ten-sg.com>
parents:
268
diff
changeset
|
88 void my_syslog(const char *queueid, const char *text); |
214
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
89 void my_syslog(mlfiPriv *priv, const char *text); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
90 void my_syslog(mlfiPriv *priv, const string text); |
82886d4dd71f
Fixes to compile on Fedora 9 and for const correctness.
Carl Byington <carl@five-ten-sg.com>
parents:
192
diff
changeset
|
91 void my_syslog(const char *text); |
74 | 92 |
93 #endif |