view ChangeLog @ 280:2b77295fb9a7 stable-6-0-37

add limits on unique ip addresses per hour per authenticated user
author Carl Byington <carl@five-ten-sg.com>
date Thu, 19 Dec 2013 09:47:00 -0800
parents 3d894d09c198
children e276180647ab
line wrap: on
line source

6.37 2013-12-17
    Add unique ip connection limits per authenticated id or email address.

6.36 2013-09-09
    Code cleanup, increase minimum hostname length for uribl checking.

6.35 2013-09-09
    Use mozilla prefix list for tld checking.
    Enable surbl/uribl/dbl rhs lists.

6.34 2013-05-22
    Add require_rdns checking.

6.33 2012-07-21
    Fix unauthenticated rate limit bug for empty mail from.
    Move unauthenticated rate limit checks after spam filtering.

6.32 2012-07-21
    Allow rate limiting for unauthentication connections by mail
    from address or domain.

6.31 2012-07-01
    Fix uribl lookups on client dns name, need to strip the ip
    address in brackets.

6.30 2012-04-09
    Allow dnswl_list and dnsbl_list to be empty, to override lists
    specified in the ancestor contexts.
    Add daily recipient limits as a multiple of the hourly limits.

6.29 2012-04-08
    Add dnswl support.

6.28 2011-09-30
    Add prvs decoding to envelope addresses.

6.27 2011-08-15
    const correctness fixes from new gcc

6.26 2010-11-19
    64 bit fixes for libresolv.a

6.25 2009-09-29
    Add surbl checks on the smtp helo value, client reverse dns name,
    and mail from domain name.

6.24 2009-06-09
    Add SRS decoding to envelope addresses.

6.23 2009-05-25
    Add whitelisting by regex expression filtering.
    Add queueid to whitelist extension log message.

6.22 2009-05-08
    Prevent auto whitelisting due to outgoing multipart/report
    delivery notifications.
    Fix memory leak in suppressed auto whitelisting.

6.21 2009-01-03
    Fixes to compile on old systems without memrchr or string::clear().
    Fix bug in spamassassin interface trying to clear a string with
    string::empty().

6.20 2008-12-27
    Never whitelist self addressed mail. Spammers are once again
    sending mail from A to A trying to get around filters. Changes
    for Fedora 10 and const correctness.

6.19 2008-06-10
    Fixes to compile on Fedora 9 and for const correctness.

6.18 2008-03-22
    Extend auto-whitelisting when receiving mail even if the auto
    whitelist is specified in a parent context. Fixes for Solaris from sm-archive.

6.17 2008-03-04
    Verify from/to pairs even if they might be explicitly whitelisted.
    Document DCC greylisting and bulk detection usage. Fix DCC bulk
    thresholds of many. Update spec file for fedora packaging.

6.16 2008-02-02
    Switch to Mercurial source control.

6.15 2007-12-07
    Fix null pointer dereference if macro _ not passed to this milter.
    Default sendmail config passes that in the connect call.

6.14 2007-11-11
    Delay auto whitelisting until we see the headers, to prevent
    auto whitelisting due to bulk out of office reply bots.

6.13 2007-11-10
    HELO command is optional, and if missing caused a null pointer
    dereference. Use smfi_progress in libmilter if it is available.

6.12 2007-10-13
    SMTP rejections take precedence over greylisting.

6.11 2007-10-07
    Add DCC filtering via dccifd. Drop to 60 seconds the time we will
    keep idle smtp verify sockets around. This needs to be about half
    the value of confTO_COMMAND configured on the verify targets.
    Fix potential race condition or buffer overflow caused by static
    buffer referenced by multiple threads.

6.10 2007-09-23
    Don't whitelist addresses with embedded blanks, or the empty
    path. Allow manual removal of auto whitelist entries.

6.09 2007-09-06
    Fix memory leak in auto-whitelisting code. Update auto-whitelist
    timestamps when receiving mail from auto-whitelisted senders.

6.08 2007-08-30
    Don't do generic reverse dns filtering on authenticated connections.

6.07 2007-08-30
    Add generic reverse dns filtering with regular expression.
    Fix pre/post scripts in the rpm spec file.

6.06 2007-08-27
    Fix bug that effectively disabled spamassassin filtering. Improve
    spamassassin filtering documentation. Generate warning if the
    config file specifies spam assassin filtering, but spamc is not
    found by autoconf.

6.05 2007-08-26
    Fix unitialized variable in my spamassassin code.

6.04 2007-08-26
    Add spamassassin integration via spamc, code from spamass-milter.

6.03 2007-07-14
    Don't add auto whitelist entries for our own domains.

6.02 2007-07-10
    Allow manual updates to the auto whitelisting files, mainly for
    scp or rsync synchronization between primary and backup mx
    systems.

6.01 2007-07-07
    GPL3. Block mail to recipients that cannot reply. Start auto
    whitelisting.

5.30 2007-06-09
    Selinux fix - redirect stdout for useradd to make selinux happy.

5.29 2007-03-27
    Limit dns resolver to two retries five seconds apart.

5.28 2007-02-19
    Change the conflict resolution algorithm to "second one wins" if we
    have two contexts that both define env_to user@.  Update ICANN tld
    list.

5.27 2007-01-30
    Allow 'inherit' as an env_from target. Documentation cleanup
    from G.W. Haywood.

5.26 2006-12-04
    Fix bug in content filtering introduced in 5.23 that prevented
    seeing any host names in the body.

5.25 2006-10-15
    DNSBL lists are inherited, so dump the effective list with the
    -c switch.

5.24 2006-10-15
    Allow child and parent context to specify the same fully qualified
    env_to address. Only dump the rate limit for the default context
    with -c switch.

5.23 2006-10-10
    Require two periods in ip addresses.

5.22 2006-09-27
    Change syntax for default rate limit. Improve hourly reset of
    limits. Warning for rate limits in non default contexts to allow
    nesting of client configurations.

5.21 2006-09-26
    Add SMTP AUTH recipient rate limits, to help throttle infected
    client machines and accounts with weak cracked passwords.

5.20 2006-08-02
    Fully qualify all dns lookups.  Fix my_read() bug.  Try to convert
    names that might be ip addresses via inet_aton before doing dns
    lookups.

5.19 2006-08-01
    Bug fix - add trailing dot to uribl dns lookups to make them fully
    qualified.  Check host names with only two components, since
    spammers are now using bare http://domain.tld references.
    Spec file now creates an rpm that properly creates the dnsbl user.

5.18 2006-04-27
    Bug fix - newer sendmail versions don't guarantee envelope addresses
    enclosed in <> wrapper.

    Document backscatter prevention configuration for systems that are
    used to mainly spam filter and then forward to mail to the internal
    server.

    Never ask uribl blacklists about rfc1918 address space.

5.17 2006-03-25
    Never ask dns blacklists about rfc1918 address space.

5.16 2006-03-16
    Bug fix - the smtp error message for uribl filtering needs to
    reference the host name, not the ip address.

5.15 2006-03-15
    Bug fix - we failed to properly set the return code to indicate the
    reason when rejecting mail for content filtering.

5.14 2006-03-13
    Fix a typo in the default config file and documentation for using
    multi.surbl.org

5.13 2006-03-12
    patch from Jeff Evans <jeffe@tricab.com>
        add SURBL/URIBL lookups, remove trailing dots from hostnames,
        allow ip address literals as hostnames.
    add configuration for surbl/uribl list and reject message

5.12 2006-01-08
    Use larger resolver buffer to accomodate spammers with many name
    servers.  A current example is life-all.com which needs to retry in
    tcp mode to fetch the 1444 byte response.

    'make chkconfig' now creates the dnsbl user if it does not exist.

5.11 2005-12-20
    switch to autoconf/automake/docbook

5.10 2005-10-16
    Fix a compile error on Fedora Core 3.
    Discovered by Nigel Horne <njh@bandsman.co.uk>

5.9 2005-09-26
    Fix a bug with empty return paths passed to the verification code.
    That resulted in 'MAIL FROM:<<>>' being sent to the verification
    mail server.

5.8 2005-09-25
    Allow empty env_to at global context level to remove restrictions
    on env_to values in child contexts.

5.7 2005-09-23
    Failed to return a value from parse_verify() which caused failures
    to load the configuration.

5.6 2005-09-22
    Tokenizer errors now go thru the syslog code, so they are visible
    when generated during config file reloads during normal operation.

5.5 2005-09-21
    Cleanup debug logging.  Verify from/to pairs now remembers the last
    from value sent to the remote server to prevent unnecessary rset
    commands.

5.4 2005-09-18
    Add verify statement to specify the smtp host to be used to verify
    envelope from / recipient pairs.

    Authenticated clients are now exempt from all white/black listing
    in addition to the dnsbl lookups.

    dcc_to should not look at substitute mail_host. That is only used
    by dcc_from.

5.3 2005-08-07
    Properly quit if the config file has syntax errors on startup.  Send
    mail to root if the config file needs to be reloaded since it was
    modified, but contains syntax errors.  In this case, we continue to
    use the old configuration.

5.2 2005-08-02
    Patch from Stephen Johnson <stephen.johnson@arkansas.gov> fixing the
    lack of a default return value in CONTEXT::acceptable_content().

5.1 2005-07-20
    Add multiple syslog debug levels.  Detect and silently remove
    duplicate DNSBL definitions.  That allows us to accept mail to
    recipients in multiple domains that use the same blacklist and yet
    only check that blacklist once.  This may happen when your config
    file directly includes as child contexts the config files used on
    your clients mail servers.

5.0 2005-07-16
    Major changes to the syntax of the config file.  Content filtering
    is no longer a global mail server setting.

4.6 2005-04-02
    Fix enum compilation error on Fedora Core 3.
    Discovered by Nigel Horne <njh@bandsman.co.uk>

    Remove bad html tag command from the default conf file.  Spammers
    seem to have abandoned this.

    Add toolbar.msn.click-url.com in hosts-ignore.conf.  These are all
    commented, but you might want to uncomment them.

4.5 2005-01-22
    Add uuencode decoding for old style attachments.

4.4 2005-01-18
    Bug fix in forked process termination that left zombies.

4.3 2005-01-16
    Only keep 20% of the resolver sockets in the ready pool.

4.2 2005-01-08
    Use the separate resolver processes even if we don't have the
    resolver interfaces and need gethostbyname.

4.1 2005-01-06
    Use a local unix domain socket for the resolver process
    communication, rather than a tcp/ip socket.

4.0 2005-01-03
    Initialize the thread mutex objects early, before they are needed
    by possible calls to my_syslog.

    Fork off a separate resolver listener process, so we can do multiple
    dns operations in parallel. For each simultaneous inbound email,
    we have a separate sendmail process, a milter thread, and a dns
    resolver process.

3.7 2004-10-28
    Added an 'ignore' command to the conf file, used to ignore some
    hosts that might end up on the SBL and otherwise trip the content
    scanning filter.  In particular, many recent Microsoft Word
    documents contain the string www.5iantlavalamp.com which is
    associated with their smart tags stuff.  That is currently hosted at
    216.168.224.70, which is shared with a site that ended up on the
    SBL.

3.6 2004-09-08
    Contributions from Dan Harkless <software@harkless.org>
        Better documentation for disabling the content filtering.
        Don't bother looking at the body text if we are not doing
        content filtering.

3.5 2004-07-17
    Extend the error message for content filtering when the NS record
    points to an ip address on the SBL.  Include the original host name
    that referenced that NS name.


3.4 2004-07-15
    Tokens with two consecutive periods cannot be ip addresses or host
    names.

    Updated dnsbl.spec file for building rpms from John Gunkel.


3.3 2004-07-09
    Drop root priviledges properly, including the group id.


3.2 2004-07-09

    Contributions from John Gunkel <jgunkel@palliser.ca>:
        Add .spec file for building rpms, contributed by John Gunkel

        Changes to file layout to conform to RedHat/LSB standards.

        Add some html (actually xml) tags used by Apple mac print
        subsystem that were tripping the html tag detector.

        Help with changes required to allow dnsbl to drop root
        priviledges. Move the socket to /var/run/dnsbl/dnsbl.sock

    Change parser to handle &#xnnn; obfuscated urls with charaters
    specified in hex.

    Make bad_html tags more sensitive to binary tags, to reduce false
    positives in .zip or .tar.gz file attachments.

    Add sendmail queueid to the dnsbl syslog messages.

    Fix one place where host names were not forced to lower case.
    Discovered by Nigel Horne <njh@bandsman.co.uk>

    Remove duplicate dns queries within the same smtp transaction from
    the body content filtering.  This helps if the mail server does not
    have a nearby caching dns server.

    Add host_soft_limit config keyword.  Use only one of host_limit or
    host_soft_limit, since the last one wins.  The host_limit is a hard
    upper limit on the number of host names in a message.  The
    host_soft_limit allows unlimited host names, but only checks a
    random sample of them against the dnsbl.

    The main thread has dropped root priviledges, but other threads
    are still running as root. This needs to be fixed.