# HG changeset patch # User carl # Date 1191698222 25200 # Node ID 7a722f482bfbd2cf9b74d8b52418b18adc7c01a0 # Parent 8b86a894514d17648ef10dee895bbdb4b382b4a0 embedded dcc filtering diff -r 8b86a894514d -r 7a722f482bfb Makefile.am --- a/Makefile.am Sat Oct 06 10:56:35 2007 -0700 +++ b/Makefile.am Sat Oct 06 12:17:02 2007 -0700 @@ -19,5 +19,5 @@ chown dnsbl:root $(sysconfdir)/dnsbl/.spamassassin /sbin/chkconfig --del dnsbl /sbin/chkconfig --add dnsbl - if [ -d /var/dcc/userdirs/local ]; then mv -f $(sysconfdir)/dnsbl/dnsblnogrey /var/dcc/userdirs/local ; fi + mkdir -p /var/dcc/userdirs/local/dnsblnogrey && mv -f $(sysconfdir)/dnsbl/dnsblnogrey /var/dcc/userdirs/local/dnsblnogrey/whiteclnt diff -r 8b86a894514d -r 7a722f482bfb dnsbl.spec.in --- a/dnsbl.spec.in Sat Oct 06 10:56:35 2007 -0700 +++ b/dnsbl.spec.in Sat Oct 06 12:17:02 2007 -0700 @@ -26,7 +26,7 @@ %description -We present here a mechanism whereby the backup mail server can use the correct set of DNSBLs for each recipient for each message. As a side-effect, it gives us the ability to customize the set of DNSBLs on a per-recipient basis, so that fred@example.com could use SPEWS and the SBL, where all other users @example.com use only the SBL. +We present here a mechanism whereby the backup mail server can use the correct set of DNSBLs for each recipient for each message. As a side-effect, it gives us the ability to customize the set of DNSBLs on a per-recipient basis, so that fred@example.com could use LOCAL and the SBL, where all other users @example.com use only the SBL. This milter will also decode (base64, mime, html entity, url encodings) and scan for HTTP and HTTPS URLs and bare hostnames in the body of the mail. If any of those host names have A or NS records on the SBL (or a single configurable DNSBL), the mail will be rejected unless previously whitelisted. This milter also counts the number of invalid HTML tags, and can reject mail if that count exceeds your specified limit. diff -r 8b86a894514d -r 7a722f482bfb src/context.cpp --- a/src/context.cpp Sat Oct 06 10:56:35 2007 -0700 +++ b/src/context.cpp Sat Oct 06 12:17:02 2007 -0700 @@ -1033,7 +1033,7 @@ printf("%s require_match %s; \n", indent, (require_match) ? "yes" : "no"); printf("%s dcc_greylist %s; \n", indent, (dcc_greylist) ? "yes" : "no"); if (dcc_bulk_threshold == 0) printf("%s dcc_bulk_threshold off; \n", indent); - else if (dcc_bulk_threshold == 1000) printf("%s dcc_bulk_threshold many; \n", indent); + else if (dcc_bulk_threshold >= dccbulk) printf("%s dcc_bulk_threshold many; \n", indent); else printf("%s dcc_bulk_threshold %d; \n", indent, dcc_bulk_threshold); printf("%s }; \n", indent); spamass |= (spamassassin_limit != 0); @@ -1338,7 +1338,7 @@ else if (have == token_dccbulk) { have = tok.next(); if (have == token_off) me.set_bulk(0); - else if (have == token_many) me.set_bulk(1000); + else if (have == token_many) me.set_bulk(dccbulk); else { char *e; long i = strtol(have, &e, 10); diff -r 8b86a894514d -r 7a722f482bfb src/dnsbl.h --- a/src/dnsbl.h Sat Oct 06 10:56:35 2007 -0700 +++ b/src/dnsbl.h Sat Oct 06 12:17:02 2007 -0700 @@ -14,6 +14,7 @@ #include "dccifd.h" extern int debug_syslog; +#define dccbulk 1000 class recorder; class url_scanner; diff -r 8b86a894514d -r 7a722f482bfb xml/dnsbl.in --- a/xml/dnsbl.in Sat Oct 06 10:56:35 2007 -0700 +++ b/xml/dnsbl.in Sat Oct 06 12:17:02 2007 -0700 @@ -12,7 +12,7 @@ - 2007-09-07 + 2007-10-06 @@ -266,7 +266,10 @@ milter (dccm), then connections from clients that use SMTP AUTH are still subject to greylisting. If you use the dcc via dccifd and this milter, then connections from clients that use SMTP AUTH are never - subject to greylisting. + subject to greylisting. As part of this per-user greylisting, you need + to move the dnsblnogrey file from the config directory to something + like /var/dcc/userdirs/local/dnsblnogrey/whiteclnt so the dccifd will + properly ignore greylisting for those recipients that don't want it. @@ -566,7 +569,7 @@ - 2007-09-07 + 2007-10-06