Mercurial > dnsbl
changeset 11:2c206836b4cc
integration work on url scanner
| author | carl |
|---|---|
| date | Thu, 22 Apr 2004 20:19:01 -0700 |
| parents | 9ca440c8d187 |
| children | 6ac6d6b822ce |
| files | src/dnsbl.cpp src/scanner.cpp xml/dnsbl.in |
| diffstat | 3 files changed, 15 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/src/dnsbl.cpp Thu Apr 22 18:46:53 2004 -0700 +++ b/src/dnsbl.cpp Thu Apr 22 20:19:01 2004 -0700 @@ -542,6 +542,7 @@ if (priv.authenticated) return SMFIS_CONTINUE; if (priv.only_whites) return SMFIS_CONTINUE; priv.scanner->scan(data, len); + return SMFIS_CONTINUE; } sfsistat mlfi_eom(SMFICTX *ctx)
--- a/src/scanner.cpp Thu Apr 22 18:46:53 2004 -0700 +++ b/src/scanner.cpp Thu Apr 22 20:19:01 2004 -0700 @@ -78,7 +78,7 @@ {u_init, u_init, u_init, u_reco, e_init, e_init, e_init, m_init, m_init, m_init, b_init, b_init, b_init, b_init, }, // 0x22 "" {u_init, u_init, u_init, u_reco, e_init, e_num, e_init, m_init, m_init, m_init, b_init, b_init, b_init, b_init, }, // 0x23 # {u_init, u_init, u_init, u_reco, e_init, e_init, e_init, m_init, m_init, m_init, b_init, b_init, b_init, b_init, }, // 0x24 $ - {u_init, u_init, u_init, u_url, e_init, e_init, e_init, m_init, m_init, m_init, b_init, b_init, b_init, b_init, }, // 0x25 % + {u_init, u_init, u_init, u_reco, e_init, e_init, e_init, m_init, m_init, m_init, b_init, b_init, b_init, b_init, }, // 0x25 % {u_init, u_init, u_init, u_reco, e_amp, e_init, e_init, m_init, m_init, m_init, b_init, b_init, b_init, b_init, }, // 0x26 & {u_init, u_init, u_init, u_reco, e_init, e_init, e_init, m_init, m_init, m_init, b_init, b_init, b_init, b_init, }, // 0x27 ' {u_init, u_init, u_init, u_reco, e_init, e_init, e_init, m_init, m_init, m_init, b_init, b_init, b_init, b_init, }, // 0x28 ( @@ -865,7 +865,8 @@ if (count > 12) { pending[count-1] = 0; if (strncasecmp((const char *)pending, "http://", 7) == 0) { - urls->insert(strdup((const char *)pending+7)); + char *p = (char *)pending + 7; + if (strchr(p, '.')) urls->insert(strdup(p)); // require at least one . in a dns name } } } // fall thru
--- a/xml/dnsbl.in Thu Apr 22 18:46:53 2004 -0700 +++ b/xml/dnsbl.in Thu Apr 22 20:19:01 2004 -0700 @@ -18,6 +18,11 @@ per-recipient basis, so that fred@example.com could use SPEWS and the SBL, where all other users @example.com use only the SBL. +<p>This milter will also decode (base64, mime, html entity) and scan +for HTTP URLs in the body of the mail. If any of those host names +have A records on the SBL (or a single configurable list), the mail +will be rejected unless previously whitelisted. + <p>The DNSBL milter reads a text configuration file (dnsbl.conf) on startup, and whenever the config file (or any of the referenced include files) is changed. The entire configuration file is case insensitive. @@ -98,6 +103,11 @@ lookup scheme (reversed octets of the client followed by the dns suffix). +<li>If the mail has not been accepted or rejected yet, the body content +is scanned for HTTP URLs (after base64, mime and html entity decoding), +and the first 20 host names are checked for their presence on the SBL. +If any host name is on the SBL, the mail is rejected. + </ol> @@ -119,7 +129,7 @@ line in your sendmail.mc and rebuild the .cf file <pre> -INPUT_MAIL_FILTER(`dnsbl', `S=local:/var/run/dnsbl/dnsbl.sock, F=T, T=S:30s;R:30s;E:30s') +INPUT_MAIL_FILTER(`dnsbl', `S=local:/var/run/dnsbl/dnsbl.sock, F=T, T=C:30s;S:2m;R:2m;E:5m') </pre> Read the sample <a