Mercurial > dnsbl
changeset 128:9ab51896447f stable-5-18
don't do uribl lookups on rfc1918 address space
author | carl |
---|---|
date | Thu, 27 Apr 2006 10:05:43 -0700 |
parents | 2b1a4701e856 |
children | c5cd1261394d |
files | ChangeLog NEWS src/dnsbl.cpp |
diffstat | 3 files changed, 8 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Sat Apr 08 10:06:09 2006 -0700 +++ b/ChangeLog Thu Apr 27 10:05:43 2006 -0700 @@ -1,6 +1,6 @@ $Id$ -5.18 2006-04-08 +5.18 2006-04-27 Bug fix - newer sendmail versions don't guarantee envelope addresses enclosed in <> wrapper. @@ -8,6 +8,8 @@ used to mainly spam filter and then forward to mail to the internal server. + Never ask uribl blacklists about rfc1918 address space. + 5.17 2006-03-25 Never ask dns blacklists about rfc1918 address space.
--- a/NEWS Sat Apr 08 10:06:09 2006 -0700 +++ b/NEWS Thu Apr 27 10:05:43 2006 -0700 @@ -1,6 +1,6 @@ $Id$ -5.18 2006-04-08 sendmail no longer guarantees <> wrapper on envelopes +5.18 2006-04-27 sendmail no longer guarantees <> wrapper on envelopes, don't ask uribls about rfc1918 space either 5.17 2006-03-25 never ask dns blacklists about rfc1918 address space 5.16 2006-03-16 bug fix, smtp error message for uribl filtering needs host name, not ip address 5.15 2006-03-15 bug fix, failed to set reason code when rejecting mail from content filtering
--- a/src/dnsbl.cpp Sat Apr 08 10:06:09 2006 -0700 +++ b/src/dnsbl.cpp Thu Apr 27 10:05:43 2006 -0700 @@ -709,6 +709,10 @@ in_addr ip; if (inet_aton(hostname, &ip)) { const u_char *src = (const u_char *)&ip.s_addr; + if (src[0] == 127) return false; // don't do dns lookups on localhost + if (src[0] == 10) return false; // don't do dns lookups on rfc1918 space + if ((src[0] == 192) && (src[1] == 168)) return false; + if ((src[0] == 172) && (16 <= src[1]) && (src[1] <= 31)) return false; static char adr[sizeof "255.255.255.255"]; snprintf(adr, sizeof(adr), "%u.%u.%u.%u", src[3], src[2], src[1], src[0]); return (uriblookup(priv, adr, NULL, found));