qpsmtpd/plugins/check_relay

49 lines
1.6 KiB
Plaintext
Raw Normal View History

# this plugin checks the standard rcpthosts config and
# $ENV{RELAYCLIENT} to see if relaying is allowed.
#
# It should be configured to be run _LAST_!
#
sub register {
my ($self, $qp) = @_;
$self->register_hook("rcpt", "check_relay");
}
sub check_relay {
my ($self, $transaction, $recipient) = @_;
my $host = lc $recipient->host;
my @rcpt_hosts = ($self->qp->config("me"), $self->qp->config("rcpthosts"));
# Allow 'no @' addresses for 'postmaster' and 'abuse'
# qmail-smtpd will do this for all users without a domain, but we'll
# be a bit more picky. Maybe that's a bad idea.
my $user = $recipient->user;
$host = $self->qp->config("me")
if ($host eq "" && (lc $user eq "postmaster" || lc $user eq "abuse"));
# Check if this IP is allowed to relay
return (OK) if exists $ENV{RELAYCLIENT};
my @relay_clients = $self->qp->config("relayclients");
my $more_relay_clients = $self->qp->config("morerelayclients", "map");
my %relay_clients = map { $_ => 1 } @relay_clients;
my $client_ip = $self->qp->connection->remote_ip;
while ($client_ip) {
return (OK) if exists $relay_clients{$client_ip};
return (OK) if exists $more_relay_clients->{$client_ip};
$client_ip =~ s/\d+\.?$//; # strip off another 8 bits
}
# Check if this recipient host is allowed
for my $allowed (@rcpt_hosts) {
$allowed =~ s/^\s*(\S+)/$1/;
return (OK) if $host eq lc $allowed;
return (OK) if substr($allowed,0,1) eq "." and $host =~ m/\Q$allowed\E$/i;
}
my $more_rcpt_hosts = $self->qp->config('morercpthosts', 'map');
return (OK) if exists $more_rcpt_hosts->{$host};
return (DENY);
}