byterazor/qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

helo: stop processing after first match

Browse Source
This commit is contained in:
Matt Simerson 2013-03-26 22:14:26 -04:00
parent 9bea21bc75
commit 3ba8e12155
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/helo
View File

@ -371,6 +371,7 @@ sub is_forged_literal {
my ( $self, $host ) = @_;
return if $host !~ m/^\[(\d{1,3}\.){3}\d{1,3}\]$/;
# should we add exceptions for reserved internal IP space? (192.168,10., etc?)
$host = substr $host, 1, -1;
return if $host eq $self->qp->connection->remote_ip;
return ("Forged IPs not accepted here", "forged IP literal");
@ -410,6 +411,7 @@ sub no_forward_dns {
next unless $rr->type =~ /^(?:A|AAAA)$/;
$self->check_ip_match( $rr->address );
$hits++;
last if $self->connection->notes('helo_forward_match');
}
if ( $hits ) {
$self->log(LOGDEBUG, "pass, forward DNS") if $hits;
@ -449,6 +451,9 @@ sub no_reverse_dns {
sub no_matching_dns {
my ( $self, $host ) = @_;
# this is called iprev, or "Forward-confirmed reverse DNS" and is discussed in RFC 5451
# consider adding header: Authentication-Results
if ( $self->connection->notes('helo_forward_match') &&
$self->connection->notes('helo_reverse_match') ) {
$self->log( LOGDEBUG, "foward and reverse match" );