ignore search path in DNS lookups
2. If the name doesn't end in a dot then append each item in the search list to the name. This is only done if dnsrch is true. triggered by.. From: Charlie Brady <charlieb-qpsmtpd@budge.apana.org.au> Subject: [BUG] Default search path used in require_resolvable_fromhost Date: Sat, 17 Jul 2010 16:24:42 -0400 (EDT) Message-ID: <Pine.LNX.4.64.1007171623040.17109@e-smith.charlieb.ott.istop.com> http://bugs.contribs.org/show_bug.cgi?id=5808 Jesper Knudsen 2010-03-01 01:29:10 MST When using the require_resolvable_fromhost plugin for qpsmtpd I noticed that mails from user@localhost.localdomain was actually getting through this filter. I finally found out that the plugin has a bug that causes it to insert default search path if it cannot find the domain. This means in my case that localhost.localdomain was then tried resolved as localhost.localdomain.swerts-knudsen.dk and since I have a wilcard CNAME was resolved as my public IP. Since this plugin is only enabled for public interface the fix is to set the "dnsrch" flag when creating the Net::DNS object. In require_resolvable_fromhost: my $res = Net::DNS::Resolver->new ( dnsrch => 0 );
This commit is contained in:
parent
e2ee6f13e5
commit
803a320127
2
Changes
2
Changes
@ -1,6 +1,8 @@
|
|||||||
|
|
||||||
Next Version
|
Next Version
|
||||||
|
|
||||||
|
require_resolvable_fromhost ignores DNS search path (i.e. it expects fully resolved domains) (Robert Spier, Charlie Brady)
|
||||||
|
|
||||||
new plugin auth_vpopmaild (Robin Bowes)
|
new plugin auth_vpopmaild (Robin Bowes)
|
||||||
|
|
||||||
new plugin auth_checkpassword (Matt Simerson)
|
new plugin auth_checkpassword (Matt Simerson)
|
||||||
|
@ -58,7 +58,7 @@ sub check_dns {
|
|||||||
|
|
||||||
return 1 if $host =~ m/^\[(\d{1,3}\.){3}\d{1,3}\]$/;
|
return 1 if $host =~ m/^\[(\d{1,3}\.){3}\d{1,3}\]$/;
|
||||||
|
|
||||||
my $res = new Net::DNS::Resolver;
|
my $res = new Net::DNS::Resolver(dnsrch => 0);
|
||||||
$res->tcp_timeout(30);
|
$res->tcp_timeout(30);
|
||||||
$res->udp_timeout(30);
|
$res->udp_timeout(30);
|
||||||
my @mx = mx($res, $host);
|
my @mx = mx($res, $host);
|
||||||
@ -116,7 +116,7 @@ sub is_valid {
|
|||||||
|
|
||||||
sub mx_valid {
|
sub mx_valid {
|
||||||
my ($self, $name, $host) = @_;
|
my ($self, $name, $host) = @_;
|
||||||
my $res = new Net::DNS::Resolver;
|
my $res = new Net::DNS::Resolver(dnsrch => 0);
|
||||||
# IP in MX
|
# IP in MX
|
||||||
return is_valid($name) if ip_is_ipv4($name) or ip_is_ipv6($name);
|
return is_valid($name) if ip_is_ipv4($name) or ip_is_ipv6($name);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user