From bf5f1db436dacc72127836f2bb2f6bb44423ab4b Mon Sep 17 00:00:00 2001 From: Matt Simerson Date: Fri, 18 May 2012 03:40:34 -0400 Subject: [PATCH] delete 3 relay plugins --- plugins/check_norelay | 58 ------------------------------ plugins/check_relay | 83 ------------------------------------------- plugins/relay_only | 36 ------------------- 3 files changed, 177 deletions(-) delete mode 100644 plugins/check_norelay delete mode 100644 plugins/check_relay delete mode 100644 plugins/relay_only diff --git a/plugins/check_norelay b/plugins/check_norelay deleted file mode 100644 index 5e317bc..0000000 --- a/plugins/check_norelay +++ /dev/null @@ -1,58 +0,0 @@ -#!perl -w -=pod - -=head1 SYNOPSIS - -This plugin checks the norelayclients config file to see if -relaying is denied. - -This allows specific clients, such as the gateway, to be denied -relaying, even though they would be allowed relaying by the -relayclients file. - -=head1 CONFIG - -config/norelayclients - -Each line is: -- a full IP address -- partial IP address terminated by a dot for matching whole networks - e.g. 192.168.42. - -=head1 BUGS AND LIMITATIONS - -This plugin does not have a more_norelayclients map equivalent -of the more_relayclients map of the check_relay plugin. - -=head1 AUTHOR - -Based on check_relay plugin from the qpsmtpd distribution. - -Copyright 2005 Gordon Rowell - -This software is free software and may be distributed under the same -terms as qpsmtpd itself. - -=cut - -sub hook_connect { - my ($self, $transaction) = @_; - my $connection = $self->qp->connection; - - # Check if this IP is not allowed to relay - my @no_relay_clients = $self->qp->config("norelayclients"); - my %no_relay_clients = map { $_ => 1 } @no_relay_clients; - my $client_ip = $self->qp->connection->remote_ip; - while ($client_ip) { - if ( exists($no_relay_clients{$client_ip}) ) - { - $connection->relay_client(0); - delete $ENV{RELAYCLIENT}; - $self->log(LOGNOTICE, "check_norelay: $client_ip denied relaying"); - last; - } - $client_ip =~ s/\d+\.?$//; # strip off another 8 bits - } - - return (DECLINED); -} diff --git a/plugins/check_relay b/plugins/check_relay deleted file mode 100644 index 06034e7..0000000 --- a/plugins/check_relay +++ /dev/null @@ -1,83 +0,0 @@ -#!perl -w - -=head1 NAME - -check_relay - -=head1 SYNOPSIS - -Checks the relayclients config file and $ENV{RELAYCLIENT} to see if relaying is allowed. - -=cut - -use strict; -use warnings; - -use Qpsmtpd::Constants; -use Net::IP qw(:PROC); - -sub hook_connect { - my ($self, $transaction) = @_; - my $connection = $self->qp->connection; - - # Check if this IP is allowed to relay - my $client_ip = $self->qp->connection->remote_ip; - - # @crelay... for comparing, @srelay... for stripping - my (@crelay_clients, @srelay_clients); - - my @relay_clients = $self->qp->config("relayclients"); - for (@relay_clients) { - my ($range_ip, $range_prefix) = ip_splitprefix($_); - if($range_prefix){ - # has a prefix, so due for comparing - push @crelay_clients, $_; - } - else { - # has no prefix, so due for splitting - push @srelay_clients, $_; - } - } - - if (@crelay_clients){ - my ($range_ip, $range_prefix, $rversion, $begin, $end, $bin_client_ip); - my $cversion = ip_get_version($client_ip); - for (@crelay_clients) { - # Get just the IP from the CIDR range, to get the IP version, so we can - # get the start and end of the range - ($range_ip, $range_prefix) = ip_splitprefix($_); - $rversion = ip_get_version($range_ip); - ($begin, $end) = ip_normalize($_, $rversion); - - # expand the client address (zero pad it) before converting to binary - $bin_client_ip = ip_iptobin(ip_expand_address($client_ip, $cversion), $cversion); - - if (ip_bincomp($bin_client_ip, 'gt', ip_iptobin($begin, $rversion)) - && ip_bincomp($bin_client_ip, 'lt', ip_iptobin($end, $rversion))) - { - $connection->relay_client(1); - last; - } - } - } - - # If relay_client is already set, no point checking again - if (@srelay_clients && !$connection->relay_client) { - my $more_relay_clients = $self->qp->config("morerelayclients", "map"); - my %srelay_clients = map { $_ => 1 } @srelay_clients; - $client_ip =~ s/::/:/; - ($connection->relay_client(1) && undef($client_ip)) if $client_ip eq ":1"; - - while ($client_ip) { - if (exists($ENV{RELAYCLIENT}) or - exists($srelay_clients{$client_ip}) or - exists($more_relay_clients->{$client_ip})) - { - $connection->relay_client(1); - last; - } - $client_ip =~ s/(\d|\w)+(:|\.)?$//; # strip off another 8 bits - } - } - return (DECLINED); -} diff --git a/plugins/relay_only b/plugins/relay_only deleted file mode 100644 index e6414e9..0000000 --- a/plugins/relay_only +++ /dev/null @@ -1,36 +0,0 @@ -#!perl -w - -=head1 NAME - -relay_only - this plugin only permits relaying - -=head1 SYNOPSIS - -# in config/plugins - -check_relay - -relay_only - -# other rcpt hooks go here - -=head1 DESCRIPTION - -This plugin can be used for the case where a server is used as the smart -relay host for internal users and external/authenticated users, but should -not be considered a normal inbound MX server - -It should be configured to be run _AFTER_ check_relay and before other -RCPT hooks! Only clients that have authenticated or are listed in the -relayclient file will be allowed to send mail. - -=cut - -sub hook_rcpt { - if ( shift->qp->connection->relay_client ) { - return (OK); - } - else { - return (DENY); - } -}