* plugins/check_relay
* plugins/rcpt_ok Split check_relay into two plugins * config/plugins Reorder plugins to take advantage of the new check_relay * lib/Qpsmtpd/Connection.pm Add support for relay_client() method * lib/Qpsmtpd/SMTP.pm Copy connection relay settings to transaction object when created * lib/Qpsmtpd/Auth.pm Use the connection->relay_client() instead of setting an env var git-svn-id: https://svn.perl.org/qpsmtpd/trunk@326 958fd67b-6ff1-0310-b445-bb7760255be9
This commit is contained in:
parent
86b15d8e0a
commit
f92e99bd9c
11
Changes
11
Changes
@ -25,6 +25,17 @@
|
|||||||
+ initial "awkward silence" period now configurable (Mark Powell)
|
+ initial "awkward silence" period now configurable (Mark Powell)
|
||||||
+ DENY/DENYSOFT now configurable
|
+ DENY/DENYSOFT now configurable
|
||||||
|
|
||||||
|
Move relay flag to connection object (John Peacock):
|
||||||
|
+ add relay_client() method to Connection.pm
|
||||||
|
+ change SMTP.pm to copy relay_client() flag to transaction relaying
|
||||||
|
flag (for compatibility purposes) - should deprecate instead
|
||||||
|
+ Update Auth.pm module to set $connection->relay_client()
|
||||||
|
|
||||||
|
Split check_relay plugin into two plugins (John Peacock):
|
||||||
|
+ check_relay now fires on connect and sets relay_client() flag
|
||||||
|
+ rcpt_ok runs last of rcpt plugins and performs final OK/DENY
|
||||||
|
+ change default config/plugins to reflect new order
|
||||||
|
|
||||||
0.28 - 2004/06/05
|
0.28 - 2004/06/05
|
||||||
|
|
||||||
Don't keep adding ip addresses to the process status line ($0) when running under PPerl.
|
Don't keep adding ip addresses to the process status line ($0) when running under PPerl.
|
||||||
|
@ -10,6 +10,7 @@ quit_fortune
|
|||||||
|
|
||||||
check_earlytalker
|
check_earlytalker
|
||||||
count_unrecognized_commands 4
|
count_unrecognized_commands 4
|
||||||
|
check_relay
|
||||||
|
|
||||||
require_resolvable_fromhost
|
require_resolvable_fromhost
|
||||||
|
|
||||||
@ -22,7 +23,7 @@ check_spamhelo
|
|||||||
# sender_permitted_from
|
# sender_permitted_from
|
||||||
|
|
||||||
# this plugin needs to run after all other "rcpt" plugins
|
# this plugin needs to run after all other "rcpt" plugins
|
||||||
check_relay
|
rcpt_ok
|
||||||
|
|
||||||
# content filters
|
# content filters
|
||||||
virus/klez_filter
|
virus/klez_filter
|
||||||
|
@ -319,7 +319,7 @@ sub SASL {
|
|||||||
$msg = "Authentication successful" .
|
$msg = "Authentication successful" .
|
||||||
( defined $msg ? " - " . $msg : "" );
|
( defined $msg ? " - " . $msg : "" );
|
||||||
$session->respond( 235, $msg );
|
$session->respond( 235, $msg );
|
||||||
$ENV{RELAYCLIENT} = 1;
|
$session->connection->relay_client(1);
|
||||||
$session->log( LOGINFO, $msg );
|
$session->log( LOGINFO, $msg );
|
||||||
return OK;
|
return OK;
|
||||||
}
|
}
|
||||||
|
@ -59,6 +59,12 @@ sub remote_info {
|
|||||||
$self->{_remote_info};
|
$self->{_remote_info};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub relay_client {
|
||||||
|
my $self = shift;
|
||||||
|
@_ and $self->{_relay_client} = shift;
|
||||||
|
$self->{_relay_client};
|
||||||
|
}
|
||||||
|
|
||||||
sub hello {
|
sub hello {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
@_ and $self->{_hello} = shift;
|
@_ and $self->{_hello} = shift;
|
||||||
|
@ -116,7 +116,9 @@ sub transaction {
|
|||||||
sub reset_transaction {
|
sub reset_transaction {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
$self->run_hooks("reset_transaction") if $self->{_transaction};
|
$self->run_hooks("reset_transaction") if $self->{_transaction};
|
||||||
return $self->{_transaction} = Qpsmtpd::Transaction->new();
|
$self->{_transaction} = Qpsmtpd::Transaction->new();
|
||||||
|
$self->{_transaction}->relaying($self->{_connection}->{_relay_client});
|
||||||
|
return $self->{_transaction};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,26 +1,15 @@
|
|||||||
# this plugin checks the standard rcpthosts config and
|
# this plugin checks the relayclients config file and
|
||||||
# $ENV{RELAYCLIENT} to see if relaying is allowed.
|
# $ENV{RELAYCLIENT} to see if relaying is allowed.
|
||||||
#
|
#
|
||||||
# It should be configured to be run _LAST_!
|
|
||||||
#
|
|
||||||
|
|
||||||
sub register {
|
sub register {
|
||||||
my ($self, $qp) = @_;
|
my ($self, $qp) = @_;
|
||||||
$self->register_hook("rcpt", "check_relay");
|
$self->register_hook("connect", "check_relay");
|
||||||
}
|
}
|
||||||
|
|
||||||
sub check_relay {
|
sub check_relay {
|
||||||
my ($self, $transaction, $recipient) = @_;
|
my ($self, $transaction) = @_;
|
||||||
my $host = lc $recipient->host;
|
my $connection = $self->qp->connection;
|
||||||
|
|
||||||
my @rcpt_hosts = ($self->qp->config("me"), $self->qp->config("rcpthosts"));
|
|
||||||
|
|
||||||
# Allow 'no @' addresses for 'postmaster' and 'abuse'
|
|
||||||
# qmail-smtpd will do this for all users without a domain, but we'll
|
|
||||||
# be a bit more picky. Maybe that's a bad idea.
|
|
||||||
my $user = $recipient->user;
|
|
||||||
$host = $self->qp->config("me")
|
|
||||||
if ($host eq "" && (lc $user eq "postmaster" || lc $user eq "abuse"));
|
|
||||||
|
|
||||||
# Check if this IP is allowed to relay
|
# Check if this IP is allowed to relay
|
||||||
my @relay_clients = $self->qp->config("relayclients");
|
my @relay_clients = $self->qp->config("relayclients");
|
||||||
@ -32,21 +21,11 @@ sub check_relay {
|
|||||||
exists($relay_clients{$client_ip}) or
|
exists($relay_clients{$client_ip}) or
|
||||||
exists($more_relay_clients->{$client_ip}))
|
exists($more_relay_clients->{$client_ip}))
|
||||||
{
|
{
|
||||||
$transaction->relaying(1);
|
$connection->relay_client(1);
|
||||||
return (OK);
|
last;
|
||||||
}
|
}
|
||||||
$client_ip =~ s/\d+\.?$//; # strip off another 8 bits
|
$client_ip =~ s/\d+\.?$//; # strip off another 8 bits
|
||||||
}
|
}
|
||||||
|
|
||||||
# Check if this recipient host is allowed
|
return (DECLINED);
|
||||||
for my $allowed (@rcpt_hosts) {
|
|
||||||
$allowed =~ s/^\s*(\S+)/$1/;
|
|
||||||
return (OK) if $host eq lc $allowed;
|
|
||||||
return (OK) if substr($allowed,0,1) eq "." and $host =~ m/\Q$allowed\E$/i;
|
|
||||||
}
|
|
||||||
|
|
||||||
my $more_rcpt_hosts = $self->qp->config('morercpthosts', 'map');
|
|
||||||
return (OK) if exists $more_rcpt_hosts->{$host};
|
|
||||||
|
|
||||||
return (DENY);
|
|
||||||
}
|
}
|
||||||
|
40
plugins/rcpt_ok
Normal file
40
plugins/rcpt_ok
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
# this plugin checks the standard rcpthosts config
|
||||||
|
#
|
||||||
|
# It should be configured to be run _LAST_!
|
||||||
|
#
|
||||||
|
|
||||||
|
sub register {
|
||||||
|
my ($self, $qp) = @_;
|
||||||
|
$self->register_hook("rcpt", "rcpt_ok");
|
||||||
|
}
|
||||||
|
|
||||||
|
sub rcpt_ok {
|
||||||
|
my ($self, $transaction, $recipient) = @_;
|
||||||
|
my $host = lc $recipient->host;
|
||||||
|
|
||||||
|
my @rcpt_hosts = ($self->qp->config("me"), $self->qp->config("rcpthosts"));
|
||||||
|
|
||||||
|
# Allow 'no @' addresses for 'postmaster' and 'abuse'
|
||||||
|
# qmail-smtpd will do this for all users without a domain, but we'll
|
||||||
|
# be a bit more picky. Maybe that's a bad idea.
|
||||||
|
my $user = $recipient->user;
|
||||||
|
$host = $self->qp->config("me")
|
||||||
|
if ($host eq "" && (lc $user eq "postmaster" || lc $user eq "abuse"));
|
||||||
|
|
||||||
|
# Check if this recipient host is allowed
|
||||||
|
for my $allowed (@rcpt_hosts) {
|
||||||
|
$allowed =~ s/^\s*(\S+)/$1/;
|
||||||
|
return (OK) if $host eq lc $allowed;
|
||||||
|
return (OK) if substr($allowed,0,1) eq "." and $host =~ m/\Q$allowed\E$/i;
|
||||||
|
}
|
||||||
|
|
||||||
|
my $more_rcpt_hosts = $self->qp->config('morercpthosts', 'map');
|
||||||
|
return (OK) if exists $more_rcpt_hosts->{$host};
|
||||||
|
|
||||||
|
if ( $self->qp->connection->relay_client ) { # failsafe
|
||||||
|
return (OK);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return (DENY);
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user