Commit Graph

2276 Commits

Author SHA1 Message Date
Matt Simerson
b085388cda TcpServer: optimize DNS lookups for PTR
a. don't use search path (/etc/resolv.conf)
b. explicitely specify PTR in query request
2013-12-01 03:45:12 -05:00
Matt Simerson
5b3f616571 removed a diff block from docs/config.pod 2013-12-01 03:42:55 -05:00
Matt Simerson
c3305179d2 remove plaintext UPGRADING (.pod added by Ask) 2013-08-05 15:32:31 -07:00
Matt Simerson
423c35aab3 Merge pull request #35 from msimerson/master
Merging in changes from qpsmtpd-dev fork
2013-08-05 15:08:56 -07:00
Matt Simerson
4a61ef1ad9 define positioning of Authentication-Results header 2013-08-05 15:05:38 -07:00
Matt Simerson
4d489ea6ef tested and working Authentication-Results
changed the method of saving results. Instead of appending to/from a header, plugins save results to a connection note.

Qpsmtpd::SMTP.pm has a new method that inserts the Authentication-Results header
The smtp-auth information has been removed from the Received header

Authentication-Results providing plugins have been updated to store results in connection note
2013-08-05 15:05:38 -07:00
Matt Simerson
4ae16219bd added Authentication-Results header, with provider
dkim, dmarc, fcrdns (iprev), spf, and smtp-auth
2013-08-05 15:05:38 -07:00
Matt Simerson
b1afbabf4c Makefile.PL: added commented Math::Complex 2013-08-05 15:05:38 -07:00
Matt Simerson
4aa888dc6c headers: assign zeroes to avoid undef errors 2013-08-05 15:05:38 -07:00
Matt Simerson
b126c3c7f8 store envelope from and to in connection notes 2013-08-05 15:05:38 -07:00
Matt Simerson
247c5a2bea is_naughty is a setter now too 2013-08-05 15:05:38 -07:00
Matt Simerson
4c0632e043 summarize: fix syntax error 2013-08-05 15:05:38 -07:00
Matt Simerson
fbdee49965 raised default max msg size in clamdscan from 128k
added max_size on config, so it's likely to get noticed, since even 1M is probably too low for most sites. This should likely default to the same as databytes?
2013-08-05 15:05:38 -07:00
Matt Simerson
1fa7d8361f spf enabled in config/plugins by default
the plugin will detect if Mail::SPF is missing and not register it's hooks
2013-08-05 15:05:38 -07:00
Matt Simerson
7b21e90ff7 added daemontools, ucspi-tcp to install list 2013-08-05 15:05:38 -07:00
Matt Simerson
76d70bb941 MANIFEST: updated with run.* files 2013-08-05 15:05:38 -07:00
Matt Simerson
3a0900f0ae SMTP.pm: reduce auth details from Received header.
based on patch from Devin Carraway

  http://www.nntp.perl.org/group/perl.qpsmtpd/2012/08/msg9954.html
2013-08-05 15:05:38 -07:00
Matt Simerson
b4b53ee273 updated Changes 2013-08-05 15:05:38 -07:00
Matt Simerson
2cf7207553 summarize: move parts of main while loop to subs
and added POD
2013-08-05 15:05:38 -07:00
Matt Simerson
98b147fed2 Makefile.PL, added comments, stating where the
disabled plugins are used
2013-08-05 15:05:38 -07:00
Matt Simerson
3e7efb8883 summarize: strip out unprintable chars 2013-08-05 15:05:38 -07:00
Matt Simerson
2a11be4f8b Makefile.PL: added more disabled dependencies
DBI: commented out, but included for documentation's sake
2013-08-05 15:05:37 -07:00
Matt Simerson
1e3136a0d0 revert movement of qp bins to bin/
plugin dir, config dir, spool dir, all have different logic about where/how to find their config. The logic needs some untangling and unification before attempting this again.
2013-08-05 15:05:37 -07:00
Matt Simerson
791237841b replace run with separate run for the 2 common
deployment methods. Rather than having to edit the run file, it's much easier to rename the run file.
Moved qpsmtpd* into bin/
2013-08-05 15:05:37 -07:00
Matt Simerson
f7b00fa677 auth_vpopmaild: added taint checking to responses 2013-08-05 15:05:37 -07:00
Matt Simerson
82effb409a Qpsmtpd: untaint config data passed to plugins
if QP passes in tainted data, such as a hostname that subsequently gets used to open a connection using IO::Socket, the plugin die because the information is tainted. Fix it once here, instead of in each plugin.
2013-08-05 15:05:37 -07:00
Matt Simerson
4c6f5aedfd Qpsmtpd.pm: split config args on /\s+/, was / / 2013-08-05 15:05:37 -07:00
Matt Simerson
2b1b75145a install_deps: handle comments in Makefile.PL 2013-08-05 15:05:37 -07:00
Matt Simerson
b8229fbdbf dmarc: added subdomain policy handling 2013-08-05 15:05:37 -07:00
Matt Simerson
76071ca559 Makefile.PL: added clean { *.bak } 2013-08-05 15:05:37 -07:00
Matt Simerson
09b7d977db Makefile.PL: reenable Time::TAI64 2013-08-05 15:05:37 -07:00
Matt Simerson
52002eecf6 Makefile.PL: comment out Mail::Spamassassin 2013-08-05 15:05:37 -07:00
Matt Simerson
40235542e3 Makefile.PL: disable Geo::IP module 2013-08-05 15:05:37 -07:00
Matt Simerson
a67ed4063b try disabling Time::TAI64, update MANIFEST 2013-08-05 15:05:37 -07:00
Matt Simerson
c4d59cc442 .travis.yml: added perl 5.16 2013-08-05 15:05:37 -07:00
Matt Simerson
e8ee3fe430 see if removing Mail::SPF makes Travis happy 2013-08-05 15:05:37 -07:00
Matt Simerson
c652d4c9e4 dmarc test: comments in the public list was
allowing certain org domain searches to fail (plus.google.com, b/c a google.com email address was in the public list). Now I anchor the searches to the start of the line. This test also catches edge cases like co.uk, which isn't listed, but a wildcard *.uk is.
2013-08-05 15:05:37 -07:00
Matt Simerson
db6a7f418b run: increase RAM from 200 to 300MB (dkim)
still seeing (infrequent) "too large" errors validating DKIM signatures
2013-08-05 15:05:37 -07:00
Matt Simerson
92fe1e899f rcpt_ok: do immunity checks earlier, so that
disposition logs don't indicate failure for authenticated senders
2013-08-05 15:05:37 -07:00
Matt Simerson
eccaf17d18 karma: limit rcpts to 1 for senders with neg karma 2013-08-05 15:05:36 -07:00
Matt Simerson
bbc6e895cc distinguish rejecting versus tolerated failures 2013-08-05 15:05:36 -07:00
Matt Simerson
06ebd12e06 docs/logging: added description of log prefixes 2013-08-05 15:05:36 -07:00
Matt Simerson
97a8d4e9df docs/logging: added description of log prefixes 2013-08-05 15:05:36 -07:00
Matt Simerson
3180c9da31 SPF: added more precise disposition logs, so that
postprocess can determine if a SPF failure caused a rejection
2013-08-05 15:05:36 -07:00
Matt Simerson
ebfccec5b3 dmarc: added support for DMARC policy pct=NNN 2013-08-05 15:05:36 -07:00
Matt Simerson
c0210a7877 SPF: arrage flow so if a pass result is possible,
we will get it and set the note for DMARC plugin
2013-08-05 15:05:36 -07:00
Matt Simerson
effb4e2269 dmarc: improving and updating POD 2013-08-05 15:05:36 -07:00
Matt Simerson
fef37f54ce summarize shows a narrower screen by default.
passing in -l for when your term windows is more than 200 chars wide will show more detail
2013-08-05 15:05:36 -07:00
Matt Simerson
dbcc3d40b4 split is_immune into itself + is_naughty
is_immune tests designates to plugins they should always skip processing.

That's typical for naughty connections, but this change provides the ability to handly naughty connections differently than (whitelisted/relayclients/known good) senders.
2013-08-05 15:05:36 -07:00
Matt Simerson
1bb7ce30ea bump RAM from 150 to 200MB
DKIM message signing needs more RAM
2013-08-05 15:05:36 -07:00