Commit Graph

33 Commits

Author SHA1 Message Date
Matt Simerson
8141b4f5a3 dnsbl: more refactoring, 2013-08-05 15:01:51 -07:00
Matt Simerson
3427af8aa4 dnsbl,rhsbl: process DNS immediately
and use naughty for deferred rejection
2013-08-05 15:01:50 -07:00
Matt Simerson
b245d30e9e dnsbl: process DNS queries immediately
rather than deferring until RCPT. This greatly improves efficiency, since most connections will get marked naughty much sooner, having run fewer tests.
2013-08-05 15:01:49 -07:00
Matt Simerson
57a0e4ba7b updated plugins to use QP::Plugins::is_immune 2012-06-04 03:26:16 -04:00
Matt Simerson
0a16621f02 connection consistency
-  $self->qp->connection->notes
+  $self->connection->notes

and all tests pass.
2012-06-02 00:46:33 -04:00
Matt Simerson
9d0c2f8469 dnsbl, POD tweaks, DENY type tests
consolidated POD at top of file
added example options to reject_type POD head
added an example loglevel entry

consolidated DENY[SOFT|DISCONNECT] logic into get_reject_type
added tests for get_reject_type
2012-05-21 17:07:37 -04:00
Matt Simerson
691955c60f dnsbl: fixed path to docs/logging.pod 2012-05-20 23:41:09 -07:00
Matt Simerson
1c7d26ecca dnsbl: added log messages, prefixes, additional args
instead of a positional arguments, used named arguments (backwards compatible)
added a couple log message prefixes
removed some trailing whitespace
updated POD
2012-05-20 23:40:23 -07:00
Matt Simerson
a1b073cfe2 refactored dnsbl, sprinkling logs and tests on it 2012-05-06 16:21:09 -07:00
Ask Bjørn Hansen
a23d4b3da9 Fix 01-syntax test failures
Exclude some tests with dependencies.

Remove -T from perl line in plugins
This makes it harder to test with PERL5LIB/perlbrew etc
2012-04-29 01:36:01 -07:00
Matt Simerson
dbaa9dbd6c POD corrections, additional tests, plugin consistency
on files in plugins dir:
  fixed a number of POD errors

  formatted some # comments into POD

  removed bare 1;  (these are plugins, not perl modules)
    most instances of this were copy/pasted from a previous plugin that had it

  removed instances of # vim ts=N ...
    they weren't consistent, many didn't match .perltidyrc

  on modules that failed perl -c tests, added 'use Qpsmtpd::Constants;'

Conflicts:

	plugins/async/check_earlytalker
	plugins/async/dns_whitelist_soft
	plugins/async/dnsbl
	plugins/async/queue/smtp-forward
	plugins/async/require_resolvable_fromhost
	plugins/async/rhsbl
	plugins/async/uribl
	plugins/auth/auth_checkpassword
	plugins/auth/auth_cvm_unix_local
	plugins/auth/auth_flat_file
	plugins/auth/auth_ldap_bind
	plugins/auth/auth_vpopmail
	plugins/auth/auth_vpopmail_sql
	plugins/auth/authdeny
	plugins/check_badmailfromto
	plugins/check_badrcptto_patterns
	plugins/check_bogus_bounce
	plugins/check_earlytalker
	plugins/check_norelay
	plugins/check_spamhelo
	plugins/connection_time
	plugins/dns_whitelist_soft
	plugins/dnsbl
	plugins/domainkeys
	plugins/greylisting
	plugins/hosts_allow
	plugins/http_config
	plugins/logging/adaptive
	plugins/logging/apache
	plugins/logging/connection_id
	plugins/logging/transaction_id
	plugins/logging/warn
	plugins/milter
	plugins/queue/exim-bsmtp
	plugins/queue/maildir
	plugins/queue/postfix-queue
	plugins/queue/smtp-forward
	plugins/quit_fortune
	plugins/random_error
	plugins/rcpt_map
	plugins/rcpt_regexp
	plugins/relay_only
	plugins/require_resolvable_fromhost
	plugins/rhsbl
	plugins/sender_permitted_from
	plugins/spamassassin
	plugins/tls
	plugins/tls_cert
	plugins/uribl
	plugins/virus/aveclient
	plugins/virus/bitdefender
	plugins/virus/clamav
	plugins/virus/clamdscan
	plugins/virus/hbedv
	plugins/virus/kavscanner
	plugins/virus/klez_filter
	plugins/virus/sophie
	plugins/virus/uvscan
2012-04-29 00:00:10 -07:00
Robert
61de599c1b Normalize #! lines on all plugins
find . -type f | xargs -n1 perl -pi.bak -0777 -e '$want = "#!perl -Tw"; s/\A#!.*\n/$want\n/; s/\A([^#])/$want\n\1/s'
2012-04-28 20:41:31 -07:00
Peter J. Holzer
d6c428716f Check if the domain name in a DNS response packet matches one of the
domain names we queried.
See the thread "dnsbl or spamhaus occassionally blocks wrong IP" 
starting at 14 Mar 2006 for details.


git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@683 958fd67b-6ff1-0310-b445-bb7760255be9
2006-12-16 09:46:12 +00:00
Hanno Hecker
8b50f9f0dd removed spamassassin doc from dnsbl
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@677 958fd67b-6ff1-0310-b445-bb7760255be9
2006-12-07 10:29:41 +00:00
John Peacock
8fcb46177b Add Qpsmtpd::Command to gather all parsing logic in one place (Hanno
Hecker)


git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@631 958fd67b-6ff1-0310-b445-bb7760255be9
2006-04-07 18:58:02 +00:00
Ask Bjørn Hansen
123346f1f5 r4567@g5: ask | 2006-03-09 04:35:43 -0800
move old branches aside


git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@629 958fd67b-6ff1-0310-b445-bb7760255be9
2006-03-09 12:37:25 +00:00
Robert Spier
90daeb3786 r483@dog: rspier | 2005-07-06 21:17:00 -0700
The great plugin renaming in the name of inheritance and standardization commit.
 
 1. new concept of standard hook_ names.
 2. Plugin::init
 3. renamed many subroutines in plugins (and cleaned up register subs)
 4. updated README.plugins
 


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@479 958fd67b-6ff1-0310-b445-bb7760255be9
2005-07-07 04:17:39 +00:00
John Peacock
9664eb9469 Change remaining plugins to use LOGXXXX constants instead of bare numbers.
Change plugins/dnsbl to permit AUTH'd or other relay clients even if IP
is on a blacklist.


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@442 958fd67b-6ff1-0310-b445-bb7760255be9
2005-06-22 14:08:57 +00:00
John Peacock
662003437d * qpsmtpd-forkserver
Create a single Qpsmtpd::TcpServer object in the parent process and
     then rely on fork to let each child have it's own copy
     
 *   lib/Qpsmtpd/Plugin.pm
     Add new pre-connection and post-connection hooks
     
 *   README.plugins
     Document the above new hooks

 *   lib/Qpsmtpd.pm
     No longer have local value for trace_level() the first time through, which 
     was masking the global value (due to stupid search/replace error).
     Don't call log() from trace_level() since it is only ever called from
     within the varlog() sub when no logging plugin is registered.

 *   plugins/dnsbl
     Config line option to use DENY_DISCONNECT instead of DENY (since any IP
     on a blacklist should not have a chance to send anything for now).
     Add POD to document the new disconnect behavior

 *   lib/Qpsmtpd.pm
     Compatibility changes so test files continue to work
 
 *   t/Test/Qpsmtpd.pm
     Compatibility sub for core subs which call varlog() directly


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@428 958fd67b-6ff1-0310-b445-bb7760255be9
2005-05-25 20:07:58 +00:00
John Peacock
c840a1d04f Changes by jpeacock@cpan.org (John Peacock)
o plugins/check_badmailfromto
    - New plugin in the style of check_badmailfrom, which matches a pair
      of FROM/TO and makes it seem like the recipient's address no longer
      exists (but only from the matching sender's point of view).  Useful
      for stalkers and other harassment cases.

o plugins/dns_whitelist_soft
    - New plugin to provide a DNS-based whitelist (good for distributed
      sites).

o various files
    - Replaced tab character with 8 spaces and adjusted line breaks for
      better readability.

Changes by mct@toren.net (Michael C. Toren)

o lib/Qpsmtpd/SMTP.pm

    - Assumes a MAIL FROM value of "<#@[]>" (utilized by qmail to
      indicate a null sender when generating a doublebounce message)
      is equivalent to "<>".  Previously qpsmtpd complained that the
      value could not be parsed.

    - Adds LOGIN to the default list of supported auth mechanisms.
      The documentation in Auth.pm indicated that auth-login was not
      currently supported due to lack of functionality, however I can
      confirm that LOGIN appears to work fine as tested by using msmtp
      (http://msmtp.sourceforge.net/).  Are there any indications that
      LOGIN support is actually broken in the current implementation?

    - Removes the "X-Qpsmtpd-Auth: True" header appended when a message
      has been sent by an authenticated user.  One problem with such a
      header is that it's impossible to say which SMTP hop added it,
      and it provides no information which could be used to backtrack
      the transaction.  I grepped through my mail archives a bit
      looking for how other MTAs handled the problem, and decided it
      would be best to place this information in the Received: header:

        Received: from remotehost (HELO remotehost) (192.168.42.42)
          (smtp-auth username foo, mechanism cram-md5)
          by mail.netisland.net (qpsmtpd/0.28) with ESMTP; <date>


o lib/Qpsmtpd/Auth.pm:

    - Documentation update for the arguments passed to an auth
      handler; previously the $mechanism argument was not mentioned,
      which threw off the argument offsets.

    - Documentation update for auth-login removing the warning
      that auth-login is not currently supported due to lack of
      functionality.

    - Fix to execute a generic auth hook when a more specific
      auth-$mechanism hook does not exist.  (Previously posted
      to the list last week.)

    - Upon authentication, sets $session->{_auth_user} and
      $session->{_auth_mechanism} so that SMTP.pm can include them
      in the Received: header.


o plugins/queue/qmail-queue

    - Added a timestamp and the qmail-queue qp identifier to the
      "Queued!" 250 message, for compatibility with qmail-smtpd, which
      can be very useful for tracking message delivery from machine to
      machine.  For example, the new 250 message might be:

        250 Queued! 1105927468 qp 3210 <1105927457@netisland.net>

      qmail-smtpd returns:

        250 ok 1106546213 qp 7129

      Additionally, for consistency angle brackets are placed around
      the Message-ID displayed in the 250 if they were missing in the
      message header.


o plugins/check_badmailfrom:

    - Changed the error message from "Mail from $bad not accepted
      here" to "sorry, your envelope sender is in my badmailfrom
      list", for compatibility with qmail-smtpd.  I didn't see any
      reason to share with the sender the value of $bad, especially
      for situations where the sender was rejected resulting from a
      wildcard.


o plugins/check_earlytalker:
o plugins/require_resolvable_fromhost:

    - No longer checks for earlytalkers or resolvable senders if the
      connection note "whitelistclient" is set, which is nice for
      helping backup MX hosts empty their queue faster.


o plugins/count_unrecognized_commands:

    - Return code changed from DENY_DISCONNECT, which isn't valid in
      an unrecognized_command hook, to DENY, which in this context
      drops the connection anyway.  (Previously posted to the list
      last week.)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@356 958fd67b-6ff1-0310-b445-bb7760255be9
2005-01-28 03:30:50 +00:00
Robert Spier
3341a5b4ab emacsisms, more timeouts
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@350 958fd67b-6ff1-0310-b445-bb7760255be9
2004-11-27 07:08:46 +00:00
Robert Spier
012c6db2d3 - dnsbl, count_unrec_commands, spamassassin:
use symbolic log levels, instead of numeric
- dnsbl:  set some (probably too large) timeouts
- count_unrec_commands: DENYHARD
- spamassassin: upgrade protocol to support switching users


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@349 958fd67b-6ff1-0310-b445-bb7760255be9
2004-11-27 07:02:23 +00:00
Matt Sergeant
1bf1ba83a8 Fix logging back to constants again
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@231 958fd67b-6ff1-0310-b445-bb7760255be9
2004-04-27 10:05:41 +00:00
Matt Sergeant
9c700b18e1 New for 0.28: Log levels and $Include for config/plugins
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@217 958fd67b-6ff1-0310-b445-bb7760255be9
2004-03-05 12:46:24 +00:00
Ask Bjørn Hansen
7a58f1280d don't return multiline replies for now
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@211 958fd67b-6ff1-0310-b445-bb7760255be9
2004-03-04 04:40:23 +00:00
Ask Bjørn Hansen
964242f7be Modified the dnsbl plugin to better support both A and TXT records and
support all of the RBLSMTPD functionality. (Thanks to Mark Powell)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@210 958fd67b-6ff1-0310-b445-bb7760255be9
2004-03-04 04:33:47 +00:00
Ask Bjørn Hansen
03e00bfb23 Fix bug in dnsbl that made it sometimes ignore "hits" (thanks to
James H. Thompson <jht@lava.net>)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@148 958fd67b-6ff1-0310-b445-bb7760255be9
2003-06-10 10:03:58 +00:00
Ask Bjørn Hansen
4fd09264e8 Date: Tue, 11 Mar 2003 08:08:16 +0000
From: Matt Sergeant <matt@sergeant.org>
To: qpsmtpd@perl.org
Subject: [PATCH] Get all dnsbl results


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@118 958fd67b-6ff1-0310-b445-bb7760255be9
2003-03-18 09:20:26 +00:00
Ask Bjørn Hansen
21a88f9f54 adjust logging. enable disconnect_handler again.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@72 958fd67b-6ff1-0310-b445-bb7760255be9
2002-09-10 16:49:10 +00:00
Ask Bjørn Hansen
9916cfc038 add timeout so we won't wait forever... (is that what's making it lock up
on onion?)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@71 958fd67b-6ff1-0310-b445-bb7760255be9
2002-09-10 16:36:45 +00:00
Ask Bjørn Hansen
fcbf3b0ad4 return DECLINED if no dnsbl's are configured
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@67 958fd67b-6ff1-0310-b445-bb7760255be9
2002-09-10 13:42:06 +00:00
Ask Bjørn Hansen
a7ac715289 async dns lookups in dnsbl plugin
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@66 958fd67b-6ff1-0310-b445-bb7760255be9
2002-09-10 13:36:58 +00:00
Ask Bjørn Hansen
5f2ceb03bd dnsbl plugin
a few new hooks

fix config/IP to be a good default again


git-svn-id: https://svn.perl.org/qpsmtpd/branches/v010@36 958fd67b-6ff1-0310-b445-bb7760255be9
2002-07-15 12:16:10 +00:00