Add _auth field to PollServer.
Make sure that check_earlytalker works with PollServer.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@711 958fd67b-6ff1-0310-b445-bb7760255be9
Qpsmtpd::Plugins for more info. This can be used to disable (and re-
enable) loaded plugins for the current connection.
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@700 958fd67b-6ff1-0310-b445-bb7760255be9
domain names we queried.
See the thread "dnsbl or spamhaus occassionally blocks wrong IP"
starting at 14 Mar 2006 for details.
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@683 958fd67b-6ff1-0310-b445-bb7760255be9
Sender: but does not resign message or strip DomainKeys-Signature. Add
config option to prevent badly signed message from being DENY'd.
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@654 958fd67b-6ff1-0310-b445-bb7760255be9
mandate signing by policy for the moment).
Change variables to use actual English words as names (instead of disemvoweled
or truncated variants).
Tweak Copyright notice to be current.
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@652 958fd67b-6ff1-0310-b445-bb7760255be9
Enhance the spamassassin plugin to support connecting to a remote
spamd process (Kjetil Kjernsmo).
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@651 958fd67b-6ff1-0310-b445-bb7760255be9
Make the clamdscan plugin temporarily deny mail if if can't talk to clamd
(Filippo Carletti)
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@621 958fd67b-6ff1-0310-b445-bb7760255be9
From: gordonr@gormand.com.au
Subject: Re: Submitting plugins (was Re: New plugin: denybounce)
Date: January 24, 2006 9:02:35 PM PST
To: ask@develooper.com
Cc: gavin@openfusion.com.au, qpsmtpd@perl.org
Message-Id: <43D7066B.3050106@gormand.com.au>
Ask Bjørn Hansen wrote:
On Jan 24, 2006, at 1:08 PM, Gordon Rowell wrote:
- License statement - either as per qpsmtpd or as per Perl or similar open license
No, it really should be MIT licensed ("as per qpsmtpd") to go in the distribution.
There are a few exceptions (only your plugins at a cursory glance), but those are mistakes. :-)
I don't have an issue with my qpsmtpd plugins being changed to state:
=head1 AUTHOR
Copyright 2005 Gordon Rowell <gordonr@gormand.com.au>
This software is free software and may be distributed under the same
terms as qpsmtpd itself.
Though as a distro maintainer, we do have a sizeable issue with license proliferation. It really is a bit of a nightmare when two licenses are almost, but not completely, the same.
Thanks,
Gordon
r4216@g5: ask | 2006-01-24 23:12:21 -0800
merge license fix from trunk
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@603 958fd67b-6ff1-0310-b445-bb7760255be9
Patch by Hanno Hecker <hah@uu-x.de>.
Adds the RFC 1893 status codes to the messages which are returned to the
sending client.
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@602 958fd67b-6ff1-0310-b445-bb7760255be9
By default no flags are set (old behaviour). Known flags for cleanup are
FLAG_FILTER, FLAG_BCC_OK and FLAG_MAP_OK, see POD for details.
Patch by: Hanno Hecker <hah@uu-x.de>
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@600 958fd67b-6ff1-0310-b445-bb7760255be9
* lib/Qpsmtpd/Connection.pm
Abstract out parameters which can be reused (e.g. TLS) or can be
set when creating the Connection object via start().
* plugins/tls
Simplify code to use $self->clone() construct and also suppress
IO::Socket::SSL debug noise, now that this is working.
* plugins/tls_cert
New file to automate creating self-signed certificates for TLS.
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@597 958fd67b-6ff1-0310-b445-bb7760255be9
Use LOGNOTICE instead of LOGERROR when bailing early due to
non-multipart message.
Test clamd->ping() before scanning, and bail if it doesn't
answer (with an appropriate error).
Patch submitted by Dave Rolsky <autarch@urth.org>.
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@583 958fd67b-6ff1-0310-b445-bb7760255be9
r588@jpeacock (orig r490): jpeacock | 2005-07-09 07:03:53 -0400
r547@jpeacock: jpeacock | 2005-07-02 07:20:17 -0400
Replace pithy comment with something more neutral.
Thanks Gordon Rowell <gordonr@gormand.com.au>
r548@jpeacock: jpeacock | 2005-07-02 07:24:21 -0400
Example patterns for badrcptto plugin - Gordon Rowell <gordonr@gormand.com.au>
r586@jpeacock: jpeacock | 2005-07-09 06:54:47 -0400
Don't use varlog() directly unless you are passing all parameters.
Don't try to log() anything during loading of logging plugins.
r587@jpeacock: jpeacock | 2005-07-09 06:59:57 -0400
Cannot use new-style hooking with logging plugins (yet).
r590@jpeacock (orig r491): jpeacock | 2005-07-10 06:56:55 -0400
r589@jpeacock: jpeacock | 2005-07-10 06:54:32 -0400
Track hooks as array and hash.
Re-revert changes to logging plugins to use new-style hooking.
logging/adaptive assumed that register() has been called before hook_logging.
git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.31@503 958fd67b-6ff1-0310-b445-bb7760255be9
The great plugin renaming in the name of inheritance and standardization commit.
1. new concept of standard hook_ names.
2. Plugin::init
3. renamed many subroutines in plugins (and cleaned up register subs)
4. updated README.plugins
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@479 958fd67b-6ff1-0310-b445-bb7760255be9
and save log lines <= min level. IIF a message is accepted for delivery,
then echo out the saved log lines (typically just FROM and TO) with the prefix
for multilog filtering into independent log files.
Update POD in logging/adaptive to describe changed behavior as well as give
an example log/run file to filter the messages accordingly.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@443 958fd67b-6ff1-0310-b445-bb7760255be9
Change plugins/dnsbl to permit AUTH'd or other relay clients even if IP
is on a blacklist.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@442 958fd67b-6ff1-0310-b445-bb7760255be9
Interfaces with Bruce Guenther's Credential Validation Module (CVM)
* plugins/auth/auth_cvm_unix_local
Only DENY if the credentials were accepted but incorrect (bad password?)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@432 958fd67b-6ff1-0310-b445-bb7760255be9
* plugins/check_badrcptto_patterns
Match bad RCPTO address with regex
* plugins/check_norelay
Carve out holes from larger relay blocks
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@431 958fd67b-6ff1-0310-b445-bb7760255be9
Create a single Qpsmtpd::TcpServer object in the parent process and
then rely on fork to let each child have it's own copy
* lib/Qpsmtpd/Plugin.pm
Add new pre-connection and post-connection hooks
* README.plugins
Document the above new hooks
* lib/Qpsmtpd.pm
No longer have local value for trace_level() the first time through, which
was masking the global value (due to stupid search/replace error).
Don't call log() from trace_level() since it is only ever called from
within the varlog() sub when no logging plugin is registered.
* plugins/dnsbl
Config line option to use DENY_DISCONNECT instead of DENY (since any IP
on a blacklist should not have a chance to send anything for now).
Add POD to document the new disconnect behavior
* lib/Qpsmtpd.pm
Compatibility changes so test files continue to work
* t/Test/Qpsmtpd.pm
Compatibility sub for core subs which call varlog() directly
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@428 958fd67b-6ff1-0310-b445-bb7760255be9
Fix some totally egregious spelling errors
* plugins/auth/auth_ldap_bind
New plugin to authenticate against an LDAP database
Thanks to Elliot Foster <elliotf@gratuitous.net>
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@404 958fd67b-6ff1-0310-b445-bb7760255be9
representation from the numeric (for logging purposes). Add new logging
plugin, logging/adaptive, which logs at different levels depending on
whether the message was accepted/rejected.
* lib/Qpsmtpd/Constants.pm
use hashes for storing return_codes and log_levels
export accessor methods to retrieve the text representations
* lib/Qpsmtpd.pm
Rename log_level() to trace_level() so as to not conflict with the same
name in Qpsmtpd::Constants.
Call return_code() to display the text form when logging
* plugins/logging/adaptive
Better documentation
Support named parameters and prefix
Call return_code() to display the text form when logging
* plugins/logging/warn
Include POD
* README.logging
First pass at documenting the logging plugin API
* config.sample/loglevel
New numbering scheme to map directly to syslog levels
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@401 958fd67b-6ff1-0310-b445-bb7760255be9
existing core code. Add OK hook.
* lib/Qpsmtpd.pm
(init_logger): replaced with log_level()
(load_logging): NEW - load logging plugins without calling log()
(log_level): NEW - set/get global $LogLevel scalar
(log): now just a wrapper for varlog(); called only by core code
(varlog): initializes logging if not already done, calls logging plugins
in turn and falls back to interal logging unless plugins OK or DECLINED
(_load_plugins): only display "Loading plugin" when actually loading one
(run_hooks): load logging plugins without calling log(); add OK hook as
else of the DENY* case
(spool_dir): use global $Spool_dir scalar to cache location
* lib/Qpsmtpd/Plugin.pm
(%hooks): add "logging" and "ok"
(register_hook): add local _hook to object cache
(log): call varlog() with additional parameters hook and plugin_name
except for logging hook
(compile): add accessor sub for local _hook scalar
* lib/Qpsmtpd/SMTP.pm
(mail, rcpt): change loglevel to LOGALERT instead of LOGWARN for from/to
* qpsmtpd-forkserver
(REAPER): use package ::log() instead of warn()
(main): defer calling log until $plugin_loader has been initialized
(log): call logging using the $plugin_loader object
* plugins/logging/warn
NEW: sample plugin which replicates the core logging functionality
* plugins/logging/devnull
NEW: sample plugin which logs nothing (for testing multiple logging
plugin functionality)
* config.sample/logging
sample configuration file for logging plugins
* plugins/virus/uvscan
plugins/virus/clamav
Increase loglevel for non-serious warnings to LOGWARN from LOGERROR
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@398 958fd67b-6ff1-0310-b445-bb7760255be9
Correctly support alternate domain socket
Remove a tab that crept in
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@383 958fd67b-6ff1-0310-b445-bb7760255be9
Remember (belatedly) to add changes here
* MANIFEST
Add all new files to this list
* plugins/virus/clamdscan
New AV plugin to directly communicate with clamd daemon
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@378 958fd67b-6ff1-0310-b445-bb7760255be9
Scan temporary file directly now that the spooled file includes the
entire message
* plugins/virus/bitdefender - John Peacock
plugins/virus/hbedv - Hanno Hecker
New AV plugins
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@377 958fd67b-6ff1-0310-b445-bb7760255be9
Reword the POD to explain exactly how to chmod the directories to get
clamdscan to work within the spool directory (Thanks to Robin Bowes)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@373 958fd67b-6ff1-0310-b445-bb7760255be9
Provide more documentation on using clamdscan
Provide back_compat option to eliminate warnings in log with old ClamAV
Use new $self->spool_dir() function instead of homebrew
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@371 958fd67b-6ff1-0310-b445-bb7760255be9
Handle case where pw_clear_passwd doesn't exists in vpopmail database
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@360 958fd67b-6ff1-0310-b445-bb7760255be9
o plugins/check_badmailfromto
- New plugin in the style of check_badmailfrom, which matches a pair
of FROM/TO and makes it seem like the recipient's address no longer
exists (but only from the matching sender's point of view). Useful
for stalkers and other harassment cases.
o plugins/dns_whitelist_soft
- New plugin to provide a DNS-based whitelist (good for distributed
sites).
o various files
- Replaced tab character with 8 spaces and adjusted line breaks for
better readability.
Changes by mct@toren.net (Michael C. Toren)
o lib/Qpsmtpd/SMTP.pm
- Assumes a MAIL FROM value of "<#@[]>" (utilized by qmail to
indicate a null sender when generating a doublebounce message)
is equivalent to "<>". Previously qpsmtpd complained that the
value could not be parsed.
- Adds LOGIN to the default list of supported auth mechanisms.
The documentation in Auth.pm indicated that auth-login was not
currently supported due to lack of functionality, however I can
confirm that LOGIN appears to work fine as tested by using msmtp
(http://msmtp.sourceforge.net/). Are there any indications that
LOGIN support is actually broken in the current implementation?
- Removes the "X-Qpsmtpd-Auth: True" header appended when a message
has been sent by an authenticated user. One problem with such a
header is that it's impossible to say which SMTP hop added it,
and it provides no information which could be used to backtrack
the transaction. I grepped through my mail archives a bit
looking for how other MTAs handled the problem, and decided it
would be best to place this information in the Received: header:
Received: from remotehost (HELO remotehost) (192.168.42.42)
(smtp-auth username foo, mechanism cram-md5)
by mail.netisland.net (qpsmtpd/0.28) with ESMTP; <date>
o lib/Qpsmtpd/Auth.pm:
- Documentation update for the arguments passed to an auth
handler; previously the $mechanism argument was not mentioned,
which threw off the argument offsets.
- Documentation update for auth-login removing the warning
that auth-login is not currently supported due to lack of
functionality.
- Fix to execute a generic auth hook when a more specific
auth-$mechanism hook does not exist. (Previously posted
to the list last week.)
- Upon authentication, sets $session->{_auth_user} and
$session->{_auth_mechanism} so that SMTP.pm can include them
in the Received: header.
o plugins/queue/qmail-queue
- Added a timestamp and the qmail-queue qp identifier to the
"Queued!" 250 message, for compatibility with qmail-smtpd, which
can be very useful for tracking message delivery from machine to
machine. For example, the new 250 message might be:
250 Queued! 1105927468 qp 3210 <1105927457@netisland.net>
qmail-smtpd returns:
250 ok 1106546213 qp 7129
Additionally, for consistency angle brackets are placed around
the Message-ID displayed in the 250 if they were missing in the
message header.
o plugins/check_badmailfrom:
- Changed the error message from "Mail from $bad not accepted
here" to "sorry, your envelope sender is in my badmailfrom
list", for compatibility with qmail-smtpd. I didn't see any
reason to share with the sender the value of $bad, especially
for situations where the sender was rejected resulting from a
wildcard.
o plugins/check_earlytalker:
o plugins/require_resolvable_fromhost:
- No longer checks for earlytalkers or resolvable senders if the
connection note "whitelistclient" is set, which is nice for
helping backup MX hosts empty their queue faster.
o plugins/count_unrecognized_commands:
- Return code changed from DENY_DISCONNECT, which isn't valid in
an unrecognized_command hook, to DENY, which in this context
drops the connection anyway. (Previously posted to the list
last week.)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@356 958fd67b-6ff1-0310-b445-bb7760255be9
Subject: SPF plugin: using it in practice (PATCH attached for CVS)
Date: Tue, 30 Nov 2004 11:35:30 +0000
Message-ID: <20041130113530.GA31737@leverton.org>
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@355 958fd67b-6ff1-0310-b445-bb7760255be9
use symbolic log levels, instead of numeric
- dnsbl: set some (probably too large) timeouts
- count_unrec_commands: DENYHARD
- spamassassin: upgrade protocol to support switching users
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@349 958fd67b-6ff1-0310-b445-bb7760255be9
New option to strip/rename/keep old X-Spam headers (Michael Holzt)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@335 958fd67b-6ff1-0310-b445-bb7760255be9
Refuse messages that lack basic headers per RFC-2822
(Jim Winstead)
modified by John Peacock to block null messages, too
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@333 958fd67b-6ff1-0310-b445-bb7760255be9
Must replace any existing X-Spam headers with local score,
rather than adding. Don't care what other SA instances thought.
(Michael Holzt)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@330 958fd67b-6ff1-0310-b445-bb7760255be9
* lib/Qpsmtpd/Transaction.pm
Forgot to nuke POD for deprecated relaying()
* plugins/auth/auth_vpopmail_sql
Log who actually AUTHenticated
* plugins/virus/uvscan
Don't need to unlink the file (Qpsmtpd will take care of it)
Log the machine that did the actual Antivirus scanning
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@329 958fd67b-6ff1-0310-b445-bb7760255be9
* plugins/rcpt_ok
Split check_relay into two plugins
* config/plugins
Reorder plugins to take advantage of the new check_relay
* lib/Qpsmtpd/Connection.pm
Add support for relay_client() method
* lib/Qpsmtpd/SMTP.pm
Copy connection relay settings to transaction object when created
* lib/Qpsmtpd/Auth.pm
Use the connection->relay_client() instead of setting an env var
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@326 958fd67b-6ff1-0310-b445-bb7760255be9
ident/geoip - lookup country of host
ident/p0f - use p0f to get type of source machine
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@289 958fd67b-6ff1-0310-b445-bb7760255be9
- Make the awkward silence at connection configurable (default still 1sec)
- Add an option to defer reaction to the HELO to the MAIL-FROM command
instead, anticipating broken SMTP agents that don't gracefully handle
disconnection after greeting.
Also made the specific response configurable (soft, hard, nothing).
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@284 958fd67b-6ff1-0310-b445-bb7760255be9
<knan at mo.himolde.no>)
make the maildir plugin record who the message was to (needs some improvements
still)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@277 958fd67b-6ff1-0310-b445-bb7760255be9
- name=value style configuration arguments (old format still supported)
- max_size for scan (default 512k)
- Pass messages to clamscan in mbox format to satisfy clamdscan
- Made detect action configurable (reject or add-header)
- Logging fixes
- POD
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@273 958fd67b-6ff1-0310-b445-bb7760255be9
To: qpsmtpd@perl.org
Subject: [PATCH] queue/smtp-forward doesn't use correct HELO string
Message-ID: <20040714143007.31047.qmail@onion.perl.org>
Date: Wed, 14 Jul 2004 10:30:24 -0400
The current version of Net::SMTP doesn't make any attempt to determine
the hostname of the current computer (not that I blame Graham for
that), so that all e-mails are sent out as from
"localhost.localdomain" unless an explicit Hello string is provided.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@266 958fd67b-6ff1-0310-b445-bb7760255be9
rename authsql to auth_vpopmail_sql -- we need a generic "connect to database"
thing with a generic way to configure databases. ... and then we should have
a more generic "check username with sql" plugin.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@253 958fd67b-6ff1-0310-b445-bb7760255be9
+
+ Fix warning in check_badrcptto plugin (Thanks to Robert James Kaes)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@230 958fd67b-6ff1-0310-b445-bb7760255be9
support all of the RBLSMTPD functionality. (Thanks to Mark Powell)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@210 958fd67b-6ff1-0310-b445-bb7760255be9
+ contributors, thanks everyone!). Note that for now it's not
+ including the Spam: headers with the score explained. For that use
+ the spamassassin_spamc plugin from http://projects.bluefeet.net/
+ (for now).
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@206 958fd67b-6ff1-0310-b445-bb7760255be9
+ * Integrated with Mail::SPF::Query 1.991
+ * Don't do SPF processing when you are acting as a relay system
+ * Remove the MX changes as they are now inside Mail::SPF::Query
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@201 958fd67b-6ff1-0310-b445-bb7760255be9
regularly for me - POSIX::dup2() was just plain more reliable. Odd, I know.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@176 958fd67b-6ff1-0310-b445-bb7760255be9
SMTP AUTH some day. :-)
If a plugin running the ehlo hook add something to the ARRAY
reference $self->transaction->notes('capabilities') then it will be
added to the EHLO response.
Add command_counter method to the SMTP object. Plugins can use this
to catch (or not) consecutive commands. In particular useful with
the unrecognized_command hook.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@144 958fd67b-6ff1-0310-b445-bb7760255be9
message we send back to the client (to help those odd sendmail using
people debug their logs)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@140 958fd67b-6ff1-0310-b445-bb7760255be9
config now takes an extra "type" parameter. If it's "map" then a
reference to a tied hash will be returned.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@131 958fd67b-6ff1-0310-b445-bb7760255be9
From: Devin Carraway <qpsmtpd-list@devin.com>
To: qpsmtpd@perl.org
Subject: HELO hook and check plugin
Speaking of direct-to-MX spam, both AOL and Yahoo are large companies
with whole walls-full of servers devoted to mail delivery. None of them
announce themselves with "HELO yahoo.com" or "HELO aol.com." Spammers
certainly do, though.
Here's a patch to SMTP.pm to add hooks for HELO and EHLO, and a plugin
to use them.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@119 958fd67b-6ff1-0310-b445-bb7760255be9
receive mail to <abuse> and <postmaster>
(both by Rasjid Wilcox)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@112 958fd67b-6ff1-0310-b445-bb7760255be9
Fix error handling in queue/qmail-queue.
Add option to queue/qmail-queue to specify an alternate qmail-queue
location.
Add support for the QMAILQUEUE environment variable.
PPerl compatibility (yay!)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@110 958fd67b-6ff1-0310-b445-bb7760255be9
spamassassin plugin.
Add documentation to the spamassassin plugin.
Add comments to the plugins config
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@103 958fd67b-6ff1-0310-b445-bb7760255be9
