Commit Graph

686 Commits

Author SHA1 Message Date
Graham Todd
ceb7419578 Add auth_imap plugin. 2014-11-06 13:00:52 -05:00
Matt Simerson
954fa45f2d added call to ->set_asn 2014-11-05 14:30:23 -08:00
Matt Simerson
54abd60239 strip off AS prefix 2014-11-05 14:30:23 -08:00
Matt Simerson
f2eda74074 ASN lookups now work 2014-11-05 14:30:22 -08:00
Matt Simerson
4eba2a39bc remove unused var 2014-11-05 14:30:22 -08:00
Matt Simerson
c61dbb5734 added GeoIP2 support, partial ASN support 2014-11-05 14:30:22 -08:00
Matt Simerson
9862cdc042 geoip: simplify the get/set data bits 2014-11-05 14:30:22 -08:00
Jared Johnson
289c5b2ca6 Add RFC link 2014-11-03 16:14:51 -06:00
Jared Johnson
e9400cc085 Add missing $self and explicit return 2014-10-28 14:37:56 -05:00
Jared Johnson
179d6427fc Consolidate greylist exclusions into exclude()
This makes for an easily overridden method for excluding hosts from greylisting with custom rules
2014-10-27 17:24:06 -05:00
Matt Simerson
4c314eb642 patch from Carlos Canau <Carlos@Canau.COM> 2014-10-02 15:25:57 -07:00
Matt Simerson
c3aa4c10d2 stunnel: cleanups 2014-09-17 23:00:31 -07:00
Matt Simerson
b289d38f53 more cleanups 2014-09-17 22:22:44 -07:00
Jonathan Hall
897a1fd8aa Remove a ton of 'return ()', and a few other minor readability tweaks. 2014-09-17 20:28:51 -05:00
Matt Simerson
1e82ae1bc7 async removed
1. the known users of async don't upgrade
2. async becomes a win when concurrent connections exceed a few hundred simultaneous
3. anyone that needs async should be looking at Haraka instead
4. the perl async dependencies aren't maintained
2014-09-17 11:38:40 -07:00
Matt Simerson
5155e5c32f POD fixups 2014-09-16 23:27:19 -07:00
Jonathan Hall
3d97773827 Reverse sense of is_not_multipart to is_multipart. 2014-09-16 13:57:15 -05:00
Jonathan Hall
ba3122bd82 Style cleanup
* no more 'return ()'
 * Explicit 'return 0'
2014-09-16 13:51:19 -05:00
Jonathan Hall
44cafde7d4 More complete clamdcscan tests
* construct our own Qpsmtpd::Transaction object for testing, so we're sure
   to have a pristine state
 * Move some logic into a should_scan() sub, to help separate scan_all from
   is_not_multipart (since the multipart state of a message has nothing to
   do with any configuration parameters)
2014-09-16 13:48:19 -05:00
Jonathan Hall
9faa1e1903 Fix clamdscan configuration handling
- Honor configured 'false' values
 - Treat 'scan_all' consistently with other options--permitting 0, 1, 'yes', or 'no' as values
2014-09-16 12:03:49 -05:00
Matt Simerson
ebdb25a4bd extracted config*() from Qpsmtpd.pm -> Config.pm
* includes full test converage for Qpsmtpd::Config
    * folded t/config.t into t/qpsmtpd-config.t
* includes additional tests for Qpsmtpd
    * folded t/tempstuff into t/qpsmtpd.t
* PBP adjustments here and there
* other tweaks to handle test warnings
2014-09-15 23:41:31 -07:00
Matt Simerson
710894cd49 moved Qpsmtpd::Utils -> Base.pm 2014-09-15 18:53:30 -07:00
Matt Simerson
851e1b54ee META updates, tidy, PBP tweaks
* update manifest
* perltidy
* replace postfix if/unless with brackets
* reduce useless indention by exiting sooner
2014-09-15 15:57:12 -07:00
Jared Johnson
4b7af20f49 Fix pattern substitution in user_config plugin 2014-09-15 17:06:47 -05:00
Jared Johnson
50cc469881 Add docs and flexible path to user_config plugin
I needed to make the path modifyable for testing anyway, might as well make it
actually usable.  Not yet tested.
2014-09-15 17:01:39 -05:00
Jared Johnson
8d032d8b50 Follow upstream convention in shebang
Our fork uses '#!/perl (Editor hint)' but upstream normally uses '#!perl'.  Conforming to upstream.

FWIW, the Kate editor recognizes the former as perl for the purpose of syntax highlighting but does not recognize the latter. But the one guy I know who uses Kate didn't take the opportunity to object :)
2014-09-15 16:53:09 -05:00
Jared Johnson
3379248c45 Add user_config example plugin
Add a plugin to read qpsmptd-style configuration files from users' home
directories.  Little to no testing yet.
2014-09-15 16:53:09 -05:00
Matt Simerson
0b38c21f40 auth_vpopmail_sql: wrap DB connect attempt in eval 2014-09-15 14:36:09 -07:00
Jonathan Hall
921139e0ca Update POD to reflect proper ->notes() calling convention. 2014-09-15 11:04:14 -05:00
Matt Simerson
b114e051c7 earlytalker: corrected POD note name 2014-09-13 17:08:12 -07:00
Matt Simerson
6cc5f78826 added POD for earlytalker_wait 2014-09-12 13:54:37 -07:00
Matt Simerson
a53c692c7b earlytalker: check connection note for wait length
Issue #58
reputation databases can set $connection->notes(earlytalker_wait)
2014-09-12 13:32:08 -07:00
Matt Simerson
96ff5746bd early: minor style tweaks 2014-09-12 09:53:41 -07:00
Matt Simerson
ca96ddf4eb added Utils->is_valid_ip, IPv6 ready
resolves Issue #82
2014-09-11 13:34:32 -07:00
Matt Simerson
5960cb4d87 helo: make NXDOMAIN time out faster 2014-09-11 11:37:46 -07:00
Matt Simerson
04a984bbab helo: improved invalid_localhost detection 2014-09-10 15:12:52 -07:00
Matt Simerson
91f8133f5c 2x: use Utils->is_localhost() to detect loopback
* it's IPv6 compatible
* plugins/helo, plugins/fcrdns
2014-09-10 14:22:06 -07:00
Matt Simerson
39c454c95e helo: added IPv6 support to invalid_localhost
and also suppress a test warning
2014-09-10 13:52:56 -07:00
Matt Simerson
88bef54283 resolve issue #77 and PR #32 2014-09-09 14:24:33 -07:00
Matt Simerson
0bbd209431 auth_cvm: added check for null char in username
see issue #53
2014-08-23 11:20:41 -07:00
Matt Simerson
c74564b4c8 Merge pull request #44 from priyadi/master
munge_subject_threshold did not previously work
2014-06-03 22:12:00 -07:00
Matt Simerson
3300994f97 Merge pull request #49 from luzluna/master
looks good, thanks for this.
2014-06-03 21:44:25 -07:00
luzluna park
a4c319acf8 stunnel proxy protocol remote ip,port setting feature added for smtps.
reference : http://www.stunnel.org/static/stunnel.html
protocol spec : http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt
2014-06-03 17:48:46 +09:00
Matt Simerson
bdeb92e01b Merge pull request #48 from priyadi/spamassassin
spamassassin: Fix extra newlines between headers and body.
2014-06-03 00:39:32 -07:00
Priyadi Iman Nurcahyo
2775e992a1 Fix extra newlines between headers and body. This caused problems with DKIM verification in SpamAssassin 2014-06-03 07:24:29 +00:00
Priyadi Iman Nurcahyo
59f0c4426c loadcheck: Provide meaningful rejection message to clients 2014-05-15 13:12:47 +00:00
Priyadi Iman Nurcahyo
bb03a785ef munge_subject_threshold did not previously work 2014-05-15 12:21:09 +00:00
Matt Simerson
d1ce56657a loadcheck: refactored. See =CHANGES section 2014-03-21 21:03:46 -07:00
Matt Simerson
767a797dbd loadcheck: perltidy 2014-03-21 09:33:16 -07:00
Matt Simerson
2e356a7cab helo: fix doc typo 2014-03-21 09:28:30 -07:00
Matt Simerson
8e6ef9385f Merge pull request #42 from rsiddall/master
Added Peter Eisch's load checking plugin, see: http://www.nntp.perl.org/...
2014-03-21 08:46:28 -07:00
Richard Siddall
aabefce3b9 Added warning about expense of forking/exec to determine system load. Added SEE ALSO links to the postings containing the plugin and an alternate. 2014-03-21 09:56:32 -04:00
Richard Siddall
ab965b585c Minor perldoc fix. 2014-03-21 09:48:49 -04:00
Richard Siddall
5df4dec48d Bumped the plugin version number for the variant with caching. Fixed a typo in the perldoc. 2014-03-21 09:42:54 -04:00
Richard Siddall
04fc9327b7 Found the improved version of Peter Eisch's plugin attached to http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4710.html. This includes caching of the system load and adds a cache_time config parameter. 2014-03-21 09:40:01 -04:00
Richard Siddall
95102e68c5 Added Peter Eisch's load checking plugin, see: http://www.nntp.perl.org/group/perl.qpsmtpd/2006/01/msg4422.html, and Steve Kemp's alternative at: http://www.nntp.perl.org/group/perl.qpsmtpd/2008/03/msg7814.html 2014-02-13 21:42:56 -05:00
Matt Simerson
f9d84d94c7 Add Postfix XCLIENT support to smtp-forward plugin
manually merged in PR #2 from cventers

XCLIENT support allows Qpsmtpd to forward client information, such as
the IP address and HELO information, to Postfix such that it can use
that information in access control decisions and logging.

XCLIENT is documented here: http://www.postfix.org/XCLIENT_README.html

This patch adds a "xclient" argument to smtp-forward which enables the
use of the XCLIENT verb if it is advertised by the server smtp-forward
is delivering mail to.
2014-02-13 12:53:33 -08:00
tpoindessous
9f404f52bf Add the message id in log
There is no message id in logfile so it's difficult to debug a message sent through qpsmtpd.
2014-01-24 15:11:39 +01:00
Matt Simerson
0fee545794 domainkeys: fixed doc typo 2014-01-10 21:55:09 -08:00
Matt Simerson
3a47dd2ac2 dmarc: skip processing for null sender 2014-01-08 19:22:16 -05:00
Matt Simerson
4d1b9ffe32 headers: use a more descriptive variable name 2014-01-08 16:11:04 -08:00
Matt Simerson
3353578d8b clamdscan: add support for remote TCP/IP clamd
previous version only worked when clamd was running on the same machine and had access to the spool file. This version also works with a remote clamd.
2013-12-20 00:22:09 -05:00
Matt Simerson
2d4f4a299a naughty: legibility improvement 2013-12-18 00:17:37 -05:00
Matt Simerson
45316487e3 anglebrackets: increase penalty, prefix log msgs 2013-12-18 00:16:41 -05:00
Matt Simerson
bcc6adae19 helo: add karma penalty for no HELO hostname 2013-12-18 00:16:02 -05:00
Matt Simerson
02da55e06d karma: added penalty for spammy TLDs 2013-12-18 00:15:20 -05:00
Matt Simerson
9f88e374c2 tls: reduced importants of an info message
from WARN to INFO
2013-12-18 00:11:53 -05:00
Matt Simerson
a4695cec8b geoip: added named array for invalid args
so it passes Perl::Critic tests
2013-12-18 00:02:07 -05:00
Matt Simerson
96dfb08d87 headers: added POD descripting each header 2013-12-18 00:00:52 -05:00
Matt Simerson
725a8d1960 dspam: remove hard coded default in train_ methods 2013-12-17 23:59:57 -05:00
Matt Simerson
c202d3ef69 dmarc integrated with Mail::DMARC
reimplemented dmarc module to use Mail::DMARC
updated SPF plugin to save SPF results in dmarc_spf note
update dkim to store DKIM results in dkim_result & dkim_verifier notes
2013-12-17 23:53:00 -05:00
Matt Simerson
4d489ea6ef tested and working Authentication-Results
changed the method of saving results. Instead of appending to/from a header, plugins save results to a connection note.

Qpsmtpd::SMTP.pm has a new method that inserts the Authentication-Results header
The smtp-auth information has been removed from the Received header

Authentication-Results providing plugins have been updated to store results in connection note
2013-08-05 15:05:38 -07:00
Matt Simerson
4ae16219bd added Authentication-Results header, with provider
dkim, dmarc, fcrdns (iprev), spf, and smtp-auth
2013-08-05 15:05:38 -07:00
Matt Simerson
4aa888dc6c headers: assign zeroes to avoid undef errors 2013-08-05 15:05:38 -07:00
Matt Simerson
247c5a2bea is_naughty is a setter now too 2013-08-05 15:05:38 -07:00
Matt Simerson
fbdee49965 raised default max msg size in clamdscan from 128k
added max_size on config, so it's likely to get noticed, since even 1M is probably too low for most sites. This should likely default to the same as databytes?
2013-08-05 15:05:38 -07:00
Matt Simerson
f7b00fa677 auth_vpopmaild: added taint checking to responses 2013-08-05 15:05:37 -07:00
Matt Simerson
b8229fbdbf dmarc: added subdomain policy handling 2013-08-05 15:05:37 -07:00
Matt Simerson
92fe1e899f rcpt_ok: do immunity checks earlier, so that
disposition logs don't indicate failure for authenticated senders
2013-08-05 15:05:37 -07:00
Matt Simerson
eccaf17d18 karma: limit rcpts to 1 for senders with neg karma 2013-08-05 15:05:36 -07:00
Matt Simerson
bbc6e895cc distinguish rejecting versus tolerated failures 2013-08-05 15:05:36 -07:00
Matt Simerson
3180c9da31 SPF: added more precise disposition logs, so that
postprocess can determine if a SPF failure caused a rejection
2013-08-05 15:05:36 -07:00
Matt Simerson
ebfccec5b3 dmarc: added support for DMARC policy pct=NNN 2013-08-05 15:05:36 -07:00
Matt Simerson
c0210a7877 SPF: arrage flow so if a pass result is possible,
we will get it and set the note for DMARC plugin
2013-08-05 15:05:36 -07:00
Matt Simerson
effb4e2269 dmarc: improving and updating POD 2013-08-05 15:05:36 -07:00
Matt Simerson
f9fb0acee7 qmail_deliverable: smite null sender to email list 2013-08-05 15:05:16 -07:00
Matt Simerson
ca678ba736 log2sql: populate plugins table from registry.txt
much easier for local customizations.
moved SQL connection settings to config/log2sql
2013-08-05 15:05:16 -07:00
Matt Simerson
8e054c1eda dkim: reduce INFO logging to once per connect 2013-08-05 15:05:16 -07:00
Matt Simerson
a14de07280 tls: added pass|fail prefix to a couple log msgs 2013-08-05 15:05:15 -07:00
Matt Simerson
7f8848d2e8 auth_chkpw: added pass|fail prefix to log msgs 2013-08-05 15:05:15 -07:00
Matt Simerson
25171ec371 dmarc: weed out SPF records from initial search
use a variable instead of array to count list (not using RR address after all)
2013-08-05 15:05:15 -07:00
Matt Simerson
1f2a5c27ed dkim: when signing, use signing domain when we
finding the signing key in a different directory than the sending (eg: example.com instead of www.example.com.)
2013-08-05 15:05:15 -07:00
Matt Simerson
091843927d dmarc: added relaxed alignment tests 2013-08-05 15:05:15 -07:00
Matt Simerson
75a3e4baae find plugins -type f -exec perltidy -b {} \; 2013-08-05 15:05:15 -07:00
Matt Simerson
fd2c56fb36 resolvable_fromhost: adjust log message prefix 2013-08-05 15:05:15 -07:00
Matt Simerson
2e6eeaa82d karma: add recipient limits for bad senders 2013-08-05 15:05:15 -07:00
Matt Simerson
b9bf523e0e hosts_allow: more succinct log message 2013-08-05 15:05:15 -07:00
Matt Simerson
e23523bc46 registry: renumber with big spaces between plugin
types. So there's plenty of room to insert future plugins with having to renumber, which impacts log2sql
2013-08-05 15:05:14 -07:00
Matt Simerson
8a1a156e60 dmarc: remove useless comment 2013-08-05 15:05:14 -07:00
Matt Simerson
2c7cb8afb7 naughty: improve POD 2013-08-05 15:05:14 -07:00