Commit Graph

365 Commits

Author SHA1 Message Date
Matt Simerson
2dcd34467e geoip: eval loading of Geo::IP, tests, enabled in config
eval Geo::IP and log an error if missing
added 2 tests
enabled in config/plugins
2012-05-22 17:40:02 -04:00
Matt Simerson
9d0c2f8469 dnsbl, POD tweaks, DENY type tests
consolidated POD at top of file
added example options to reject_type POD head
added an example loglevel entry

consolidated DENY[SOFT|DISCONNECT] logic into get_reject_type
added tests for get_reject_type
2012-05-21 17:07:37 -04:00
Matt Simerson
ed8ce150be domainkeys: fix failing tests
the previous DK commit moved the 'use Mail::DomainKeys::*' stuff into an eval. The right idea, but tests still fail because I forgot to remove the bare 'use' lines.
2012-05-21 12:17:32 -07:00
Matt Simerson
41550c2681 domainkeys: only register hooks if Mail::DomainKeys is loadable 2012-05-21 05:59:44 -04:00
Matt Simerson
51486d0b04 SPF plugin: refactored, tests, new config option
added POD description of spfquery note

changed spf_deny -> reject  (and offered 4 more options, see POD for reject)
	backwards compatible with old config settings
	replicates qmail-smtpd SPF patch behavior

improved logging (again)

uses a stringy eval 'use Mail::SPF' in the register sub. If missing, warn and log the error, and don't register any hooks. This is much nicer error than the current, "*** Remote host closed connection unexpectedly." broken mail server that results from enabling the SPF plugin without Mail::SPF installed.

background: I noticed I was deferring valid emails with the SPF plugin at 'spf_deny 1', and without changing the code, there wasn't a way to change how ~all records were handled. This provides that flexibility.
2012-05-21 04:19:45 -04:00
Matt Simerson
edacbf914c anglebrackets: emit log entry when change made 2012-05-20 23:41:15 -07:00
Matt Simerson
691955c60f dnsbl: fixed path to docs/logging.pod 2012-05-20 23:41:09 -07:00
Matt Simerson
1c7d26ecca dnsbl: added log messages, prefixes, additional args
instead of a positional arguments, used named arguments (backwards compatible)
added a couple log message prefixes
removed some trailing whitespace
updated POD
2012-05-20 23:40:23 -07:00
Matt Simerson
5e7568fe71 earlytalker: prefix messages with result keywords 2012-05-20 23:40:15 -07:00
Matt Simerson
4c6054c9fc vpopmaild: logging improvements
added a couple logging calls
prefixed others with pass/skip/fail keywords
2012-05-20 23:40:11 -07:00
Matt Simerson
49dc8bc117 basicheaders: added log messages, tests, named args
added log messages at each exit point
added tests
added reject_type option (defer -vs- deny)
added named argument parsing
2012-05-20 23:39:54 -07:00
Matt Simerson
f37fba7c2b badrcptto: merged plugins, refactored, tests
merged badrcptto_pattern into badrcptto
refactored into smaller methods
added unit tests for each method
2012-05-20 23:39:38 -07:00
Matt Simerson
19927a117e spamassassin: added spam status to log messages
added additional values to tests, to suppress test warnings
2012-05-20 23:39:03 -07:00
Matt Simerson
c3d1f6b16e p0f: tests, tests, tests, backward compat
minor changes to facilitate testing
improved error reporting of several failures
added p0f v2 compatibility to p0f v3 results: in addition to all the newer values, also report the old ones too.
2012-05-20 23:38:48 -07:00
Matt Simerson
25a099e20b dspam: added check for autolearn
don't try to use autolearn if it's not set
added tests that exercise and exorcise the bug
2012-05-20 23:38:42 -07:00
Matt Simerson
9b8c5a1be4 rcpt_ok: refactored and added tests 2012-05-20 23:37:37 -07:00
Matt Simerson
c4b8a7a395 hosts_allow: added logging, POD, deploy notes
added LOGINFO logging for denials, and LOGDEBUG for other results
added SEE ALSO pod
improved readability
2012-05-20 23:37:33 -07:00
Matt Simerson
35e1ce9883 consolidate auth logic into Qpsmtpd::Auth
These 3 auth plugins all have a data store they fetch the reference
password or hash from. They then match the attemped password or hash
against the reference. This consolidates the latter portion (validating
the password/hash) into Auth.pm.

* less duplicated code in the plugins.
* Pass validation consistently handled for these 3 plugins.
* less work to create new auth plugins

Also caches the CRAM-MD5 ticket. It could also cache user/pass info if
this was desirable.
2012-05-20 23:37:06 -07:00
Matt Simerson
6b9881c32e greylisting, refactored and many changes
fixed the vestiges of old plugin name 'denysoft_greylisting'

added ability to bypass greylisting based on geoip

deprecated 'mode [denysoft | testonly | off]
	off wasn't useful
	testonly & denysoft replaced by reject [ 0 | 1 ]

renamed DB from denysoft_greylist to greylist.dbm. Will use existing/legacy DB if present.

added DB pruning feature. Automatically prune the DB when qpsmtpd registers the plugin. Perhaps this should be a config option to enable?

added DB upgrade feature. Convert dotted quad IP addresses in DB to integers. Makes greylisting IPv6 compatible, since DB records are colon delimited.

exempt TLS connections from greylisting. The vast majority (perhaps all) of the SMTP clients that request encryption to my server are legit. We could add a config option for this, but this plugin already has a multitude of config options.

refactored much of the greylisting method into discreet subs

added 30 tests

added additional DEBUG level logging for p0f matches

POD changes:
	replaced over, item N, back, with head2 (better formatted output)
	better describe the current behavior of the plugin (some past behaviors no longer exist)
	added TRIPLET section with example
	added loglevel section
2012-05-20 23:35:46 -07:00
Matt Simerson
5e76d66c66 count_unrecognized_commands
simplified logic in a couple places
consolidated duplicated message
added 4 tests
2012-05-20 23:34:58 -07:00
Matt Simerson
74125300da connection_time:
had single positional argument for loglevel,
  switched to named args which inherits the more flexible loglevel

shortened logging line
 before:   connection_time: Connection time from 66.118.151.187: 3.046 sec.
 after:    connection_time: 3.046 s.
2012-05-20 23:34:26 -07:00
Matt Simerson
19c924d13c dspam bug fix for messages over max size
needs to return DECLINED instead of undef.
2012-05-08 22:37:58 -07:00
Matt Simerson
b53454730d shebang fix for tls_cert (standalone script) 2012-05-07 12:28:59 -07:00
Matt Simerson
319391affe auth_ldap: added logging
whitespace changes (stinkin windows newline chars)
2012-05-07 09:57:41 -07:00
Matt Simerson
35f26c23bb spf plugin, added logging 2012-05-07 09:56:37 -07:00
Matt Simerson
fda2f4a730 auth_cvm_unix_local: log entries, strict 2012-05-07 09:55:16 -07:00
Matt Simerson
8103c5a132 added country name to GeoIP plugin
and removed redundant words from log entries
2012-05-07 09:54:31 -07:00
Matt Simerson
57d72b3cb4 auth_vpopmail_sql, refactor, log, tests
added strict and warnings pragma
refactored
added tests
added more logging
standard log prefixes
tests run pretests to assure tests can succeed
2012-05-07 09:53:03 -07:00
Matt Simerson
adbbfe6f67 auth_vpopmail: refactored, added tests, logging
added more logging
standard log prefixes
tests run a pretest to make sure tests have a chance to succeed
2012-05-07 09:52:46 -07:00
Matt Simerson
9059529325 authdeny: added standard log prefix 2012-05-07 09:51:24 -07:00
Matt Simerson
a1c8462557 moved warn plugin POD to top, merged with # comments 2012-05-07 09:50:43 -07:00
Matt Simerson
54f1a11b46 added logging and tests to auth_checkpassword 2012-05-07 09:47:15 -07:00
Matt Simerson
a1b073cfe2 refactored dnsbl, sprinkling logs and tests on it 2012-05-06 16:21:09 -07:00
Matt Simerson
a6e664ce83 Altered SASL method to include the mechanism in log entries.
removed auth method from return calls in all auth plugins. The caller knows the mechanism already. In the code, the difference looks like this:

before:
        or return (DENY, "authcvm/$method");
after:
        or return (DENY, "authcvm");

Added debug level log entries in auth_vpopmaild

Conflicts:

	plugins/auth/auth_vpopmail_sql
2012-05-06 16:20:25 -07:00
Matt Simerson
205120f26f dspam: a batch of improvements:
expanded POD
cleaned up stray EOL spaces
added lots of logging, with standardized [ pass | fail | skip ] prefixes
added reject_type option
use split for parsing dspam headers
use SA note instead of parsing headers
added reject = agree option
store & fetch dspam results in a note
2012-05-06 16:18:38 -07:00
Matt Simerson
d644c24c83 spamassassin updates
refactored into small subs with unit tests.
parse SA header with split instead of regexp (more reliable)
store SA results in a 'spamassassin' transaction note
add strict and warnings pragma
renamed reject_threshold -> reject (backwards compatible)
added relayclient skip option and POD. Skips SA processing when relayclient is set
added MULTIPLE RECIPIENT BEHAVIOR topic to POD
2012-05-06 16:18:22 -07:00
Matt Simerson
5285774285 refactored Qpsmtpd::Auth::SASL
unit tests for new methods are in t/auth.t

added PLAIN and LOGIN tests in auth_flat_file

Most tests are disabled unless an interactive terminal is detected and $ENV{QPSMTPD_DEVELOPER} is set.
2012-05-06 16:17:02 -07:00
Matt Simerson
5ec9695b94 domainkeys: added reject & reject_type options.
backwards compatible with previous warn_only option.

added additional logging

refactored out a couple new subs.

minor changes: added strictures, warnings, moved 'use' statements to top of code
2012-05-06 16:09:41 -07:00
Matt Simerson
0c7ee4941b added logging and tests to check_badmailfrom
refactored several checks out of hook_mail and added LOGDEBUG

added tests for is_immune method
2012-05-06 16:08:28 -07:00
Matt Simerson
dd5cccd49f converted comments to POD in check_relay plugin 2012-05-06 16:06:24 -07:00
Matt Simerson
44ae52818e added vpopmail_sql db connect error handling.
Conflicts:

	plugins/auth/auth_vpopmail_sql
2012-05-06 16:05:28 -07:00
Matt Simerson
219392590e make authdeny POD docs match plugin name
I would rather the plugin were named auth_deny as the POD has, but renaming plugins is currently a sticky mess due to backwards compatibility.
2012-05-06 16:02:56 -07:00
Matt Simerson
1910fabf0e badmailfromto: added strictures, tests, and
rearranged portionsn of logic for ease of reading
2012-05-06 16:02:43 -07:00
Matt Simerson
c3626f2123 in log entries, print hook name first
so log entries look like this:

86553 (connect) ident::geoip: US, United States
86553 (connect) ident::p0f: Windows 7 or 8
86553 (connect) check_earlytalker: remote host said nothing spontaneous, proceeding

instead of this:

86553 ident::geoip: (connect): US, United States
86553 ident::p0f: (connect) Windows 7 or 8
86553 check_earlytalker: (connect): remote host said nothing spontaneous, proceeding

Conflicts:

	plugins/logging/warn
2012-05-06 16:00:58 -07:00
Matt Simerson
6031e49da8 improved readability of default logging logic 2012-05-06 15:59:49 -07:00
Matt Simerson
2b1428af7e moved POD to top of file
all but 3 plugins have their POD at the top of the file. Bring these little lost sheep into the barn.
2012-05-06 15:46:51 -07:00
Pim van den Berg
8f7494f0cb spf: exit relayclients while loop when client_ip doesnt match
Checking an invalid address kept looping.
2012-04-30 22:20:00 -07:00
Pim van den Berg
2ef465e7aa spf: remove DENYSOFT on SPF softfail
With a DENYSOFT (450) the sender will keep trying to deliver the e-mail.
It makes no sense.

This commit also makes it compatible again with the plugin from before commit:
02912 [rewrote sender_permitted_from]
2012-04-30 22:19:54 -07:00
Ask Bjørn Hansen
a23d4b3da9 Fix 01-syntax test failures
Exclude some tests with dependencies.

Remove -T from perl line in plugins
This makes it harder to test with PERL5LIB/perlbrew etc
2012-04-29 01:36:01 -07:00
Matt Simerson
d8467d784b Made greylisting plugin log a little less by default 2012-04-29 00:44:02 -07:00