Matt Simerson
1e82ae1bc7
async removed
...
1. the known users of async don't upgrade
2. async becomes a win when concurrent connections exceed a few hundred simultaneous
3. anyone that needs async should be looking at Haraka instead
4. the perl async dependencies aren't maintained
2014-09-17 11:38:40 -07:00
Matt Simerson
5155e5c32f
POD fixups
2014-09-16 23:27:19 -07:00
Jonathan Hall
3d97773827
Reverse sense of is_not_multipart to is_multipart.
2014-09-16 13:57:15 -05:00
Jonathan Hall
ba3122bd82
Style cleanup
...
* no more 'return ()'
* Explicit 'return 0'
2014-09-16 13:51:19 -05:00
Jonathan Hall
44cafde7d4
More complete clamdcscan tests
...
* construct our own Qpsmtpd::Transaction object for testing, so we're sure
to have a pristine state
* Move some logic into a should_scan() sub, to help separate scan_all from
is_not_multipart (since the multipart state of a message has nothing to
do with any configuration parameters)
2014-09-16 13:48:19 -05:00
Jonathan Hall
9faa1e1903
Fix clamdscan configuration handling
...
- Honor configured 'false' values
- Treat 'scan_all' consistently with other options--permitting 0, 1, 'yes', or 'no' as values
2014-09-16 12:03:49 -05:00
Matt Simerson
ebdb25a4bd
extracted config*() from Qpsmtpd.pm -> Config.pm
...
* includes full test converage for Qpsmtpd::Config
* folded t/config.t into t/qpsmtpd-config.t
* includes additional tests for Qpsmtpd
* folded t/tempstuff into t/qpsmtpd.t
* PBP adjustments here and there
* other tweaks to handle test warnings
2014-09-15 23:41:31 -07:00
Matt Simerson
710894cd49
moved Qpsmtpd::Utils -> Base.pm
2014-09-15 18:53:30 -07:00
Matt Simerson
851e1b54ee
META updates, tidy, PBP tweaks
...
* update manifest
* perltidy
* replace postfix if/unless with brackets
* reduce useless indention by exiting sooner
2014-09-15 15:57:12 -07:00
Jared Johnson
4b7af20f49
Fix pattern substitution in user_config plugin
2014-09-15 17:06:47 -05:00
Jared Johnson
50cc469881
Add docs and flexible path to user_config plugin
...
I needed to make the path modifyable for testing anyway, might as well make it
actually usable. Not yet tested.
2014-09-15 17:01:39 -05:00
Jared Johnson
8d032d8b50
Follow upstream convention in shebang
...
Our fork uses '#!/perl (Editor hint)' but upstream normally uses '#!perl'. Conforming to upstream.
FWIW, the Kate editor recognizes the former as perl for the purpose of syntax highlighting but does not recognize the latter. But the one guy I know who uses Kate didn't take the opportunity to object :)
2014-09-15 16:53:09 -05:00
Jared Johnson
3379248c45
Add user_config example plugin
...
Add a plugin to read qpsmptd-style configuration files from users' home
directories. Little to no testing yet.
2014-09-15 16:53:09 -05:00
Matt Simerson
0b38c21f40
auth_vpopmail_sql: wrap DB connect attempt in eval
2014-09-15 14:36:09 -07:00
Jonathan Hall
921139e0ca
Update POD to reflect proper ->notes() calling convention.
2014-09-15 11:04:14 -05:00
Matt Simerson
b114e051c7
earlytalker: corrected POD note name
2014-09-13 17:08:12 -07:00
Matt Simerson
6cc5f78826
added POD for earlytalker_wait
2014-09-12 13:54:37 -07:00
Matt Simerson
a53c692c7b
earlytalker: check connection note for wait length
...
Issue #58
reputation databases can set $connection->notes(earlytalker_wait)
2014-09-12 13:32:08 -07:00
Matt Simerson
96ff5746bd
early: minor style tweaks
2014-09-12 09:53:41 -07:00
Matt Simerson
ca96ddf4eb
added Utils->is_valid_ip, IPv6 ready
...
resolves Issue #82
2014-09-11 13:34:32 -07:00
Matt Simerson
5960cb4d87
helo: make NXDOMAIN time out faster
2014-09-11 11:37:46 -07:00
Matt Simerson
04a984bbab
helo: improved invalid_localhost detection
2014-09-10 15:12:52 -07:00
Matt Simerson
91f8133f5c
2x: use Utils->is_localhost() to detect loopback
...
* it's IPv6 compatible
* plugins/helo, plugins/fcrdns
2014-09-10 14:22:06 -07:00
Matt Simerson
39c454c95e
helo: added IPv6 support to invalid_localhost
...
and also suppress a test warning
2014-09-10 13:52:56 -07:00
Matt Simerson
88bef54283
resolve issue #77 and PR #32
2014-09-09 14:24:33 -07:00
Matt Simerson
0bbd209431
auth_cvm: added check for null char in username
...
see issue #53
2014-08-23 11:20:41 -07:00
Matt Simerson
c74564b4c8
Merge pull request #44 from priyadi/master
...
munge_subject_threshold did not previously work
2014-06-03 22:12:00 -07:00
Matt Simerson
3300994f97
Merge pull request #49 from luzluna/master
...
looks good, thanks for this.
2014-06-03 21:44:25 -07:00
luzluna park
a4c319acf8
stunnel proxy protocol remote ip,port setting feature added for smtps.
...
reference : http://www.stunnel.org/static/stunnel.html
protocol spec : http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt
2014-06-03 17:48:46 +09:00
Matt Simerson
bdeb92e01b
Merge pull request #48 from priyadi/spamassassin
...
spamassassin: Fix extra newlines between headers and body.
2014-06-03 00:39:32 -07:00
Priyadi Iman Nurcahyo
2775e992a1
Fix extra newlines between headers and body. This caused problems with DKIM verification in SpamAssassin
2014-06-03 07:24:29 +00:00
Priyadi Iman Nurcahyo
59f0c4426c
loadcheck: Provide meaningful rejection message to clients
2014-05-15 13:12:47 +00:00
Priyadi Iman Nurcahyo
bb03a785ef
munge_subject_threshold did not previously work
2014-05-15 12:21:09 +00:00
Matt Simerson
d1ce56657a
loadcheck: refactored. See =CHANGES section
2014-03-21 21:03:46 -07:00
Matt Simerson
767a797dbd
loadcheck: perltidy
2014-03-21 09:33:16 -07:00
Matt Simerson
2e356a7cab
helo: fix doc typo
2014-03-21 09:28:30 -07:00
Matt Simerson
8e6ef9385f
Merge pull request #42 from rsiddall/master
...
Added Peter Eisch's load checking plugin, see: http://www.nntp.perl.org/ ...
2014-03-21 08:46:28 -07:00
Richard Siddall
aabefce3b9
Added warning about expense of forking/exec to determine system load. Added SEE ALSO links to the postings containing the plugin and an alternate.
2014-03-21 09:56:32 -04:00
Richard Siddall
ab965b585c
Minor perldoc fix.
2014-03-21 09:48:49 -04:00
Richard Siddall
5df4dec48d
Bumped the plugin version number for the variant with caching. Fixed a typo in the perldoc.
2014-03-21 09:42:54 -04:00
Richard Siddall
04fc9327b7
Found the improved version of Peter Eisch's plugin attached to http://www.nntp.perl.org/group/perl.qpsmtpd/2006/03/msg4710.html . This includes caching of the system load and adds a cache_time config parameter.
2014-03-21 09:40:01 -04:00
Richard Siddall
95102e68c5
Added Peter Eisch's load checking plugin, see: http://www.nntp.perl.org/group/perl.qpsmtpd/2006/01/msg4422.html , and Steve Kemp's alternative at: http://www.nntp.perl.org/group/perl.qpsmtpd/2008/03/msg7814.html
2014-02-13 21:42:56 -05:00
Matt Simerson
f9d84d94c7
Add Postfix XCLIENT support to smtp-forward plugin
...
manually merged in PR #2 from cventers
XCLIENT support allows Qpsmtpd to forward client information, such as
the IP address and HELO information, to Postfix such that it can use
that information in access control decisions and logging.
XCLIENT is documented here: http://www.postfix.org/XCLIENT_README.html
This patch adds a "xclient" argument to smtp-forward which enables the
use of the XCLIENT verb if it is advertised by the server smtp-forward
is delivering mail to.
2014-02-13 12:53:33 -08:00
tpoindessous
9f404f52bf
Add the message id in log
...
There is no message id in logfile so it's difficult to debug a message sent through qpsmtpd.
2014-01-24 15:11:39 +01:00
Matt Simerson
0fee545794
domainkeys: fixed doc typo
2014-01-10 21:55:09 -08:00
Matt Simerson
3a47dd2ac2
dmarc: skip processing for null sender
2014-01-08 19:22:16 -05:00
Matt Simerson
4d1b9ffe32
headers: use a more descriptive variable name
2014-01-08 16:11:04 -08:00
Matt Simerson
3353578d8b
clamdscan: add support for remote TCP/IP clamd
...
previous version only worked when clamd was running on the same machine and had access to the spool file. This version also works with a remote clamd.
2013-12-20 00:22:09 -05:00
Matt Simerson
2d4f4a299a
naughty: legibility improvement
2013-12-18 00:17:37 -05:00
Matt Simerson
45316487e3
anglebrackets: increase penalty, prefix log msgs
2013-12-18 00:16:41 -05:00
Matt Simerson
bcc6adae19
helo: add karma penalty for no HELO hostname
2013-12-18 00:16:02 -05:00
Matt Simerson
02da55e06d
karma: added penalty for spammy TLDs
2013-12-18 00:15:20 -05:00
Matt Simerson
9f88e374c2
tls: reduced importants of an info message
...
from WARN to INFO
2013-12-18 00:11:53 -05:00
Matt Simerson
a4695cec8b
geoip: added named array for invalid args
...
so it passes Perl::Critic tests
2013-12-18 00:02:07 -05:00
Matt Simerson
96dfb08d87
headers: added POD descripting each header
2013-12-18 00:00:52 -05:00
Matt Simerson
725a8d1960
dspam: remove hard coded default in train_ methods
2013-12-17 23:59:57 -05:00
Matt Simerson
c202d3ef69
dmarc integrated with Mail::DMARC
...
reimplemented dmarc module to use Mail::DMARC
updated SPF plugin to save SPF results in dmarc_spf note
update dkim to store DKIM results in dkim_result & dkim_verifier notes
2013-12-17 23:53:00 -05:00
Matt Simerson
4d489ea6ef
tested and working Authentication-Results
...
changed the method of saving results. Instead of appending to/from a header, plugins save results to a connection note.
Qpsmtpd::SMTP.pm has a new method that inserts the Authentication-Results header
The smtp-auth information has been removed from the Received header
Authentication-Results providing plugins have been updated to store results in connection note
2013-08-05 15:05:38 -07:00
Matt Simerson
4ae16219bd
added Authentication-Results header, with provider
...
dkim, dmarc, fcrdns (iprev), spf, and smtp-auth
2013-08-05 15:05:38 -07:00
Matt Simerson
4aa888dc6c
headers: assign zeroes to avoid undef errors
2013-08-05 15:05:38 -07:00
Matt Simerson
247c5a2bea
is_naughty is a setter now too
2013-08-05 15:05:38 -07:00
Matt Simerson
fbdee49965
raised default max msg size in clamdscan from 128k
...
added max_size on config, so it's likely to get noticed, since even 1M is probably too low for most sites. This should likely default to the same as databytes?
2013-08-05 15:05:38 -07:00
Matt Simerson
f7b00fa677
auth_vpopmaild: added taint checking to responses
2013-08-05 15:05:37 -07:00
Matt Simerson
b8229fbdbf
dmarc: added subdomain policy handling
2013-08-05 15:05:37 -07:00
Matt Simerson
92fe1e899f
rcpt_ok: do immunity checks earlier, so that
...
disposition logs don't indicate failure for authenticated senders
2013-08-05 15:05:37 -07:00
Matt Simerson
eccaf17d18
karma: limit rcpts to 1 for senders with neg karma
2013-08-05 15:05:36 -07:00
Matt Simerson
bbc6e895cc
distinguish rejecting versus tolerated failures
2013-08-05 15:05:36 -07:00
Matt Simerson
3180c9da31
SPF: added more precise disposition logs, so that
...
postprocess can determine if a SPF failure caused a rejection
2013-08-05 15:05:36 -07:00
Matt Simerson
ebfccec5b3
dmarc: added support for DMARC policy pct=NNN
2013-08-05 15:05:36 -07:00
Matt Simerson
c0210a7877
SPF: arrage flow so if a pass result is possible,
...
we will get it and set the note for DMARC plugin
2013-08-05 15:05:36 -07:00
Matt Simerson
effb4e2269
dmarc: improving and updating POD
2013-08-05 15:05:36 -07:00
Matt Simerson
f9fb0acee7
qmail_deliverable: smite null sender to email list
2013-08-05 15:05:16 -07:00
Matt Simerson
ca678ba736
log2sql: populate plugins table from registry.txt
...
much easier for local customizations.
moved SQL connection settings to config/log2sql
2013-08-05 15:05:16 -07:00
Matt Simerson
8e054c1eda
dkim: reduce INFO logging to once per connect
2013-08-05 15:05:16 -07:00
Matt Simerson
a14de07280
tls: added pass|fail prefix to a couple log msgs
2013-08-05 15:05:15 -07:00
Matt Simerson
7f8848d2e8
auth_chkpw: added pass|fail prefix to log msgs
2013-08-05 15:05:15 -07:00
Matt Simerson
25171ec371
dmarc: weed out SPF records from initial search
...
use a variable instead of array to count list (not using RR address after all)
2013-08-05 15:05:15 -07:00
Matt Simerson
1f2a5c27ed
dkim: when signing, use signing domain when we
...
finding the signing key in a different directory than the sending (eg: example.com instead of www.example.com.)
2013-08-05 15:05:15 -07:00
Matt Simerson
091843927d
dmarc: added relaxed alignment tests
2013-08-05 15:05:15 -07:00
Matt Simerson
75a3e4baae
find plugins -type f -exec perltidy -b {} \;
2013-08-05 15:05:15 -07:00
Matt Simerson
fd2c56fb36
resolvable_fromhost: adjust log message prefix
2013-08-05 15:05:15 -07:00
Matt Simerson
2e6eeaa82d
karma: add recipient limits for bad senders
2013-08-05 15:05:15 -07:00
Matt Simerson
b9bf523e0e
hosts_allow: more succinct log message
2013-08-05 15:05:15 -07:00
Matt Simerson
e23523bc46
registry: renumber with big spaces between plugin
...
types. So there's plenty of room to insert future plugins with having to renumber, which impacts log2sql
2013-08-05 15:05:14 -07:00
Matt Simerson
8a1a156e60
dmarc: remove useless comment
2013-08-05 15:05:14 -07:00
Matt Simerson
2c7cb8afb7
naughty: improve POD
2013-08-05 15:05:14 -07:00
Matt Simerson
db8ec50c3a
new plugin: dmarc
2013-08-05 15:05:14 -07:00
Matt Simerson
515188ace5
tls: added ability to store certs in config/ssl
...
was hard coded to ./ssl
2013-08-05 15:05:14 -07:00
Matt Simerson
f03128523c
SPF: add pod, documenting spf_pass_host note
2013-08-05 15:05:14 -07:00
Matt Simerson
0f01a39e88
SPF: add trans. note spf_pass_host if SPF=pass
2013-08-05 15:05:14 -07:00
Matt Simerson
6bea1ebd50
domainkeys: fixed pod grammar error
2013-08-05 15:05:14 -07:00
Matt Simerson
b64bb2f9e4
a collection of DKIM enhancements
...
* disable Mail::DKIM::TextWrap (causes mangled messages for some clients)
* pod improvements
* don't log the entire DKIM signature when signing
* add dkim_pass_domains connection note with DKIM signer domains that pass
* enable dkim tests
2013-08-05 15:05:14 -07:00
Matt Simerson
b7320a8eb9
SPF: POD formatting fix
2013-08-05 15:05:14 -07:00
Matt Simerson
c92a5a83c8
dkim: improve POD, add dkim_key_gen.sh
2013-08-05 15:05:13 -07:00
Matt Simerson
a3b8af77bd
dkim: added message signing feature
2013-08-05 15:05:13 -07:00
Matt Simerson
8c265d3583
domainkeys: added deprecation comment
2013-08-05 15:05:13 -07:00
Matt Simerson
6b16704b4a
karma,relay: karma plugin awards karma later
...
by detecting during DATA if relay_client is set
2013-08-05 15:05:13 -07:00
Matt Simerson
ce0d2b80ef
dkim: corrected log entry, added comment
2013-08-05 15:05:13 -07:00
Matt Simerson
d5fd8d24e3
dspam: raise loglevel on debug log message
2013-08-05 15:05:13 -07:00
Matt Simerson
e7ea7a0949
dspam: catch error where QP user lacks x on dspam
...
x = execute privileges
2013-08-05 15:05:13 -07:00
Matt Simerson
eeacf83e3a
bogus_bounce: suppress undefined var error
2013-08-05 15:05:13 -07:00
Matt Simerson
5853ec1a47
spf: add comment re: Authentication-Results header
2013-08-05 15:05:13 -07:00
Matt Simerson
2ca3b1d4ee
resolvable_fromhost: documented reject naughty
2013-08-05 15:05:13 -07:00
Matt Simerson
c7f5c45f40
random_error: fixed typo, added std pragmas
2013-08-05 15:05:13 -07:00
Matt Simerson
e433796b96
dspam/spamassassin: adjust karma awards
...
dspam: be more conservative when learning from karma
sa: added an SA autolearn bonus
2013-08-05 15:05:13 -07:00
Matt Simerson
2f3127359d
moved triplicated init_resolver into Plugin.pm
2013-08-05 15:05:13 -07:00
Matt Simerson
58b860c0eb
dkim: added karma for dkim results (allow/reject)
2013-08-05 15:05:12 -07:00
Matt Simerson
8e437ec305
helo: stop processing after first match
2013-08-05 15:05:12 -07:00
Matt Simerson
3bb85a66a1
resolvable_fromhost: added karma smites
2013-08-05 15:05:12 -07:00
Matt Simerson
7da69ef12d
spamassassin: karma scoring is dependent on
...
the sessage learn status, not SA (global) autolearn setting. So, karma learning follows SA learning rules.
2013-08-05 15:05:12 -07:00
Matt Simerson
fc5eeec122
added karma awards for SPF pass/fail
2013-08-05 15:05:12 -07:00
Matt Simerson
0c59813957
badmailfrom: fix reject message typo
2013-08-05 15:05:12 -07:00
Matt Simerson
91db656cac
fcrdns: new plugin for Forward Confirmed rDNS
2013-08-05 15:05:12 -07:00
Matt Simerson
26becea3d4
qm_deliverable: added reject option, karma smite
...
award senders -1 karma to senders to invalid addresses
2013-08-05 15:05:12 -07:00
Matt Simerson
0383f63d87
naughty: improve POD
2013-08-05 15:05:12 -07:00
Matt Simerson
f039014b33
karma: be a bit more conservative
...
require at least -2 karma before smiting
also, add +1 karma to senders with karma_history > 10
2013-08-05 15:05:12 -07:00
Matt Simerson
77272ba095
whitelist: add +5 karma to whitelisted IPs
2013-08-05 15:05:12 -07:00
Matt Simerson
1e88a57f26
relay: give +2 karma boost to relay IPs
2013-08-05 15:05:12 -07:00
Matt Simerson
c17ebdbcf9
p0f: added smite_os, assign -karma by OS
2013-08-05 15:05:12 -07:00
Matt Simerson
d08de879c5
hosts_allow: allow +karma senders +3 concurrents
...
this is really useful if you set max-per-ip to <= 3.
2013-08-05 15:05:12 -07:00
Matt Simerson
7a4c789ae2
helo: smite senders that fail the selected tests
...
and made log entries more terse
2013-08-05 15:05:12 -07:00
Matt Simerson
b43f369dbe
headers: smite poorly behaved senders with -karma
2013-08-05 15:05:12 -07:00
Matt Simerson
e47d431aa9
earlytalker: if we skip for +karma, log it
...
and remove IP from log (not IPv6 optimal)
2013-08-05 15:05:11 -07:00
Matt Simerson
c0899f6d4d
spamassassin: assign karma for autolearn message
...
also removed 'use lib', to be consistent with most other plugins
and improved grammar
2013-08-05 15:05:11 -07:00
Matt Simerson
8012dff4f9
dspam: be more conservative with karma awards
...
previous settings were reasonable for a well trained dspam. After starting with a fresh dspam, the settings were not optimal for the amount of naive that a default dspam is.
2013-08-05 15:05:11 -07:00
Matt Simerson
0eef321990
dnsbl: smite blacklisted IPs with -1 karma
2013-08-05 15:05:11 -07:00
Matt Simerson
d5f1f3f72b
badrcptto: smite matches with -2 karma
...
useful for (reject=>naughty) + spam filter training
2013-08-05 15:05:11 -07:00
Matt Simerson
e7f9f3bf21
geoip: added too_far option
2013-08-05 15:05:11 -07:00
Matt Simerson
473a1ba6e3
karma_tool: optimized for speedy IP search, IPv6
...
fixed one IPv6 issue
2013-08-05 15:05:11 -07:00
Markus Ullmann
c0b36c5cb4
Sanitize spamd_sock path for perl taint mode
2013-08-05 15:05:11 -07:00
Matt Simerson
a90c881ae5
helo: added comments
2013-08-05 15:05:11 -07:00
Matt Simerson
a7742b5b40
dspam: added use lib, removed some parens
2013-08-05 15:05:11 -07:00
Matt Simerson
73f4759ae7
karma: general improvements
...
skip earlytalker checks for positive senders
limit negative karma senders to 1 concurrent connection (hosts_allow)
added karma::hook_pre_connection, to make hosts_allow change possible
added karma score to log entries
2013-08-05 15:05:11 -07:00
Matt Simerson
60d3cda18e
headers: added section # to RFC citation
2013-08-05 15:05:11 -07:00
Matt Simerson
d8a242b050
whitelist: added pass prefix to log entries
2013-08-05 15:05:11 -07:00
Matt Simerson
96ee32106a
qmail_deliverable: remove fail prefix from SMTP er
...
prefix should only be logged, not emitted during SMTP
2013-08-05 15:05:11 -07:00
Matt Simerson
dd59ad210e
karma_tool: release didn't. fixed.
...
also, preserve karma history when using karma_tool to capture/release
2013-08-05 15:05:10 -07:00
Matt Simerson
0ed418fafd
p0f: added path to socket in error message
...
if p0f cannot connect, provide a more descriptive error message. Particularly useful for a p0f plugin developer that runs both p0f v2 and v3 at the same time.
2013-08-05 15:05:10 -07:00
Matt Simerson
c3dff626cb
plugins/bogus_bounce: add Return-Path check
...
make sure return path is empty, per RFC 3834
2013-08-05 15:05:10 -07:00
Matt Simerson
b9750ee5bf
plugins/helo: added RFC 5321 notes
2013-08-05 15:05:10 -07:00
Matt Simerson
214ceffea6
uribl plugin: added 'pass' prefix to log message
2013-08-05 15:05:10 -07:00
Matt Simerson
a5803d10f5
updated more split '' syntax to split //
2013-08-05 15:05:10 -07:00
Matt Simerson
e67f4ff98c
helo: avoid undef warning when rDNS is invalid
...
specifically, when rDNS returns an invalid FQDN like 'null.', which doesn't have
a domain part.
2013-08-05 15:05:10 -07:00
Matt Simerson
d80b117bff
replace all instances of split '' with split //
...
newer versions of perl don't accept split '' syntax any longer
2013-08-05 15:05:10 -07:00
Matt Simerson
2e0909ad27
dspam: improve logging and config error reporting
2013-08-05 15:05:10 -07:00
Matt Simerson
838594642b
relay: better error handling and logging
...
detect failures in calls to Net::IP for relayclient entries that don't parse.
2013-08-05 15:05:10 -07:00
Matt Simerson
f0c7c212c0
clamdscan: replace immunity check with naught test
...
immunity check was disabled by default, as it wasn't a good policy. OTOH, a naughty check is a sensible default, as we can skip processing on messages we already decided to reject.
2013-08-05 15:05:10 -07:00
Matt Simerson
14e87fabdf
qmail_deliverable: reject null sender to ezmlm lis
2013-08-05 15:05:10 -07:00
Matt Simerson
5b742cbf7d
dkim: added some missing POD text
2013-08-05 15:05:09 -07:00
Matt Simerson
4465b7af43
headers: simplify required headers logic
2013-08-05 15:05:09 -07:00