Commit Graph

128 Commits

Author SHA1 Message Date
John Peacock
4360370e7e A new auth plugin by Gordon Rowell <gordonr@gormand.com.au>
Interfaces with Bruce Guenther's Credential Validation Module (CVM)

 *   plugins/auth/auth_cvm_unix_local
     Only DENY if the credentials were accepted but incorrect (bad password?)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@432 958fd67b-6ff1-0310-b445-bb7760255be9
2005-06-10 12:11:26 +00:00
John Peacock
8b50b6dd46 Two new plugins from Gordon Rowell <gordonr@gormand.com.au>
*   plugins/check_badrcptto_patterns
     Match bad RCPTO address with regex
 
 *   plugins/check_norelay
     Carve out holes from larger relay blocks


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@431 958fd67b-6ff1-0310-b445-bb7760255be9
2005-06-09 16:36:43 +00:00
John Peacock
662003437d * qpsmtpd-forkserver
Create a single Qpsmtpd::TcpServer object in the parent process and
     then rely on fork to let each child have it's own copy
     
 *   lib/Qpsmtpd/Plugin.pm
     Add new pre-connection and post-connection hooks
     
 *   README.plugins
     Document the above new hooks

 *   lib/Qpsmtpd.pm
     No longer have local value for trace_level() the first time through, which 
     was masking the global value (due to stupid search/replace error).
     Don't call log() from trace_level() since it is only ever called from
     within the varlog() sub when no logging plugin is registered.

 *   plugins/dnsbl
     Config line option to use DENY_DISCONNECT instead of DENY (since any IP
     on a blacklist should not have a chance to send anything for now).
     Add POD to document the new disconnect behavior

 *   lib/Qpsmtpd.pm
     Compatibility changes so test files continue to work
 
 *   t/Test/Qpsmtpd.pm
     Compatibility sub for core subs which call varlog() directly


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@428 958fd67b-6ff1-0310-b445-bb7760255be9
2005-05-25 20:07:58 +00:00
John Peacock
270f9c9a70 * plugins/auth/auth_ldap_bind
Correct DECLINE to DECLINED


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@405 958fd67b-6ff1-0310-b445-bb7760255be9
2005-04-12 20:48:53 +00:00
John Peacock
58ded6369d * lib/Qpsmtpd/Auth.pm
Fix some totally egregious spelling errors
 
 *  plugins/auth/auth_ldap_bind
    New plugin to authenticate against an LDAP database
    Thanks to Elliot Foster <elliotf@gratuitous.net>


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@404 958fd67b-6ff1-0310-b445-bb7760255be9
2005-04-12 19:59:52 +00:00
John Peacock
1be0263025 * plugins/logging/adaptive
Skip empty log lines in both accept and reject case


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@403 958fd67b-6ff1-0310-b445-bb7760255be9
2005-04-06 18:34:02 +00:00
Matt Sergeant
bfe7e6cb63 Flat file auth plugin
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@402 958fd67b-6ff1-0310-b445-bb7760255be9
2005-03-30 20:50:34 +00:00
John Peacock
89fd516d8e Revamp Qpsmtpd::Constants so it is possible to retrieve the text
representation from the numeric (for logging purposes).  Add new logging
plugin, logging/adaptive, which logs at different levels depending on
whether the message was accepted/rejected.
 
 *  lib/Qpsmtpd/Constants.pm
    use hashes for storing return_codes and log_levels
    export accessor methods to retrieve the text representations
 
 *  lib/Qpsmtpd.pm
    Rename log_level() to trace_level() so as to not conflict with the same
    name in Qpsmtpd::Constants.
    Call return_code() to display the text form when logging
 
 *  plugins/logging/adaptive
    Better documentation
    Support named parameters and prefix
    Call return_code() to display the text form when logging
 
 *  plugins/logging/warn
    Include POD

 *  README.logging
    First pass at documenting the logging plugin API

 *  config.sample/loglevel
    New numbering scheme to map directly to syslog levels


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@401 958fd67b-6ff1-0310-b445-bb7760255be9
2005-03-29 20:15:53 +00:00
John Peacock
e331f6b248 Add plugable logging support include sample plugin which replicates the
existing core code.  Add OK hook.

*  lib/Qpsmtpd.pm
   (init_logger): replaced with log_level()
   (load_logging): NEW - load logging plugins without calling log()
   (log_level): NEW - set/get global $LogLevel scalar
   (log): now just a wrapper for varlog(); called only by core code
   (varlog): initializes logging if not already done, calls logging plugins
     in turn and falls back to interal logging unless plugins OK or DECLINED
   (_load_plugins): only display "Loading plugin" when actually loading one
   (run_hooks): load logging plugins without calling log(); add OK hook as
     else of the DENY* case
   (spool_dir): use global $Spool_dir scalar to cache location

*  lib/Qpsmtpd/Plugin.pm
   (%hooks): add "logging" and "ok"
   (register_hook): add local _hook to object cache
   (log): call varlog() with additional parameters hook and plugin_name
     except for logging hook
   (compile): add accessor sub for local _hook scalar

*  lib/Qpsmtpd/SMTP.pm
   (mail, rcpt): change loglevel to LOGALERT instead of LOGWARN for from/to

*  qpsmtpd-forkserver
   (REAPER): use package ::log() instead of warn()
   (main): defer calling log until $plugin_loader has been initialized
   (log): call logging using the $plugin_loader object

*  plugins/logging/warn
   NEW: sample plugin which replicates the core logging functionality

*  plugins/logging/devnull
   NEW: sample plugin which logs nothing (for testing multiple logging
     plugin functionality)

*  config.sample/logging
   sample configuration file for logging plugins

*  plugins/virus/uvscan
   plugins/virus/clamav
   Increase loglevel for non-serious warnings to LOGWARN from LOGERROR


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@398 958fd67b-6ff1-0310-b445-bb7760255be9
2005-03-24 21:16:35 +00:00
Ask Bjørn Hansen
aef508cb7b Don't check the HELO host for rfc-ignorant compliance (maybe this should be an option?)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@397 958fd67b-6ff1-0310-b445-bb7760255be9
2005-03-24 19:17:46 +00:00
John Peacock
43f39a4538 * plugins/virus/clamdscan
Correctly support alternate domain socket
    Remove a tab that crept in


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@383 958fd67b-6ff1-0310-b445-bb7760255be9
2005-03-04 16:04:59 +00:00
Ask Bjørn Hansen
a44957dc86 fix thinko from the log cleanup
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@381 958fd67b-6ff1-0310-b445-bb7760255be9
2005-03-03 17:28:43 +00:00
Matt Sergeant
43aa207242 Fix all uses of warn() to be $self->log(LOGWARN, ...)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@380 958fd67b-6ff1-0310-b445-bb7760255be9
2005-03-03 02:37:04 +00:00
John Peacock
167939748c * Changes
Remember (belatedly) to add changes here

*   MANIFEST
    Add all new files to this list

*   plugins/virus/clamdscan
    New AV plugin to directly communicate with clamd daemon


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@378 958fd67b-6ff1-0310-b445-bb7760255be9
2005-03-01 20:11:09 +00:00
John Peacock
889845af24 * plugins/virus/clamav
Scan temporary file directly now that the spooled file includes the
    entire message

*   plugins/virus/bitdefender - John Peacock
    plugins/virus/hbedv - Hanno Hecker
    New AV plugins


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@377 958fd67b-6ff1-0310-b445-bb7760255be9
2005-03-01 19:55:18 +00:00
John Peacock
72eb14dcfb * plugins/virus/clamav
Reword the POD to explain exactly how to chmod the directories to get
    clamdscan to work within the spool directory (Thanks to Robin Bowes)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@373 958fd67b-6ff1-0310-b445-bb7760255be9
2005-02-25 03:06:22 +00:00
John Peacock
f95c2f8826 * plugins/virus/clamav
Improved documentation for running clamdscan correctly inside the
    qpsmtpd spool directory.

    Change file permissions to permit non-owner external process to access
    files inside spool directory


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@372 958fd67b-6ff1-0310-b445-bb7760255be9
2005-02-24 20:00:23 +00:00
John Peacock
c049917d8e * plugins/virus/clamav
Provide more documentation on using clamdscan
    Provide back_compat option to eliminate warnings in log with old ClamAV
    Use new $self->spool_dir() function instead of homebrew


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@371 958fd67b-6ff1-0310-b445-bb7760255be9
2005-02-24 16:54:02 +00:00
John Peacock
9da2fc7343 Explicitely ignore non-multipart messages for virus scanning
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@370 958fd67b-6ff1-0310-b445-bb7760255be9
2005-02-22 22:01:21 +00:00
Ask Bjørn Hansen
40a1f2fc2a add Gavin's greylisting plugin
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@365 958fd67b-6ff1-0310-b445-bb7760255be9
2005-02-15 21:42:52 +00:00
John Peacock
60cab010f8 * plugins/auth/auth_vpopmail_sql
Handle case where pw_clear_passwd doesn't exists in vpopmail database


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@360 958fd67b-6ff1-0310-b445-bb7760255be9
2005-02-10 14:33:13 +00:00
John Peacock
1d1799feb6 Correct handling for vpopmail built without clear password option
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@358 958fd67b-6ff1-0310-b445-bb7760255be9
2005-01-30 17:24:49 +00:00
John Peacock
c840a1d04f Changes by jpeacock@cpan.org (John Peacock)
o plugins/check_badmailfromto
    - New plugin in the style of check_badmailfrom, which matches a pair
      of FROM/TO and makes it seem like the recipient's address no longer
      exists (but only from the matching sender's point of view).  Useful
      for stalkers and other harassment cases.

o plugins/dns_whitelist_soft
    - New plugin to provide a DNS-based whitelist (good for distributed
      sites).

o various files
    - Replaced tab character with 8 spaces and adjusted line breaks for
      better readability.

Changes by mct@toren.net (Michael C. Toren)

o lib/Qpsmtpd/SMTP.pm

    - Assumes a MAIL FROM value of "<#@[]>" (utilized by qmail to
      indicate a null sender when generating a doublebounce message)
      is equivalent to "<>".  Previously qpsmtpd complained that the
      value could not be parsed.

    - Adds LOGIN to the default list of supported auth mechanisms.
      The documentation in Auth.pm indicated that auth-login was not
      currently supported due to lack of functionality, however I can
      confirm that LOGIN appears to work fine as tested by using msmtp
      (http://msmtp.sourceforge.net/).  Are there any indications that
      LOGIN support is actually broken in the current implementation?

    - Removes the "X-Qpsmtpd-Auth: True" header appended when a message
      has been sent by an authenticated user.  One problem with such a
      header is that it's impossible to say which SMTP hop added it,
      and it provides no information which could be used to backtrack
      the transaction.  I grepped through my mail archives a bit
      looking for how other MTAs handled the problem, and decided it
      would be best to place this information in the Received: header:

        Received: from remotehost (HELO remotehost) (192.168.42.42)
          (smtp-auth username foo, mechanism cram-md5)
          by mail.netisland.net (qpsmtpd/0.28) with ESMTP; <date>


o lib/Qpsmtpd/Auth.pm:

    - Documentation update for the arguments passed to an auth
      handler; previously the $mechanism argument was not mentioned,
      which threw off the argument offsets.

    - Documentation update for auth-login removing the warning
      that auth-login is not currently supported due to lack of
      functionality.

    - Fix to execute a generic auth hook when a more specific
      auth-$mechanism hook does not exist.  (Previously posted
      to the list last week.)

    - Upon authentication, sets $session->{_auth_user} and
      $session->{_auth_mechanism} so that SMTP.pm can include them
      in the Received: header.


o plugins/queue/qmail-queue

    - Added a timestamp and the qmail-queue qp identifier to the
      "Queued!" 250 message, for compatibility with qmail-smtpd, which
      can be very useful for tracking message delivery from machine to
      machine.  For example, the new 250 message might be:

        250 Queued! 1105927468 qp 3210 <1105927457@netisland.net>

      qmail-smtpd returns:

        250 ok 1106546213 qp 7129

      Additionally, for consistency angle brackets are placed around
      the Message-ID displayed in the 250 if they were missing in the
      message header.


o plugins/check_badmailfrom:

    - Changed the error message from "Mail from $bad not accepted
      here" to "sorry, your envelope sender is in my badmailfrom
      list", for compatibility with qmail-smtpd.  I didn't see any
      reason to share with the sender the value of $bad, especially
      for situations where the sender was rejected resulting from a
      wildcard.


o plugins/check_earlytalker:
o plugins/require_resolvable_fromhost:

    - No longer checks for earlytalkers or resolvable senders if the
      connection note "whitelistclient" is set, which is nice for
      helping backup MX hosts empty their queue faster.


o plugins/count_unrecognized_commands:

    - Return code changed from DENY_DISCONNECT, which isn't valid in
      an unrecognized_command hook, to DENY, which in this context
      drops the connection anyway.  (Previously posted to the list
      last week.)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@356 958fd67b-6ff1-0310-b445-bb7760255be9
2005-01-28 03:30:50 +00:00
Robert Spier
ed2ab5f5fd From: Nick Leverton <>
Subject: SPF plugin: using it in practice (PATCH attached for CVS)
Date: Tue, 30 Nov 2004 11:35:30 +0000
Message-ID: <20041130113530.GA31737@leverton.org>


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@355 958fd67b-6ff1-0310-b445-bb7760255be9
2004-12-02 07:26:11 +00:00
Robert Spier
ddc945f8f6 DENYHARD is deprecated in favor of DENY_DISCONNECT
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@353 958fd67b-6ff1-0310-b445-bb7760255be9
2004-11-28 05:58:58 +00:00
Robert Spier
9422b16c0f Inspired by Justin E@Apache...
- log the fact that badmailfrom is rejecting
- emacs header
- formatting tweak


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@352 958fd67b-6ff1-0310-b445-bb7760255be9
2004-11-27 18:40:54 +00:00
Robert Spier
3757913d54 Remove extraneous filehandling twiddling from qmail-queue that could cause weirdness if the exec failed.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@351 958fd67b-6ff1-0310-b445-bb7760255be9
2004-11-27 17:54:46 +00:00
Robert Spier
3341a5b4ab emacsisms, more timeouts
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@350 958fd67b-6ff1-0310-b445-bb7760255be9
2004-11-27 07:08:46 +00:00
Robert Spier
012c6db2d3 - dnsbl, count_unrec_commands, spamassassin:
use symbolic log levels, instead of numeric
- dnsbl:  set some (probably too large) timeouts
- count_unrec_commands: DENYHARD
- spamassassin: upgrade protocol to support switching users


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@349 958fd67b-6ff1-0310-b445-bb7760255be9
2004-11-27 07:02:23 +00:00
John Peacock
af03c53512 plugins/spamassassin
New option to strip/rename/keep old X-Spam headers (Michael Holzt)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@335 958fd67b-6ff1-0310-b445-bb7760255be9
2004-10-13 01:52:35 +00:00
John Peacock
8ea1b6b06c * plugins/check_basicheaders
Refuse messages that lack basic headers per RFC-2822
     (Jim Winstead)
     modified by John Peacock to block null messages, too


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@333 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-25 11:40:43 +00:00
John Peacock
479750aa03 * plugins/spamassassin
Revert changes to replace instead of add X-Spam headers


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@331 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-24 17:29:56 +00:00
John Peacock
9cd26b24c4 * spamassassin
Must replace any existing X-Spam headers with local score,
     rather than adding.  Don't care what other SA instances thought.
     (Michael Holzt)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@330 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-24 15:17:07 +00:00
John Peacock
b5ef3d3add Couple of minor cleanups
*    lib/Qpsmtpd/Transaction.pm
     Forgot to nuke POD for deprecated relaying()

*    plugins/auth/auth_vpopmail_sql
     Log who actually AUTHenticated

*    plugins/virus/uvscan
     Don't need to unlink the file (Qpsmtpd will take care of it)
     Log the machine that did the actual Antivirus scanning


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@329 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-23 18:54:58 +00:00
John Peacock
f92e99bd9c * plugins/check_relay
*   plugins/rcpt_ok
    Split check_relay into two plugins

*   config/plugins
    Reorder plugins to take advantage of the new check_relay

*   lib/Qpsmtpd/Connection.pm
    Add support for relay_client() method

*   lib/Qpsmtpd/SMTP.pm
    Copy connection relay settings to transaction object when created

*   lib/Qpsmtpd/Auth.pm
    Use the connection->relay_client() instead of setting an env var


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@326 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-22 16:01:16 +00:00
Matt Sergeant
31eed901be Moved to the attic
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@324 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-21 18:15:25 +00:00
Matt Sergeant
1b977fbb5e Checking in last version before deleting it :-)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@323 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-21 18:14:53 +00:00
Matt Sergeant
4b8b4793b6 Switch to connection object for relaying info
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@322 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-20 17:31:26 +00:00
Matt Sergeant
c341ff0d0f Initial stab at an outbound bounce_verp system.
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@321 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-20 08:09:02 +00:00
Matt Sergeant
06563ad3a3 Support more of the milter functionality (header changes)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@318 958fd67b-6ff1-0310-b445-bb7760255be9
2004-09-16 10:44:47 +00:00
Robert Spier
56ee8641ec Two new plugins:
ident/geoip - lookup country of host
  ident/p0f   - use p0f to get type of source machine


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@289 958fd67b-6ff1-0310-b445-bb7760255be9
2004-08-29 07:47:25 +00:00
Devin Carraway
b48ae7c630 Incorporate suggestions and part of a patch from Mark Powell:
- Make the awkward silence at connection configurable (default still 1sec)
- Add an option to defer reaction to the HELO to the MAIL-FROM command
  instead, anticipating broken SMTP agents that don't gracefully handle
  disconnection after greeting.

Also made the specific response configurable (soft, hard, nothing).


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@284 958fd67b-6ff1-0310-b445-bb7760255be9
2004-08-01 07:08:07 +00:00
Ask Bjørn Hansen
0a77877ced Make the rhsbl plugin do DNS lookups in the background. (Mark Powell)
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@282 958fd67b-6ff1-0310-b445-bb7760255be9
2004-08-01 01:54:16 +00:00
Ask Bjørn Hansen
2ab4613567 Fix warning in count_unrecognized_commands plugin (thanks to spaze
and Roger Walker)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@279 958fd67b-6ff1-0310-b445-bb7760255be9
2004-07-28 17:06:45 +00:00
Ask Bjørn Hansen
e27534048c Improve error messages from the Postfix module (Erik I. Bols�,
<knan at mo.himolde.no>)

make the maildir plugin record who the message was to (needs some improvements
still)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@277 958fd67b-6ff1-0310-b445-bb7760255be9
2004-07-19 11:08:15 +00:00
Ask Bjørn Hansen
154ca2e617 remove warning when not using spamd_socket
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@276 958fd67b-6ff1-0310-b445-bb7760255be9
2004-07-18 11:02:24 +00:00
Devin Carraway
26de7de964 Integrate fixes/enhancements from myself and Peter Eisch <peter@boku.net>:
- name=value style configuration arguments (old format still supported)
- max_size for scan (default 512k)
- Pass messages to clamscan in mbox format to satisfy clamdscan
- Made detect action configurable (reject or add-header)
- Logging fixes
- POD


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@273 958fd67b-6ff1-0310-b445-bb7760255be9
2004-07-17 23:31:40 +00:00
John Peacock
96ec52d088 Add "plugin/virus/uvscan" - McAfee commandline virus scanner
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@271 958fd67b-6ff1-0310-b445-bb7760255be9
2004-07-16 20:23:17 +00:00
Robert Spier
658d3bb555 From: John Peacock <jpeacock@rowman.com>
To: qpsmtpd@perl.org
Subject: [PATCH] queue/smtp-forward doesn't use correct HELO string
Message-ID: <20040714143007.31047.qmail@onion.perl.org>
Date: Wed, 14 Jul 2004 10:30:24 -0400

The current version of Net::SMTP doesn't make any attempt to determine
the hostname of the current computer (not that I blame Graham for
that), so that all e-mails are sent out as from
"localhost.localdomain" unless an explicit Hello string is provided.


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@266 958fd67b-6ff1-0310-b445-bb7760255be9
2004-07-16 05:03:25 +00:00
Ask Bjørn Hansen
d7eb8673d1 move virus plugins to plugins/virus/
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@260 958fd67b-6ff1-0310-b445-bb7760255be9
2004-07-14 23:56:54 +00:00