Commit Graph

1046 Commits

Author SHA1 Message Date
Ask Bjørn Hansen
45ebc51c02 Don't syntax check plugins in the automated tests
Too many plugins have dependencies we don't require, so they fail in travis-ci
2012-04-29 01:57:36 -07:00
Ask Bjørn Hansen
a23d4b3da9 Fix 01-syntax test failures
Exclude some tests with dependencies.

Remove -T from perl line in plugins
This makes it harder to test with PERL5LIB/perlbrew etc
2012-04-29 01:36:01 -07:00
Matt Simerson
d8467d784b Made greylisting plugin log a little less by default 2012-04-29 00:44:02 -07:00
Matt Simerson
0084986115 refactored p0f plugin, added p0f v3 support 2012-04-29 00:41:15 -07:00
Matt Simerson
368ce9401b merged check_badmailfrom_patterns into check_badmailfrom 2012-04-29 00:40:02 -07:00
Matt Simerson
102e068297 added dspam plugin 2012-04-29 00:38:28 -07:00
Matt Simerson
318c9ed4f2 applied greylisting NFSLock patch
Issue #1 on Google issue tracker. The patch was 'accepted' by Ask in 2007, but never applied.
2012-04-29 00:32:52 -07:00
Matt Simerson
3afcc92150 whitespace, copyright bump, simplify logic 2012-04-29 00:30:06 -07:00
Matt Simerson
7c2e37ff20 added pod DESC to dont_require_anglebrackets 2012-04-29 00:25:19 -07:00
Ask Bjørn Hansen
46701716b2 Make plugin syntax checks run with -T 2012-04-29 00:14:53 -07:00
Matt Simerson
dbaa9dbd6c POD corrections, additional tests, plugin consistency
on files in plugins dir:
  fixed a number of POD errors

  formatted some # comments into POD

  removed bare 1;  (these are plugins, not perl modules)
    most instances of this were copy/pasted from a previous plugin that had it

  removed instances of # vim ts=N ...
    they weren't consistent, many didn't match .perltidyrc

  on modules that failed perl -c tests, added 'use Qpsmtpd::Constants;'

Conflicts:

	plugins/async/check_earlytalker
	plugins/async/dns_whitelist_soft
	plugins/async/dnsbl
	plugins/async/queue/smtp-forward
	plugins/async/require_resolvable_fromhost
	plugins/async/rhsbl
	plugins/async/uribl
	plugins/auth/auth_checkpassword
	plugins/auth/auth_cvm_unix_local
	plugins/auth/auth_flat_file
	plugins/auth/auth_ldap_bind
	plugins/auth/auth_vpopmail
	plugins/auth/auth_vpopmail_sql
	plugins/auth/authdeny
	plugins/check_badmailfromto
	plugins/check_badrcptto_patterns
	plugins/check_bogus_bounce
	plugins/check_earlytalker
	plugins/check_norelay
	plugins/check_spamhelo
	plugins/connection_time
	plugins/dns_whitelist_soft
	plugins/dnsbl
	plugins/domainkeys
	plugins/greylisting
	plugins/hosts_allow
	plugins/http_config
	plugins/logging/adaptive
	plugins/logging/apache
	plugins/logging/connection_id
	plugins/logging/transaction_id
	plugins/logging/warn
	plugins/milter
	plugins/queue/exim-bsmtp
	plugins/queue/maildir
	plugins/queue/postfix-queue
	plugins/queue/smtp-forward
	plugins/quit_fortune
	plugins/random_error
	plugins/rcpt_map
	plugins/rcpt_regexp
	plugins/relay_only
	plugins/require_resolvable_fromhost
	plugins/rhsbl
	plugins/sender_permitted_from
	plugins/spamassassin
	plugins/tls
	plugins/tls_cert
	plugins/uribl
	plugins/virus/aveclient
	plugins/virus/bitdefender
	plugins/virus/clamav
	plugins/virus/clamdscan
	plugins/virus/hbedv
	plugins/virus/kavscanner
	plugins/virus/klez_filter
	plugins/virus/sophie
	plugins/virus/uvscan
2012-04-29 00:00:10 -07:00
Robert
61de599c1b Normalize #! lines on all plugins
find . -type f | xargs -n1 perl -pi.bak -0777 -e '$want = "#!perl -Tw"; s/\A#!.*\n/$want\n/; s/\A([^#])/$want\n\1/s'
2012-04-28 20:41:31 -07:00
Matt Simerson
38c74352d1 prepend auth_flat plugin name to $note
Makes it much easier to figure out where that log entry came from.
2012-04-28 20:19:30 -07:00
Matt Simerson
651ca986ff don't print GeoIP country if not defined
If we don't get a result from the lookup, all we know is that we didn't get a result. Maybe an error, maybe the IP not in the database.
2012-04-28 20:19:18 -07:00
Matt Simerson
005c4d9105 make sure $hook is defined before printing it
This prevents error messages about $hook being undefined in the logs
2012-04-28 20:18:28 -07:00
Matt Simerson
821b182081 fixed spelling error, added spf code to notes 2012-04-28 20:15:36 -07:00
Matt Simerson
4bff5debab added tls comments to config/plugins 2012-04-28 20:14:00 -07:00
Matt Simerson
91d3f2a007 added comments to logging config files 2012-04-28 20:13:50 -07:00
Matt Simerson
5dfc90acf3 fixed POD formatting 2012-04-28 20:13:24 -07:00
Matt Simerson
dfeb8358c6 improve grammar, update logging instructions
updated instructions for setting loglevel to use config/loglevel instead
of editing lib/Qpsmtpd to set $TraceLevel
2012-04-28 20:11:24 -07:00
Matt Simerson
1f36a2437a bump RAM from 50 to 75MB
necessary on my FreeBSD 8 amd64 system. I'm guessing higher requirements
will be the norm on 64 bit systems.
2012-04-28 20:08:30 -07:00
Matt Simerson
1701406f78 suppress log error when $user unset
test for and return earlier when a null sender is encountered.
Prevents using an undefined variable.
2012-04-28 20:08:17 -07:00
Matt Simerson
2591d57aab updated URL to new github repo 2012-04-28 20:05:06 -07:00
Matt Simerson
890558767e doc fix: changed $TRACE_LEVEL to $TraceLevel 2012-04-28 20:04:38 -07:00
Ask Bjørn Hansen
ffb561d065 Add travis-ci configuration file 2012-04-07 18:11:22 -07:00
Matt Simerson
ed8eca0a63 fixed failing auths to auth/vpopmaild, added tests
Apparently the format of vpopmaild responses has been expanded and the responses
are conditional.

* Replaced the 'sometimes works' eq comparison with a regexp that always works.
* added tests for all 3 vpopmail plugins
* added cram-md5 auth support to auth_vpopmaild.
2012-04-07 17:52:44 -04:00
Robert
cd5f088d69 Merge pull request #4 from baudehlo/master
Fix for starttls vulnerability
2011-06-24 14:05:42 -07:00
Matt Sergeant
5200244031 Fix STARTTLS vulnerability for async 2011-06-02 12:57:50 -04:00
Peter J. Holzer
b7668c0468 temp_resolver_failed is a transaction note
The mail hook sets a transaction note 'temp_resolver_failed', but the
 rcpt hook queried a connection note of the same name (which didn't
 exist, of course).
 Now it queries the transaction note.
2011-01-03 12:39:57 -08:00
Charlie Brady
24d09fa4a9 Patch: FATAL PLUGIN ERROR [check_basicheaders]: ...
check_basicheaders fails if there are no headers at all:

http://bugs.contribs.org/show_bug.cgi?id=6345
2010-11-13 18:04:02 -08:00
Robert
461dabc3e1 Revert "Spool body when $transaction->body_fh() is called"
This reverts commit a52660a646.

See http://www.nntp.perl.org/group/perl.qpsmtpd/2010/10/msg9453.html for discussion.
2010-10-29 22:23:58 -07:00
Hanno Hecker
0b0e4e911a prefork: use new instance instead of cloning
Create a new instance instead of cloning^copying the base instance,
see http://www.nntp.perl.org/group/perl.qpsmtpd/2008/07/msg8134.html ff.
2010-09-17 00:39:48 -07:00
Hanno Hecker
33d8825ecf Fix for plugins returning DONE from HELO/EHLO
We have to return something true, else the client gets an additional
 451 Internal error - try again later - command 'helo' failed unexpectedly
after the plugin's ->respond() message.
2010-09-17 15:25:20 +08:00
Hanno Hecker
f9399950f3 plugins/rcpt_map cleanup
* enforce having a "domain" parameter
* unique default message (missing dot added)
2010-09-17 15:25:19 +08:00
Hanno Hecker
7bfad42ac9 new plugin rcpt_map
Check recipients from a postfix style map. The valid return codes are of course
qpsmtpd constants. By storing the addresses in a %hash, this is much faster
for fixed addresses than using the rcpt_regexp plugin just with fixed strings.
This plugin handles only one domain per plugin instance. Use the :N suffix for
the plugin if you need several domains mapped.
2010-09-17 15:25:18 +08:00
Peter A Eisch
e403a56d74 I forgot to sync the code that calls the original config correctly. 2010-09-15 14:33:34 +08:00
Peter A Eisch
2979c52b47 Adds the ability to have multiple instances (each with different
configs) running under Apache.
2010-09-15 14:33:31 +08:00
jaredj
295474503f Add support for multiple postfix cleanup sockets
The current postfix-queue plugin allows the administrator to set a
single path to a local postfix cleanup socket file from the plugin
'command line'.  This adds a 'cleanup_sockets' configuration directive
that can contain a list of paths as well as host/port combinations
pointing to postfix cleanup services, which will be tried in the order
that they appear.  Not yet tested.
2010-09-15 14:32:54 +08:00
jaredj
5c3bd220aa Run hook_reset_transaction after all connections
This makes hook_reset_transaction a bit more useful by running it on
disconnections.  It also ensures that hook_disconnect runs when the
client disconnects without QUITing.
2010-09-15 14:32:53 +08:00
Jared Johnson
96aa5ba171 Shorten/clarify Connection and Transaction notes()
Update Qpsmtpd::Connection::notes() and Qpsmtpd::Transaction::notes()
with clearer, more brief syntax.  A previous patch used seemingly better
syntax, but did not evaluate the size of @_ in order to distinguish
between a call to notes('arg1',undef) and notes('arg1').  This corrects
this issue, and adds a comment to that effect.
2010-09-15 14:32:53 +08:00
Matt Simerson
fa91764f88 renamed test from foo to rcpt_ok 2010-07-25 23:04:58 -07:00
Matt Simerson
0c4a76ffe7 add test name to test output 2010-07-25 22:52:36 -07:00
Matt Simerson
d11b87e050 give badrcptto a reasonable name
renamed check_badrcptto test from foo to test_check_badrcptto_ok
2010-07-25 22:52:32 -07:00
Matt Simerson
3a7f46aa3e increased default TLS security setting
switched default TLS security in config/tls_ciphers from HIGH to HIGH:!SSLv2. Added note for how to set the minimum level of security necessary for PCI compliance.

Signed-off-by: Robert <rspier@pobox.com>
2010-07-25 22:31:59 -07:00
Matt Simerson
d0c9b7cbe5 corrected email address 2010-07-25 22:31:19 -07:00
Robert
9348539ed7 don't create homedir in RPM
based on..

From: Charlie Brady <charlieb-qpsmtpd@budge.apana.org.au>
Subject: rpm packaging bug - smtpd user created with shell not /bin/false
Date: Sat, 17 Jul 2010 18:17:49 -0400 (EDT)
Message-ID:
 <Pine.LNX.4.64.1007171816230.19928@e-smith.charlieb.ott.istop.com>

http://bugs.contribs.org/show_bug.cgi?id=6025

if ! id smtpd >/dev/null 2>&1
then
    # need to create smtpd user.
    if perl -e 'exit ! defined(getgrnam("postdrop"))'
    then
    # if postfix is installed, we will probably use
    # queue/postfix, which will need this:
        supp="-G postdrop"
    fi
    useradd -r -m $supp smtpd
fi

qpsmtpd needs a user "smtpd", but should not create a home directory or
give access to a shell.
2010-07-25 21:48:26 -07:00
Robert
803a320127 ignore search path in DNS lookups
2.  If the name doesn't end in a dot then append each item in the search list to the name.
           This is only done if dnsrch is true.

triggered by..

From: Charlie Brady <charlieb-qpsmtpd@budge.apana.org.au>
Subject: [BUG] Default search path used in require_resolvable_fromhost
Date: Sat, 17 Jul 2010 16:24:42 -0400 (EDT)
Message-ID:
 <Pine.LNX.4.64.1007171623040.17109@e-smith.charlieb.ott.istop.com>

http://bugs.contribs.org/show_bug.cgi?id=5808

 Jesper Knudsen      2010-03-01 01:29:10 MST

When using the require_resolvable_fromhost plugin for qpsmtpd I noticed
that mails from user@localhost.localdomain was actually getting through
this filter. I finally found out that the plugin has a bug that causes it
to insert default search path if it cannot find the domain. This means in
my case that localhost.localdomain was then tried resolved as
localhost.localdomain.swerts-knudsen.dk and since I have a wilcard CNAME
was resolved as my public IP.

Since this plugin is only enabled for public interface the fix is to set
the "dnsrch" flag when creating the Net::DNS object.

In require_resolvable_fromhost:
my $res = Net::DNS::Resolver->new (
                                   dnsrch => 0
                                   );
2010-07-25 21:47:25 -07:00
Johan Almqvist
e2ee6f13e5 new plugin check_badmailfrom_patterns
Signed-off-by: Robert <rspier@pobox.com>
2010-07-11 17:29:24 -07:00
Robin Bowes
0d2b724b93 Check for the exact string resonses from vpopmaild rather than using regexes 2010-05-12 23:25:09 -07:00
Matt Simerson
e13952164d packaging updates
added to MANIFEST
 plugins/check_bogus_bounce
 plugins/auth/auth_vpopmaild
 t/plugin_tests/greylisting

added packaging to MANIFEST.SKIP

Signed-off-by: Robert <rspier@pobox.com>
2010-05-11 21:22:25 -07:00