Commit Graph

166 Commits

Author SHA1 Message Date
Matt Simerson
b0ebb75be4 added karma awards for SPF pass/fail 2013-03-25 01:48:40 -04:00
Matt Simerson
31609e3643 badmailfrom: fix reject message typo 2013-03-25 01:46:34 -04:00
Matt Simerson
12f1de22be fcrdns: new plugin for Forward Confirmed rDNS 2013-03-23 02:22:20 -04:00
Matt Simerson
a5856d2e4a qm_deliverable: added reject option, karma smite
award senders -1 karma to senders to invalid addresses
2013-03-23 02:17:45 -04:00
Matt Simerson
4e3b33870a naughty: improve POD 2013-03-23 02:16:49 -04:00
Matt Simerson
a5b3cc33ae karma: be a bit more conservative
require at least -2 karma before smiting
also, add +1 karma to senders with karma_history > 10
2013-03-23 02:15:24 -04:00
Matt Simerson
a639fc794a whitelist: add +5 karma to whitelisted IPs 2013-03-23 02:12:06 -04:00
Matt Simerson
309fdbe4b4 relay: give +2 karma boost to relay IPs 2013-03-23 02:06:57 -04:00
Matt Simerson
aaa2241cb8 p0f: added smite_os, assign -karma by OS 2013-03-23 01:56:49 -04:00
Matt Simerson
1dfa55c230 hosts_allow: allow +karma senders +3 concurrents
this is really useful if you set max-per-ip to <= 3.
2013-03-23 01:47:34 -04:00
Matt Simerson
6a41d1ea0d helo: smite senders that fail the selected tests
and made log entries more terse
2013-03-23 01:43:32 -04:00
Matt Simerson
e01843f6f9 headers: smite poorly behaved senders with -karma 2013-03-23 01:42:10 -04:00
Matt Simerson
279a43f26a earlytalker: if we skip for +karma, log it
and remove IP from log (not IPv6 optimal)
2013-03-23 01:38:47 -04:00
Matt Simerson
c4fc2ecea3 spamassassin: assign karma for autolearn message
also removed 'use lib', to be consistent with most other plugins
and improved grammar
2013-03-23 01:24:02 -04:00
Matt Simerson
08da0fe5c5 Merge branch 'master' of github.com:qpsmtpd-dev/qpsmtpd-dev 2013-03-23 01:20:36 -04:00
Matt Simerson
1a7f2c26a5 Merge branch 'master' of github.com:msimerson/qpsmtpd-dev 2013-03-23 01:13:34 -04:00
Matt Simerson
d37f875992 dspam: be more conservative with karma awards
previous settings were reasonable for a well trained dspam. After starting with a fresh dspam, the settings were not optimal for the amount of naive that a default dspam is.
2013-03-23 01:07:01 -04:00
Matt Simerson
d427f43f54 dnsbl: smite blacklisted IPs with -1 karma 2013-03-23 01:05:15 -04:00
Matt Simerson
3b71f06682 badrcptto: smite matches with -2 karma
useful for (reject=>naughty) + spam filter training
2013-03-23 01:04:03 -04:00
Matt Simerson
79a5c3d7ae geoip: added too_far option 2013-03-23 01:03:28 -04:00
Matt Simerson
7b804c70c9 karma_tool: optimized for speedy IP search, IPv6
fixed one IPv6 issue
2013-03-23 01:01:13 -04:00
Markus Ullmann
f198157e92 Sanitize spamd_sock path for perl taint mode 2013-03-20 01:16:09 +01:00
Matt Simerson
537af7c095 dspam: added use lib, removed some parens 2013-03-15 22:12:50 -07:00
Matt Simerson
57a2f68564 karma: general improvements
skip earlytalker checks for positive senders

limit negative karma senders to 1 concurrent connection (hosts_allow)
  added karma::hook_pre_connection, to make hosts_allow change possible

added karma score to log entries
2013-03-13 03:19:48 -04:00
Matt Simerson
548415ea24 headers: added section # to RFC citation 2013-03-13 02:26:25 -04:00
Matt Simerson
a0212347bf whitelist: added pass prefix to log entries 2013-03-13 02:02:41 -04:00
Matt Simerson
30b7662a63 qmail_deliverable: remove fail prefix from SMTP er
prefix should only be logged, not emitted during SMTP
2013-03-11 00:25:28 -04:00
Matt Simerson
b37a0462ae karma_tool: release didn't. fixed.
also, preserve karma history when using karma_tool to capture/release
2013-03-11 00:24:11 -04:00
Matt Simerson
0a6f23d06d p0f: added path to socket in error message
if p0f cannot connect, provide a more descriptive error message. Particularly useful for a p0f plugin developer that runs both p0f v2 and v3 at the same time.
2013-03-11 00:14:38 -04:00
Matt Simerson
c31074bef6 plugins/bogus_bounce: add Return-Path check
make sure return path is empty, per RFC 3834
2013-03-10 23:38:03 -04:00
Matt Simerson
22d16037a2 plugins/helo: added RFC 5321 notes 2013-03-10 23:22:44 -04:00
Matt Simerson
11874aa5dc Merge branch 'master' of github.com:msimerson/qpsmtpd-dev 2012-12-12 14:08:24 -05:00
Matt Simerson
d06eac3dc1 uribl plugin: added 'pass' prefix to log message 2012-12-12 14:07:19 -05:00
Matt Simerson
4a745d6baf updated more split '' syntax to split // 2012-11-20 01:40:57 -05:00
Matt Simerson
77182ec6e2 helo: avoid undef warning when rDNS is invalid
specifically, when rDNS returns an invalid FQDN like 'null.', which doesn't have
a domain part.
2012-11-19 13:12:48 -05:00
Matt Simerson
df577ff3fe replace all instances of split '' with split //
newer versions of perl don't accept split '' syntax any longer
2012-11-19 12:32:21 -05:00
Matt Simerson
37cb63c6f7 dspam: improve logging and config error reporting 2012-11-19 00:43:12 -05:00
Matt Simerson
e9b582e63c relay: better error handling and logging
detect failures in calls to Net::IP for relayclient entries that don't parse.
2012-11-19 00:40:29 -05:00
Matt Simerson
bf7c663662 clamdscan: replace immunity check with naught test
immunity check was disabled by default, as it wasn't a good policy. OTOH, a naughty check is a sensible default, as we can skip processing on messages we already decided to reject.
2012-11-19 00:30:36 -05:00
Matt Simerson
1081461d36 qmail_deliverable: reject null sender to ezmlm lis 2012-11-19 00:29:33 -05:00
Matt Simerson
81aa6a6990 dkim: added some missing POD text 2012-11-16 14:35:19 -05:00
Matt Simerson
60d0c8b853 headers: simplify required headers logic 2012-11-15 01:35:15 -05:00
Matt Simerson
78cab52582 SPF: use $conn->relay_client instead of duplicated
is_in_relayclients method. Expects relay plugin to have set relay_client, a reasonable assumption.
2012-11-14 23:21:20 -05:00
Matt Simerson
427e92ee7b SA: suppress undefined variable warnings 2012-11-14 18:00:30 -05:00
Matt Simerson
b8baa4b91b spf: improved support for IPv6 clients 2012-11-14 17:29:46 -05:00
Matt Simerson
51f5c887db whitelist: added debug log message & std plugin
entries.
2012-11-14 17:29:46 -05:00
Matt Simerson
c1694b2e81 spamassassin: added 'headers none' option
enables suppression of SA header insertion
2012-11-14 17:29:46 -05:00
Matt Simerson
ab1b211446 added vpopmail_ext to qmail_deliverable plugin 2012-11-14 17:29:46 -05:00
Matt Simerson
376bd492cd earlytalker: lower karma for earlytalkers 2012-11-14 17:27:55 -05:00
Matt Simerson
335a71e62d resolvable_fromhost: additional logging 2012-11-14 17:27:55 -05:00
Matt Simerson
809390b12e registry: renamed clamd abb3 from cad to clm 2012-11-14 17:27:54 -05:00
Matt Simerson
aa4e102606 karma: added error keyword to error log messages 2012-11-14 17:27:54 -05:00
Matt Simerson
477c5a6bdf karma: added adjust_karma method
makes it easier to set karma in plugins
2012-11-14 17:27:54 -05:00
Matt Simerson
ad558d5893 helo: added is_plain_ip to lenient checks
there's no excuse for a client to ever send a raw IP, and I have yet to see a valid client do it
2012-11-14 17:27:54 -05:00
Matt Simerson
96f49c98ff clamdscan: default is scan always, even authenticated 2012-11-14 17:27:54 -05:00
Matt Simerson
1cfd7df50e registry: added auth_ prefixes, relay aliases 2012-11-14 17:27:54 -05:00
Matt Simerson
4928792f87 spamassassin: further log message refinement 2012-11-14 17:27:54 -05:00
Matt Simerson
74d97d312e qmail_deliverable: test variable if defined before accessing 2012-11-14 17:27:54 -05:00
Matt Simerson
3127f4d4c5 dspam: better error message if dspam_bin is not found 2012-11-14 17:27:54 -05:00
Matt Simerson
6758195578 SPF: more logging additions 2012-11-14 17:27:53 -05:00
Matt Simerson
d6402b47b3 Merge branch 'master' of github.com:msimerson/qpsmtpd-dev 2012-06-27 19:25:16 -04:00
Matt Simerson
77e63e92ae drop the check_ prefix from the last 3 plugins 2012-06-27 19:17:01 -04:00
Matt Simerson
ee7121d1ce dspam: added missing return 2012-06-27 14:47:02 -07:00
Matt Simerson
04d457480d dnsbl: restore dnsbl bypass for special recipients 2012-06-27 14:43:17 -07:00
Matt Simerson
98228cd38c dspam: check for dspam_bin during register 2012-06-27 14:42:34 -07:00
Matt Simerson
18d9165b1b log watching and processing tools 2012-06-27 03:27:35 -04:00
Matt Simerson
c2a5b8d42e dkim: new plugin 2012-06-27 03:26:38 -04:00
Matt Simerson
4a622e3aff uribl: ordered pragmas and dependencies 2012-06-27 03:23:27 -04:00
Matt Simerson
0d911852ad rhsbl: make sure $transaction->sender defined before accessing it 2012-06-27 03:21:22 -04:00
Matt Simerson
c8cf830a8b naughty: POD additions 2012-06-27 03:20:49 -04:00
Matt Simerson
bfa789f15f headers: added Received to POD header require list 2012-06-27 03:19:50 -04:00
Matt Simerson
f43c9649ce dnsbl: more refactoring, 2012-06-27 03:17:56 -04:00
Matt Simerson
e40994d13f rhsbl: added default reject settings 2012-06-26 01:03:00 -04:00
Matt Simerson
89ad783595 added plugin: qmail_deliverable 2012-06-25 03:24:43 -04:00
Matt Simerson
caceda6d06 resolvable_fromhost: log message updates 2012-06-25 03:24:08 -04:00
Matt Simerson
2804afeb2d rename require_resolvable_fromhost to resolvable_fromhost 2012-06-25 03:08:25 -04:00
Matt Simerson
4d394e847b clamdscan: fix karma decrementer 2012-06-25 02:57:37 -04:00
Matt Simerson
8d69b923fa spamassassin: s/deny/fail/ from a log message (consistency) 2012-06-25 02:55:58 -04:00
Matt Simerson
32d8b07f28 SPF: add more log messages 2012-06-25 02:55:02 -04:00
Matt Simerson
848b85c150 geoip: no data is a skip, not a fail 2012-06-25 02:52:27 -04:00
Matt Simerson
60470d20a4 dspam: fixes for training dspam
process_backticks now writes the entire message (headers + body) to a temp file and had dspam read that. Previously, dspam only read the body.  With the new "process, then train on error" method, dspam didn't have access to the DSPAM signature (in the headers).

replaced open2 with open3. Same results. Works part of the time, but not consistent, and I haven't been able to figure out why.

dspam transaction note is now a hashref (was a string)
parsing of dspam response via substring (was regexp)
2012-06-25 02:51:36 -04:00
Matt Simerson
39b1668dda domainkeys: add header at top of headers (not bottom) 2012-06-25 02:41:43 -04:00
Matt Simerson
a6cfb68392 dnsbl,rhsbl: process DNS immediately
and use naughty for deferred rejection
2012-06-23 03:10:48 -04:00
Matt Simerson
334ec769a5 earlytalker: log message cleanup 2012-06-23 03:06:24 -04:00
Matt Simerson
8c3377f026 qmail-queue: a few tweaks and a lot of whitespace 2012-06-23 00:57:04 -04:00
Matt Simerson
cdf1e9d782 tls: log improvement 2012-06-23 00:53:18 -04:00
Matt Simerson
8f40e2ef9a spf: remove rcpt hook, process to completion during from 2012-06-23 00:52:05 -04:00
Matt Simerson
dc61deb9aa parse_addr_withhelo: consistency additions 2012-06-23 00:47:46 -04:00
Matt Simerson
4761e3f41a naughty: support reject_type set by original plugin
that marked the connection as naughty
2012-06-23 00:46:39 -04:00
Matt Simerson
5dbc47ed1a hosts_allow: better logging 2012-06-23 00:45:18 -04:00
Matt Simerson
efc3d1b914 greylisting: POD correction 2012-06-23 00:43:53 -04:00
Matt Simerson
3e223ef9dc dns_whitelist_soft: tiny tweaks of little consequence 2012-06-23 00:43:20 -04:00
Matt Simerson
8156341c6e unrec: fixed variable assignment 2012-06-23 00:40:42 -04:00
Matt Simerson
b53bd08540 connection_time: add compat with tcpserver deployment model 2012-06-23 00:40:02 -04:00
Matt Simerson
e9395d6a79 loop: max loops was sometimes not set 2012-06-23 00:38:58 -04:00
Matt Simerson
fb4690ab43 earlytalker: updated for consistent note accessor 2012-06-23 00:37:54 -04:00
Matt Simerson
12b4c6a02a bogus_bounce: added logging and rejection handling 2012-06-23 00:32:40 -04:00
Matt Simerson
89d82afe53 dnsbl: process DNS queries immediately
rather than deferring until RCPT. This greatly improves efficiency, since most connections will get marked naughty much sooner, having run fewer tests.
2012-06-23 00:09:46 -04:00
Matt Simerson
f601516f9f check_spamhelo: remove, deprecated by helo 2012-06-23 00:05:01 -04:00
Matt Simerson
9e9fcf41a7 badrcptto: dropped check_ prefix from name 2012-06-23 00:02:03 -04:00