Commit Graph

378 Commits

Author SHA1 Message Date
Matt Simerson
57a0e4ba7b updated plugins to use QP::Plugins::is_immune 2012-06-04 03:26:16 -04:00
Matt Simerson
2a371a2c6e consolidated chunks of code duplicated 4x into log_and_deny and log_and_pass
in apr_*_handler subs, return DECLINED when connection is not available to read (like during tests)

added 23 tests

deprecate action argument
	'action log' did nothing, better logging controls available with loglevel
	'action deny'  ->  reject 1
	'action denysoft' =>  reject 1 reject_type temp

POD
use head2 for config options (instead of over, item, back)
added loglevel section
updated for replacement of action with reject options
2012-06-04 03:23:14 -04:00
Matt Simerson
c2d23306dc badrcptto: remove spurious semicolon 2012-06-04 00:01:30 -07:00
Matt Simerson
086b31c546 connection_time: make compatible with tcpserver deployment 2012-06-04 00:00:37 -07:00
Ask Bjørn Hansen
0e2384cceb Make all plugins use $self->connection rather than $self->qp->connection
Merge remote-tracking branch 'msimerson/connect'

Conflicts:
	plugins/async/require_resolvable_fromhost
	plugins/require_resolvable_fromhost
2012-06-03 23:53:43 -07:00
Matt Simerson
0a16621f02 connection consistency
-  $self->qp->connection->notes
+  $self->connection->notes

and all tests pass.
2012-06-02 00:46:33 -04:00
Matt Simerson
e8e47ad93b move 'use ParaDNS' into register and eval it
so eventually, plugin tests can run against it, if ParaDNS can be loaded
2012-05-23 23:39:43 -04:00
Matt Simerson
2f49cafcd6 resolvable_fromhost: refactored, added: POD, tests, reject, reject_type 2012-05-23 23:39:43 -04:00
Ask Bjørn Hansen
9e239fd83d Merge pull request #16 from msimerson/geoip
Geoip plugin improvements
2012-05-23 15:39:10 -07:00
Matt Simerson
23f06fde7a basicheaders: removed deprecated argument warning 2012-05-23 17:56:06 -04:00
Matt Simerson
09935b0bf6 basicheaders: added whitelist support
because alerts.etrade.com doesn't set a Date header in alerts
2012-05-23 17:12:26 -04:00
Matt Simerson
80b94eb47a removed newline 2012-05-22 18:14:10 -04:00
Matt Simerson
2dcd34467e geoip: eval loading of Geo::IP, tests, enabled in config
eval Geo::IP and log an error if missing
added 2 tests
enabled in config/plugins
2012-05-22 17:40:02 -04:00
Matt Simerson
521aa4919f basicheaders, add reject option, loglevel
added reject option
document the existence of the loglevel option
factored date validity tests into their own sub
added tests
improved POD
2012-05-21 21:30:02 -04:00
Matt Simerson
9d0c2f8469 dnsbl, POD tweaks, DENY type tests
consolidated POD at top of file
added example options to reject_type POD head
added an example loglevel entry

consolidated DENY[SOFT|DISCONNECT] logic into get_reject_type
added tests for get_reject_type
2012-05-21 17:07:37 -04:00
Matt Simerson
ed8ce150be domainkeys: fix failing tests
the previous DK commit moved the 'use Mail::DomainKeys::*' stuff into an eval. The right idea, but tests still fail because I forgot to remove the bare 'use' lines.
2012-05-21 12:17:32 -07:00
Matt Simerson
41550c2681 domainkeys: only register hooks if Mail::DomainKeys is loadable 2012-05-21 05:59:44 -04:00
Matt Simerson
51486d0b04 SPF plugin: refactored, tests, new config option
added POD description of spfquery note

changed spf_deny -> reject  (and offered 4 more options, see POD for reject)
	backwards compatible with old config settings
	replicates qmail-smtpd SPF patch behavior

improved logging (again)

uses a stringy eval 'use Mail::SPF' in the register sub. If missing, warn and log the error, and don't register any hooks. This is much nicer error than the current, "*** Remote host closed connection unexpectedly." broken mail server that results from enabling the SPF plugin without Mail::SPF installed.

background: I noticed I was deferring valid emails with the SPF plugin at 'spf_deny 1', and without changing the code, there wasn't a way to change how ~all records were handled. This provides that flexibility.
2012-05-21 04:19:45 -04:00
Matt Simerson
edacbf914c anglebrackets: emit log entry when change made 2012-05-20 23:41:15 -07:00
Matt Simerson
691955c60f dnsbl: fixed path to docs/logging.pod 2012-05-20 23:41:09 -07:00
Matt Simerson
1c7d26ecca dnsbl: added log messages, prefixes, additional args
instead of a positional arguments, used named arguments (backwards compatible)
added a couple log message prefixes
removed some trailing whitespace
updated POD
2012-05-20 23:40:23 -07:00
Matt Simerson
5e7568fe71 earlytalker: prefix messages with result keywords 2012-05-20 23:40:15 -07:00
Matt Simerson
4c6054c9fc vpopmaild: logging improvements
added a couple logging calls
prefixed others with pass/skip/fail keywords
2012-05-20 23:40:11 -07:00
Matt Simerson
49dc8bc117 basicheaders: added log messages, tests, named args
added log messages at each exit point
added tests
added reject_type option (defer -vs- deny)
added named argument parsing
2012-05-20 23:39:54 -07:00
Matt Simerson
f37fba7c2b badrcptto: merged plugins, refactored, tests
merged badrcptto_pattern into badrcptto
refactored into smaller methods
added unit tests for each method
2012-05-20 23:39:38 -07:00
Matt Simerson
19927a117e spamassassin: added spam status to log messages
added additional values to tests, to suppress test warnings
2012-05-20 23:39:03 -07:00
Matt Simerson
c3d1f6b16e p0f: tests, tests, tests, backward compat
minor changes to facilitate testing
improved error reporting of several failures
added p0f v2 compatibility to p0f v3 results: in addition to all the newer values, also report the old ones too.
2012-05-20 23:38:48 -07:00
Matt Simerson
25a099e20b dspam: added check for autolearn
don't try to use autolearn if it's not set
added tests that exercise and exorcise the bug
2012-05-20 23:38:42 -07:00
Matt Simerson
9b8c5a1be4 rcpt_ok: refactored and added tests 2012-05-20 23:37:37 -07:00
Matt Simerson
c4b8a7a395 hosts_allow: added logging, POD, deploy notes
added LOGINFO logging for denials, and LOGDEBUG for other results
added SEE ALSO pod
improved readability
2012-05-20 23:37:33 -07:00
Matt Simerson
35e1ce9883 consolidate auth logic into Qpsmtpd::Auth
These 3 auth plugins all have a data store they fetch the reference
password or hash from. They then match the attemped password or hash
against the reference. This consolidates the latter portion (validating
the password/hash) into Auth.pm.

* less duplicated code in the plugins.
* Pass validation consistently handled for these 3 plugins.
* less work to create new auth plugins

Also caches the CRAM-MD5 ticket. It could also cache user/pass info if
this was desirable.
2012-05-20 23:37:06 -07:00
Matt Simerson
6b9881c32e greylisting, refactored and many changes
fixed the vestiges of old plugin name 'denysoft_greylisting'

added ability to bypass greylisting based on geoip

deprecated 'mode [denysoft | testonly | off]
	off wasn't useful
	testonly & denysoft replaced by reject [ 0 | 1 ]

renamed DB from denysoft_greylist to greylist.dbm. Will use existing/legacy DB if present.

added DB pruning feature. Automatically prune the DB when qpsmtpd registers the plugin. Perhaps this should be a config option to enable?

added DB upgrade feature. Convert dotted quad IP addresses in DB to integers. Makes greylisting IPv6 compatible, since DB records are colon delimited.

exempt TLS connections from greylisting. The vast majority (perhaps all) of the SMTP clients that request encryption to my server are legit. We could add a config option for this, but this plugin already has a multitude of config options.

refactored much of the greylisting method into discreet subs

added 30 tests

added additional DEBUG level logging for p0f matches

POD changes:
	replaced over, item N, back, with head2 (better formatted output)
	better describe the current behavior of the plugin (some past behaviors no longer exist)
	added TRIPLET section with example
	added loglevel section
2012-05-20 23:35:46 -07:00
Matt Simerson
5e76d66c66 count_unrecognized_commands
simplified logic in a couple places
consolidated duplicated message
added 4 tests
2012-05-20 23:34:58 -07:00
Matt Simerson
74125300da connection_time:
had single positional argument for loglevel,
  switched to named args which inherits the more flexible loglevel

shortened logging line
 before:   connection_time: Connection time from 66.118.151.187: 3.046 sec.
 after:    connection_time: 3.046 s.
2012-05-20 23:34:26 -07:00
Matt Simerson
19c924d13c dspam bug fix for messages over max size
needs to return DECLINED instead of undef.
2012-05-08 22:37:58 -07:00
Matt Simerson
b53454730d shebang fix for tls_cert (standalone script) 2012-05-07 12:28:59 -07:00
Matt Simerson
319391affe auth_ldap: added logging
whitespace changes (stinkin windows newline chars)
2012-05-07 09:57:41 -07:00
Matt Simerson
35f26c23bb spf plugin, added logging 2012-05-07 09:56:37 -07:00
Matt Simerson
fda2f4a730 auth_cvm_unix_local: log entries, strict 2012-05-07 09:55:16 -07:00
Matt Simerson
8103c5a132 added country name to GeoIP plugin
and removed redundant words from log entries
2012-05-07 09:54:31 -07:00
Matt Simerson
57d72b3cb4 auth_vpopmail_sql, refactor, log, tests
added strict and warnings pragma
refactored
added tests
added more logging
standard log prefixes
tests run pretests to assure tests can succeed
2012-05-07 09:53:03 -07:00
Matt Simerson
adbbfe6f67 auth_vpopmail: refactored, added tests, logging
added more logging
standard log prefixes
tests run a pretest to make sure tests have a chance to succeed
2012-05-07 09:52:46 -07:00
Matt Simerson
9059529325 authdeny: added standard log prefix 2012-05-07 09:51:24 -07:00
Matt Simerson
a1c8462557 moved warn plugin POD to top, merged with # comments 2012-05-07 09:50:43 -07:00
Matt Simerson
54f1a11b46 added logging and tests to auth_checkpassword 2012-05-07 09:47:15 -07:00
Matt Simerson
a1b073cfe2 refactored dnsbl, sprinkling logs and tests on it 2012-05-06 16:21:09 -07:00
Matt Simerson
a6e664ce83 Altered SASL method to include the mechanism in log entries.
removed auth method from return calls in all auth plugins. The caller knows the mechanism already. In the code, the difference looks like this:

before:
        or return (DENY, "authcvm/$method");
after:
        or return (DENY, "authcvm");

Added debug level log entries in auth_vpopmaild

Conflicts:

	plugins/auth/auth_vpopmail_sql
2012-05-06 16:20:25 -07:00
Matt Simerson
205120f26f dspam: a batch of improvements:
expanded POD
cleaned up stray EOL spaces
added lots of logging, with standardized [ pass | fail | skip ] prefixes
added reject_type option
use split for parsing dspam headers
use SA note instead of parsing headers
added reject = agree option
store & fetch dspam results in a note
2012-05-06 16:18:38 -07:00
Matt Simerson
d644c24c83 spamassassin updates
refactored into small subs with unit tests.
parse SA header with split instead of regexp (more reliable)
store SA results in a 'spamassassin' transaction note
add strict and warnings pragma
renamed reject_threshold -> reject (backwards compatible)
added relayclient skip option and POD. Skips SA processing when relayclient is set
added MULTIPLE RECIPIENT BEHAVIOR topic to POD
2012-05-06 16:18:22 -07:00
Matt Simerson
5285774285 refactored Qpsmtpd::Auth::SASL
unit tests for new methods are in t/auth.t

added PLAIN and LOGIN tests in auth_flat_file

Most tests are disabled unless an interactive terminal is detected and $ENV{QPSMTPD_DEVELOPER} is set.
2012-05-06 16:17:02 -07:00