helo - validate a HELO message delivered from a connecting host.
Includes the following tests:
is_in_badhelo
invalid_localhost
is_plain_ip
is_address_literal [N.N.N.N]
is_forged_literal
is_not_fqdn
no_forward_dns
no_reverse_dns
no_matching_dns
consolidated POD at top of file
added example options to reject_type POD head
added an example loglevel entry
consolidated DENY[SOFT|DISCONNECT] logic into get_reject_type
added tests for get_reject_type
the previous DK commit moved the 'use Mail::DomainKeys::*' stuff into an eval. The right idea, but tests still fail because I forgot to remove the bare 'use' lines.
Plugins can now use a 'loglevel' argument in config/plugins entry
Includes user instructions prepended to docs/logging.pod
Already works for all plugins that use named arguments
added POD description of spfquery note
changed spf_deny -> reject (and offered 4 more options, see POD for reject)
backwards compatible with old config settings
replicates qmail-smtpd SPF patch behavior
improved logging (again)
uses a stringy eval 'use Mail::SPF' in the register sub. If missing, warn and log the error, and don't register any hooks. This is much nicer error than the current, "*** Remote host closed connection unexpectedly." broken mail server that results from enabling the SPF plugin without Mail::SPF installed.
background: I noticed I was deferring valid emails with the SPF plugin at 'spf_deny 1', and without changing the code, there wasn't a way to change how ~all records were handled. This provides that flexibility.
instead of a positional arguments, used named arguments (backwards compatible)
added a couple log message prefixes
removed some trailing whitespace
updated POD
minor changes to facilitate testing
improved error reporting of several failures
added p0f v2 compatibility to p0f v3 results: in addition to all the newer values, also report the old ones too.
These 3 auth plugins all have a data store they fetch the reference
password or hash from. They then match the attemped password or hash
against the reference. This consolidates the latter portion (validating
the password/hash) into Auth.pm.
* less duplicated code in the plugins.
* Pass validation consistently handled for these 3 plugins.
* less work to create new auth plugins
Also caches the CRAM-MD5 ticket. It could also cache user/pass info if
this was desirable.
