Matt Simerson
a26d46ed87
move Auth-Results header to Original-Auth-Results
...
this was in a sub, commented out as a TODO to delete them. Instead of deleting, move the Authentication-Results header on incoming messages to the Original-A-R.
2013-12-17 14:16:34 -08:00
Matt Simerson
b085388cda
TcpServer: optimize DNS lookups for PTR
...
a. don't use search path (/etc/resolv.conf)
b. explicitely specify PTR in query request
2013-12-01 03:45:12 -05:00
Matt Simerson
5b3f616571
removed a diff block from docs/config.pod
2013-12-01 03:42:55 -05:00
Matt Simerson
c3305179d2
remove plaintext UPGRADING (.pod added by Ask)
2013-08-05 15:32:31 -07:00
Matt Simerson
4a61ef1ad9
define positioning of Authentication-Results header
2013-08-05 15:05:38 -07:00
Matt Simerson
4d489ea6ef
tested and working Authentication-Results
...
changed the method of saving results. Instead of appending to/from a header, plugins save results to a connection note.
Qpsmtpd::SMTP.pm has a new method that inserts the Authentication-Results header
The smtp-auth information has been removed from the Received header
Authentication-Results providing plugins have been updated to store results in connection note
2013-08-05 15:05:38 -07:00
Matt Simerson
4ae16219bd
added Authentication-Results header, with provider
...
dkim, dmarc, fcrdns (iprev), spf, and smtp-auth
2013-08-05 15:05:38 -07:00
Matt Simerson
b1afbabf4c
Makefile.PL: added commented Math::Complex
2013-08-05 15:05:38 -07:00
Matt Simerson
4aa888dc6c
headers: assign zeroes to avoid undef errors
2013-08-05 15:05:38 -07:00
Matt Simerson
b126c3c7f8
store envelope from and to in connection notes
2013-08-05 15:05:38 -07:00
Matt Simerson
247c5a2bea
is_naughty is a setter now too
2013-08-05 15:05:38 -07:00
Matt Simerson
4c0632e043
summarize: fix syntax error
2013-08-05 15:05:38 -07:00
Matt Simerson
fbdee49965
raised default max msg size in clamdscan from 128k
...
added max_size on config, so it's likely to get noticed, since even 1M is probably too low for most sites. This should likely default to the same as databytes?
2013-08-05 15:05:38 -07:00
Matt Simerson
1fa7d8361f
spf enabled in config/plugins by default
...
the plugin will detect if Mail::SPF is missing and not register it's hooks
2013-08-05 15:05:38 -07:00
Matt Simerson
7b21e90ff7
added daemontools, ucspi-tcp to install list
2013-08-05 15:05:38 -07:00
Matt Simerson
76d70bb941
MANIFEST: updated with run.* files
2013-08-05 15:05:38 -07:00
Matt Simerson
3a0900f0ae
SMTP.pm: reduce auth details from Received header.
...
based on patch from Devin Carraway
http://www.nntp.perl.org/group/perl.qpsmtpd/2012/08/msg9954.html
2013-08-05 15:05:38 -07:00
Matt Simerson
b4b53ee273
updated Changes
2013-08-05 15:05:38 -07:00
Matt Simerson
2cf7207553
summarize: move parts of main while loop to subs
...
and added POD
2013-08-05 15:05:38 -07:00
Matt Simerson
98b147fed2
Makefile.PL, added comments, stating where the
...
disabled plugins are used
2013-08-05 15:05:38 -07:00
Matt Simerson
3e7efb8883
summarize: strip out unprintable chars
2013-08-05 15:05:38 -07:00
Matt Simerson
2a11be4f8b
Makefile.PL: added more disabled dependencies
...
DBI: commented out, but included for documentation's sake
2013-08-05 15:05:37 -07:00
Matt Simerson
1e3136a0d0
revert movement of qp bins to bin/
...
plugin dir, config dir, spool dir, all have different logic about where/how to find their config. The logic needs some untangling and unification before attempting this again.
2013-08-05 15:05:37 -07:00
Matt Simerson
791237841b
replace run with separate run for the 2 common
...
deployment methods. Rather than having to edit the run file, it's much easier to rename the run file.
Moved qpsmtpd* into bin/
2013-08-05 15:05:37 -07:00
Matt Simerson
f7b00fa677
auth_vpopmaild: added taint checking to responses
2013-08-05 15:05:37 -07:00
Matt Simerson
82effb409a
Qpsmtpd: untaint config data passed to plugins
...
if QP passes in tainted data, such as a hostname that subsequently gets used to open a connection using IO::Socket, the plugin die because the information is tainted. Fix it once here, instead of in each plugin.
2013-08-05 15:05:37 -07:00
Matt Simerson
4c6f5aedfd
Qpsmtpd.pm: split config args on /\s+/, was / /
2013-08-05 15:05:37 -07:00
Matt Simerson
2b1b75145a
install_deps: handle comments in Makefile.PL
2013-08-05 15:05:37 -07:00
Matt Simerson
b8229fbdbf
dmarc: added subdomain policy handling
2013-08-05 15:05:37 -07:00
Matt Simerson
76071ca559
Makefile.PL: added clean { *.bak }
2013-08-05 15:05:37 -07:00
Matt Simerson
09b7d977db
Makefile.PL: reenable Time::TAI64
2013-08-05 15:05:37 -07:00
Matt Simerson
52002eecf6
Makefile.PL: comment out Mail::Spamassassin
2013-08-05 15:05:37 -07:00
Matt Simerson
40235542e3
Makefile.PL: disable Geo::IP module
2013-08-05 15:05:37 -07:00
Matt Simerson
a67ed4063b
try disabling Time::TAI64, update MANIFEST
2013-08-05 15:05:37 -07:00
Matt Simerson
c4d59cc442
.travis.yml: added perl 5.16
2013-08-05 15:05:37 -07:00
Matt Simerson
e8ee3fe430
see if removing Mail::SPF makes Travis happy
2013-08-05 15:05:37 -07:00
Matt Simerson
c652d4c9e4
dmarc test: comments in the public list was
...
allowing certain org domain searches to fail (plus.google.com, b/c a google.com email address was in the public list). Now I anchor the searches to the start of the line. This test also catches edge cases like co.uk, which isn't listed, but a wildcard *.uk is.
2013-08-05 15:05:37 -07:00
Matt Simerson
db6a7f418b
run: increase RAM from 200 to 300MB (dkim)
...
still seeing (infrequent) "too large" errors validating DKIM signatures
2013-08-05 15:05:37 -07:00
Matt Simerson
92fe1e899f
rcpt_ok: do immunity checks earlier, so that
...
disposition logs don't indicate failure for authenticated senders
2013-08-05 15:05:37 -07:00
Matt Simerson
eccaf17d18
karma: limit rcpts to 1 for senders with neg karma
2013-08-05 15:05:36 -07:00
Matt Simerson
bbc6e895cc
distinguish rejecting versus tolerated failures
2013-08-05 15:05:36 -07:00
Matt Simerson
06ebd12e06
docs/logging: added description of log prefixes
2013-08-05 15:05:36 -07:00
Matt Simerson
97a8d4e9df
docs/logging: added description of log prefixes
2013-08-05 15:05:36 -07:00
Matt Simerson
3180c9da31
SPF: added more precise disposition logs, so that
...
postprocess can determine if a SPF failure caused a rejection
2013-08-05 15:05:36 -07:00
Matt Simerson
ebfccec5b3
dmarc: added support for DMARC policy pct=NNN
2013-08-05 15:05:36 -07:00
Matt Simerson
c0210a7877
SPF: arrage flow so if a pass result is possible,
...
we will get it and set the note for DMARC plugin
2013-08-05 15:05:36 -07:00
Matt Simerson
effb4e2269
dmarc: improving and updating POD
2013-08-05 15:05:36 -07:00
Matt Simerson
fef37f54ce
summarize shows a narrower screen by default.
...
passing in -l for when your term windows is more than 200 chars wide will show more detail
2013-08-05 15:05:36 -07:00
Matt Simerson
dbcc3d40b4
split is_immune into itself + is_naughty
...
is_immune tests designates to plugins they should always skip processing.
That's typical for naughty connections, but this change provides the ability to handly naughty connections differently than (whitelisted/relayclients/known good) senders.
2013-08-05 15:05:36 -07:00
Matt Simerson
1bb7ce30ea
bump RAM from 150 to 200MB
...
DKIM message signing needs more RAM
2013-08-05 15:05:36 -07:00