255 lines
7.3 KiB
Perl
255 lines
7.3 KiB
Perl
#!/usr/bin/perl
|
|
|
|
=head1 NAME
|
|
|
|
qmail_deliverable - Check that the recipient address is deliverable
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
See the description of Qmail::Deliverable.
|
|
|
|
This B<qpsmtpd plugin> uses the client/server interface and needs a running
|
|
qmail-deliverabled. If no connection can be made, deliverability is simply
|
|
assumed.
|
|
|
|
The modules LWP (libwww-perl) and HTTP::Daemon, available from CPAN, are
|
|
required for qmail-deliverabled and Qmail::Deliverable::Client.
|
|
|
|
=head1 CONFIGURATION
|
|
|
|
=over 4
|
|
|
|
=item server host:port
|
|
|
|
Hostname (or IP address), and port (both!) of the qmail-deliverabled server. If
|
|
none is specified, the default (127.0.0.1:8998) is used.
|
|
|
|
=item server smtproutes:host:port
|
|
|
|
If the specification is prepended by the literal text C<smtproutes:>, then for
|
|
recipient domains listed in your /var/qmail/control/smtproutes use their
|
|
respective hosts for the check. For other domains, the given host is used. The
|
|
port has to be the same across all servers.
|
|
|
|
Example:
|
|
|
|
qmail_deliverable server smtproutes:127.0.0.1:8998
|
|
|
|
Use "smtproutes:8998" (no second colon) to simply skip the deliverability
|
|
check for domains not listed in smtproutes.
|
|
|
|
=item vpopmail_ext [ 0 | 1 ]
|
|
|
|
Is vpopmail configured with the qmail-ext feature enabled? If so, this config
|
|
option must be enabled in order for user-ext@example.org addresses to work.
|
|
|
|
Default: 0
|
|
|
|
=item reject
|
|
|
|
karma reject [ 0 | 1 | connect | naughty ]
|
|
|
|
I<0> will not reject any connections.
|
|
|
|
I<1> will reject naughty senders.
|
|
|
|
I<connect> is the most efficient setting.
|
|
|
|
To reject at any other connection hook, use the I<naughty> setting and the
|
|
B<naughty> plugin.
|
|
|
|
=back
|
|
|
|
=head1 CAVEATS
|
|
|
|
Given a null host in smtproutes, the normal MX lookup should be used. This
|
|
plugin does not do this, because we don't want to harrass arbitrary servers.
|
|
|
|
Connection failure is *faked* when there is no smtproute.
|
|
|
|
=head1 LEGAL
|
|
|
|
This software is released into the public domain, and does not come with
|
|
warranty or guarantee of any kind. Use it at your own risk.
|
|
|
|
=head1 AUTHOR
|
|
|
|
Juerd <#####@juerd.nl>
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<Qmail::Deliverable>, L<qmail-deliverabled>, L<Qmail::Deliverable::Client>
|
|
|
|
=cut
|
|
|
|
#################################
|
|
#################################
|
|
|
|
BEGIN {
|
|
use FindBin qw($Bin $Script);
|
|
if (not $INC{'Qpsmtpd.pm'}) {
|
|
my $dir = '$PLUGINS_DIRECTORY';
|
|
-d and $dir = $_ for qw(
|
|
/home/qpsmtpd/plugins
|
|
/home/smtp/qpsmtpd/plugins
|
|
/usr/local/qpsmtpd/plugins
|
|
/usr/local/share/qpsmtpd/plugins
|
|
/usr/share/qpsmtpd/plugins
|
|
);
|
|
|
|
my $file = "the 'plugins' configuration file";
|
|
-f and $file = $_ for qw(
|
|
/home/qpsmtpd/config/plugins
|
|
/home/smtp/qpsmtpd/config/plugins
|
|
/usr/local/qpsmtpd/config/plugins
|
|
/usr/local/etc/qpsmtpd/plugins
|
|
/etc/qpsmtpd/plugins
|
|
);
|
|
|
|
# "die" would print "BEGIN failed" garbage
|
|
print STDERR <<"END";
|
|
|
|
This is a plugin for qpsmtpd and should not be run manually.
|
|
|
|
To install the plugin:
|
|
|
|
ln -s $Bin/$Script $dir/
|
|
|
|
And add "$Script server 127.0.0.1:8998" to $file, before rcpt_ok.
|
|
For configuration instructions, read "man $Script"
|
|
|
|
(Paths may vary.)
|
|
|
|
END
|
|
exit 255;
|
|
}
|
|
}
|
|
|
|
#################################
|
|
#################################
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
use Qpsmtpd::Constants;
|
|
use Qmail::Deliverable::Client qw(deliverable);
|
|
|
|
my %smtproutes;
|
|
my $shared_domain; # global variable to be closed over by the SERVER callback
|
|
|
|
sub register {
|
|
my ($self, $qp, @args) = @_;
|
|
if (@args % 2) {
|
|
$self->log(LOGWARN, "Odd number of arguments, using default config");
|
|
}
|
|
else {
|
|
my %args = @args;
|
|
if ($args{server} && $args{server} =~ /^smtproutes:/) {
|
|
|
|
my ($fallback, $port) = $args{server} =~ /:(?:(.*?):?)(\d+)/;
|
|
|
|
open my $fh, "/var/qmail/control/smtproutes"
|
|
or warn "Could not read smtproutes";
|
|
for (readline $fh) {
|
|
my ($domain, $mx) = /^(.*?) : \[? ( [^\]:\s]* )/x;
|
|
$smtproutes{$domain} = $mx;
|
|
}
|
|
|
|
$Qmail::Deliverable::Client::SERVER = sub {
|
|
my $server = _smtproute($shared_domain);
|
|
return "$server:$port" if defined $server;
|
|
return "$fallback:$port" if defined $fallback;
|
|
return;
|
|
};
|
|
|
|
}
|
|
elsif ($args{server}) {
|
|
$Qmail::Deliverable::Client::SERVER = $args{server};
|
|
}
|
|
|
|
if ($args{vpopmail_ext}) {
|
|
$Qmail::Deliverable::VPOPMAIL_EXT = $args{vpopmail_ext};
|
|
}
|
|
if ($args{reject}) {
|
|
$self->{_args}{reject} = $args{reject};
|
|
}
|
|
}
|
|
$self->register_hook("rcpt", "rcpt_handler");
|
|
}
|
|
|
|
sub rcpt_handler {
|
|
my ($self, $transaction, $rcpt) = @_;
|
|
|
|
return DECLINED if $self->is_immune(); # requires QP 0.90+
|
|
|
|
my $address = $rcpt->address;
|
|
$self->log(LOGDEBUG, "Checking deliverability for recipient '$address'");
|
|
|
|
$shared_domain = $rcpt->host;
|
|
|
|
my $rv = deliverable $address;
|
|
|
|
if (not defined $rv or not length $rv) {
|
|
$self->log(LOGWARN, "error (unknown) checking '$address'");
|
|
return DECLINED;
|
|
}
|
|
|
|
my $k = 0; # known status code
|
|
$self->log(LOGINFO, "error, permission failure"), $k++ if $rv == 0x11;
|
|
$self->log(LOGINFO, "pass, qmail-command in dot-qmail"), $k++
|
|
if $rv == 0x12;
|
|
$self->log(LOGINFO, "pass, bouncesaying with program"), $k++ if $rv == 0x13;
|
|
if ($rv == 0x14) {
|
|
my $s = $transaction->sender->address;
|
|
if (!$s || $s eq '<>') {
|
|
$self->adjust_karma(-1);
|
|
return DENY, "mailing lists do not accept null senders";
|
|
};
|
|
$self->log(LOGINFO, "pass, ezmlm list");
|
|
$k++;
|
|
}
|
|
$self->log(LOGINFO, "Temporarily undeliverable: group/world writable"), $k++
|
|
if $rv == 0x21;
|
|
$self->log(LOGINFO, "Temporarily undeliverable: sticky home directory"),
|
|
$k++
|
|
if $rv == 0x22;
|
|
$self->log(LOGINFO, "error, $Qmail::Deliverable::Client::ERROR"), $k++
|
|
if $rv == 0x2f;
|
|
$self->log(LOGINFO, "pass, normal delivery"), $k++ if $rv == 0xf1;
|
|
$self->log(LOGINFO, "pass, vpopmail dir"), $k++ if $rv == 0xf2;
|
|
$self->log(LOGINFO, "pass, vpopmail alias"), $k++ if $rv == 0xf3;
|
|
$self->log(LOGINFO, "pass, vpopmail catchall"), $k++ if $rv == 0xf4;
|
|
$self->log(LOGINFO, "pass, vpopmail vuser"), $k++ if $rv == 0xf5;
|
|
$self->log(LOGINFO, "pass, vpopmail qmail-ext"), $k++ if $rv == 0xf6;
|
|
$self->log(LOGINFO, "error, SHOULD NOT HAPPEN"), $k++ if $rv == 0xfe;
|
|
$self->log(LOGINFO, "fail, address not local"), $k++ if $rv == 0xff;
|
|
|
|
if ($rv) {
|
|
$self->log(LOGINFO, sprintf("error, unknown: 0x%02x", $rv)) if not $k;
|
|
return DECLINED;
|
|
}
|
|
|
|
$self->adjust_karma(-1);
|
|
return $self->get_reject("Sorry, no mailbox by that name. qd (#5.1.1)");
|
|
}
|
|
|
|
sub _smtproute {
|
|
my ($domain) = @_;
|
|
my @parts = split /\./, $domain;
|
|
if (exists $smtproutes{$domain}) {
|
|
return undef if $smtproutes{$domain} eq "";
|
|
return $smtproutes{$domain};
|
|
}
|
|
for (reverse 1 .. @parts) {
|
|
my $wildcard = join "", map ".$_", @parts[-$_ .. -1];
|
|
if (exists $smtproutes{$wildcard}) {
|
|
return undef if $smtproutes{$wildcard} eq "";
|
|
return $smtproutes{$wildcard};
|
|
}
|
|
}
|
|
return undef if not exists $smtproutes{""};
|
|
return undef if $smtproutes{""} eq "";
|
|
return $smtproutes{""};
|
|
}
|
|
|