byterazor/qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9ba9d68f72
qpsmtpd/plugins/check_earlytalker
John Peacock c840a1d04f Changes by jpeacock@cpan.org (John Peacock) 
o plugins/check_badmailfromto
    - New plugin in the style of check_badmailfrom, which matches a pair
      of FROM/TO and makes it seem like the recipient's address no longer
      exists (but only from the matching sender's point of view).  Useful
      for stalkers and other harassment cases.

o plugins/dns_whitelist_soft
    - New plugin to provide a DNS-based whitelist (good for distributed
      sites).

o various files
    - Replaced tab character with 8 spaces and adjusted line breaks for
      better readability.

Changes by mct@toren.net (Michael C. Toren)

o lib/Qpsmtpd/SMTP.pm

    - Assumes a MAIL FROM value of "<#@[]>" (utilized by qmail to
      indicate a null sender when generating a doublebounce message)
      is equivalent to "<>".  Previously qpsmtpd complained that the
      value could not be parsed.

    - Adds LOGIN to the default list of supported auth mechanisms.
      The documentation in Auth.pm indicated that auth-login was not
      currently supported due to lack of functionality, however I can
      confirm that LOGIN appears to work fine as tested by using msmtp
      (http://msmtp.sourceforge.net/).  Are there any indications that
      LOGIN support is actually broken in the current implementation?

    - Removes the "X-Qpsmtpd-Auth: True" header appended when a message
      has been sent by an authenticated user.  One problem with such a
      header is that it's impossible to say which SMTP hop added it,
      and it provides no information which could be used to backtrack
      the transaction.  I grepped through my mail archives a bit
      looking for how other MTAs handled the problem, and decided it
      would be best to place this information in the Received: header:

        Received: from remotehost (HELO remotehost) (192.168.42.42)
          (smtp-auth username foo, mechanism cram-md5)
          by mail.netisland.net (qpsmtpd/0.28) with ESMTP; <date>


o lib/Qpsmtpd/Auth.pm:

    - Documentation update for the arguments passed to an auth
      handler; previously the $mechanism argument was not mentioned,
      which threw off the argument offsets.

    - Documentation update for auth-login removing the warning
      that auth-login is not currently supported due to lack of
      functionality.

    - Fix to execute a generic auth hook when a more specific
      auth-$mechanism hook does not exist.  (Previously posted
      to the list last week.)

    - Upon authentication, sets $session->{_auth_user} and
      $session->{_auth_mechanism} so that SMTP.pm can include them
      in the Received: header.


o plugins/queue/qmail-queue

    - Added a timestamp and the qmail-queue qp identifier to the
      "Queued!" 250 message, for compatibility with qmail-smtpd, which
      can be very useful for tracking message delivery from machine to
      machine.  For example, the new 250 message might be:

        250 Queued! 1105927468 qp 3210 <1105927457@netisland.net>

      qmail-smtpd returns:

        250 ok 1106546213 qp 7129

      Additionally, for consistency angle brackets are placed around
      the Message-ID displayed in the 250 if they were missing in the
      message header.


o plugins/check_badmailfrom:

    - Changed the error message from "Mail from $bad not accepted
      here" to "sorry, your envelope sender is in my badmailfrom
      list", for compatibility with qmail-smtpd.  I didn't see any
      reason to share with the sender the value of $bad, especially
      for situations where the sender was rejected resulting from a
      wildcard.


o plugins/check_earlytalker:
o plugins/require_resolvable_fromhost:

    - No longer checks for earlytalkers or resolvable senders if the
      connection note "whitelistclient" is set, which is nice for
      helping backup MX hosts empty their queue faster.


o plugins/count_unrecognized_commands:

    - Return code changed from DENY_DISCONNECT, which isn't valid in
      an unrecognized_command hook, to DENY, which in this context
      drops the connection anyway.  (Previously posted to the list
      last week.)


git-svn-id: https://svn.perl.org/qpsmtpd/trunk@356 958fd67b-6ff1-0310-b445-bb7760255be9
2005-01-28 03:30:50 +00:00

108 lines
3.0 KiB
Plaintext
Raw Blame History

=head1 NAME
check_earlytalker - Check that the client doesn't talk before we send the SMTP banner
=head1 DESCRIPTION
Checks to see if the remote host starts talking before we've issued a 2xx
greeting. If so, we're likely looking at a direct-to-MX spam agent which
pipelines its entire SMTP conversation, and will happily dump an entire spam
into our mail log even if later tests deny acceptance.
Depending on configuration, clients which behave in this way are either
immediately disconnected with a deny or denysoft code, or else are issued this
on all mail/rcpt commands in the transaction.
=head1 CONFIGURATION
=over 4
=item wait [integer]
The number of seconds to delay the initial greeting to see if the connecting
host speaks first. The default is 1.
=item action [string: deny, denysoft, log]
What to do when matching an early-talker -- the options are I<deny>,
I<denysoft> or I<log>.
If I<log> is specified, the connection will be allowed to proceed as normal,
and only a warning will be logged.
The default is I<denysoft>.
=item defer-reject [boolean]
When an early-talker is detected, if this option is set to a true value, the
SMTP greeting will be issued as usual, but all RCPT/MAIL commands will be
issued a deny or denysoft (depending on the value of I<action>). The default
is to react at the SMTP greeting stage by issuing the apropriate response code
and terminating the SMTP connection.
=back
=cut
use IO::Select;
use warnings;
use strict;
sub register {
my ($self, $qp, @args) = @_;
if (@args % 2) {
$self->log(LOGERROR, "Unrecognized/mismatched arguments");
return undef;
}
$self->{_args} = {
'wait' => 1,
'action' => 'denysoft',
'defer-reject' => 0,
@args,
};
$self->register_hook('connect', 'connect_handler');
$self->register_hook('mail', 'mail_handler')
if $self->{_args}->{'defer-reject'};
1;
}
sub connect_handler {
my ($self, $transaction) = @_;
my $in = new IO::Select;
my $ip = $self->qp->connection->remote_ip;
return DECLINED
if ($self->qp->connection->notes('whitelistclient'));
$in->add(\*STDIN) || return DECLINED;
if ($in->can_read($self->{_args}->{'wait'})) {
$self->log(LOGNOTICE, "remote host started talking before we said hello [$ip]");
if ($self->{_args}->{'defer-reject'}) {
$self->qp->connection->notes('earlytalker', 1);
} else {
my $msg = 'Connecting host started transmitting before SMTP greeting';
return (DENY,$msg) if $self->{_args}->{'action'} eq 'deny';
return (DENYSOFT,$msg) if $self->{_args}->{'action'} eq 'denysoft';
}
} else {
$self->log(LOGINFO, 'remote host said nothing spontaneous, proceeding');
}
return DECLINED;
}
sub mail_handler {
my ($self, $txn) = @_;
my $msg = 'Connecting host started transmitting before SMTP greeting';
return DECLINED unless $self->qp->connection->notes('earlytalker');
return (DENY,$msg) if $self->{_args}->{'action'} eq 'deny';
return (DENYSOFT,$msg) if $self->{_args}->{'action'} eq 'denysoft';
return DECLINED;
}
1;
Reference in New Issue View Git Blame Copy Permalink