8b50b6dd46
* plugins/check_badrcptto_patterns
Match bad RCPTO address with regex
* plugins/check_norelay
Carve out holes from larger relay blocks
git-svn-id: https://svn.perl.org/qpsmtpd/trunk@431 958fd67b-6ff1-0310-b445-bb7760255be9
63 lines
1.5 KiB
Plaintext
63 lines
1.5 KiB
Plaintext
=pod
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
This plugin checks the norelayclients config file to see if
|
|
relaying is denied.
|
|
|
|
This allows specific clients, such as the gateway, to be denied
|
|
relaying, even though they would be allowed relaying by the
|
|
relayclients file.
|
|
|
|
=head1 CONFIG
|
|
|
|
config/norelayclients
|
|
|
|
Each line is:
|
|
- a full IP address
|
|
- partial IP address terminated by a dot for matching whole networks
|
|
e.g. 192.168.42.
|
|
|
|
=head1 BUGS AND LIMITATIONS
|
|
|
|
This plugin does not have a more_norelayclients map equivalent
|
|
of the more_relayclients map of the check_relay plugin.
|
|
|
|
=head1 AUTHOR
|
|
|
|
Based on check_relay plugin from the qpsmtpd distribution.
|
|
|
|
Copyright 2005 Gordon Rowell <gordonr@gormand.com.au>
|
|
|
|
This software is free software and may be distributed under the same
|
|
terms as Perl itself.
|
|
|
|
=cut
|
|
|
|
sub register {
|
|
my ($self, $qp) = @_;
|
|
$self->register_hook("connect", "check_norelay");
|
|
}
|
|
|
|
sub check_norelay {
|
|
my ($self, $transaction) = @_;
|
|
my $connection = $self->qp->connection;
|
|
|
|
# Check if this IP is not allowed to relay
|
|
my @no_relay_clients = $self->qp->config("norelayclients");
|
|
my %no_relay_clients = map { $_ => 1 } @no_relay_clients;
|
|
my $client_ip = $self->qp->connection->remote_ip;
|
|
while ($client_ip) {
|
|
if ( exists($no_relay_clients{$client_ip}) )
|
|
{
|
|
$connection->relay_client(0);
|
|
delete $ENV{RELAYCLIENT};
|
|
$self->log(LOGNOTICE, "check_norelay: $client_ip denied relaying");
|
|
last;
|
|
}
|
|
$client_ip =~ s/\d+\.?$//; # strip off another 8 bits
|
|
}
|
|
|
|
return (DECLINED);
|
|
}
|