dbaa9dbd6c
on files in plugins dir:
fixed a number of POD errors
formatted some # comments into POD
removed bare 1; (these are plugins, not perl modules)
most instances of this were copy/pasted from a previous plugin that had it
removed instances of # vim ts=N ...
they weren't consistent, many didn't match .perltidyrc
on modules that failed perl -c tests, added 'use Qpsmtpd::Constants;'
Conflicts:
plugins/async/check_earlytalker
plugins/async/dns_whitelist_soft
plugins/async/dnsbl
plugins/async/queue/smtp-forward
plugins/async/require_resolvable_fromhost
plugins/async/rhsbl
plugins/async/uribl
plugins/auth/auth_checkpassword
plugins/auth/auth_cvm_unix_local
plugins/auth/auth_flat_file
plugins/auth/auth_ldap_bind
plugins/auth/auth_vpopmail
plugins/auth/auth_vpopmail_sql
plugins/auth/authdeny
plugins/check_badmailfromto
plugins/check_badrcptto_patterns
plugins/check_bogus_bounce
plugins/check_earlytalker
plugins/check_norelay
plugins/check_spamhelo
plugins/connection_time
plugins/dns_whitelist_soft
plugins/dnsbl
plugins/domainkeys
plugins/greylisting
plugins/hosts_allow
plugins/http_config
plugins/logging/adaptive
plugins/logging/apache
plugins/logging/connection_id
plugins/logging/transaction_id
plugins/logging/warn
plugins/milter
plugins/queue/exim-bsmtp
plugins/queue/maildir
plugins/queue/postfix-queue
plugins/queue/smtp-forward
plugins/quit_fortune
plugins/random_error
plugins/rcpt_map
plugins/rcpt_regexp
plugins/relay_only
plugins/require_resolvable_fromhost
plugins/rhsbl
plugins/sender_permitted_from
plugins/spamassassin
plugins/tls
plugins/tls_cert
plugins/uribl
plugins/virus/aveclient
plugins/virus/bitdefender
plugins/virus/clamav
plugins/virus/clamdscan
plugins/virus/hbedv
plugins/virus/kavscanner
plugins/virus/klez_filter
plugins/virus/sophie
plugins/virus/uvscan
74 lines
2.2 KiB
Perl
74 lines
2.2 KiB
Perl
#!perl -Tw
|
|
|
|
# this plugin checks the relayclients config file and
|
|
# $ENV{RELAYCLIENT} to see if relaying is allowed.
|
|
#
|
|
|
|
use Net::IP qw(:PROC);
|
|
|
|
sub hook_connect {
|
|
my ($self, $transaction) = @_;
|
|
my $connection = $self->qp->connection;
|
|
|
|
# Check if this IP is allowed to relay
|
|
my $client_ip = $self->qp->connection->remote_ip;
|
|
|
|
# @crelay... for comparing, @srelay... for stripping
|
|
my (@crelay_clients, @srelay_clients);
|
|
|
|
my @relay_clients = $self->qp->config("relayclients");
|
|
for (@relay_clients) {
|
|
my ($range_ip, $range_prefix) = ip_splitprefix($_);
|
|
if($range_prefix){
|
|
# has a prefix, so due for comparing
|
|
push @crelay_clients, $_;
|
|
}
|
|
else {
|
|
# has no prefix, so due for splitting
|
|
push @srelay_clients, $_;
|
|
}
|
|
}
|
|
|
|
if (@crelay_clients){
|
|
my ($range_ip, $range_prefix, $rversion, $begin, $end, $bin_client_ip);
|
|
my $cversion = ip_get_version($client_ip);
|
|
for (@crelay_clients) {
|
|
# Get just the IP from the CIDR range, to get the IP version, so we can
|
|
# get the start and end of the range
|
|
($range_ip, $range_prefix) = ip_splitprefix($_);
|
|
$rversion = ip_get_version($range_ip);
|
|
($begin, $end) = ip_normalize($_, $rversion);
|
|
|
|
# expand the client address (zero pad it) before converting to binary
|
|
$bin_client_ip = ip_iptobin(ip_expand_address($client_ip, $cversion), $cversion);
|
|
|
|
if (ip_bincomp($bin_client_ip, 'gt', ip_iptobin($begin, $rversion))
|
|
&& ip_bincomp($bin_client_ip, 'lt', ip_iptobin($end, $rversion)))
|
|
{
|
|
$connection->relay_client(1);
|
|
last;
|
|
}
|
|
}
|
|
}
|
|
|
|
# If relay_client is already set, no point checking again
|
|
if (@srelay_clients && !$connection->relay_client) {
|
|
my $more_relay_clients = $self->qp->config("morerelayclients", "map");
|
|
my %srelay_clients = map { $_ => 1 } @srelay_clients;
|
|
$client_ip =~ s/::/:/;
|
|
($connection->relay_client(1) && undef($client_ip)) if $client_ip eq ":1";
|
|
|
|
while ($client_ip) {
|
|
if (exists($ENV{RELAYCLIENT}) or
|
|
exists($srelay_clients{$client_ip}) or
|
|
exists($more_relay_clients->{$client_ip}))
|
|
{
|
|
$connection->relay_client(1);
|
|
last;
|
|
}
|
|
$client_ip =~ s/(\d|\w)+(:|\.)?$//; # strip off another 8 bits
|
|
}
|
|
}
|
|
return (DECLINED);
|
|
}
|