byterazor/qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dbaa9dbd6c
qpsmtpd/plugins/async/require_resolvable_fromhost
Matt Simerson dbaa9dbd6c POD corrections, additional tests, plugin consistency 
on files in plugins dir:
  fixed a number of POD errors

  formatted some # comments into POD

  removed bare 1;  (these are plugins, not perl modules)
    most instances of this were copy/pasted from a previous plugin that had it

  removed instances of # vim ts=N ...
    they weren't consistent, many didn't match .perltidyrc

  on modules that failed perl -c tests, added 'use Qpsmtpd::Constants;'

Conflicts:

	plugins/async/check_earlytalker
	plugins/async/dns_whitelist_soft
	plugins/async/dnsbl
	plugins/async/queue/smtp-forward
	plugins/async/require_resolvable_fromhost
	plugins/async/rhsbl
	plugins/async/uribl
	plugins/auth/auth_checkpassword
	plugins/auth/auth_cvm_unix_local
	plugins/auth/auth_flat_file
	plugins/auth/auth_ldap_bind
	plugins/auth/auth_vpopmail
	plugins/auth/auth_vpopmail_sql
	plugins/auth/authdeny
	plugins/check_badmailfromto
	plugins/check_badrcptto_patterns
	plugins/check_bogus_bounce
	plugins/check_earlytalker
	plugins/check_norelay
	plugins/check_spamhelo
	plugins/connection_time
	plugins/dns_whitelist_soft
	plugins/dnsbl
	plugins/domainkeys
	plugins/greylisting
	plugins/hosts_allow
	plugins/http_config
	plugins/logging/adaptive
	plugins/logging/apache
	plugins/logging/connection_id
	plugins/logging/transaction_id
	plugins/logging/warn
	plugins/milter
	plugins/queue/exim-bsmtp
	plugins/queue/maildir
	plugins/queue/postfix-queue
	plugins/queue/smtp-forward
	plugins/quit_fortune
	plugins/random_error
	plugins/rcpt_map
	plugins/rcpt_regexp
	plugins/relay_only
	plugins/require_resolvable_fromhost
	plugins/rhsbl
	plugins/sender_permitted_from
	plugins/spamassassin
	plugins/tls
	plugins/tls_cert
	plugins/uribl
	plugins/virus/aveclient
	plugins/virus/bitdefender
	plugins/virus/clamav
	plugins/virus/clamdscan
	plugins/virus/hbedv
	plugins/virus/kavscanner
	plugins/virus/klez_filter
	plugins/virus/sophie
	plugins/virus/uvscan
2012-04-29 00:00:10 -07:00

172 lines
4.8 KiB
Perl
Raw Blame History

#!perl -Tw
use Qpsmtpd::DSN;
use ParaDNS;
use Socket;
use Qpsmtpd::TcpServer;
my %invalid = ();
my $has_ipv6 = Qpsmtpd::TcpServer::has_ipv6();
sub register {
my ( $self, $qp ) = @_;
foreach my $i ( $self->qp->config("invalid_resolvable_fromhost") ) {
$i =~ s/^\s*//;
$i =~ s/\s*$//;
if ( $i =~ m#^((\d{1,3}\.){3}\d{1,3})/(\d\d?)# ) {
$invalid{$1} = $3;
}
}
$self->register_hook( mail => 'hook_mail_start' );
$self->register_hook( mail => 'hook_mail_done' );
}
sub hook_mail_start {
my ( $self, $transaction, $sender ) = @_;
return DECLINED
if ( $self->qp->connection->notes('whitelisthost') );
if ( $sender ne "<>" ) {
unless ( $sender->host ) {
# default of addr_bad_from_system is DENY, we use DENYSOFT here to
# get the same behaviour as without Qpsmtpd::DSN...
return Qpsmtpd::DSN->addr_bad_from_system( DENYSOFT,
"FQDN required in the envelope sender" );
}
return DECLINED if $sender->host =~ m/^\[(\d{1,3}\.){3}\d{1,3}\]$/;
unless ($self->check_dns( $sender->host )) {
return Qpsmtpd::DSN->temp_resolver_failed(
"Could not resolve " . $sender->host );
}
return YIELD;
}
return DECLINED;
}
sub hook_mail_done {
my ( $self, $transaction, $sender ) = @_;
return DECLINED
if ( $self->qp->connection->notes('whitelisthost') );
if ( $sender ne "<>" && !$transaction->notes('resolvable_fromhost') ) {
# default of temp_resolver_failed is DENYSOFT
return Qpsmtpd::DSN->temp_resolver_failed(
"Could not resolve " . $sender->host );
}
return DECLINED;
}
sub check_dns {
my ( $self, $host ) = @_;
my @host_answers;
my $qp = $self->qp;
$qp->input_sock->pause_read;
my $a_records = [];
my $num_queries = 1; # queries in progress
my $mx_found = 0;
ParaDNS->new(
callback => sub {
my $mx = shift;
return if $mx =~ /^[A-Z]+$/; # error
my $addr = $mx->[0];
$mx_found = 1;
$num_queries++;
ParaDNS->new(
callback => sub { push @$a_records, $_[0] if $_[0] !~ /^[A-Z]+$/; },
finished => sub { $num_queries--; $self->finish_up($qp, $a_records, $num_queries) },
host => $addr,
type => 'A',
);
if ($has_ipv6) {
$num_queries++;
ParaDNS->new(
callback => sub { push @$a_records, $_[0] if $_[0] !~ /^[A-Z]+$/; },
finished => sub { $num_queries--; $self->finish_up($qp, $a_records, $num_queries) },
host => $addr,
type => 'AAAA',
);
}
},
finished => sub {
unless ($mx_found) {
$num_queries++;
ParaDNS->new(
callback => sub { push @$a_records, $_[0] if $_[0] !~ /^[A-Z]+$/; },
finished => sub { $num_queries--; $self->finish_up($qp, $a_records, $num_queries) },
host => $host,
type => 'A',
);
if ($has_ipv6) {
$num_queries++;
ParaDNS->new(
callback => sub { push @$a_records, $_[0] if $_[0] !~ /^[A-Z]+$/; },
finished => sub { $num_queries--; $self->finish_up($qp, $a_records, $num_queries) },
host => $host,
type => 'AAAA',
);
}
}
$num_queries--;
$self->finish_up($qp, $a_records, $num_queries);
},
host => $host,
type => 'MX',
) or $qp->input_sock->continue_read, return;
return 1;
}
sub finish_up {
my ($self, $qp, $a_records, $num_queries) = @_;
return if defined $qp->transaction->notes('resolvable_fromhost');
foreach my $addr (@$a_records) {
if (is_valid($addr)) {
$qp->transaction->notes('resolvable_fromhost', 1);
$qp->input_sock->continue_read;
$qp->run_continuation;
return;
}
}
unless ($num_queries) {
# all queries returned no valid response
$qp->transaction->notes('resolvable_fromhost', 0);
$qp->input_sock->continue_read;
$qp->run_continuation;
}
}
sub is_valid {
my $ip = shift;
my ( $net, $mask );
foreach $net ( keys %invalid ) {
$mask = $invalid{$net};
$mask = pack "B32", "1" x ($mask) . "0" x ( 32 - $mask );
return 0
if join( ".", unpack( "C4", inet_aton($ip) & $mask ) ) eq $net;
}
return 1;
}
Reference in New Issue View Git Blame Copy Permalink