diff options
| author | manuel <manuel@mausz.at> | 2013-02-05 18:26:02 +0100 |
|---|---|---|
| committer | manuel <manuel@mausz.at> | 2013-02-05 18:26:02 +0100 |
| commit | 8ed3cb136c336a3103d233f1f82b6da35ae2f6f9 (patch) | |
| tree | ce643337f818bbbe202a075d01b8731687527d8d /qmail-smtpd.c | |
| parent | 2b9d328bdb940511fd49caae839579835b18d8bc (diff) | |
| download | qmail-8ed3cb136c336a3103d233f1f82b6da35ae2f6f9.tar.gz qmail-8ed3cb136c336a3103d233f1f82b6da35ae2f6f9.tar.bz2 qmail-8ed3cb136c336a3103d233f1f82b6da35ae2f6f9.zip | |
[PATCH] check envelope sender's domain for validity
qmail-1.03-r17-mfcheck
Diffstat (limited to 'qmail-smtpd.c')
| -rw-r--r-- | qmail-smtpd.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/qmail-smtpd.c b/qmail-smtpd.c index 4553b42..8f0ebad 100644 --- a/qmail-smtpd.c +++ b/qmail-smtpd.c | |||
| @@ -28,6 +28,7 @@ | |||
| 28 | #include "strerr.h" | 28 | #include "strerr.h" |
| 29 | #include "cdb.h" | 29 | #include "cdb.h" |
| 30 | #include "qmail-spp.h" | 30 | #include "qmail-spp.h" |
| 31 | #include "dns.h" | ||
| 31 | 32 | ||
| 32 | int spp_val; | 33 | int spp_val; |
| 33 | 34 | ||
| @@ -42,6 +43,7 @@ int spp_val; | |||
| 42 | 43 | ||
| 43 | #define MAXHOPS 100 | 44 | #define MAXHOPS 100 |
| 44 | unsigned int databytes = 0; | 45 | unsigned int databytes = 0; |
| 46 | unsigned int mfchk = 0; | ||
| 45 | int timeout = 1200; | 47 | int timeout = 1200; |
| 46 | 48 | ||
| 47 | const char *protocol = "SMTP"; | 49 | const char *protocol = "SMTP"; |
| @@ -124,6 +126,8 @@ void straynewline() | |||
| 124 | void err_size() { out("552 sorry, that message size exceeds my databytes limit (#5.3.4)\r\n"); } | 126 | void err_size() { out("552 sorry, that message size exceeds my databytes limit (#5.3.4)\r\n"); } |
| 125 | void err_bmf() { out("553 sorry, your envelope sender has been denied (#5.7.1)\r\n"); } | 127 | void err_bmf() { out("553 sorry, your envelope sender has been denied (#5.7.1)\r\n"); } |
| 126 | void err_bmt() { out("553 sorry, your envelope recipient has been denied (#5.7.1)\r\n"); } | 128 | void err_bmt() { out("553 sorry, your envelope recipient has been denied (#5.7.1)\r\n"); } |
| 129 | void err_hmf() { out("553 sorry, your envelope sender domain must exist (#5.7.1)\r\n"); } | ||
| 130 | void err_smf() { out("451 DNS temporary failure (#4.3.0)\r\n"); } | ||
| 127 | void err_brt() { out("550 sorry, this message is not deliverable (#5.7.1)\r\n"); } | 131 | void err_brt() { out("550 sorry, this message is not deliverable (#5.7.1)\r\n"); } |
| 128 | void err_bhelo() { out("553 sorry, your HELO host name has been denied (#5.7.1)\r\n"); } | 132 | void err_bhelo() { out("553 sorry, your HELO host name has been denied (#5.7.1)\r\n"); } |
| 129 | #ifndef TLS | 133 | #ifndef TLS |
| @@ -224,6 +228,10 @@ void setup() | |||
| 224 | if (rcpthosts_init() == -1) die_control(); | 228 | if (rcpthosts_init() == -1) die_control(); |
| 225 | if (spp_init() == -1) die_control(); | 229 | if (spp_init() == -1) die_control(); |
| 226 | 230 | ||
| 231 | if (control_readint(&mfchk,"control/mfcheck") == -1) die_control(); | ||
| 232 | x = env_get("MFCHECK"); | ||
| 233 | if (x) { scan_ulong(x,&u); mfchk = u; } | ||
| 234 | |||
| 227 | bmfok = control_readfile(&bmf,"control/badmailfrom",0); | 235 | bmfok = control_readfile(&bmf,"control/badmailfrom",0); |
| 228 | if (bmfok == -1) die_control(); | 236 | if (bmfok == -1) die_control(); |
| 229 | 237 | ||
| @@ -412,6 +420,25 @@ int brtcheck() | |||
| 412 | return 0; | 420 | return 0; |
| 413 | } | 421 | } |
| 414 | 422 | ||
| 423 | int mfcheck() | ||
| 424 | { | ||
| 425 | stralloc sa = {0}; | ||
| 426 | ipalloc ia = {0}; | ||
| 427 | unsigned int random; | ||
| 428 | int j; | ||
| 429 | |||
| 430 | if (!mfchk) return 0; | ||
| 431 | random = now() + (getpid() << 16); | ||
| 432 | j = byte_rchr(addr.s,addr.len,'@') + 1; | ||
| 433 | if (j < addr.len) { | ||
| 434 | stralloc_copys(&sa, addr.s + j); | ||
| 435 | dns_init(0); | ||
| 436 | j = dns_mxip(&ia,&sa,random); | ||
| 437 | if (j < 0) return j; | ||
| 438 | } | ||
| 439 | return 0; | ||
| 440 | } | ||
| 441 | |||
| 415 | int addrallowed() | 442 | int addrallowed() |
| 416 | { | 443 | { |
| 417 | int r; | 444 | int r; |
| @@ -565,6 +592,11 @@ void smtp_mail(arg) char *arg; | |||
| 565 | if ((!flagbarfbmf) && (bmfnrok) && (addr.len != 1) && (!relayclient)) { | 592 | if ((!flagbarfbmf) && (bmfnrok) && (addr.len != 1) && (!relayclient)) { |
| 566 | flagbarfbmf = bmcheck(BMCHECK_BMFNR); | 593 | flagbarfbmf = bmcheck(BMCHECK_BMFNR); |
| 567 | } | 594 | } |
| 595 | switch(mfcheck()) { | ||
| 596 | case DNS_HARD: err_hmf(); return; | ||
| 597 | case DNS_SOFT: err_smf(); return; | ||
| 598 | case DNS_MEM: die_nomem(); | ||
| 599 | } | ||
| 568 | if (!(spp_val = spp_mail())) return; | 600 | if (!(spp_val = spp_mail())) return; |
| 569 | seenmail = 1; | 601 | seenmail = 1; |
| 570 | if (!stralloc_copys(&rcptto,"")) die_nomem(); | 602 | if (!stralloc_copys(&rcptto,"")) die_nomem(); |