From ee944357ee374402f20eb1297a0b596f7ef4ea8d Mon Sep 17 00:00:00 2001
From: manuel <manuel@mausz.at>
Date: Mon, 4 Feb 2013 02:54:37 +0100
Subject: [PATCH] Reject some bad relaying attempt

qmail-smtpd-relay-reject.gentoo
---
 qmail-smtpd.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/qmail-smtpd.c b/qmail-smtpd.c
index c77c6cc..86c5bd9 100644
--- a/qmail-smtpd.c
+++ b/qmail-smtpd.c
@@ -95,6 +95,7 @@ void err_nogateway()
 #endif
 void err_unimpl() { out("502 unimplemented (#5.5.1)\r\n"); }
 void err_syntax() { out("555 syntax error (#5.5.4)\r\n"); }
+void err_relay() { out("553 we don't relay (#5.7.1)\r\n"); }
 void err_wantmail() { out("503 MAIL first (#5.5.1)\r\n"); }
 void err_wantrcpt() { out("503 RCPT first (#5.5.1)\r\n"); }
 void err_noop() { out("250 ok\r\n"); }
@@ -345,6 +346,20 @@ int addrallowed()
   return r;
 }
 
+int addrrelay()
+{
+  int j;
+  j = addr.len;
+  while(--j >= 0)
+    if (addr.s[j] == '@') break;
+  if (j < 0) j = addr.len;
+  while(--j >= 0) {
+    if (addr.s[j] == '@') return 1;
+    if (addr.s[j] == '%') return 1;
+    if (addr.s[j] == '!') return 1;
+  }
+  return 0;
+}
 
 int seenmail = 0;
 int flagbarfbmf; /* defined if seenmail */
@@ -469,6 +484,7 @@ void smtp_mail(arg) char *arg;
 void smtp_rcpt(arg) char *arg; {
   if (!seenmail) { err_wantmail(); return; }
   if (!addrparse(arg)) { err_syntax(); return; }
+  if (addrrelay()) { err_relay(); return; }
   if (flagbarfbhelo) {
     if (logregex) {
       strerr_warn6("qmail-smtpd: badhelo: <",helohost.s,"> at ",remoteip," matches pattern: ",matchedregex.s,0);
-- 
cgit v1.2.3