[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

A new rule for the policyfilter

To: zmailer@nic.funet.fi
Subject: A new rule for the policyfilter
From: Swen Thuemmler <swen@uni-paderborn.de>
Date: Thu, 6 Nov 1997 16:39:02 +0100 (MET)

Hi,

at uni-paderborn.de, we wanted to use the SPAM-filter, but were not able
to completely deny relaying since there are some list-exploders in other
administrative domains, which would then stop working, and we have no
idea, where there might be some of them. Additionally, we did not want to
remove all restriction from *.uni-paderborn.de, because of our setup,
where on most clients runs sendmail with a nullclient configuration which
just strips off the hostname and forwards the mail to the central
mailserver which then does the delivery. Spammers often use these
machines. So what I needed was something like a negative-list: list
domains, for which we do not relay - hotmail.com, juno.com and
rocketmail.com are surely candidates for this - but without completely
blocking communication with these domains. 

I have made patches to be able to say in smtp-policy.src:
_no_relay               sendernorelay +
hotmail.com		= _no_relay
.hotmail.com		= _no_relay

So we relay for most domains (except those in the SPAM-database) but do
not relay for hotmail.com and some other domains frequently used by
spammers. 

Perhaps someone finds it useful, the patches are attached. Note that this
does not include the find_at() patch I sent before. 

Greetings, Swen

diff -ubr zmailer-2.99.49p8.orig/include/policy.h zmailer-2.99.49p8/include/policy.h
--- zmailer-2.99.49p8.orig/include/policy.h	Fri Aug  8 12:43:16 1997
+++ zmailer-2.99.49p8/include/policy.h	Thu Oct 30 16:18:02 1997
@@ -76,9 +76,10 @@
 #define P_A_ACCEPTifDNS         10
 #define P_A_SENDERokWithDNS	11
 #define P_A_ACCEPTbutFREEZE	12
+#define P_A_SENDERNoRelay	13
 
 #define P_A_FirstAttr	        2
-#define P_A_LastAttr	        12
+#define P_A_LastAttr	        13
 /* Note: Attribute codes outside range 1..31 cause problems at policystate
          processing!  If you ever need modify these, fix the  policytest.c,
 	 and  policytest.h: struct policystate { char values[]; } array,
@@ -117,6 +118,7 @@
 	"acceptifdns",
 	"senderokwithdns",
 	"acceptbutfreeze",
+	"sendernorelay",
 };
 #define KA(x) ((((x)>0)&&((x)<=P_A_LastAttr))?_KA[x]:"??")
 
diff -ubr zmailer-2.99.49p8.orig/smtpserver/policytest.c zmailer-2.99.49p8/smtpserver/policytest.c
--- zmailer-2.99.49p8.orig/smtpserver/policytest.c	Mon Oct 20 01:12:20 1997
+++ zmailer-2.99.49p8/smtpserver/policytest.c	Thu Oct 30 16:56:53 1997
@@ -127,6 +127,7 @@
 	printf("always_accept=%d\n",state->always_accept);
 	printf("sender_reject=%d\n",state->sender_reject);
 	printf("sender_freeze=%d\n",state->sender_freeze);
+	printf("sender_norelay=%d\n",state->sender_norelay);
 	printf("relaycustnet=%d\n", state->relaycustnet);
 	printf("rcpt_nocheck=%d\n", state->rcpt_nocheck);
 
@@ -918,6 +919,7 @@
     state->rcpt_nocheck  = 0;
     state->sender_reject = 0;
     state->sender_freeze = 0;
+    state->sender_norelay = 0;
 
     if (state->always_reject)
 	return -1;
@@ -954,6 +956,7 @@
     state->request = ( 1 << P_A_REJECTSOURCE  |
 		       1 << P_A_FREEZESOURCE  |
 		       1 << P_A_RELAYCUSTOMER |
+		       1 << P_A_SENDERNoRelay |
 		       1 << P_A_SENDERokWithDNS );
 
     at = memchr(str, '@', len);
@@ -997,6 +1000,11 @@
 	printf("... returns: %d\n", rc);
       return rc;
     }
+    if (state->values[P_A_SENDERNoRelay] == '+') {
+      if (debug)
+	printf("mailfrom: 'sendernorelay +'\n");
+      state->sender_norelay = 1;
+    }
     return 0;
 }
 
@@ -1044,6 +1052,9 @@
     if (at != NULL)
       check_domain(rel, state, at+1, len - (1 + at - str));
     else {
+      if (state->rcpt_nocheck)
+        return 0;
+      else
       /* Doh ??  Not  <user@domain> ??? */
       return -1;
     }
@@ -1074,7 +1085,7 @@
     if (state->rcpt_nocheck)
 	return 0;
 
-    if (state->values[P_A_ACCEPTifMX] != 0) {
+    if (state->values[P_A_ACCEPTifMX] != 0 || state->sender_norelay != 0) {
       int rc = mx_client_verify(state->values[P_A_ACCEPTifMX],
 				at+1, len - (1 + at - str));
       if (debug)
diff -ubr zmailer-2.99.49p8.orig/smtpserver/policytest.h zmailer-2.99.49p8/smtpserver/policytest.h
--- zmailer-2.99.49p8.orig/smtpserver/policytest.h	Mon Oct 20 01:13:16 1997
+++ zmailer-2.99.49p8/smtpserver/policytest.h	Thu Oct 30 16:18:35 1997
@@ -14,13 +14,14 @@
     int sender_freeze;
     int relaycustnet;
     int rcpt_nocheck;
+    int sender_norelay;
 
     int request;
     /* These flags say which attributes are checked. */
     /* For example: P_A_REJECTSOURCE ( == 3)
        Corresponding flag is 3rd bit (1 << 3) = 8.
        Flag P_A_ALIAS ( == 1) is ignored.            */
-    char values[12]; /* XX: Make sure the P_A_* attributes fit here! */
+    char values[13]; /* XX: Make sure the P_A_* attributes fit here! */
     /* Attribute values are stored here. */
 };
 
diff -ubr zmailer-2.99.49p8.orig/smtpserver/readpolicy.c zmailer-2.99.49p8/smtpserver/readpolicy.c
--- zmailer-2.99.49p8.orig/smtpserver/readpolicy.c	Fri Aug 15 19:19:56 1997
+++ zmailer-2.99.49p8/smtpserver/readpolicy.c	Thu Oct 30 16:47:07 1997
@@ -173,6 +173,8 @@
 	abuf->attrib = P_A_SENDERokWithDNS;
     else if (strcmp(str1, "freeze") == 0)
 	abuf->attrib = P_A_ACCEPTbutFREEZE;
+    else if (strcmp(str1, "sendernorelay") == 0)
+	abuf->attrib = P_A_SENDERNoRelay;
     else
 	return -1;
     return 0;

Prev by Date: Compilation problem
Next by Date: forward files not in $HOME
Prev by thread: Compilation problem
Next by thread: forward files not in $HOME
Index(es):
- Date
- Thread