[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fix for policy checking prob.

To: crosser@online.ru
Subject: Re: fix for policy checking prob.
From: mea@nic.funet.fi
Date: Mon, 5 Apr 1999 18:31:06 +0300 (EET DST)
Cc: zmailer@nic.funet.fi
In-Reply-To: <ML-3.4.923318308.3307.crosser@ariel.sovam.com> from "Eugene Crosser" at Apr 5, 99 05:18:28 pm

> Matti,
> 
> I made a change that seems reasonably sane: when checking validity of
> domains, *do* check validity of [1.2.3.4] format recipient domains, but
> *do not* check validity of [1.2.3.4] format originator domains.
> I think that there may be a better way, but I think that for now this
> will do.  It does not seem to be harmful anyway.  Please consider
> including it into the mainstream.

	I did inject it, and then try, and finally removed.
	Here is a better one.  Essentially it does RBL analysis
	of the address literals at MAIL FROM, and RCPT TO, while
	it does full rule analysis at connection time.

> Eugene

	/Matti Aarnio

Index: policytest.c
===================================================================
RCS file: /home/mea/src/CVSROOT/zmailer/smtpserver/policytest.c,v
retrieving revision 1.25
diff -u -r1.25 policytest.c
--- policytest.c	1999/03/08 10:16:14	1.25
+++ policytest.c	1999/04/05 15:20:00
@@ -643,10 +643,13 @@
 }
 
 
-static int _addrtest_(rel, state, pbuf)
+static int _addrtest_ __((struct policytest *rel, struct policystate *state, const char *pbuf, int sourceaddr));
+
+static int _addrtest_(rel, state, pbuf, sourceaddr)
 struct policytest *rel;
 struct policystate *state;
 const char *pbuf;
+int sourceaddr;
 {
     u_char ipv4addr[4];
 
@@ -672,6 +675,9 @@
     if (checkaddr(rel, state, pbuf) != 0)
       return 0; /* Nothing found */
 
+    if (!sourceaddr)
+      goto just_rbl_checks;
+
 #if 0
 /* if (IP address of SMTP client has 'rejectnet +' attribute) then
     any further conversation refused
@@ -742,6 +748,8 @@
     if (state->trust_recipients || state->full_trust || state->always_accept)
       return 0;
 
+    just_rbl_checks:;
+
     if (state->values[P_A_TestDnsRBL] &&
 	!valueeq(state->values[P_A_TestDnsRBL], "-") &&
 	pbuf[1] == P_K_IPv4) {
@@ -826,7 +834,7 @@
       return -2;
     }
 
-    return _addrtest_(rel, state, pbuf);
+    return _addrtest_(rel, state, pbuf, 1);
 }
 
 
@@ -889,7 +897,7 @@
 	pbuf[1] = P_K_IPv4;
 	pbuf[6] = 32;
       }
-      return _addrtest_(rel,state,pbuf);
+      return _addrtest_(rel,state,pbuf, 0);
     }
 
     plen = addr_len;

References:
- fix for policy checking prob.
  - From: Eugene Crosser <crosser@online.ru>

Prev by Date: EXPN/VRFY do not work
Next by Date: Re: EXPN/VRFY do not work
Prev by thread: fix for policy checking prob.
Next by thread: configuration question (spam related)
Index(es):
- Date
- Thread