[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
A new rule for the policyfilter
Hi,
at uni-paderborn.de, we wanted to use the SPAM-filter, but were not able
to completely deny relaying since there are some list-exploders in other
administrative domains, which would then stop working, and we have no
idea, where there might be some of them. Additionally, we did not want to
remove all restriction from *.uni-paderborn.de, because of our setup,
where on most clients runs sendmail with a nullclient configuration which
just strips off the hostname and forwards the mail to the central
mailserver which then does the delivery. Spammers often use these
machines. So what I needed was something like a negative-list: list
domains, for which we do not relay - hotmail.com, juno.com and
rocketmail.com are surely candidates for this - but without completely
blocking communication with these domains.
I have made patches to be able to say in smtp-policy.src:
_no_relay sendernorelay +
hotmail.com = _no_relay
.hotmail.com = _no_relay
So we relay for most domains (except those in the SPAM-database) but do
not relay for hotmail.com and some other domains frequently used by
spammers.
Perhaps someone finds it useful, the patches are attached. Note that this
does not include the find_at() patch I sent before.
Greetings, Swen
diff -ubr zmailer-2.99.49p8.orig/include/policy.h zmailer-2.99.49p8/include/policy.h
--- zmailer-2.99.49p8.orig/include/policy.h Fri Aug 8 12:43:16 1997
+++ zmailer-2.99.49p8/include/policy.h Thu Oct 30 16:18:02 1997
@@ -76,9 +76,10 @@
#define P_A_ACCEPTifDNS 10
#define P_A_SENDERokWithDNS 11
#define P_A_ACCEPTbutFREEZE 12
+#define P_A_SENDERNoRelay 13
#define P_A_FirstAttr 2
-#define P_A_LastAttr 12
+#define P_A_LastAttr 13
/* Note: Attribute codes outside range 1..31 cause problems at policystate
processing! If you ever need modify these, fix the policytest.c,
and policytest.h: struct policystate { char values[]; } array,
@@ -117,6 +118,7 @@
"acceptifdns",
"senderokwithdns",
"acceptbutfreeze",
+ "sendernorelay",
};
#define KA(x) ((((x)>0)&&((x)<=P_A_LastAttr))?_KA[x]:"??")
diff -ubr zmailer-2.99.49p8.orig/smtpserver/policytest.c zmailer-2.99.49p8/smtpserver/policytest.c
--- zmailer-2.99.49p8.orig/smtpserver/policytest.c Mon Oct 20 01:12:20 1997
+++ zmailer-2.99.49p8/smtpserver/policytest.c Thu Oct 30 16:56:53 1997
@@ -127,6 +127,7 @@
printf("always_accept=%d\n",state->always_accept);
printf("sender_reject=%d\n",state->sender_reject);
printf("sender_freeze=%d\n",state->sender_freeze);
+ printf("sender_norelay=%d\n",state->sender_norelay);
printf("relaycustnet=%d\n", state->relaycustnet);
printf("rcpt_nocheck=%d\n", state->rcpt_nocheck);
@@ -918,6 +919,7 @@
state->rcpt_nocheck = 0;
state->sender_reject = 0;
state->sender_freeze = 0;
+ state->sender_norelay = 0;
if (state->always_reject)
return -1;
@@ -954,6 +956,7 @@
state->request = ( 1 << P_A_REJECTSOURCE |
1 << P_A_FREEZESOURCE |
1 << P_A_RELAYCUSTOMER |
+ 1 << P_A_SENDERNoRelay |
1 << P_A_SENDERokWithDNS );
at = memchr(str, '@', len);
@@ -997,6 +1000,11 @@
printf("... returns: %d\n", rc);
return rc;
}
+ if (state->values[P_A_SENDERNoRelay] == '+') {
+ if (debug)
+ printf("mailfrom: 'sendernorelay +'\n");
+ state->sender_norelay = 1;
+ }
return 0;
}
@@ -1044,6 +1052,9 @@
if (at != NULL)
check_domain(rel, state, at+1, len - (1 + at - str));
else {
+ if (state->rcpt_nocheck)
+ return 0;
+ else
/* Doh ?? Not <user@domain> ??? */
return -1;
}
@@ -1074,7 +1085,7 @@
if (state->rcpt_nocheck)
return 0;
- if (state->values[P_A_ACCEPTifMX] != 0) {
+ if (state->values[P_A_ACCEPTifMX] != 0 || state->sender_norelay != 0) {
int rc = mx_client_verify(state->values[P_A_ACCEPTifMX],
at+1, len - (1 + at - str));
if (debug)
diff -ubr zmailer-2.99.49p8.orig/smtpserver/policytest.h zmailer-2.99.49p8/smtpserver/policytest.h
--- zmailer-2.99.49p8.orig/smtpserver/policytest.h Mon Oct 20 01:13:16 1997
+++ zmailer-2.99.49p8/smtpserver/policytest.h Thu Oct 30 16:18:35 1997
@@ -14,13 +14,14 @@
int sender_freeze;
int relaycustnet;
int rcpt_nocheck;
+ int sender_norelay;
int request;
/* These flags say which attributes are checked. */
/* For example: P_A_REJECTSOURCE ( == 3)
Corresponding flag is 3rd bit (1 << 3) = 8.
Flag P_A_ALIAS ( == 1) is ignored. */
- char values[12]; /* XX: Make sure the P_A_* attributes fit here! */
+ char values[13]; /* XX: Make sure the P_A_* attributes fit here! */
/* Attribute values are stored here. */
};
diff -ubr zmailer-2.99.49p8.orig/smtpserver/readpolicy.c zmailer-2.99.49p8/smtpserver/readpolicy.c
--- zmailer-2.99.49p8.orig/smtpserver/readpolicy.c Fri Aug 15 19:19:56 1997
+++ zmailer-2.99.49p8/smtpserver/readpolicy.c Thu Oct 30 16:47:07 1997
@@ -173,6 +173,8 @@
abuf->attrib = P_A_SENDERokWithDNS;
else if (strcmp(str1, "freeze") == 0)
abuf->attrib = P_A_ACCEPTbutFREEZE;
+ else if (strcmp(str1, "sendernorelay") == 0)
+ abuf->attrib = P_A_SENDERNoRelay;
else
return -1;
return 0;