[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: sender blocking policy problem
On Wed, Jun 18, 2003 at 06:57:38PM +0300, Andrey Blochintsev wrote:
...
> Pseudocode for policy-test mail_from address:
>
> if "rejectsource +" attribute found for user@do.main
> then
> return "reject"
> else
> if "rejectsource +" attribute found for do.main
> return "reject"
> fi
> fi
>
> "rejectsource" atribute can't be used to allow single email
> if all domain disabled.
Yeah, that is true. Reading smtpserver/policytest.c's
pt_mailfrom(), it is clear that you can reject (or freeze)
individual source address, but you can't allow it explicitely
aside of what domain based testing reports.
A bit of new code is needed, hmm...
If there is "freezesource" or "rejectsource" attribute (with
any value except "+"), the domain based testing will ignore
those attributes ? Thus "rejectsource -" for explicite
user@do.main would allow that address, while all "do.main"
would be blocked.
The code to make that behaviour is here:
(copy&paste from xterm => TABs are scrambled, patch manually...)
--- smtpserver/policytest.c 14 May 2003 14:12:10 -0000 1.74
+++ smtpserver/policytest.c 18 Jun 2003 17:50:09 -0000
@@ -1395,6 +1395,7 @@
const int len;
{
const char *at;
+ int requestmask = 0;
state->rcpt_nocheck = 0;
state->sender_reject = 0;
@@ -1428,6 +1429,9 @@
PICK_PA_MSG(P_A_FREEZESOURCE);
return 1;
}
+ if (state->values[P_A_FREEZESOURCE])
+ requestmask |= 1 << P_A_FREEZESOURCE;
+
if (valueeq(state->values[P_A_REJECTSOURCE], "+")) {
if (debug)
type(NULL,0,NULL," mailfrom: 'rejectsource +'");
@@ -1435,6 +1439,8 @@
PICK_PA_MSG(P_A_REJECTSOURCE);
return -1;
}
+ if (state->values[P_A_REJECTSOURCE])
+ requestmask |= 1 << P_A_REJECTSOURCE;
}
state->request = ( 1 << P_A_REJECTSOURCE |
@@ -1443,7 +1449,7 @@
1 << P_A_RELAYCUSTOMER |
#endif
1 << P_A_SENDERNoRelay |
- 1 << P_A_SENDERokWithDNS );
+ 1 << P_A_SENDERokWithDNS ) & (~ requestmask);
at = find_nonqchr(str, '@', len);
if (at != NULL) {
--
/Matti Aarnio <mea@nic.funet.fi>
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi