trunk/postfix-policyd-spf-perl
* use version; * Bumped version number to 1.08.1. * Purely cosmetic code clean-up. * Added svn properties: svn:mime-type = text/x-perl svn:keywords = "Author Date Id Rev URL" svn:eol-style = native trunk/README * Bumped version number to 1.08.1. * Added Scott Kitterman to copyright statement. * Updated website URL. trunk/INSTALL * Added version Perl module to list of run-time requirements. trunk/INSTALL trunk/LICENSE * Added svn properties: svn:mime-type = text/plain svn:keywords = "Author Date Id Rev URL" svn:eol-style = native trunk/CHANGES trunk/debian/changelog * Described changes for 1.08.1 release. trunk/debian/control * New maintainer: Scott Kitterman <scott@kitterman.com> * Priority: extra (was: optional) * Removed Build-Depends-Indep: perl, as there really is no need for it. * Depends: libversion-perl trunk/debian/copyright * Updated for 1.08.1 release.
This commit is contained in:
Julian Mehnle
parent
292876bc36
commit
01e939ac3d
7 changed files with 130 additions and 88 deletions
|
|
@ -3,9 +3,9 @@
|
|||
# postfix-policyd-spf-perl
|
||||
# http://www.openspf.org/source/software/postfix-policyd-spf-perl/
|
||||
# version 1.08
|
||||
# $Id: postfix-policyd-spf 147 2006-03-14 21:51:58Z julian $
|
||||
# $Id$
|
||||
|
||||
our $VERSION = '1.08';
|
||||
use version; our $VERSION = qv('1.08.1');
|
||||
|
||||
use strict;
|
||||
|
||||
|
|
@ -44,10 +44,10 @@ my $syslog_ident = "postfix/policy-spf";
|
|||
# Log an error and abort.
|
||||
#
|
||||
sub fatal_exit {
|
||||
syslog(err => "fatal_exit: @_");
|
||||
syslog(warning => "fatal_exit: @_");
|
||||
syslog(info => "fatal_exit: @_");
|
||||
die "fatal: @_";
|
||||
syslog(err => "fatal_exit: @_");
|
||||
syslog(warning => "fatal_exit: @_");
|
||||
syslog(info => "fatal_exit: @_");
|
||||
die "fatal: @_";
|
||||
}
|
||||
|
||||
#
|
||||
|
|
@ -71,92 +71,98 @@ openlog $syslog_ident, $syslog_options, $syslog_facility;
|
|||
#
|
||||
my %attr;
|
||||
while (<STDIN>) {
|
||||
chomp;
|
||||
if (/=/) { my ($k, $v) = split (/=/, $_, 2); $attr{$k} = $v; next }
|
||||
elsif (length) { syslog(warning => sprintf("warning: ignoring garbage: %.100s", $_)); next; }
|
||||
|
||||
if ($VERBOSE) {
|
||||
for (sort keys %attr) {
|
||||
syslog(debug => "Attribute: %s=%s", $_, $attr{$_});
|
||||
chomp;
|
||||
if (/=/) { my ($k, $v) = split (/=/, $_, 2); $attr{$k} = $v; next }
|
||||
elsif (length) { syslog(warning => sprintf("warning: ignoring garbage: %.100s", $_)); next; }
|
||||
|
||||
if ($VERBOSE) {
|
||||
for (sort keys %attr) {
|
||||
syslog(debug => "Attribute: %s=%s", $_, $attr{$_});
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fatal_exit ("unrecognized request type: '$attr{request}'") unless $attr{request} eq "smtpd_access_policy";
|
||||
|
||||
my $action = $DEFAULT_RESPONSE;
|
||||
my %responses;
|
||||
foreach my $handler (@HANDLERS) {
|
||||
no strict 'refs';
|
||||
my $response = $handler->(attr=>\%attr);
|
||||
syslog(debug => "handler %s: %s", $handler, $response);
|
||||
if ($response and $response !~ /^dunno/i) {
|
||||
syslog(info => "handler %s: %s is decisive.", $handler, $response);
|
||||
$action = $response; last;
|
||||
|
||||
fatal_exit("unrecognized request type: '$attr{request}'") unless $attr{request} eq "smtpd_access_policy";
|
||||
|
||||
my $action = $DEFAULT_RESPONSE;
|
||||
my %responses;
|
||||
foreach my $handler (@HANDLERS) {
|
||||
no strict 'refs';
|
||||
my $response = $handler->(attr=>\%attr);
|
||||
syslog(debug => "handler %s: %s", $handler, $response);
|
||||
if ($response and $response !~ /^dunno/i) {
|
||||
syslog(info => "handler %s: %s is decisive.", $handler, $response);
|
||||
$action = $response; last;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
syslog(info => "decided action=%s", $action);
|
||||
|
||||
print STDOUT "action=$action\n\n";
|
||||
%attr = ();
|
||||
|
||||
syslog(info => "decided action=%s", $action);
|
||||
|
||||
print STDOUT "action=$action\n\n";
|
||||
%attr = ();
|
||||
}
|
||||
|
||||
# ----------------------------------------------------------
|
||||
# plugin: SPF
|
||||
# ----------------------------------------------------------
|
||||
sub sender_permitted_from {
|
||||
local %_ = @_;
|
||||
my %attr = %{ $_{attr} };
|
||||
|
||||
my $query = eval { new Mail::SPF::Query (ip =>$attr{client_address},
|
||||
sender=>$attr{sender},
|
||||
helo =>$attr{helo_name}) };
|
||||
if ($@) {
|
||||
syslog(info => "%s: Mail::SPF::Query->new(%s, %s, %s) failed: %s",
|
||||
$attr{queue_id}, $attr{client_address}, $attr{sender}, $attr{helo_name}, $@);
|
||||
return "DUNNO";
|
||||
}
|
||||
my ($result, $smtp_comment, $header_comment) = $query->result();
|
||||
|
||||
syslog(info => "%s: SPF %s: smtp_comment=%s, header_comment=%s",
|
||||
$attr{queue_id}, $result, $smtp_comment, $header_comment);
|
||||
|
||||
if ($result eq "fail") { return "REJECT $smtp_comment"; }
|
||||
elsif ($result eq "error") { return "DEFER_IF_PERMIT $smtp_comment"; }
|
||||
else { return "PREPEND Received-SPF: $result ($header_comment)"; }
|
||||
local %_ = @_;
|
||||
my %attr = %{ $_{attr} };
|
||||
|
||||
my $query = eval {
|
||||
Mail::SPF::Query->new(
|
||||
ip => $attr{client_address},
|
||||
sender => $attr{sender},
|
||||
helo => $attr{helo_name}
|
||||
)
|
||||
};
|
||||
if ($@) {
|
||||
syslog(
|
||||
info => "%s: Mail::SPF::Query->new(%s, %s, %s) failed: %s",
|
||||
$attr{queue_id}, $attr{client_address}, $attr{sender}, $attr{helo_name}, $@
|
||||
);
|
||||
return "DUNNO";
|
||||
}
|
||||
my ($result, $smtp_comment, $header_comment) = $query->result();
|
||||
|
||||
syslog(
|
||||
info => "%s: SPF %s: smtp_comment=%s, header_comment=%s",
|
||||
$attr{queue_id}, $result, $smtp_comment, $header_comment
|
||||
);
|
||||
|
||||
if ($result eq "fail") { return "REJECT $smtp_comment"; }
|
||||
elsif ($result eq "error") { return "DEFER_IF_PERMIT $smtp_comment"; }
|
||||
else { return "PREPEND Received-SPF: $result ($header_comment)"; }
|
||||
}
|
||||
|
||||
# ----------------------------------------------------------
|
||||
# plugin: testing
|
||||
# ----------------------------------------------------------
|
||||
sub testing {
|
||||
local %_ = @_;
|
||||
my %attr = %{ $_{attr} };
|
||||
|
||||
if (lc address_stripped($attr{sender}) eq
|
||||
lc address_stripped($attr{recipient})
|
||||
and
|
||||
$attr{recipient} =~ /policyblock/) {
|
||||
|
||||
syslog(info => "%s: testing: will block as requested", $attr{queue_id});
|
||||
return "REJECT smtpd-policy blocking $attr{recipient}";
|
||||
}
|
||||
else {
|
||||
syslog(info => "%s: testing: stripped sender=%s, stripped rcpt=%s",
|
||||
$attr{queue_id},
|
||||
address_stripped($attr{sender}),
|
||||
address_stripped($attr{recipient}),
|
||||
);
|
||||
local %_ = @_;
|
||||
my %attr = %{ $_{attr} };
|
||||
|
||||
}
|
||||
return "DUNNO";
|
||||
if (
|
||||
lc(address_stripped($attr{sender})) eq lc(address_stripped($attr{recipient})) and
|
||||
$attr{recipient} =~ /policyblock/
|
||||
) {
|
||||
|
||||
syslog(info => "%s: testing: will block as requested", $attr{queue_id});
|
||||
return "REJECT smtpd-policy blocking $attr{recipient}";
|
||||
}
|
||||
else {
|
||||
syslog(
|
||||
info => "%s: testing: stripped sender=%s, stripped rcpt=%s",
|
||||
$attr{queue_id},
|
||||
address_stripped($attr{sender}),
|
||||
address_stripped($attr{recipient}),
|
||||
);
|
||||
}
|
||||
return "DUNNO";
|
||||
}
|
||||
|
||||
# my $foo = address_stripped('foo+bar@baz.com'); # returns 'foo@baz.com'
|
||||
sub address_stripped {
|
||||
# my $foo = localpart_lhs('foo+bar@baz.com'); # returns 'foo@baz.com'
|
||||
my $string = shift;
|
||||
for ($string) {
|
||||
s/[+-].*\@/\@/;
|
||||
}
|
||||
return $string;
|
||||
my $string = shift;
|
||||
$string =~ s/[+-].*\@/\@/;
|
||||
return $string;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue