[Mimedefang] MIMEDefang 2.72-BETA-1 is available
Philip Prindeville
philipp_subx at redfish-solutions.com
Wed Nov 3 01:25:34 EDT 2010
On 11/2/10 12:40 PM, David F. Skoll wrote:
> On Tue, 02 Nov 2010 12:28:01 -0700
> Philip Prindeville<philipp_subx at redfish-solutions.com> wrote:
>
>> "I will look into making the 4-tuple available, then. I guess it
>> makes sense."
>> What 4-tuple were you talking about?
> I guess I mis-wrote. I meant making the client port available.
> As for the server port, it's too difficult to pass that in at
> filter_connect time.
>
> Regards,
>
> David.
I'm trying the following patch with Sendmail and it works fine, so I'm not sure what you mean when you say "it's too difficult".
Ok, if we can't pass in the server port, can we at least pass in {daemon_name} as kd6lvw suggested?
-------------- next part --------------
--- mimedefang-2.72-BETA-1/mimedefang.c.ports 2010-10-12 11:27:39.000000000 -0600
+++ mimedefang-2.72-BETA-1/mimedefang.c 2010-11-02 23:11:56.000000000 -0600
@@ -162,7 +162,7 @@ static char *StandardSendmailMacros[] =
"_", "auth_authen", "auth_author", "auth_ssf", "auth_type",
"cert_issuer", "cert_subject", "cipher", "cipher_bits", "daemon_name",
"i", "if_addr", "if_name", "j", "mail_addr", "mail_host", "mail_mailer",
- "tls_version", "verify",
+ "tls_version", "verify", "daemon_port",
/* End of macros MUST be marked with NULL! */
NULL
};
@@ -172,6 +172,7 @@ struct privdata {
char *hostname; /* Name of connecting host */
char *hostip; /* IP address of connecting host */
unsigned int hostport; /* Port of connecting host */
+ unsigned int myport; /* My port number, from Sendmail macro */
char *myip; /* My IP address, from Sendmail macro */
char *sender; /* Envelope sender */
char *firstRecip; /* Address of first recipient */
@@ -500,6 +501,8 @@ mfconnect(SMFICTX *ctx, char *hostname,
#if defined(AF_INET6) && defined(HAVE_INET_NTOP)
struct sockaddr_in6 *in6sa = (struct sockaddr_in6 *) sa;
#endif
+ char *me;
+ unsigned int u;
DEBUG_ENTER("mfconnect");
@@ -553,6 +556,7 @@ mfconnect(SMFICTX *ctx, char *hostname,
data->hostip = NULL;
data->hostport = 0;
data->myip = NULL;
+ data->myport = 0;
data->sender = NULL;
data->firstRecip = NULL;
data->dir = NULL;
@@ -667,6 +671,23 @@ mfconnect(SMFICTX *ctx, char *hostname,
strcpy(data->hostip, "127.0.0.1");
}
+ /* Get my IP address */
+ me = smfi_getsymval(ctx, "{if_addr}");
+ if (me && *me && MyIPAddress && !strcmp(me, MyIPAddress)) {
+ data->myip = MyIPAddress;
+ } else if (me && *me && strcmp(me, "127.0.0.1")) {
+ data->myip = strdup_with_log(me);
+ } else {
+ /* Sigh... use our computed address */
+ data->myip = MyIPAddress;
+ }
+
+ /* get our local port */
+ me = smfi_getsymval(ctx, "{daemon_port}");
+ if (me && *me && (sscanf(me, "%u", &u) == 1)) {
+ data->myport = u;
+ }
+
data->dir = NULL;
data->fd = -1;
data->headerFD = -1;
@@ -677,7 +698,8 @@ mfconnect(SMFICTX *ctx, char *hostname,
if (doRelayCheck) {
char buf2[SMALLBUF];
int n = MXRelayOK(MultiplexorSocketName, buf2, data->hostip,
- data->hostname, data->hostport);
+ data->hostname, data->hostport,
+ data->myip, data->myport);
if (n == MD_REJECT) {
/* Can't call smfi_setreply from connect callback */
/* set_dsn(ctx, buf2, 5); */
@@ -740,7 +762,8 @@ helo(SMFICTX *ctx, char *helohost)
if (doHeloCheck) {
char buf2[SMALLBUF];
int n = MXHeloOK(MultiplexorSocketName, buf2, data->hostip,
- data->hostname, data->heloArg, data->hostport);
+ data->hostname, data->heloArg, data->hostport,
+ data->myip, data->myport);
if (n == MD_REJECT) {
set_dsn(ctx, buf2, 5);
cleanup(ctx);
@@ -793,7 +816,6 @@ envfrom(SMFICTX *ctx, char **from)
char buffer[SMALLBUF];
char buf2[SMALLBUF];
char *queueid;
- char *me;
char **macro;
dynamic_buffer dbuf;
@@ -937,12 +959,6 @@ envfrom(SMFICTX *ctx, char **from)
append_macro_value(&dbuf, ctx, AdditionalMacros[i]);
}
- /* Clear out any old myip address */
- if (data->myip && (data->myip != MyIPAddress)) {
- free(data->myip);
- data->myip = NULL;
- }
-
if (queueid) {
append_mx_command(&dbuf, 'Q', queueid);
data->qid_written = 1;
@@ -976,18 +992,6 @@ envfrom(SMFICTX *ctx, char **from)
data->cmdFD = put_fd(data->cmdFD);
- /* Get my IP address */
- me = smfi_getsymval(ctx, "{if_addr}");
- if (me && *me && MyIPAddress && !strcmp(me, MyIPAddress)) {
- data->myip = MyIPAddress;
- } else if (me && *me && strcmp(me, "127.0.0.1")) {
- data->myip = strdup_with_log(me);
- } else {
- /* Sigh... use our computed address */
- data->myip = MyIPAddress;
- }
-
-
if (doSenderCheck) {
int n = MXSenderOK(MultiplexorSocketName, buf2,
(char const **) from, data->hostip, data->hostname,
--- mimedefang-2.72-BETA-1/utils.c.ports 2010-10-12 11:26:42.000000000 -0600
+++ mimedefang-2.72-BETA-1/utils.c 2010-11-02 23:11:00.000000000 -0600
@@ -548,6 +548,8 @@ munch_mx_return(char *ans, char *msg)
* ip -- relay IP address
* name -- relay name
* port -- client port number
+* myip -- server IP address
+* myport -- server port number
* %RETURNS:
* 1 if it's OK to accept connections from this host; 0 if not, -1 if error.
* If connection is rejected, error message *may* be set.
@@ -557,21 +559,25 @@ MXRelayOK(char const *sockname,
char *msg,
char const *ip,
char const *name,
- unsigned int port)
+ unsigned int port,
+ char const *myip,
+ unsigned int myport)
{
char cmd[SMALLBUF];
char ans[SMALLBUF];
+ char ans2[SMALLBUF];
*msg = 0;
snprintf(ans, sizeof(ans), "%u", port);
+ snprintf(ans2, sizeof(ans2), "%u", myport);
if (!ip || !*ip) {
ip = "UNKNOWN";
}
if (!name || !*name) {
name = ip;
}
- if (percent_encode_command(1, cmd, sizeof(cmd), "relayok", ip, name, ans, NULL) < 0) {
+ if (percent_encode_command(1, cmd, sizeof(cmd), "relayok", ip, name, ans, myip, ans2, NULL) < 0) {
return MD_TEMPFAIL;
}
if (MXCommand(sockname, cmd, ans, SMALLBUF-1) < 0) return MD_TEMPFAIL;
@@ -587,6 +593,8 @@ MXRelayOK(char const *sockname,
* name -- resolved name of client
* helo -- the helo string
* port -- client port number
+* myip -- IP address of server
+* myport -- server port number
* %RETURNS:
* 1 if it's OK to accept messages from this sender; 0 if not, -1 if error or
* we should tempfail.
@@ -597,10 +605,13 @@ MXHeloOK(char const *sockname,
char const *ip,
char const *name,
char const *helo,
- unsigned int port)
+ unsigned int port,
+ char const *myip,
+ unsigned int myport)
{
char cmd[SMALLBUF];
char ans[SMALLBUF];
+ char ans2[SMALLBUF];
*msg = 0;
@@ -614,8 +625,9 @@ MXHeloOK(char const *sockname,
helo = "UNKNOWN";
}
snprintf(ans, sizeof(ans), "%u", port);
+ snprintf(ans2, sizeof(ans2), "%u", myport);
- if (percent_encode_command(1, cmd, sizeof(cmd), "helook", ip, name, helo, ans, NULL) < 0) {
+ if (percent_encode_command(1, cmd, sizeof(cmd), "helook", ip, name, helo, ans, myip, ans2, NULL) < 0) {
return MD_TEMPFAIL;
}
if (MXCommand(sockname, cmd, ans, SMALLBUF-1) < 0) return MD_TEMPFAIL;
--- mimedefang-2.72-BETA-1/mimedefang.pl.in.ports 2010-10-14 10:08:39.000000000 -0600
+++ mimedefang-2.72-BETA-1/mimedefang.pl.in 2010-11-02 23:11:00.000000000 -0600
@@ -38,6 +38,7 @@ use vars qw($AddWarningsInline @StatusTa
$QuarantineSubdir $QueueID $MsgID $MIMEDefangID
$RelayAddr $RelayPort $WasResent $RelayHostname
$RealRelayAddr $RealRelayHostname
+ $OurAddr $OurPort
$ReplacementEntity $Sender $ServerMode $Subject $SubjectCount
$ClamdSock $SophieSock $TrophieSock
$SuspiciousCharsInHeaders
@@ -5636,20 +5637,24 @@ sub do_main_loop () {
next;
}
- if ($_ =~ /^relayok (\S*)\s+(\S*)\s+(\S*)/) {
+ if ($_ =~ /^relayok (\S*)\s+(\S*)\s+(\S*)\s+(\S*)\s+(\S*)/) {
$RelayAddr = percent_decode($1);
$RelayHostname = percent_decode($2);
$RelayPort = percent_decode($3);
- relay_ok($RelayAddr, $RelayHostname, $RelayPort);
+ $OurAddr = percent_decode($4);
+ $OurPort = percent_decode($5);
+ relay_ok($RelayAddr, $RelayHostname, $RelayPort, $OurAddr, $OurPort);
chdir($Features{'Path:SPOOLDIR'});
next;
}
- if ($_ =~ /^helook (\S*)\s+(\S*)\s+(\S*)\s+(\S*)/) {
+ if ($_ =~ /^helook (\S*)\s+(\S*)\s+(\S*)\s+(\S*)\s+(\S*)\s+(\S*)/) {
$RelayAddr = percent_decode($1);
$RelayHostname = percent_decode($2);
$Helo = percent_decode($3);
$RelayPort = percent_decode($4);
- helo_ok($RelayAddr, $RelayHostname, $Helo, $RelayPort);
+ $OurAddr = percent_decode($5);
+ $OurPort = percent_decode($6);
+ helo_ok($RelayAddr, $RelayHostname, $Helo, $RelayPort, $OurAddr, $OurPort);
chdir($Features{'Path:SPOOLDIR'});
next;
}
@@ -5775,12 +5780,15 @@ sub init_globals () {
$MsgID = "NOQUEUE";
$MessageID = "NOQUEUE";
$Helo = "";
+ $OurAddr = "";
+ $OurPort = 0;
$QueueID = "NOQUEUE";
$QuarantineCount = 0;
$Rebuild = 0;
$EntireMessageQuarantined = 0;
$QuarantineSubdir = "";
$RelayAddr = "";
+ $RelayPort = 0;
$RealRelayAddr = "";
$WasResent = 0;
$RelayHostname = "";
@@ -6926,18 +6934,20 @@ sub send_filter_answer ($$$$;$$$) {
# hostip -- IP address of relay host
# hostname -- name of relay host
# port -- port number of connecting host
+# myip -- IP address of server
+# myport -- port number of server
# %RETURNS:
# Nothing, but prints "ok 1" if we accept connection, "ok 0" if not.
#***********************************************************************
-sub relay_ok ($$$) {
- my($hostip, $hostname, $port) = @_;
+sub relay_ok ($$$$$) {
+ my($hostip, $hostname, $port, $myip, $myport) = @_;
if (!defined(&filter_relay)) {
send_filter_answer('CONTINUE', "ok",
"filter_relay", "host $hostip ($hostname)");
return;
}
- my($ok, $msg, $code, $dsn, $delay) = filter_relay($hostip, $hostname, $port);
+ my($ok, $msg, $code, $dsn, $delay) = filter_relay($hostip, $hostname, $port, $myip, $myport);
send_filter_answer($ok, $msg, "filter_relay", "host $hostip ($hostname)", $code, $dsn, $delay);
}
@@ -6948,19 +6958,21 @@ sub relay_ok ($$$) {
# name -- name of relay host
# helo -- arg to SMTP HELO command
# port -- client port number
+# myip -- IP address of server
+# myport -- server port number
# %RETURNS:
# Nothing, but prints "ok 1" if we accept connections from this host.
# "ok 0" if not.
#***********************************************************************
-sub helo_ok ($$$$) {
- my($ip, $name, $helo, $port) = @_;
+sub helo_ok ($$$$$$) {
+ my($ip, $name, $helo, $port, $myip, $myport) = @_;
if (!defined(&filter_helo)) {
send_filter_answer('CONTINUE', "ok",
"filter_helo", "helo $helo");
return;
}
- my($ok, $msg, $code, $dsn, $delay) = filter_helo($ip, $name, $helo, $port);
+ my($ok, $msg, $code, $dsn, $delay) = filter_helo($ip, $name, $helo, $port, $myip, $myport);
send_filter_answer($ok, $msg, "filter_helo", "helo $helo",
$code, $dsn, $delay);
}
--- mimedefang-2.72-BETA-1/mimedefang.h.ports 2010-10-12 11:27:06.000000000 -0600
+++ mimedefang-2.72-BETA-1/mimedefang.h 2010-11-02 23:11:00.000000000 -0600
@@ -29,10 +29,11 @@ extern int MXCheckFreeSlaves(char const
extern int MXScanDir(char const *sockname, char const *dir);
extern int MXCommand(char const *sockname, char const *cmd, char *buf, int len);
extern int MXRelayOK(char const *sockname, char *msg,
- char const *ip, char const *name, unsigned int port);
+ char const *ip, char const *name, unsigned int port,
+ char const *myip, unsigned int myport);
extern int MXHeloOK(char const *sockname, char *msg,
char const *helo, char const *ip, char const *name,
- unsigned int port);
+ unsigned int port, char const *myip, unsigned int myport);
extern int MXSenderOK(char const *sockname, char *msg,
char const **sender_argv, char const *ip, char const *name,
char const *helo, char const *dir, char const *qid, unsigned int port);
More information about the MIMEDefang
mailing list