Re: [Mimedefang] Adding filter_helo support

Tue, 17 Jan 2006 18:48:07 -0800 

Seems to be working:
Jan 17 08:10:01 mail sendmail[24471]: NOQUEUE: connect from san-cust-208.57.14.2.mpowercom.net [208.57.14.2] Jan 17 08:10:01 mail sendmail[24471]: AUTH: available mech=DIGEST-MD5 ANONYMOUS 
CRAM-MD5, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
Jan 17 08:10:01 mail sendmail[24471]: k0HFA1UP024471: Milter (mimdefang): init success to negotiate Jan 17 08:10:01 mail sendmail[24471]: k0HFA1UP024471: Milter: connect to filtersJan 17 08:10:01 mail mimedefang.pl[23065]: relay: 208.57.14.2, san-cust-208.57.14.2.mpowercom.net Jan 17 08:10:01 mail mimedefang.pl[23065]: relay: matches 0.0.0.0/0 (CONTINUE: OK) Jan 17 08:10:01 mail mimedefang.pl[23065]: helo: san-cust-208.57.14.2.mpowercom.net (208.57.14.2) said "helo 10.0.0.36" 
Jan 17 08:10:01 mail mimedefang.pl[23065]: no brackets: 10.0.0.36
Jan 17 08:10:01 mail mimedefang.pl[23065]: filter_helo rejected helo 10.0.0.36 Jan 17 08:10:01 mail sendmail[24471]: k0HFA1UP024471: milter=mimdefang, action=helo, reject Jan 17 08:10:01 mail sendmail[24471]: k0HFA1UP024471: Milter: helo=10.0.0.36, reject=Command rejected 


Here's a fragment of my script:

sub filter_helo($$$) {
   my ($hostip, $hostname, $helo) = @_;

   md_syslog('info', "helo: $hostname ($hostip) said \"helo $helo\"");

   # dotted quads need to be bracketed
   if ($helo =~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/) {
       md_syslog('info', "no brackets: $helo");
       return ('REJECT', "Incorrect format for address-literal");
   }

   # ok, got the format right... now is the address correct?
   # this might be wrong if our clients are behind a NATting gateway;
   # if that's the case, we need to preface this with accepting everyone
   # whose $hostip matches a certain address or address range
   if ($helo =~ /^\[(\d{1,3})\.(\d{1,3}).(\d{1,3})\.(\d{1,3})\]$/) {
       if ($helo ne "[$hostip]") {
           md_syslog('info', "wrong ip: $hostip claims to be $helo");
           return ('REJECT',
                   "Header forgery attempt, [$hostip] claims to be $helo");
       }
   }

   # put this in explicitly, in case the test below is disabled.
   if ($helo eq 'localhost') {
       md_syslog('info', "localhost: $hostip ($hostname)");
       return ('REJECT', "Nothing local about you");
   }

   # doesn't contain any dots
   if (index($helo, '.') == -1) {
       md_syslog('info', "not fqdn: $helo");
       return ('REJECT', "Expected fully-qualified domain name");
   }

   return ('CONTINUE', "OK");
}

_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang























					Reply via email to