Doc update.
Parse From header for delayed failure detection. Don't check reputation of trusted host. Track IP reputation only when missing PTR.
This commit is contained in:
Stuart Gathman
@@ -1,5 +1,13 @@
|
|||||||
|
Need to exclude robot users from autowhitelist. Don't want to have to
|
||||||
|
list all users, so implement something like !*-admin@bmsi.com,@bmsi.com.
|
||||||
|
|
||||||
Feedback from user training is ignored because UMIS has already been
|
Milter won't start when a whitelist/blacklist file is missing.
|
||||||
|
|
||||||
|
Milter won't start when it can't change permissions on *.lock to match
|
||||||
|
*.log. Should maybe ignore that error - the effect will be to set
|
||||||
|
the permissions to default.
|
||||||
|
|
||||||
|
GOSSiP feedback from user training is ignored because UMIS has already been
|
||||||
removed from queue. Maybe keep UMIS in queue, and add method to
|
removed from queue. Maybe keep UMIS in queue, and add method to
|
||||||
alter last feedback for ID.
|
alter last feedback for ID.
|
||||||
|
|
||||||
@@ -145,6 +153,8 @@ Need a test module to feed sample messages to a milter though a live
|
|||||||
sendmail and SMTP. The mockup currently used is probably not very accurate,
|
sendmail and SMTP. The mockup currently used is probably not very accurate,
|
||||||
and doesn't test the threading code.
|
and doesn't test the threading code.
|
||||||
|
|
||||||
|
DONE Delayed failure detection should parse From header to find email address.
|
||||||
|
|
||||||
DONE When bms.py can't find templates, it passes None to dsn.create_msg(),
|
DONE When bms.py can't find templates, it passes None to dsn.create_msg(),
|
||||||
which uses local variable as backup, which no longer exist. Do plain
|
which uses local variable as backup, which no longer exist. Do plain
|
||||||
CBV in that case instead.
|
CBV in that case instead.
|
||||||
|
|||||||
@@ -1,6 +1,10 @@
|
|||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
# A simple milter that has grown quite a bit.
|
# A simple milter that has grown quite a bit.
|
||||||
# $Log$
|
# $Log$
|
||||||
|
# Revision 1.86 2007/01/16 05:17:29 customdesigned
|
||||||
|
# REJECT after data for blacklisted emails - so in case of mistakes, a
|
||||||
|
# legitimate sender will know what happened.
|
||||||
|
#
|
||||||
# Revision 1.85 2007/01/11 04:31:26 customdesigned
|
# Revision 1.85 2007/01/11 04:31:26 customdesigned
|
||||||
# Negative feedback for bad headers. Purge cache logs on startup.
|
# Negative feedback for bad headers. Purge cache logs on startup.
|
||||||
#
|
#
|
||||||
@@ -77,7 +81,7 @@ from Milter.config import MilterConfigParser
|
|||||||
|
|
||||||
from fnmatch import fnmatchcase
|
from fnmatch import fnmatchcase
|
||||||
from email.Header import decode_header
|
from email.Header import decode_header
|
||||||
from email.Utils import getaddresses
|
from email.Utils import getaddresses,parseaddr
|
||||||
|
|
||||||
# Import gossip if available
|
# Import gossip if available
|
||||||
try:
|
try:
|
||||||
@@ -108,6 +112,7 @@ subjpats = (
|
|||||||
r'^undeliver',
|
r'^undeliver',
|
||||||
r'^delivery\b.*\bfail',
|
r'^delivery\b.*\bfail',
|
||||||
r'^delivery problem',
|
r'^delivery problem',
|
||||||
|
r'\bnot\bbe\bdelivered',
|
||||||
r'\buser unknown\b',
|
r'\buser unknown\b',
|
||||||
r'^failed',
|
r'^failed',
|
||||||
r'^echec de distribution',
|
r'^echec de distribution',
|
||||||
@@ -674,7 +679,7 @@ class bmsMilter(Milter.Milter):
|
|||||||
else:
|
else:
|
||||||
global gossip
|
global gossip
|
||||||
if gossip and domain and rc == Milter.CONTINUE \
|
if gossip and domain and rc == Milter.CONTINUE \
|
||||||
and not self.internal_connection:
|
and not (self.internal_connection or self.trusted_relay):
|
||||||
if self.spf and self.spf.result == 'pass':
|
if self.spf and self.spf.result == 'pass':
|
||||||
qual = 'SPF'
|
qual = 'SPF'
|
||||||
elif res == 'pass':
|
elif res == 'pass':
|
||||||
@@ -682,6 +687,9 @@ class bmsMilter(Milter.Milter):
|
|||||||
elif hres == 'pass':
|
elif hres == 'pass':
|
||||||
qual = 'HELO'
|
qual = 'HELO'
|
||||||
domain = self.spf.h
|
domain = self.spf.h
|
||||||
|
elif self.missing_ptr and self.spf.result == 'none':
|
||||||
|
qual = 'IP'
|
||||||
|
domain = self.connectip
|
||||||
else:
|
else:
|
||||||
qual = self.connectip
|
qual = self.connectip
|
||||||
try:
|
try:
|
||||||
@@ -976,11 +984,13 @@ class bmsMilter(Milter.Milter):
|
|||||||
# if confirmed by finding our signed Message-ID,
|
# if confirmed by finding our signed Message-ID,
|
||||||
# original sender (encoded in Message-ID) is blacklisted
|
# original sender (encoded in Message-ID) is blacklisted
|
||||||
|
|
||||||
elif lname == 'from' and val.lower().startswith('postmaster@'):
|
elif lname == 'from':
|
||||||
# Yes, if From header comes last, this might not help much.
|
name,email = parseaddr(val)
|
||||||
# But this is a heuristic - if MTAs would send proper DSNs in
|
if email.lower().startswith('postmaster@'):
|
||||||
# the first place, none of this would be needed.
|
# Yes, if From header comes last, this might not help much.
|
||||||
self.is_bounce = True
|
# But this is a heuristic - if MTAs would send proper DSNs in
|
||||||
|
# the first place, none of this would be needed.
|
||||||
|
self.is_bounce = True
|
||||||
|
|
||||||
# check for invalid message id
|
# check for invalid message id
|
||||||
elif lname == 'message-id' and len(val) < 4:
|
elif lname == 'message-id' and len(val) < 4:
|
||||||
|
|||||||
@@ -13,6 +13,13 @@ Title: Python Milter FAQ
|
|||||||
|
|
||||||
<h3> <a name="compiling">Compiling Python Milter </a> </h3>
|
<h3> <a name="compiling">Compiling Python Milter </a> </h3>
|
||||||
|
|
||||||
|
<li> Q. I have tried to download the current milter code and my virus scan
|
||||||
|
traps several viruses in the download.
|
||||||
|
<p> A. The milter source includes a number of deactivated viruses in
|
||||||
|
the test directory. All but the first and last lines of the base64
|
||||||
|
encoded virus data has been removed. I suppose I should randomize
|
||||||
|
the first and last lines as well, since pymilter just deletes executables,
|
||||||
|
and doesn't look for signatures.
|
||||||
<li> Q. I have installed sendmail from source, but Python milter won't
|
<li> Q. I have installed sendmail from source, but Python milter won't
|
||||||
compile.
|
compile.
|
||||||
<p> A. Even though libmilter is officially supported in sendmail-8.12,
|
<p> A. Even though libmilter is officially supported in sendmail-8.12,
|
||||||
|
|||||||
@@ -17,5 +17,6 @@
|
|||||||
<li><a href="http://www.openspf.org/">SPF</a>
|
<li><a href="http://www.openspf.org/">SPF</a>
|
||||||
<li><a href="pysrs.html">pysrs</a>
|
<li><a href="pysrs.html">pysrs</a>
|
||||||
<li><a href="http://cheeseshop.python.org/pypi/pyspf">pyspf</a>
|
<li><a href="http://cheeseshop.python.org/pypi/pyspf">pyspf</a>
|
||||||
|
<li><a href="http://bmsi.com/python/pygossip.html">pygossip</a>
|
||||||
<li><a href="http://bmsi.com/python/dspam.html">pydspam</a>
|
<li><a href="http://bmsi.com/python/dspam.html">pydspam</a>
|
||||||
<li><a href="http://bmsi.com/libdspam/dspam.html">libdspam</a>
|
<li><a href="http://bmsi.com/libdspam/dspam.html">libdspam</a>
|
||||||
|
|||||||
Reference in New Issue
Block a user