DandelionNStuff/pymilter
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Simple implementation of trusted_forwarder list. Inefficient for

Browse Source 
more than 1 or 2 entries.
This commit is contained in:
Stuart Gathman
2005-10-31 00:09:41 +00:00
parent a0878320fa
commit ba5854fc91
2 changed files with 23 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
bms.py
+13
View File
@@ -1,6 +1,9 @@
#!/usr/bin/env python #!/usr/bin/env python
# A simple milter that has grown quite a bit. # A simple milter that has grown quite a bit.
# $Log$ # $Log$
# Revision 1.38 2005/10/28 19:36:54 customdesigned
# Don't check internal_domains for trusted_relay.
#
# Revision 1.37 2005/10/28 09:30:49 customdesigned # Revision 1.37 2005/10/28 09:30:49 customdesigned
# Do not send quarantine DSN when sender is DSN. # Do not send quarantine DSN when sender is DSN.
# #
@@ -352,6 +355,7 @@ scan_html = True
scan_rfc822 = True scan_rfc822 = True
internal_connect = () internal_connect = ()
trusted_relay = () trusted_relay = ()
trusted_forwarder = ()
internal_domains = () internal_domains = ()
banned_users = () banned_users = ()
hello_blacklist = () hello_blacklist = ()
@@ -526,6 +530,7 @@ def read_config(list):
# spf section # spf section
global spf_reject_neutral,spf_best_guess,SRS,spf_reject_noptr global spf_reject_neutral,spf_best_guess,SRS,spf_reject_noptr
global spf_accept_softfail,spf_accept_fail,supply_sender,access_file global spf_accept_softfail,spf_accept_fail,supply_sender,access_file
global trusted_forwarder
if spf: if spf:
spf.DELEGATE = cp.getdefault('spf','delegate') spf.DELEGATE = cp.getdefault('spf','delegate')
spf_reject_neutral = cp.getlist('spf','reject_neutral') spf_reject_neutral = cp.getlist('spf','reject_neutral')
@@ -535,6 +540,7 @@ def read_config(list):
spf_reject_noptr = cp.getboolean('spf','reject_noptr') spf_reject_noptr = cp.getboolean('spf','reject_noptr')
supply_sender = cp.getboolean('spf','supply_sender') supply_sender = cp.getboolean('spf','supply_sender')
access_file = cp.getdefault('spf','access_file') access_file = cp.getdefault('spf','access_file')
trusted_forwarder = cp.getlist('spf','trusted_forwarder')
srs_config = cp.getdefault('srs','config') srs_config = cp.getdefault('srs','config')
if srs_config: cp.read([srs_config]) if srs_config: cp.read([srs_config])
srs_secret = cp.getdefault('srs','secret') srs_secret = cp.getdefault('srs','secret')
@@ -928,6 +934,13 @@ class bmsMilter(Milter.Milter):
def check_spf(self): def check_spf(self):
receiver = self.receiver receiver = self.receiver
for tf in trusted_forwarder:
q = spf.query(self.connectip,'',tf,receiver=receiver,strict=False)
res,code,txt = q.check()
if res == 'pass':
self.log("TRUSTED_FORWARDER:",tf)
break
else:
q = spf.query(self.connectip,self.canon_from,self.hello_name, q = spf.query(self.connectip,self.canon_from,self.hello_name,
receiver=receiver,strict=False) receiver=receiver,strict=False)
q.set_default_explanation( q.set_default_explanation(
milter.cfg
+5
View File
@@ -99,6 +99,11 @@ reject_spoofed = 0
# doesn't match MAIL FROM. Outlook and other email clients will then display # doesn't match MAIL FROM. Outlook and other email clients will then display
# something like: "Sent by sender@domain.com on behalf of from@example.com" # something like: "Sent by sender@domain.com on behalf of from@example.com"
;supply_sender = 0 ;supply_sender = 0
# Connections that get an SPF pass for a pretend MAIL FROM of
# postmaster@sometrustedforwarder.com skip SPF checks for the real MAIL FROM.
# This is for non-SRS forwarders. It is a simple implementation that
# is inefficient for more than a few entries.
;trusted_forwarder = careerbuilder.com
# features intended to clean up outgoing mail # features intended to clean up outgoing mail
[scrub] [scrub]