DandelionNStuff/pymilter
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Consider SMTP AUTH connections internal.

Browse Source
This commit is contained in:
Stuart Gathman
2005-08-11 22:17:59 +00:00
parent b0286bff22
commit f1f082fe8a
2 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
bms.py
+21
View File
@@ -1,6 +1,11 @@
#!/usr/bin/env python #!/usr/bin/env python
# A simple milter that has grown quite a bit. # A simple milter that has grown quite a bit.
# $Log$ # $Log$
# Revision 1.21 2005/08/04 21:21:31 customdesigned
# Treat fail like softfail for selected (braindead) domains.
# Treat mail according to extended processing results, but
# report any PermError that would officially result via DSN.
#
# Revision 1.20 2005/08/02 18:04:35 customdesigned # Revision 1.20 2005/08/02 18:04:35 customdesigned
# Keep screened honeypot mail, but optionally discard honeypot only mail. # Keep screened honeypot mail, but optionally discard honeypot only mail.
# #
@@ -659,6 +664,19 @@ class bmsMilter(Milter.Milter):
self.cbv_needed = None self.cbv_needed = None
t = parse_addr(f.lower()) t = parse_addr(f.lower())
self.canon_from = '@'.join(t) self.canon_from = '@'.join(t)
# Check SMTP AUTH, also available:
# auth_author (ESMTP AUTH= param)
# auth_ssf (connection security, 0 = unencrypted)
# auth_type (authentication method, CRAM-MD5, DIGEST-MD5, PLAIN, etc)
self.user = self.getsymval('{auth_authen}')
if self.user:
# any successful authentication is considered INTERNAL
self.internal_connection = True
self.log("SMTP AUTH:",self.user,
self.getsymval('{auth_type}'),'ssf =',self.getsymval('{auth_ssf}'),
"INTERNAL")
self.fp.write('From %s %s\n' % (self.canon_from,time.ctime())) self.fp.write('From %s %s\n' % (self.canon_from,time.ctime()))
if len(t) == 2: if len(t) == 2:
user,domain = t user,domain = t
@@ -1125,6 +1143,9 @@ class bmsMilter(Milter.Milter):
self.log("Large message:",len(txt)) self.log("Large message:",len(txt))
return False return False
screener = dspam_screener[self.id % len(dspam_screener)] screener = dspam_screener[self.id % len(dspam_screener)]
# FIXME: if screener is 'honeypot', classify with no quarantine.
# If spam, send DSN and reject if not accepted. Otherwise, use
# force_result to quarantine.
if not ds.check_spam(screener,txt,self.recipients, if not ds.check_spam(screener,txt,self.recipients,
classify=True,quarantine=not self.reject_spam): classify=True,quarantine=not self.reject_spam):
self.fp = None self.fp = None
milter.spec
+2 -1
View File
@@ -168,7 +168,8 @@ rm -rf $RPM_BUILD_ROOT
%changelog %changelog
* Fri Jul 15 2005 Stuart Gathman <stuart@bmsi.com> 0.8.3-1 * Fri Jul 15 2005 Stuart Gathman <stuart@bmsi.com> 0.8.3-1
- Keep screened honeypot mail, but optionally discard honeypot only mail. - Keep screened honeypot mail, but optionally discard honeypot only mail.
- spf_accept_fail option for braindead SPF senders - spf_accept_fail option for braindead SPF senders (treats fail like softfail)
- Consider SMTP AUTH connections internal.
* Fri Jul 15 2005 Stuart Gathman <stuart@bmsi.com> 0.8.2-4 * Fri Jul 15 2005 Stuart Gathman <stuart@bmsi.com> 0.8.2-4
- Limit each CNAME chain independently like PTR and MX - Limit each CNAME chain independently like PTR and MX
* Fri Jul 15 2005 Stuart Gathman <stuart@bmsi.com> 0.8.2-3 * Fri Jul 15 2005 Stuart Gathman <stuart@bmsi.com> 0.8.2-3