initial commit of file from CVS for qpsmtpd-plugins on Fri 14 Jul 16:16:54 BST 2023
This commit is contained in:
parent
a745a1705e
commit
9f87945d9a
1
.gitattributes
vendored
Normal file
1
.gitattributes
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
*.tar.gz filter=lfs diff=lfs merge=lfs -text
|
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
*.rpm
|
||||||
|
*.log
|
||||||
|
*spec-20*
|
21
Makefile
Normal file
21
Makefile
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
# Makefile for source rpm: qpsmtpd-plugins
|
||||||
|
# $Id: Makefile,v 1.1 2016/02/07 21:04:20 stephdl Exp $
|
||||||
|
NAME := qpsmtpd-plugins
|
||||||
|
SPECFILE = $(firstword $(wildcard *.spec))
|
||||||
|
|
||||||
|
define find-makefile-common
|
||||||
|
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||||
|
endef
|
||||||
|
|
||||||
|
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||||
|
|
||||||
|
ifeq ($(MAKEFILE_COMMON),)
|
||||||
|
# attept a checkout
|
||||||
|
define checkout-makefile-common
|
||||||
|
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
||||||
|
endef
|
||||||
|
|
||||||
|
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
||||||
|
endif
|
||||||
|
|
||||||
|
include $(MAKEFILE_COMMON)
|
@ -1,3 +1,11 @@
|
|||||||
# qpsmtpd-plugins
|
# qpsmtpd-plugins
|
||||||
|
|
||||||
3rd Party (Maintained by Koozali) git repo for qpsmtpd-plugins smeserver
|
3rd Party (Maintained by Koozali) git repo for qpsmtpd-plugins smeserver
|
||||||
|
|
||||||
|
## Description
|
||||||
|
|
||||||
|
<br />*This description has been generated by an LLM AI system and cannot be relied on to be fully correct.*
|
||||||
|
*Once it has been checked, then this comment will be deleted*
|
||||||
|
<br />
|
||||||
|
|
||||||
|
The qpsmtpd-plugins software package is a collection of plugins for the qpsmtpd SMTP server. These plugins provide advanced features and functionality to the qpsmtpd SMTP server, such as spam filtering, authentication, and virtual domains. It also provides an easy way to extend the server's capabilities.
|
||||||
|
194
check_goodrcptto_dos2unix.patch
Normal file
194
check_goodrcptto_dos2unix.patch
Normal file
@ -0,0 +1,194 @@
|
|||||||
|
diff -Nur -x '*.orig' -x '*.rej' qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto mezzanine_patched_qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto
|
||||||
|
--- qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto 2007-04-12 09:49:31.000000000 -0600
|
||||||
|
+++ mezzanine_patched_qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto 2007-04-12 09:49:13.000000000 -0600
|
||||||
|
@@ -1,95 +1,95 @@
|
||||||
|
-=head1 NAME
|
||||||
|
-
|
||||||
|
-check_goodrcptto
|
||||||
|
-
|
||||||
|
-=head1 DESCRIPTION
|
||||||
|
-
|
||||||
|
-This plugin denies all recipients except those in the goodrcptto config file
|
||||||
|
-(i.e. like badrcptto, but whitelisting). It supports recipient username
|
||||||
|
-extension stripping, and both domain ('@domain.com') and username (bare
|
||||||
|
-'postmaster') wildcard entries in the config file.
|
||||||
|
-
|
||||||
|
-Useful where something like check_delivery is overkill or not an option
|
||||||
|
-(e.g. relays, bastion hosts).
|
||||||
|
-
|
||||||
|
-=head1 CONFIG
|
||||||
|
-
|
||||||
|
-The following parameters can be passed to check_goodrcptto:
|
||||||
|
-
|
||||||
|
-=over 4
|
||||||
|
-
|
||||||
|
-=item extn <char>
|
||||||
|
-
|
||||||
|
-If set, check_goodrcptto does its checks using both the username as given and
|
||||||
|
-the username stripped of any extensions beginning with <char>.
|
||||||
|
-
|
||||||
|
-=item deny_note <name>
|
||||||
|
-
|
||||||
|
-If set, check_goodrcptto will set a connection note with the given name when
|
||||||
|
-denying a recipient. If <name> is of the form 'name=value', then the specified
|
||||||
|
-value will be used instead of the default '1'. If the connection note already
|
||||||
|
-exists, the value will be incremented (if numeric), instead of set.
|
||||||
|
-
|
||||||
|
-
|
||||||
|
-=back
|
||||||
|
-
|
||||||
|
-=cut
|
||||||
|
-
|
||||||
|
-my $VERSION = 0.03;
|
||||||
|
-
|
||||||
|
-sub register {
|
||||||
|
- my ($self, $qp, %arg) = @_;
|
||||||
|
- $self->register_hook("rcpt", "check_goodrcptto");
|
||||||
|
- $self->{_extn} = $arg{extn} if $arg{extn};
|
||||||
|
- $self->{_deny_note} = $arg{deny_note} if $arg{deny_note};
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-sub check_goodrcptto {
|
||||||
|
- my ($self, $transaction, $recipient) = @_;
|
||||||
|
- return (DECLINED) if $self->qp->connection->relay_client;
|
||||||
|
- $self->log(LOGINFO, "stripping '$self->{_extn}' extensions") if $self->{_extn};
|
||||||
|
- my @goodrcptto = $self->qp->config("goodrcptto") or return (DECLINED);
|
||||||
|
- my $host = lc $recipient->host;
|
||||||
|
- my $user = lc $recipient->user;
|
||||||
|
- return (DECLINED) unless $host && $user;
|
||||||
|
- # Setup users and address stripped of extensions
|
||||||
|
- my (@parts, @users, @addresses);
|
||||||
|
- my $extn = $self->{_extn};
|
||||||
|
- if ($extn) {
|
||||||
|
- @parts = split /$extn/, $user;
|
||||||
|
- foreach (0..$#parts) {
|
||||||
|
- push @users, join $extn, @parts[0..$_];
|
||||||
|
- }
|
||||||
|
- $self->log(LOGDEBUG, "address includes extn '$extn', checking users: " . (join ' ', @users));
|
||||||
|
- } else {
|
||||||
|
- push @users, $user;
|
||||||
|
- }
|
||||||
|
- @addresses = map { $_ . "@" . $host } @users;
|
||||||
|
- for my $good (@goodrcptto) {
|
||||||
|
- $good =~ s/^\s*(\S+).*/\L$1/;
|
||||||
|
- foreach (@addresses) {
|
||||||
|
- return (DECLINED) if $good eq $_;
|
||||||
|
- }
|
||||||
|
- # Allow wildcard '@domain.com' entries
|
||||||
|
- return (DECLINED) if substr($good,0,1) eq '@' && $good eq "\@$host";
|
||||||
|
- # Allow wildcard bare 'username' entries e.g. 'postmaster'
|
||||||
|
- if (index($good,'@') < 0) {
|
||||||
|
- foreach (@users) {
|
||||||
|
- return (DECLINED) if $good eq $_;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- $self->log(LOGWARN, "recipient $addresses[$#addresses] denied");
|
||||||
|
- # Set/increment the specified deny_note, if applicable
|
||||||
|
- if ($self->{_deny_note}) {
|
||||||
|
- my ($name, $value) = ($self->{_deny_note} =~ m/^([-\w]+)(?:=([\d.]+))?/);
|
||||||
|
- $value ||= 1;
|
||||||
|
- $self->qp->connection->notes($name, ($self->qp->connection->notes($name) || 0) + $value)
|
||||||
|
- if $name;
|
||||||
|
- $self->log(LOGDEBUG, "deny_note: $name=" . $self->qp->connection->notes($name));
|
||||||
|
- }
|
||||||
|
- return (DENY, "invalid recipient $addresses[$#addresses]");
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-# arch-tag: 2d2195a5-27b0-465d-a68f-f425efae2cc0
|
||||||
|
-
|
||||||
|
+=head1 NAME
|
||||||
|
+
|
||||||
|
+check_goodrcptto
|
||||||
|
+
|
||||||
|
+=head1 DESCRIPTION
|
||||||
|
+
|
||||||
|
+This plugin denies all recipients except those in the goodrcptto config file
|
||||||
|
+(i.e. like badrcptto, but whitelisting). It supports recipient username
|
||||||
|
+extension stripping, and both domain ('@domain.com') and username (bare
|
||||||
|
+'postmaster') wildcard entries in the config file.
|
||||||
|
+
|
||||||
|
+Useful where something like check_delivery is overkill or not an option
|
||||||
|
+(e.g. relays, bastion hosts).
|
||||||
|
+
|
||||||
|
+=head1 CONFIG
|
||||||
|
+
|
||||||
|
+The following parameters can be passed to check_goodrcptto:
|
||||||
|
+
|
||||||
|
+=over 4
|
||||||
|
+
|
||||||
|
+=item extn <char>
|
||||||
|
+
|
||||||
|
+If set, check_goodrcptto does its checks using both the username as given and
|
||||||
|
+the username stripped of any extensions beginning with <char>.
|
||||||
|
+
|
||||||
|
+=item deny_note <name>
|
||||||
|
+
|
||||||
|
+If set, check_goodrcptto will set a connection note with the given name when
|
||||||
|
+denying a recipient. If <name> is of the form 'name=value', then the specified
|
||||||
|
+value will be used instead of the default '1'. If the connection note already
|
||||||
|
+exists, the value will be incremented (if numeric), instead of set.
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+=back
|
||||||
|
+
|
||||||
|
+=cut
|
||||||
|
+
|
||||||
|
+my $VERSION = 0.03;
|
||||||
|
+
|
||||||
|
+sub register {
|
||||||
|
+ my ($self, $qp, %arg) = @_;
|
||||||
|
+ $self->register_hook("rcpt", "check_goodrcptto");
|
||||||
|
+ $self->{_extn} = $arg{extn} if $arg{extn};
|
||||||
|
+ $self->{_deny_note} = $arg{deny_note} if $arg{deny_note};
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+sub check_goodrcptto {
|
||||||
|
+ my ($self, $transaction, $recipient) = @_;
|
||||||
|
+ return (DECLINED) if $self->qp->connection->relay_client;
|
||||||
|
+ $self->log(LOGINFO, "stripping '$self->{_extn}' extensions") if $self->{_extn};
|
||||||
|
+ my @goodrcptto = $self->qp->config("goodrcptto") or return (DECLINED);
|
||||||
|
+ my $host = lc $recipient->host;
|
||||||
|
+ my $user = lc $recipient->user;
|
||||||
|
+ return (DECLINED) unless $host && $user;
|
||||||
|
+ # Setup users and address stripped of extensions
|
||||||
|
+ my (@parts, @users, @addresses);
|
||||||
|
+ my $extn = $self->{_extn};
|
||||||
|
+ if ($extn) {
|
||||||
|
+ @parts = split /$extn/, $user;
|
||||||
|
+ foreach (0..$#parts) {
|
||||||
|
+ push @users, join $extn, @parts[0..$_];
|
||||||
|
+ }
|
||||||
|
+ $self->log(LOGDEBUG, "address includes extn '$extn', checking users: " . (join ' ', @users));
|
||||||
|
+ } else {
|
||||||
|
+ push @users, $user;
|
||||||
|
+ }
|
||||||
|
+ @addresses = map { $_ . "@" . $host } @users;
|
||||||
|
+ for my $good (@goodrcptto) {
|
||||||
|
+ $good =~ s/^\s*(\S+).*/\L$1/;
|
||||||
|
+ foreach (@addresses) {
|
||||||
|
+ return (DECLINED) if $good eq $_;
|
||||||
|
+ }
|
||||||
|
+ # Allow wildcard '@domain.com' entries
|
||||||
|
+ return (DECLINED) if substr($good,0,1) eq '@' && $good eq "\@$host";
|
||||||
|
+ # Allow wildcard bare 'username' entries e.g. 'postmaster'
|
||||||
|
+ if (index($good,'@') < 0) {
|
||||||
|
+ foreach (@users) {
|
||||||
|
+ return (DECLINED) if $good eq $_;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ $self->log(LOGWARN, "recipient $addresses[$#addresses] denied");
|
||||||
|
+ # Set/increment the specified deny_note, if applicable
|
||||||
|
+ if ($self->{_deny_note}) {
|
||||||
|
+ my ($name, $value) = ($self->{_deny_note} =~ m/^([-\w]+)(?:=([\d.]+))?/);
|
||||||
|
+ $value ||= 1;
|
||||||
|
+ $self->qp->connection->notes($name, ($self->qp->connection->notes($name) || 0) + $value)
|
||||||
|
+ if $name;
|
||||||
|
+ $self->log(LOGDEBUG, "deny_note: $name=" . $self->qp->connection->notes($name));
|
||||||
|
+ }
|
||||||
|
+ return (DENY, "invalid recipient $addresses[$#addresses]");
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+# arch-tag: 2d2195a5-27b0-465d-a68f-f425efae2cc0
|
||||||
|
+
|
61
check_goodrcptto_hypens.patch
Normal file
61
check_goodrcptto_hypens.patch
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
diff -Nur -x '*.orig' -x '*.rej' qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto mezzanine_patched_qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto
|
||||||
|
--- qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto 2005-04-29 10:11:37.000000000 +1000
|
||||||
|
+++ mezzanine_patched_qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto 2006-08-18 17:33:46.595771275 +1000
|
||||||
|
@@ -52,28 +52,34 @@
|
||||||
|
my $host = lc $recipient->host;
|
||||||
|
my $user = lc $recipient->user;
|
||||||
|
return (DECLINED) unless $host && $user;
|
||||||
|
- my $address = $user;
|
||||||
|
- $address .= '@' . $host if $host;
|
||||||
|
- # Setup another user and address stripped of extensions
|
||||||
|
- my ($user2, $address2);
|
||||||
|
+ # Setup users and address stripped of extensions
|
||||||
|
+ my (@parts, @users, @addresses);
|
||||||
|
my $extn = $self->{_extn};
|
||||||
|
- if ($extn && $user =~ m/^([^$extn]+)$extn/) {
|
||||||
|
- $user2 = $1;
|
||||||
|
- $address2 = $user2;
|
||||||
|
- $address2 .= '@' . $host if $host;
|
||||||
|
- $self->log(LOGDEBUG, "address includes extn '$extn', checking both $user and $user2");
|
||||||
|
+ if ($extn) {
|
||||||
|
+ @parts = split /$extn/, $user;
|
||||||
|
+ foreach (0..$#parts) {
|
||||||
|
+ push @users, join $extn, @parts[0..$_];
|
||||||
|
+ }
|
||||||
|
+ $self->log(LOGDEBUG, "address includes extn '$extn', checking users: " . (join ' ', @users));
|
||||||
|
+ } else {
|
||||||
|
+ push @users, $user;
|
||||||
|
}
|
||||||
|
+ @addresses = map { $_ . "@" . $host } @users;
|
||||||
|
for my $good (@goodrcptto) {
|
||||||
|
$good =~ s/^\s*(\S+).*/\L$1/;
|
||||||
|
- return (DECLINED) if $good eq $address;
|
||||||
|
- return (DECLINED) if $address2 && $good eq $address2;
|
||||||
|
+ foreach (@addresses) {
|
||||||
|
+ return (DECLINED) if $good eq $_;
|
||||||
|
+ }
|
||||||
|
# Allow wildcard '@domain.com' entries
|
||||||
|
return (DECLINED) if substr($good,0,1) eq '@' && $good eq "\@$host";
|
||||||
|
# Allow wildcard bare 'username' entries e.g. 'postmaster'
|
||||||
|
- return (DECLINED) if index($good,'@') < 0 && $good eq $user;
|
||||||
|
- return (DECLINED) if $user2 && index($good,'@') < 0 && $good eq $user2;
|
||||||
|
+ if (index($good,'@') < 0) {
|
||||||
|
+ foreach (@users) {
|
||||||
|
+ return (DECLINED) if $good eq $_;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
- $self->log(LOGWARN, "recipient $address denied");
|
||||||
|
+ $self->log(LOGWARN, "recipient $addresses[$#addresses] denied");
|
||||||
|
# Set/increment the specified deny_note, if applicable
|
||||||
|
if ($self->{_deny_note}) {
|
||||||
|
my ($name, $value) = ($self->{_deny_note} =~ m/^([-\w]+)(?:=([\d.]+))?/);
|
||||||
|
@@ -82,7 +88,7 @@
|
||||||
|
if $name;
|
||||||
|
$self->log(LOGDEBUG, "deny_note: $name=" . $self->qp->connection->notes($name));
|
||||||
|
}
|
||||||
|
- return (DENY, "invalid recipient $address");
|
||||||
|
+ return (DENY, "invalid recipient $addresses[$#addresses]");
|
||||||
|
}
|
||||||
|
|
||||||
|
# arch-tag: 2d2195a5-27b0-465d-a68f-f425efae2cc0
|
12
check_goodrcptto_relaydenycomment.patch
Normal file
12
check_goodrcptto_relaydenycomment.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -Nur -x '*.orig' -x '*.rej' qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto mezzanine_patched_qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto
|
||||||
|
--- qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto 2007-04-12 09:56:59.000000000 -0600
|
||||||
|
+++ mezzanine_patched_qpsmtpd-plugins-openfusion-20050429/plugins/check_goodrcptto 2007-04-12 09:56:24.000000000 -0600
|
||||||
|
@@ -88,7 +88,7 @@
|
||||||
|
if $name;
|
||||||
|
$self->log(LOGDEBUG, "deny_note: $name=" . $self->qp->connection->notes($name));
|
||||||
|
}
|
||||||
|
- return (DENY, "invalid recipient $addresses[$#addresses]");
|
||||||
|
+ return (DENY, "relaying denied $addresses[$#addresses]");
|
||||||
|
}
|
||||||
|
|
||||||
|
# arch-tag: 2d2195a5-27b0-465d-a68f-f425efae2cc0
|
1
contriborbase
Normal file
1
contriborbase
Normal file
@ -0,0 +1 @@
|
|||||||
|
sme10
|
39
qpsmtpd-address-in-bcc.patch
Normal file
39
qpsmtpd-address-in-bcc.patch
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
diff -Nur qpsmtpd-plugins-openfusion-20050429/plugins/bcc qpsmtpd-plugins-openfusion-20050429_bz8990/plugins/bcc
|
||||||
|
--- qpsmtpd-plugins-openfusion-20050429/plugins/bcc 2005-03-29 07:02:39.000000000 +0200
|
||||||
|
+++ qpsmtpd-plugins-openfusion-20050429_bz8990/plugins/bcc 2015-08-06 15:15:36.302538784 +0200
|
||||||
|
@@ -75,7 +75,7 @@
|
||||||
|
|
||||||
|
=cut
|
||||||
|
|
||||||
|
-use Mail::Address;
|
||||||
|
+use Qpsmtpd::Address;
|
||||||
|
|
||||||
|
my $VERSION = 0.04;
|
||||||
|
|
||||||
|
@@ -189,7 +189,7 @@
|
||||||
|
unless ($transaction->notes("bcc_ignore_rcpt") || 0) < $transaction->recipients;
|
||||||
|
|
||||||
|
if ($self->{_bcc_all}) {
|
||||||
|
- my $rcpt = (Mail::Address->parse($self->{_bcc_all}))[0];
|
||||||
|
+ my $rcpt = (Qpsmtpd::Address->parse($self->{_bcc_all}))[0];
|
||||||
|
$transaction->add_recipient($rcpt);
|
||||||
|
$transaction->header->add('X-Copied-To', $self->{_bcc_all})
|
||||||
|
if $self->{_bcc_mode} eq 'cc';
|
||||||
|
@@ -197,7 +197,7 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($self->{_bcc_outgoing} && exists $ENV{RELAYCLIENT}) {
|
||||||
|
- my $rcpt = (Mail::Address->parse($self->{_bcc_outgoing}))[0];
|
||||||
|
+ my $rcpt = (Qpsmtpd::Address->parse($self->{_bcc_outgoing}))[0];
|
||||||
|
$transaction->add_recipient($rcpt);
|
||||||
|
$transaction->header->add('X-Copied-To', $self->{_bcc_outgoing})
|
||||||
|
if $self->{_bcc_mode} eq 'cc';
|
||||||
|
@@ -205,7 +205,7 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($transaction->notes('bcc_incoming')) {
|
||||||
|
- my $rcpt = (Mail::Address->parse($self->{_bcc_incoming}))[0];
|
||||||
|
+ my $rcpt = (Qpsmtpd::Address->parse($self->{_bcc_incoming}))[0];
|
||||||
|
$transaction->add_recipient($rcpt);
|
||||||
|
$transaction->header->add('X-Copied-To', $self->{_bcc_incoming})
|
||||||
|
if $self->{_bcc_mode} eq 'cc';
|
227
qpsmtpd-plugins-bz10126.patch
Normal file
227
qpsmtpd-plugins-bz10126.patch
Normal file
@ -0,0 +1,227 @@
|
|||||||
|
diff -Nur qpsmtpd-plugins-openfusion-20050429.old/plugins/whitelist_soft qpsmtpd-plugins-openfusion-20050429/plugins/whitelist_soft
|
||||||
|
--- qpsmtpd-plugins-openfusion-20050429.old/plugins/whitelist_soft 2005-03-29 00:02:37.000000000 -0500
|
||||||
|
+++ qpsmtpd-plugins-openfusion-20050429/plugins/whitelist_soft 1969-12-31 19:00:00.000000000 -0500
|
||||||
|
@@ -1,223 +0,0 @@
|
||||||
|
-=head1 NAME
|
||||||
|
-
|
||||||
|
-whitelist_soft - whitelist override for other qpsmtpd plugins
|
||||||
|
-
|
||||||
|
-
|
||||||
|
-=head1 DESCRIPTION
|
||||||
|
-
|
||||||
|
-The whitelist_soft plugin allows selected hosts or senders or recipients
|
||||||
|
-to be whitelisted as exceptions to later plugin processing. It is a more
|
||||||
|
-conservative variant of Devin Carraway's 'whitelist' plugin.
|
||||||
|
-
|
||||||
|
-
|
||||||
|
-=head1 CONFIGURATION
|
||||||
|
-
|
||||||
|
-To enable the plugin, add it to the qpsmtpd/config/plugins file as usual.
|
||||||
|
-It should precede any plugins you might wish to whitelist for.
|
||||||
|
-
|
||||||
|
-Several configuration files are supported, corresponding to different
|
||||||
|
-parts of the SMTP conversation:
|
||||||
|
-
|
||||||
|
-=over 4
|
||||||
|
-
|
||||||
|
-=item whitelisthosts
|
||||||
|
-
|
||||||
|
-Any IP address (or start-anchored fragment thereof) listed in the
|
||||||
|
-whitelisthosts file is exempted from any further validation during
|
||||||
|
-'connect', and can be selectively exempted at other stages by
|
||||||
|
-plugins testing for a 'whitelisthost' connection note.
|
||||||
|
-
|
||||||
|
-Similarly, if the environment variable $WHITELISTCLIENT is set
|
||||||
|
-(which can be done by tcpserver), the connection will be exempt from
|
||||||
|
-further 'connect' validation, and the host can be selectively
|
||||||
|
-exempted by other plugins testing for a 'whitelistclient' connection
|
||||||
|
-note.
|
||||||
|
-
|
||||||
|
-=item whitelisthelo
|
||||||
|
-
|
||||||
|
-Any host that issues a HELO matching an entry in whitelisthelo will
|
||||||
|
-be exempted from further validation at the 'helo' stage. Subsequent
|
||||||
|
-plugins can test for a 'whitelisthelo' connection note. Note that
|
||||||
|
-this does not actually amount to an authentication in any meaningful
|
||||||
|
-sense.
|
||||||
|
-
|
||||||
|
-=item whitelistsenders
|
||||||
|
-
|
||||||
|
-If the envelope sender of a mail (that which is sent as the MAIL FROM)
|
||||||
|
-matches an entry in whitelistsenders, or if the hostname component
|
||||||
|
-matches, the mail will be exempted from any further validation within
|
||||||
|
-the 'mail' stage. Subsequent plugins can test for this exemption as a
|
||||||
|
-'whitelistsender' transaction note.
|
||||||
|
-
|
||||||
|
-=item whitelistrcpt
|
||||||
|
-
|
||||||
|
-If any recipient of a mail (that sent as the RCPT TO) matches an
|
||||||
|
-entry from whitelistrcpt, or if the hostname component matches, no
|
||||||
|
-further validation will be required for this recipient. Subsequent
|
||||||
|
-plugins can test for this exemption using a 'whitelistrcpt'
|
||||||
|
-transaction note, which holds the count of whitelisted recipients.
|
||||||
|
-
|
||||||
|
-=back
|
||||||
|
-
|
||||||
|
-whitelist_soft also supports per-recipient whitelisting when using
|
||||||
|
-the per_user_config plugin. To enable the per-recipient behaviour
|
||||||
|
-(delaying all whitelisting until the rcpt part of the smtp
|
||||||
|
-conversation, and using per-recipient whitelist configs, if
|
||||||
|
-available), pass a true 'per_recipient' argument in the
|
||||||
|
-config/plugins invocation i.e.
|
||||||
|
-
|
||||||
|
- whitelist_soft per_recipient 1
|
||||||
|
-
|
||||||
|
-By default global and per-recipient whitelists are merged; to turn off
|
||||||
|
-the merge behaviour pass a false 'merge' argument in the config/plugins
|
||||||
|
-invocation i.e.
|
||||||
|
-
|
||||||
|
- whitelist_soft per_recipient 1 merge 0
|
||||||
|
-
|
||||||
|
-
|
||||||
|
-=head1 BUGS
|
||||||
|
-
|
||||||
|
-Whitelist lookups are all O(n) linear scans of configuration files, even
|
||||||
|
-though they're all associative lookups. Something should be done about
|
||||||
|
-this when CDB/DB/GDBM configs are supported.
|
||||||
|
-
|
||||||
|
-
|
||||||
|
-=head1 AUTHOR
|
||||||
|
-
|
||||||
|
-Based on the 'whitelist' plugin by Devin Carraway <qpsmtpd@devin.com>.
|
||||||
|
-
|
||||||
|
-Modified by Gavin Carr <gavin@openfusion.com.au> to not inherit
|
||||||
|
-whitelisting across hooks, but use per-hook whitelist notes instead.
|
||||||
|
-This is a more conservative approach e.g. whitelisting an IP will not
|
||||||
|
-automatically allow relaying from that IP.
|
||||||
|
-
|
||||||
|
-=cut
|
||||||
|
-
|
||||||
|
-my $VERSION = 0.02;
|
||||||
|
-
|
||||||
|
-# Default is to merge whitelists in per_recipient mode
|
||||||
|
-my %MERGE = ( merge => 1 );
|
||||||
|
-
|
||||||
|
-sub register {
|
||||||
|
- my ($self, $qp, %arg) = @_;
|
||||||
|
-
|
||||||
|
- $self->{_per_recipient} = 1 if $arg{per_recipient};
|
||||||
|
- $MERGE{merge} = $arg{merge} if defined $arg{merge};
|
||||||
|
-
|
||||||
|
- # Normal mode - whitelist per hook
|
||||||
|
- unless ($arg{per_recipient}) {
|
||||||
|
- $self->register_hook("connect", "check_host");
|
||||||
|
- $self->register_hook("helo", "check_helo");
|
||||||
|
- $self->register_hook("ehlo", "check_helo");
|
||||||
|
- $self->register_hook("mail", "check_sender");
|
||||||
|
- $self->register_hook("rcpt", "check_rcpt");
|
||||||
|
- }
|
||||||
|
- # Per recipient mode - defer all whitelisting to rcpt hook
|
||||||
|
- else {
|
||||||
|
- $self->register_hook("rcpt", "check_host");
|
||||||
|
- $self->register_hook("helo", "helo_helper");
|
||||||
|
- $self->register_hook("ehlo", "helo_helper");
|
||||||
|
- $self->register_hook("rcpt", "check_helo");
|
||||||
|
- $self->register_hook("rcpt", "check_sender");
|
||||||
|
- $self->register_hook("rcpt", "check_rcpt");
|
||||||
|
- }
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-sub check_host {
|
||||||
|
- my ($self, $transaction, $rcpt) = @_;
|
||||||
|
- my $ip = $self->qp->connection->remote_ip || return (DECLINED);
|
||||||
|
-
|
||||||
|
- # From tcpserver
|
||||||
|
- if (exists $ENV{WHITELISTCLIENT}) {
|
||||||
|
- $self->qp->connection->notes('whitelistclient', 1);
|
||||||
|
- $self->log(2,"host $ip is a whitelisted client");
|
||||||
|
- return OK;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- my $config_arg = $self->{_per_recipient} ? { rcpt => $rcpt, %MERGE } : {};
|
||||||
|
- for my $h ($self->qp->config('whitelisthosts', $config_arg)) {
|
||||||
|
- if ($h eq $ip or $ip =~ /^\Q$h\E/) {
|
||||||
|
- $self->qp->connection->notes('whitelisthost', 1);
|
||||||
|
- $self->log(2,"host $ip is a whitelisted host");
|
||||||
|
- return OK;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- return DECLINED;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-sub helo_helper {
|
||||||
|
- my ($self, $transaction, $helo) = @_;
|
||||||
|
- $self->{_whitelist_soft_helo} = $helo;
|
||||||
|
- return DECLINED;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-sub check_helo {
|
||||||
|
- my ($self, $transaction, $helo) = @_;
|
||||||
|
-
|
||||||
|
- # If per_recipient will be rcpt hook, and helo actually rcpt
|
||||||
|
- my $config_arg = {};
|
||||||
|
- if ($self->{_per_recipient}) {
|
||||||
|
- $config_arg = { rcpt => $helo, %MERGE };
|
||||||
|
- $helo = $self->{_whitelist_soft_helo};
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- for my $h ($self->qp->config('whitelisthelo', $config_arg)) {
|
||||||
|
- if ($helo and lc $h eq lc $helo) {
|
||||||
|
- $self->qp->connection->notes('whitelisthelo', 1);
|
||||||
|
- $self->log(2,"helo host $helo in whitelisthelo");
|
||||||
|
- return OK;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- return DECLINED;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-sub check_sender {
|
||||||
|
- my ($self, $transaction, $sender) = @_;
|
||||||
|
-
|
||||||
|
- # If per_recipient will be rcpt hook, and sender actually rcpt
|
||||||
|
- my $config_arg = {};
|
||||||
|
- if ($self->{_per_recipient}) {
|
||||||
|
- $config_arg = { rcpt => $sender, %MERGE };
|
||||||
|
- $sender = $transaction->sender;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- return DECLINED if $sender->format eq '<>';
|
||||||
|
- my $addr = lc $sender->address or return DECLINED;
|
||||||
|
- my $host = lc $sender->host or return DECLINED;
|
||||||
|
-
|
||||||
|
- for my $h ($self->qp->config('whitelistsenders', $config_arg)) {
|
||||||
|
- next unless $h;
|
||||||
|
- $h = lc $h;
|
||||||
|
-
|
||||||
|
- if ($addr eq $h or $host eq $h) {
|
||||||
|
- $transaction->notes('whitelistsender', 1);
|
||||||
|
- $self->log(2,"envelope sender $addr in whitelistsenders");
|
||||||
|
- return OK;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- return DECLINED;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-sub check_rcpt {
|
||||||
|
- my ($self, $transaction, $rcpt) = @_;
|
||||||
|
-
|
||||||
|
- my $addr = lc $rcpt->address or return DECLINED;
|
||||||
|
- my $host = lc $rcpt->host or return DECLINED;
|
||||||
|
-
|
||||||
|
- my $config_arg = $self->{_per_recipient} ? { rcpt => $rcpt, %MERGE } : {};
|
||||||
|
- for my $h ($self->qp->config('whitelistrcpt', $config_arg)) {
|
||||||
|
- next unless $h;
|
||||||
|
- $h = lc $h;
|
||||||
|
-
|
||||||
|
- if ($addr eq $h or $host eq $h) {
|
||||||
|
- my $note = $transaction->notes('whitelistrcpt');
|
||||||
|
- $transaction->notes('whitelistrcpt', ++$note);
|
||||||
|
- $self->log(2,"recipient $addr in whitelistrcpt");
|
||||||
|
- return OK;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- return DECLINED;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-# arch-tag: 15a093f1-2960-4dbe-be72-584d7ff1d92a
|
||||||
|
-
|
113
qpsmtpd-plugins.spec
Normal file
113
qpsmtpd-plugins.spec
Normal file
@ -0,0 +1,113 @@
|
|||||||
|
# $Id: qpsmtpd-plugins.spec,v 1.2 2017/02/27 22:34:14 unnilennium Exp $
|
||||||
|
|
||||||
|
Summary: qpsmtpd plugins from www.openfusion.com
|
||||||
|
%define name qpsmtpd-plugins
|
||||||
|
Name: %{name}
|
||||||
|
%define version 0.0.1
|
||||||
|
%define release 5
|
||||||
|
Version: %{version}
|
||||||
|
Release: %{release}%{?dist}
|
||||||
|
License: qpsmtpd
|
||||||
|
Group: Networking/Daemons
|
||||||
|
%define oname qpsmtpd-plugins-openfusion
|
||||||
|
%define oversion 20050429
|
||||||
|
Source0: http://www.openfusion.com.au/labs/qpsmtpd/%{oname}-%{oversion}.tar.gz
|
||||||
|
Patch0: check_goodrcptto_hypens.patch
|
||||||
|
Patch1: check_goodrcptto_dos2unix.patch
|
||||||
|
Patch2: check_goodrcptto_relaydenycomment.patch
|
||||||
|
Patch3: qpsmtpd-address-in-bcc.patch
|
||||||
|
Patch4: qpsmtpd-plugins-bz10126.patch
|
||||||
|
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
|
||||||
|
Requires: perl
|
||||||
|
Obsoletes: qpsmtpd-plugins-openfusion
|
||||||
|
Requires: qpsmtpd >= 0.31
|
||||||
|
BuildArchitectures: noarch
|
||||||
|
AutoReqProv: no
|
||||||
|
|
||||||
|
%description
|
||||||
|
A package containing qpsmtpd plugins.
|
||||||
|
|
||||||
|
Included in this version is a set of qpsmtpd plugins from Gavin Carr
|
||||||
|
of OpenFusion:
|
||||||
|
http://www.openfusion.com.au/labs/qpsmtpd/
|
||||||
|
|
||||||
|
%changelog
|
||||||
|
* Fri Jul 14 2023 BogusDateBot
|
||||||
|
- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
|
||||||
|
by assuming the date is correct and changing the weekday.
|
||||||
|
|
||||||
|
* Mon Feb 27 2017 Jean-Philipe Pialasse <tests@pialasse.com> 0.0.1-5.sme
|
||||||
|
- remove whitelit_soft [SME: 10126]
|
||||||
|
|
||||||
|
* Sun Feb 7 2016 stephane de labrusse <stephdl@de-labrusse.fr> 0.0.1-4
|
||||||
|
- Build new rpm for sme10
|
||||||
|
|
||||||
|
* Thu Aug 6 2015 Daniel Berteaud <daniel@firewall-services.com> 0.0.1-4
|
||||||
|
- Use Qpsmtpd::Address object instead of Mail::Address in bcc plugin
|
||||||
|
so logging can rely on stringification [SME: 8990]
|
||||||
|
|
||||||
|
* Sun Apr 29 2007 Shad L. Lords <slords@mail.com>
|
||||||
|
- Clean up spec so package can be built by koji/plague
|
||||||
|
|
||||||
|
* Thu Apr 12 2007 Stephen Noble <support@dungog.net> 0.0.1-3
|
||||||
|
- change invalid recipient comment to relay denied [SME: 2340]
|
||||||
|
|
||||||
|
* Thu Apr 12 2007 Stephen Noble <support@dungog.net> 0.0.1-2
|
||||||
|
- run dos2unix on check_goodrcptto [SME: 2340]
|
||||||
|
|
||||||
|
* Thu Dec 07 2006 Shad L. Lords <slords@mail.com>
|
||||||
|
- Update to new release naming. No functional changes.
|
||||||
|
- Make Packager generic
|
||||||
|
|
||||||
|
* Fri Aug 18 2006 Gordon Rowell <gordonr@gormand.com.au> 0.0.1-sme06
|
||||||
|
- Fix check_goodrcptto handling of hyphenated usernames.
|
||||||
|
Thanks Shad Lords [SME: 1268]
|
||||||
|
|
||||||
|
* Wed Jan 4 2006 Gordon Rowell <gordonr@gormand.com.au> 0.0.1-sme05
|
||||||
|
- Bump version number only for rebuild
|
||||||
|
|
||||||
|
* Mon Aug 29 2005 Gordon Rowell <gordonr@gormand.com.au> 0.0.1-sme04
|
||||||
|
- Updated qpsmtpd requires to 0.31
|
||||||
|
- Move plugins to /usr/share/qpsmtpd/plugins in line with Peter Holtzer's
|
||||||
|
qpsmtpd RPMs
|
||||||
|
|
||||||
|
* Mon Aug 15 2005 Charlie Brady <charlieb@e-smith.com> 0.0.1-sme03
|
||||||
|
- Rename to generic qpsmtpd-plugins (although currently only contains
|
||||||
|
plugins sourced from openfusion).
|
||||||
|
|
||||||
|
* Fri Apr 29 2005 Gordon Rowell <gordonr@gormand.com.au> 0.0.1-sme02
|
||||||
|
- Removed denysoft_greylist - it's in 0.29 - thanks Gavin
|
||||||
|
|
||||||
|
* Fri Apr 29 2005 Gordon Rowell <gordonr@gormand.com.au> 0.0.1-sme01
|
||||||
|
- Initial packaging
|
||||||
|
- Plugins in /usr/lib/qpsmtpd/plugins
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%setup -n %{oname}-%{oversion}
|
||||||
|
%patch0 -p1
|
||||||
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
|
%patch4 -p1
|
||||||
|
|
||||||
|
%build
|
||||||
|
mkdir -p root/usr/share/qpsmtpd
|
||||||
|
mkdir -p root/usr/bin
|
||||||
|
|
||||||
|
mv plugins config.sample root/usr/share/qpsmtpd
|
||||||
|
|
||||||
|
%postun
|
||||||
|
|
||||||
|
%install
|
||||||
|
rm -rf $RPM_BUILD_ROOT
|
||||||
|
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
|
||||||
|
find $RPM_BUILD_ROOT/usr -type f -print | sed "s@^$RPM_BUILD_ROOT@@g" | \
|
||||||
|
grep -v perllocal.pod > %{name}-%{version}-%{release}-filelist
|
||||||
|
|
||||||
|
echo "%doc LICENSE" >> %{name}-%{version}-%{release}-filelist
|
||||||
|
|
||||||
|
%clean
|
||||||
|
rm -rf $RPM_BUILD_ROOT
|
||||||
|
|
||||||
|
%files -f %{name}-%{version}-%{release}-filelist
|
||||||
|
%defattr(-,root,root)
|
Loading…
Reference in New Issue
Block a user