Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
<assp-user@lists.sourceforge.net> schreibt:
>Devin Carraway has written a plugin for the Perl-based MTA qpsmtpd to
>compare domains from message body URIs to SURBL domain lists. Here's
>his
>announcement on perl.qpsmtpd, and a link to his uribl plugin. Devin's
>was the first MTA implementation.
>
>Links for all of the above can be found on this page:
>
>http://www.surbl.org/faq.html
The code for assp-uribl is already done, it has to be implemented into
the assp code.
Attachment: code for uribl
# URI components
$URICharRe='(?:[=%][0-9a-f]{2}|\#\&\d{1,3};?|[EMAIL
PROTECTED]|\=(?:\015?\012|\015))';
# do URIBL checks
sub checkURIBL {
my $fh;
my
($this,%domains,$ucnt,$dcnt,$uri,$orig_uri,$i,$ip,$uribl,$received_uribl,$uribl_result);
my
($lookup_return,@listed_by,$listed_domain,$uribls_returned,@domains,$n,$lcnt,$err);
my $sref=$Tasks{$CurTaskID}->{checkURIBL}||=[sub{
$fh=shift;
},sub{&jump;
$this=$Con{$fh};
return if $this->{relayok} || $this->{mISPRE};
return unless $CanUseURIBL && $ValidateURIBL;
unless
(checkNeeded($fh,$URIBLFailColl,$uriblTestMode,$this->{allLoveURIBLSpam})) {
mlogCond($fh,"URIBL lookup skipped (unnecessary)",$RBLLog);
return;
} elsif ($noURIBL && $this->{mailfrom}=~$NURIBLRE) {
mlogCond($fh,"URIBL lookup skipped (noURIBL sender)",$RBLLog);
$this->{myheader}.="X-Assp-Received-RBL: lookup skipped (noURIBL sender)" if
$AddURIBLHeader;
return;
}
%domains=$ucnt=$dcnt=undef;
while
($this->{body}=~/(?:https?|ftp)[\041-\176]{0,3}\:\/{1,3}($URICharRe+)|((?:www|ftp)\.$URICharRe+)/gi)
{
$uri=$1 || $2;
# RFC 2821, section 4.5.2, 'Transparency': delete leading period char
$uri=~s/\=(?:\015?\012|\015)\.?//g;
$uri=~s/[=%]([0-9a-f]{2})/chr(hex($1))/gie;
$uri=~s/&#(\d{1,3});?/chr($1)/ge;
$uri=~tr/;//d;
if ($uri=~/(?:[^\s\/[EMAIL PROTECTED]@)?([0-9a-z\-\_\.]+)/i) {
$orig_uri=$uri=$1;
$uri=~s/\.{2,}/\./g;
$uri=~s/^\.//;
$uri=~s/\.$//;
if ($uri=~/^$IPQuadRE$/io) {
$i=$ip=undef;
while ($i<10) { $ip=($ip<<8)+oct(${++$i})+hex(${++$i})+${++$i}; }
$uri=inet_ntoa(pack('N',$ip));
if ($URIBLNoObfuscated && $orig_uri!~/^\Q$uri\E/i) {
$this->{myheader}.="X-Assp-Received-URIBL: fail ($myName: local policy)
contains obfuscated uri\015\012" if $AddURIBLHeader;
thisIsSpam($fh,'failed URIBL checks (obfuscated
uri)',$URIBLPolicyError,$uriblTestMode,$this->{allLoveURIBLSpam},$URIBLFailColl,'uriblfails',1);
return;
}
} else {
if ($URIBLNoObfuscated && $orig_uri!~/^\Q$uri\E/i) {
$this->{myheader}.="X-Assp-Received-URIBL: fail ($myName: local policy)
contains obfuscated uri\015\012" if $AddURIBLHeader;
thisIsSpam($fh,'failed URIBL checks (obfuscated
uri)',$URIBLPolicyError,$uriblTestMode,$this->{allLoveURIBLSpam},$URIBLFailColl,'uriblfails',1);
return;
}
if ($uri=~$URIBLCCTLDSRE || $uri=~/([^\.]+\.[^\.]+)$/) {
$uri=$1;
} else {
next;
}
}
next if $uri=~$URIBLWLDRE;
if ($URIBLmaxuris && ++$ucnt>$URIBLmaxuris) {
$this->{myheader}.="X-Assp-Received-URIBL: fail ($myName: local policy)
maximum uris exceeded\015\012" if $AddURIBLHeader;
thisIsSpam($fh,'failed URIBL checks (maximum uris
exceeded)',$URIBLPolicyError,$uriblTestMode,$this->{allLoveURIBLSpam},$URIBLFailColl,'uriblfails',1);
return;
}
$dcnt++ unless $domains{lc $uri}++;
if ($URIBLmaxdomains && $dcnt>$URIBLmaxdomains) {
$this->{myheader}.="X-Assp-Received-URIBL: fail ($myName: local policy)
maximum unique domain uris exceeded\015\012" if $AddURIBLHeader;
thisIsSpam($fh,'failed URIBL checks (maximum unique domain uris
exceeded)',$URIBLPolicyError,$uriblTestMode,$this->{allLoveURIBLSpam},$URIBLFailColl,'uriblfails',1);
return;
}
}
}
$uribl=RBL->new(lists => [EMAIL PROTECTED],
server => $nameservers[0],
max_hits => $URIBLmaxhits,
max_replies => $URIBLmaxreplies,
query_txt => 0,
max_time => $URIBLmaxtime,
timeout => 1);
[EMAIL PROTECTED];
@domains=keys %domains;
for ($n=0;$n<@domains;$n++) {
$domain=$domains[$n];
return call('L1',$uribl->lookup($fh,$domain)); L1:
$lookup_return=shift;
@listed_by=$uribl->listed_by();
$lcnt=$#listed_by+1;
$uribls_returned=$lcnt if $lcnt>$uribls_returned;
if ($uribls_returned>=$URIBLmaxhits) {
$listed_domain=$domain;
last;
}
}
if ($uribls_returned>=$URIBLmaxhits) {
$received_uribl="Received-URIBL: fail ($myName: local policy) [EMAIL
PROTECTED]; domain=$listed_domain";
} elsif ($uribls_returned>0) {
$received_uribl="Received-URIBL: neutral ($myName: local policy) uribl=some";
} else {
$received_uribl="Received-URIBL: pass ($myName: local policy) uribl=none";
}
mlogCond($fh,$received_uribl,$RBLLog);
$this->{myheader}.="X-Assp-$received_uribl\015\012" if $AddURIBLHeader;
if ($uribls_returned>=$URIBLmaxhits) {
$err=$URIBLError;
$err=~s/URIBLNAME/@listed_by/g;
thisIsSpam($fh,'failed URIBL
checks',$err,$uriblTestMode,$this->{allLoveURIBLSpam},$URIBLFailColl,'uriblfails',1);
}
}];
&{$sref->[0]};
return $sref->[1];
}
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
