[contribteam] [Bug 9605] Make qpsmtpd badhelo work like Whitelisthosts for subnets

Mon, 20 Jun 2016 10:20:06 -0700 

==================================================================
  Please DO NOT REPLY to this mail or send email to the developers
  about this bug. Please follow-up to Bugzilla using this link:
    https://bugs.contribs.org/show_bug.cgi?id=9605

  Have you checked the Frequently Asked Questions (FAQ)?
    http://wiki.contribs.org/SME_Server:Documentation:FAQ

  Please also take the time to read the following useful guide:
    http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
==================================================================

Selwyn Rosenstein <[email protected]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Version|9.1                         |8.2

--- Comment #4 from Selwyn Rosenstein <[email protected]> ---
After further testing I found that not all spammers put the IP Address in the
HELO and so even though the IP Address was on the list of blocked addresses my
test code would not catch them.

I have refined the code as follows which now works very well:
check_spamhelo plugin:
------------
sub hook_helo {
  my ($self, $transaction, $host) = @_;
  ($host = lc $host) or return DECLINED;

  my $remote_ip = $self->qp->connection->remote_ip;

  foreach my $bad ($self->qp->config('badhelo')) {
    $bad =~ s/^\s+|\s+$//g;
    if ($host eq lc $bad || $host =~ /^\Q$bad\E/ || $remote_ip =~ /^\Q$bad\E/)
{
      $self->log(LOGDEBUG, "Denying HELO from IP '$remote_ip' using HELO
'$host' from badhelo '$bad'");
      return (DENY_DISCONNECT, "Sorry, I don't believe that you are $host.");
    }
  }
  return DECLINED;
}

# also support EHLO
*hook_ehlo = \&hook_helo;
--------------

Here are some sample log entries where it worked:
Denying HELO from IP '184.83.22.213' using HELO 'dahae.us' from badhelo
'184.83.22.'
Denying HELO from IP '104.129.47.42' using HELO 'gipau.us' from badhelo
'104.129.47.4'
Denying HELO from IP '104.129.47.43' using HELO 'marue.us' from badhelo
'104.129.47.4'
Denying HELO from IP '104.129.47.38' using HELO 'mawew.us' from badhelo
'104.129.47.'
Denying HELO from IP '184.83.22.173' using HELO 'kirec.us' from badhelo
'184.83.22.'
Denying HELO from IP '184.83.22.183' using HELO 'muzaj.us' from badhelo
'184.83.22.'

Regards,
Selwyn

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
_______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/

Reply via email to