Based on a bit of research and information from Sam, here's my final
submission of a unified diff patch against ratelimit.py. This fixes two
problems:
1. When limitNetwork = True, the IP address is now properly parsed from
the Received-From-MTA string for both v4 and v6 addresses and an
identifier for /24 (v4) or /48 (v6) address groups is generated.
2. When limitNetwork = True, the address identifier is used internally
to identify network matches, but the full Received-From-MTA string is
now returned from the module for logging and the SMTP dialog.
Gordon, this is in your ballpark now. I've got it working the way it
should and I'm not going to mess with it anymore :) I'd suggest that
unless you see something nasty, this patch should be incorporated into
the next release of ratelimit.py
Sincere thanks to both Gordon Messmer and Sam Varshavchik.
--- ratelimit.py-1.9.orig 2015-03-18 10:41:48.000000000 -0500
+++ ratelimit.py 2015-03-19 13:12:10.000000000 -0500
@@ -65,12 +65,14 @@
return '451 Internal failure locating control files'
if limitNetwork:
- if '.' in sender:
+ if '.' in sender[sender.rindex("["):]:
# For IPv4, use the first three octets
- sender = sender[:sender.rindex('.')]
+ senderID = sender[sender.rindex("["):sender.rindex('.')]
else:
# For IPv6, expand the address and then use the first three hextets
- sender = courier.config.explodeIP6(sender)[:14]
+ senderID =
courier.config.explodeIP6(sender)[sender.rindex("["):][:16]
+ else:
+ senderID = sender
_sendersLock.acquire()
try:
@@ -87,16 +89,16 @@
# First, add this connection to the bucket:
if not _senders.has_key(now):
_senders[now] = {}
- if not _senders[now].has_key(sender):
- _senders[now][sender] = 1
+ if not _senders[now].has_key(senderID):
+ _senders[now][senderID] = 1
else:
- _senders[now][sender] = _senders[now][sender] + 1
+ _senders[now][senderID] = _senders[now][senderID] + 1
# Now count the number of connections from this sender
connections = 0
for i in range(0, interval):
- if _senders.has_key(now - i) and _senders[now - i].has_key(sender):
- connections = connections + _senders[now - i][sender]
+ if _senders.has_key(now - i) and _senders[now -
i].has_key(senderID):
+ connections = connections + _senders[now - i][senderID]
# If the connection count is higher than the maxConnections setting,
# return a soft failure.
--
Lindsay Haisley | "Real programmers use butterflies"
FMP Computer Services |
512-259-1190 | - xkcd
http://www.fmp.com |
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
