Bug#316115: marked as done (qmail-src: please consider adding mfcheck patch)

Mon, 26 Nov 2012 13:57:35 -0800 

Your message dated Mon, 26 Nov 2012 21:55:57 +0000
with message-id <[email protected]>
and subject line Bug#692558: Removed package(s) from unstable
has caused the Debian Bug report #316115,
regarding qmail-src: please consider adding mfcheck patch
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
316115: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316115
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: qmail-src
Version: 1.03-38
Severity: wishlist
Tags: patch

Hi Jon!

Please consider adding mfcheck (or similar) patch to debian-qmail.  It's
short patch, which adds capability to check validity of envelope sender's
domain (DNS lookup).  It's behavior is controlled by control file and
environment variable (disabled by default).

Patch is available from:
  http://www.jms1.net/qmail/patches/qmail-1.03-mfcheck.3.patch

Short description can be found at:
  http://www.jms1.net/qmail/patches/combined.shtml#details

Patch modified to apply cleanly to debian-qmail is in attachment.

Similar patch is also part of Spamcontrol.

Thanks!

th.


-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.27-grsec
Locale: LANG=sk_SK, LC_CTYPE=sk_SK (charmap=ISO-8859-2)

Versions of packages qmail-src depends on:
ii  debconf                      1.4.30.13   Debian configuration management sy
ii  dpkg-dev                     1.10.28     Package building tools for Debian
ii  fakeroot                     1.2.10      Gives a fake root environment
ii  gcc                          4:3.3.5-3   The GNU C compiler
ii  groff-base                   1.18.1.1-7  GNU troff text-formatting system (
ii  make                         3.80-9      The GNU version of the "make" util
ii  patch                        2.5.9-2     Apply a diff file to an original
ii  sudo                         1.6.8p7-1.1 Provide limited super user privile

-- debconf information excluded


diff -ruN qmail-1.03-orig/Makefile qmail-1.03/Makefile
--- qmail-1.03-orig/Makefile    2005-06-20 13:43:48.000000000 +0200
+++ qmail-1.03/Makefile 2005-06-20 13:48:23.000000000 +0200
@@ -1536,13 +1536,13 @@
 timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o received.o \
 date822fmt.o now.o qmail.o cdb.a fd.a wait.a datetime.a getln.a \
 open.a sig.a case.a env.a stralloc.a alloc.a strerr.a substdio.a error.a str.a 
\
-fs.a auto_qmail.o socket.lib
+fs.a auto_qmail.o socket.lib dns.o dns.lib
        ./load qmail-smtpd qregex.o rcpthosts.o commands.o timeoutread.o \
        timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o \
        received.o date822fmt.o now.o qmail.o cdb.a fd.a wait.a \
        datetime.a getln.a open.a sig.a case.a env.a stralloc.a \
        alloc.a strerr.a substdio.a error.a str.a fs.a auto_qmail.o  `cat \
-       socket.lib`
+       socket.lib` dns.o `cat dns.lib`
 
 qmail-smtpd.0: \
 qmail-smtpd.8
diff -ruN qmail-1.03-orig/qmail-control.9 qmail-1.03/qmail-control.9
--- qmail-1.03-orig/qmail-control.9     2005-06-20 13:43:48.000000000 +0200
+++ qmail-1.03/qmail-control.9  2005-06-20 13:44:36.000000000 +0200
@@ -63,6 +63,7 @@
 .I idhost      \fIme   \fRqmail-inject
 .I localiphost \fIme   \fRqmail-smtpd
 .I locals      \fIme   \fRqmail-send
+.I mfcheck     \fR0    \fRqmail-smtpd
 .I morercpthosts       \fR(none)       \fRqmail-smtpd
 .I percenthack \fR(none)       \fRqmail-send
 .I plusdomain  \fIme   \fRqmail-inject
diff -ruN qmail-1.03-orig/qmail-smtpd.8 qmail-1.03/qmail-smtpd.8
--- qmail-1.03-orig/qmail-smtpd.8       2005-06-20 13:43:48.000000000 +0200
+++ qmail-1.03/qmail-smtpd.8    2005-06-20 13:44:36.000000000 +0200
@@ -138,6 +138,12 @@
 This is done before
 .IR rcpthosts .
 .TP 5
+.I mfcheck
+If set,
+.B qmail-smtpd
+tries to resolve the domain of the envelope from address.  It can be
+handy when you want to filter out spamhosts.
+.TP 5
 .I morercpthosts
 Extra allowed RCPT domains.
 If
diff -ruN qmail-1.03-orig/qmail-smtpd.c qmail-1.03/qmail-smtpd.c
--- qmail-1.03-orig/qmail-smtpd.c       2005-06-20 13:43:48.000000000 +0200
+++ qmail-1.03/qmail-smtpd.c    2005-06-20 14:06:59.000000000 +0200
@@ -25,6 +25,7 @@
 #include "commands.h"
 #include "qregex.h"
 #include "strerr.h"
+#include "dns.h"
 
 #define BMCHECK_BMF 0
 #define BMCHECK_BMFNR 1
@@ -35,6 +36,7 @@
 
 #define MAXHOPS 100
 unsigned int databytes = 0;
+unsigned int mfchk = 0;
 int timeout = 1200;
 
 int safewrite(fd,buf,len) int fd; char *buf; int len;
@@ -61,6 +63,8 @@
 void err_bmf() { out("553 sorry, your envelope sender has been denied 
(#5.7.1)\r\n"); }
 void err_bmt() { out("553 sorry, your envelope recipient has been denied 
(#5.7.1)\r\n"); }
 void err_bhelo() { out("553 sorry, your HELO host name has been denied 
(#5.7.1)\r\n"); }
+void err_hmf() { out("553 sorry, your envelope sender domain must exist 
(#5.7.1)\r\n"); }
+void err_smf() { out("451 DNS temporary failure (#4.3.0)\r\n"); }
 void err_nogateway() { out("553 sorry, that domain isn't in my list of allowed 
rcpthosts (#5.7.1)\r\n"); }
 void err_unimpl(arg) char *arg; { out("502 unimplemented (#5.5.1)\r\n"); }
 void err_syntax() { out("555 syntax error (#5.5.4)\r\n"); }
@@ -135,6 +139,10 @@
 
   if (rcpthosts_init() == -1) die_control();
 
+  if (control_readint(&mfchk,"control/mfcheck") == -1) die_control();
+  x = env_get("MFCHECK");
+  if (x) { scan_ulong(x,&u); mfchk = u; }
+
   bmfok = control_readfile(&bmf,"control/badmailfrom",0);
   if (bmfok == -1) die_control();
 
@@ -276,6 +284,25 @@
   return 0;
 }
 
+int mfcheck()
+{
+  stralloc sa = {0};
+  ipalloc ia = {0};
+  unsigned int random;
+  int j;
+
+  if (!mfchk) return 0;
+  random = now() + (getpid() << 16);
+  j = byte_rchr(addr.s,addr.len,'@') + 1;
+  if (j < addr.len) {
+    stralloc_copys(&sa, addr.s + j);
+    dns_init(0);
+    j = dns_mxip(&ia,&sa,random);
+    if (j < 0) return j;
+  }
+  return 0;
+}
+
 int addrallowed()
 {
   int r;
@@ -317,6 +344,11 @@
   if ((!flagbarfbmf) && (bmfnrok) && (addr.len != 1) && (!relayclient)) {
     flagbarfbmf = bmcheck(BMCHECK_BMFNR);
   }
+  switch(mfcheck()) {
+    case DNS_HARD: err_hmf(); return;
+    case DNS_SOFT: err_smf(); return;
+    case DNS_MEM: die_nomem();
+  }
   seenmail = 1;
   if (!stralloc_copys(&rcptto,"")) die_nomem();
   if (!stralloc_copys(&mailfrom,addr.s)) die_nomem();

--- End Message ---
--- Begin Message --- 
Version: 1.03-49.3+rm

Dear submitter,

as the package qmail has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see http://bugs.debian.org/692558

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].

Debian distribution maintenance software
pp.
Luca Falavigna (the ftpmaster behind the curtain)

--- End Message ---

Reply via email to