Hiyas,
Nowadays I just bored to get mail from illegal hostnames and I created a
diff against vanilla qmail-1.03 (see attachment).
It is simple. It checks for a DNS entry for the MAIL FROM domain if
control/mfcheck or the MFCHECK environment variable is set to nonzero.
Please check it out. Any comments/bugfixes/etc are welcomed.
--
Regards: Kevin (Balazs)
diff -ruN qmail-1.03.orig/Makefile qmail-1.03/Makefile
--- qmail-1.03.orig/Makefile Mon Jun 15 12:53:16 1998
+++ qmail-1.03/Makefile Thu May 6 13:02:37 1999
@@ -1536,13 +1536,13 @@
timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o received.o \
date822fmt.o now.o qmail.o cdb.a fd.a wait.a datetime.a getln.a \
open.a sig.a case.a env.a stralloc.a alloc.a substdio.a error.a str.a \
-fs.a auto_qmail.o socket.lib
+fs.a auto_qmail.o socket.lib dns.o dns.lib
./load qmail-smtpd rcpthosts.o commands.o timeoutread.o \
timeoutwrite.o ip.o ipme.o ipalloc.o control.o constmap.o \
received.o date822fmt.o now.o qmail.o cdb.a fd.a wait.a \
datetime.a getln.a open.a sig.a case.a env.a stralloc.a \
alloc.a substdio.a error.a str.a fs.a auto_qmail.o `cat \
- socket.lib`
+ socket.lib` dns.o `cat dns.lib`
qmail-smtpd.0: \
qmail-smtpd.8
diff -ruN qmail-1.03.orig/qmail-control.9 qmail-1.03/qmail-control.9
--- qmail-1.03.orig/qmail-control.9 Mon Jun 15 12:53:16 1998
+++ qmail-1.03/qmail-control.9 Thu May 6 13:00:45 1999
@@ -55,6 +55,7 @@
.I idhost \fIme \fRqmail-inject
.I localiphost \fIme \fRqmail-smtpd
.I locals \fIme \fRqmail-send
+.I mfcheck \fR0 \fRqmail-smtpd
.I morercpthosts \fR(none) \fRqmail-smtpd
.I percenthack \fR(none) \fRqmail-send
.I plusdomain \fIme \fRqmail-inject
diff -ruN qmail-1.03.orig/qmail-smtpd.8 qmail-1.03/qmail-smtpd.8
--- qmail-1.03.orig/qmail-smtpd.8 Mon Jun 15 12:53:16 1998
+++ qmail-1.03/qmail-smtpd.8 Thu May 6 12:12:31 1999
@@ -97,6 +97,12 @@
This is done before
.IR rcpthosts .
.TP 5
+.I mfcheck
+If set,
+.B qmail-smtpd
+tries to resolve the domain of the envelope from address. It can be
+handy when you want to filter out spamhosts.
+.TP 5
.I morercpthosts
Extra allowed RCPT domains.
If
diff -ruN qmail-1.03.orig/qmail-smtpd.c qmail-1.03/qmail-smtpd.c
--- qmail-1.03.orig/qmail-smtpd.c Mon Jun 15 12:53:16 1998
+++ qmail-1.03/qmail-smtpd.c Thu May 6 13:23:14 1999
@@ -26,6 +26,7 @@
#define MAXHOPS 100
unsigned int databytes = 0;
+unsigned int mfchk = 0;
int timeout = 1200;
int safewrite(fd,buf,len) int fd; char *buf; int len;
@@ -50,6 +51,7 @@
void straynewline() { out("451 See http://pobox.com/~djb/docs/smtplf.html.\r\n");
flush(); _exit(1); }
void err_bmf() { out("553 sorry, your envelope sender is in my badmailfrom list
(#5.7.1)\r\n"); }
+void err_mf() { out("553 sorry, your envelope sender domain must exist
+(#5.7.1)\r\n"); }
void err_nogateway() { out("553 sorry, that domain isn't in my list of allowed
rcpthosts (#5.7.1)\r\n"); }
void err_unimpl() { out("502 unimplemented (#5.5.1)\r\n"); }
void err_syntax() { out("555 syntax error (#5.5.4)\r\n"); }
@@ -112,6 +114,10 @@
if (rcpthosts_init() == -1) die_control();
+ if (control_readint(&mfchk,"control/mfcheck") == -1) die_control();
+ x = env_get("MFCHECK");
+ if (x) { scan_ulong(x,&u); mfchk = u; }
+
bmfok = control_readfile(&bmf,"control/badmailfrom",0);
if (bmfok == -1) die_control();
if (bmfok)
@@ -208,6 +214,23 @@
return 0;
}
+int mfcheck()
+{
+ stralloc sa = {0};
+ ipalloc ia = {0};
+ int j;
+
+ if (!mfchk) return 0;
+ j = byte_rchr(addr.s,addr.len,'@') + 1;
+ if (j < addr.len) {
+ stralloc_copys(&sa, addr.s + j);
+ dns_init(0);
+ if (dns_ip(&ia,&sa) < 0)
+ return 1;
+ }
+ return 0;
+}
+
int addrallowed()
{
int r;
@@ -219,6 +242,7 @@
int seenmail = 0;
int flagbarf; /* defined if seenmail */
+int flagmf; /* defined if seenmail */
stralloc mailfrom = {0};
stralloc rcptto = {0};
@@ -241,6 +265,7 @@
{
if (!addrparse(arg)) { err_syntax(); return; }
flagbarf = bmfcheck();
+ flagmf = mfcheck();
seenmail = 1;
if (!stralloc_copys(&rcptto,"")) die_nomem();
if (!stralloc_copys(&mailfrom,addr.s)) die_nomem();
@@ -251,6 +276,7 @@
if (!seenmail) { err_wantmail(); return; }
if (!addrparse(arg)) { err_syntax(); return; }
if (flagbarf) { err_bmf(); return; }
+ if (flagmf) { err_mf(); return; }
if (relayclient) {
--addr.len;
if (!stralloc_cats(&addr,relayclient)) die_nomem();
