Author: noel
Date: Fri Jun 3 11:49:27 2005
New Revision: 179852
URL: http://svn.apache.org/viewcvs?rev=179852&view=rev
Log:
JAMES-381. Make fastfail DNS RBL user configurable.
Modified:
james/server/trunk/src/conf/james-config.xml
james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandler.java
james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandlerConfigurationData.java
james/server/trunk/src/java/org/apache/james/smtpserver/SMTPServer.java
Modified: james/server/trunk/src/conf/james-config.xml
URL:
http://svn.apache.org/viewcvs/james/server/trunk/src/conf/james-config.xml?rev=179852&r1=179851&r2=179852&view=diff
==============================================================================
--- james/server/trunk/src/conf/james-config.xml (original)
+++ james/server/trunk/src/conf/james-config.xml Fri Jun 3 11:49:27 2005
@@ -570,7 +570,18 @@
<helloName autodetect="true">myMailServer</helloName>
<connectiontimeout>360000</connectiontimeout>
- <!-- Uncomment this if you want to require SMTP authentication. -->
+ <!-- Uncomment this if you want to require SMTP authentication.
+
+ supported values:
+ true: required but announced only to not authorizedAddresses
+ false: don't use AUTH
+ announce: like true, but always announce AUTH capability to
clients
+
+ The correct behaviour per RFC value would be false or announce
+ but we still support true for backward compatibility and because
+ some webmail client fails when AUTH is announced but no
authentication
+ information has been provided
+ -->
<!--
<authRequired>true</authRequired>
-->
@@ -602,6 +613,16 @@
<!-- This sets the maximum allowed message size (in kilobytes) for
this -->
<!-- SMTP service. If unspecified, the value defaults to 0, which
means no limit. -->
<maxmessagesize>0</maxmessagesize>
+
+ <!-- Uncomment this if you want to enable antispam dns based RBL
services -->
+ <!--
+ <rblservers>
+ <rblserver> sbl-xbl.spamhaus.org </rblserver>
+ <rblserver> list.dsbl.org </rblserver>
+ <rblserver> dul.dnsbl.sorbs.net </rblserver>
+ <rblserver> relays.ordb.org </rblserver>
+ </rblservers>
+ -->
</handler>
</smtpserver>
Modified:
james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandler.java
URL:
http://svn.apache.org/viewcvs/james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandler.java?rev=179852&r1=179851&r2=179852&view=diff
==============================================================================
--- james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandler.java
(original)
+++ james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandler.java
Fri Jun 3 11:49:27 2005
@@ -327,32 +327,31 @@
* authenticated.
*/
- static final String[] rblList = {"sbl-xbl.spamhaus.org", "list.dsbl.org",
"dul.dnsbl.sorbs.net", "relays.ordb.org"};
+ private boolean checkDNSRBL(Socket conn, String[] rblList) {
+ if (rblList != null) {
+ String ip = conn.getInetAddress().getHostAddress();
+ StringBuffer sb = new StringBuffer();
+ StringTokenizer st = new StringTokenizer(ip, " .", false);
+ while (st.hasMoreTokens()) {
+ sb.insert(0, st.nextToken() + ".");
+ }
+ String reversedOctets = sb.toString();
- private boolean checkDNSRBL(Socket conn) {
- String ip = conn.getInetAddress().getHostAddress();
- StringBuffer sb = new StringBuffer();
- StringTokenizer st = new StringTokenizer(ip, " .", false);
- while (st.hasMoreTokens()) {
- sb.insert(0, st.nextToken() + ".");
- }
- String reversedOctets = sb.toString();
+ for (int i = 0 ; i < rblList.length ; i++) try {
+ // hardcode which DNS RBL for the moment
+ org.apache.james.dnsserver.DNSServer.getByName(reversedOctets
+ rblList[i]);
+ if (getLogger().isInfoEnabled()) {
+ getLogger().info("Connection from " + ip + " restricted by
" + rblList[i] + " to SMTP AUTH/postmaster/abuse.");
+ }
+ return true;
+ } catch (java.net.UnknownHostException uhe) {
+ // if it is unknown, it isn't blocked
+ }
- for (int i = 0 ; i < rblList.length ; i++) try {
- // hardcode which DNS RBL for the moment
- org.apache.james.dnsserver.DNSServer.getByName(reversedOctets +
rblList[i]);
if (getLogger().isInfoEnabled()) {
- getLogger().info("Connection from " + ip + " restricted by " +
rblList[i] + " to SMTP AUTH/postmaster/abuse.");
+ getLogger().info("Connection from " + ip + " not restricted by
blocklist.");
}
- return true;
- } catch (java.net.UnknownHostException uhe) {
- // if it is unknown, it isn't blocked
}
-
- if (getLogger().isInfoEnabled()) {
- getLogger().info("Connection from " + ip + " not restricted by
blocklist.");
- }
-
return false;
}
@@ -377,7 +376,7 @@
smtpID = random.nextInt(1024) + "";
relayingAllowed = theConfigData.isRelayingAllowed(remoteIP);
authRequired = theConfigData.isAuthRequired(remoteIP);
- blocklisted = checkDNSRBL(connection);
+ blocklisted = checkDNSRBL(connection, theConfigData.getRBLServers());
resetState();
} catch (Exception e) {
StringBuffer exceptionBuffer =
Modified:
james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandlerConfigurationData.java
URL:
http://svn.apache.org/viewcvs/james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandlerConfigurationData.java?rev=179852&r1=179851&r2=179852&view=diff
==============================================================================
---
james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandlerConfigurationData.java
(original)
+++
james/server/trunk/src/java/org/apache/james/smtpserver/SMTPHandlerConfigurationData.java
Fri Jun 3 11:49:27 2005
@@ -20,6 +20,8 @@
import org.apache.james.services.MailServer;
import org.apache.james.services.UsersRepository;
+import java.util.List;
+
/**
* Provides a number of server-wide constant values to the
* SMTPHandlers
@@ -93,4 +95,11 @@
* @return the local users repository
*/
UsersRepository getUsersRepository();
+
+ /**
+ * Returns the RBL server list.
+ *
+ * @return the local users repository
+ */
+ String[] getRBLServers();
}
Modified:
james/server/trunk/src/java/org/apache/james/smtpserver/SMTPServer.java
URL:
http://svn.apache.org/viewcvs/james/server/trunk/src/java/org/apache/james/smtpserver/SMTPServer.java?rev=179852&r1=179851&r2=179852&view=diff
==============================================================================
--- james/server/trunk/src/java/org/apache/james/smtpserver/SMTPServer.java
(original)
+++ james/server/trunk/src/java/org/apache/james/smtpserver/SMTPServer.java Fri
Jun 3 11:49:27 2005
@@ -39,6 +39,9 @@
import org.apache.james.util.watchdog.WatchdogFactory;
import org.apache.mailet.MailetContext;
+import java.util.ArrayList;
+import java.util.List;
+
/**
* <p>Accepts SMTP connections on a server socket and dispatches them to
SMTPHandlers.</p>
*
@@ -120,6 +123,11 @@
private WatchdogFactory theWatchdogFactory;
/**
+ * The sorted list of rbl servers to be checked to limit spam
+ */
+ private String[] rblServers;
+
+ /**
* The configuration data to be passed to the handler
*/
private SMTPHandlerConfigurationData theConfigData
@@ -212,6 +220,24 @@
if (getLogger().isInfoEnabled()) {
getLogger().info("The idle timeout will be reset every " +
lengthReset + " bytes.");
}
+
+ Configuration rblserverConfiguration =
handlerConfiguration.getChild("rblservers");
+ if ( rblserverConfiguration != null ) {
+ ArrayList rblserverCollection = new ArrayList();
+ Configuration[] children =
rblserverConfiguration.getChildren("rblserver");
+ if ( children != null ) {
+ for ( int i = 0 ; i < children.length ; i++ ) {
+ String rblServerName = children[i].getValue();
+ rblserverCollection.add(rblServerName);
+ if (getLogger().isInfoEnabled()) {
+ getLogger().info("Adding RBL server: " +
rblServerName);
+ }
+ }
+ if (rblserverCollection != null && rblserverCollection.size() > 0)
{
+ rblServers = (String[]) rblserverCollection.toArray(new
String[rblserverCollection.size()]);
+ }
+ }
+ }
} else {
mailetcontext.setAttribute(Constants.HELLO_NAME, "localhost");
}
@@ -396,6 +422,13 @@
*/
public UsersRepository getUsersRepository() {
return SMTPServer.this.users;
+ }
+
+ /**
+ * @see
org.apache.james.smtpserver.SMTPHandlerConfigurationData#getRBLServers()
+ */
+ public String[] getRBLServers() {
+ return SMTPServer.this.rblServers;
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
