Interesting -- well done. I'm not sure it's appropriate to include this
in the mainline code however, as it will stop _all_ NDRs, not just
backscatter spam.
Incidentally, if you want this new option to work from a configuration
directory, you should also add your filter code around line 1420
(measured before your patch is applied).
-- Sam Clippinger
On 9/25/10 5:38 AM, m2k wrote:
> Hello,
>
> Did a patch to handle bounce messages from backscatter attack with
> empty sender address.
> The filtering can be enabled using the following new options:
>
> 1. reject-sender-empty : turn on rejection of empty sender address
> 2. rejection-text-sender-empty : Rejection text when sender is empty
>
> Here is the patch against 4.1.0 :
>
> Index: spamdyke/spamdyke.c
> ===================================================================
> --- spamdyke/spamdyke.c (revision 145)
> +++ spamdyke/spamdyke.c (revision 147)
> @@ -1328,6 +1328,14 @@
> filter_sender_rhsbl(current_settings,
> ¤t_settings->current_options->filter_action,
> ¤t_settings->current_options->filter_action_locked,
> ¤t_settings->current_options->rejection,
> ¤t_settings->current_options->rejection_buf,
> current_settings->current_options->reject_message_buf, MAX_BUF);
> filter_sender_no_mx(current_settings,
> ¤t_settings->current_options->filter_action,
> ¤t_settings->current_options->filter_action_locked,
> ¤t_settings->current_options->rejection,
> ¤t_settings->current_options->rejection_buf,
> current_settings->current_options->reject_message_buf, MAX_BUF);
> }
> + } else if (current_settings->current_options->check_sender_empty) {
> + /* Check for missing sender */
> + current_settings->current_options->filter_action =
> FILTER_DECISION_DO_FILTER;
> + set_rejection(current_settings, REJECTION_SENDER_EMPTY,
> + ¤t_settings->current_options->rejection,
> ¤t_settings->current_options->rejection_buf,
> + current_settings->current_options->reject_message_buf, MAX_BUF);
> +
> + SPAMDYKE_LOG_VERBOSE(current_settings,
> LOG_VERBOSE_FILTER_SENDER_EMPTY);
> }
>
> if ((current_settings->current_options->filter_action ==
> FILTER_DECISION_DO_FILTER) &&
> Index: spamdyke/spamdyke.h
> ===================================================================
> --- spamdyke/spamdyke.h (revision 145)
> +++ spamdyke/spamdyke.h (revision 147)
> @@ -551,6 +551,10 @@
> #define ERROR_FAILURE_TLS "Failed to negotiate TLS
> connection."
> #define FAILURE_DATA_TLS { FAILURE_TLS,
> REJECT_SEVERITY_TLS_FAILURE, ERROR_FAILURE_TLS,
> STRLEN(ERROR_FAILURE_TLS), "FAILED_TLS", 0 }
>
> +#define REJECTION_SENDER_EMPTY 26
> +#define ERROR_SENDER_EMPTY "Refused. Your sender address is missing."
> +#define REJECTION_DATA_SENDER_EMPTY { REJECTION_SENDER_EMPTY,
> REJECT_SEVERITY_PERMANENT, ERROR_SENDER_EMPTY,
> STRLEN(ERROR_SENDER_EMPTY), "DENIED_SENDER_EMPTY", 1 }
> +
> #define REJECTION_DATA (struct rejection_data []){ \
> REJECTION_DATA_RCPT_TO, \
> REJECTION_DATA_RCPT_TO_LOCAL, \
> @@ -577,7 +581,8 @@
> REJECTION_DATA_AUTH_REQUIRED, \
> REJECTION_DATA_UNCONDITIONAL, \
> REJECTION_DATA_IDENTICAL_FROM_TO, \
> - FAILURE_DATA_TLS \
> + FAILURE_DATA_TLS, \
> + REJECTION_DATA_SENDER_EMPTY \
> }
>
> #define LOG_USE_CONFIG_TEST 0x01
> @@ -805,6 +810,7 @@
> #define LOG_VERBOSE_FILTER_SENDER_RHSBL "FILTER_RHSBL_MATCH
> domain: %s rhsbl: %s"
> #define LOG_VERBOSE_FILTER_SMTP_AUTH "FILTER_AUTH_REQUIRED"
> #define LOG_VERBOSE_FILTER_SENDER_MX "FILTER_SENDER_NO_MX
> domain: %s"
> +#define LOG_VERBOSE_FILTER_SENDER_EMPTY "FILTER_SENDER_EMPTY"
> #define LOG_VERBOSE_FILTER_RECIPIENT_WHITELIST
> "FILTER_RECIPIENT_WHITELIST recipient: %s entry: %s"
> #define LOG_VERBOSE_FILTER_RECIPIENT_WHITELIST_FILE
> "FILTER_RECIPIENT_WHITELIST recipient: %s file: %s(%d)"
> #define LOG_VERBOSE_FILTER_RECIPIENT_LOCAL
> "FILTER_UNQUALIFIED_RECIPIENT recipient: %s"
> @@ -1385,6 +1391,7 @@
> int check_rdns_exist;
> int check_rdns_resolve;
> int check_sender_mx;
> + int check_sender_empty;
> int check_identical_from_to;
>
> int timeout_connection;
> Index: spamdyke/configuration.c
> ===================================================================
> --- spamdyke/configuration.c (revision 145)
> +++ spamdyke/configuration.c (revision 147)
> @@ -1972,6 +1972,24 @@
> CONFIG_TYPE_BOOLEAN,
> CONFIG_ACCESS_NONE,
> CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE |
> CONFIG_LOCATION_DIR,
> + { "reject-sender-empty", optional_argument, NULL, -1 },
> + { .integer_value = 0 },
> + { .integer_value = 1 },
> + { .get_integer = CONFIG_ACCESSOR_INTEGER(check_sender_empty) },
> + { 0 },
> + FILTER_DECISION_UNDECIDED,
> + FILTER_GRACE_NONE,
> + NULL,
> + NULL,
> + NULL,
> + NULL,
> + "Check presence of sender's email address. If not found, reject
> the connection."
> + " Default: do not check presence of sender's email."
> + },
> + {
> + CONFIG_TYPE_BOOLEAN,
> + CONFIG_ACCESS_NONE,
> + CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE |
> CONFIG_LOCATION_DIR,
> { "reject-unresolvable-rdns", optional_argument, NULL, 'R' },
> { .integer_value = 0 },
> { .integer_value = 1 },
> @@ -2242,6 +2260,7 @@
> "TEXT",
> "Use TEXT as the rejection message when a recipient is blocked
> because the sender's email domain has no mail exchanger. Default: \""
> ERROR_SENDER_NO_MX "\""
> },
> +
> {
> CONFIG_TYPE_STRING_SINGLETON,
> CONFIG_ACCESS_NONE,
> @@ -2259,6 +2278,23 @@
> "TEXT",
> "Use TEXT as the rejection message when a connection is blocked
> because the remote server's rDNS name is listed in a blacklist file or
> directory. Default: \"" ERROR_BLACKLIST_NAME "\""
> },
> + {
> + CONFIG_TYPE_STRING_SINGLETON,
> + CONFIG_ACCESS_NONE,
> + CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE |
> CONFIG_LOCATION_DIR,
> + { "rejection-text-sender-empty", required_argument, NULL, -1 },
> + { .string_value = NULL },
> + { .string_value = NULL },
> + { .get_string =
> CONFIG_ACCESSOR_STRING(rejection_text[REJECTION_SENDER_EMPTY]) },
> + { .max_strlen = 100 },
> + FILTER_DECISION_UNDECIDED,
> + FILTER_GRACE_NONE,
> + NULL,
> + NULL,
> + NULL,
> + "TEXT",
> + "Use TEXT as the rejection message when a recipient is blocked
> because the sender's email is empty. Default: \"" ERROR_SENDER_EMPTY "\""
> + },
> {
> CONFIG_TYPE_STRING_SINGLETON,
> CONFIG_ACCESS_NONE,
>
>
>
>
>
> _______________________________________________
> spamdyke-users mailing list
> [email protected]
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>
_______________________________________________
spamdyke-users mailing list
[email protected]
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
