Charles,

you've found an error. Your output in the private e-mail has been extremely useful, so I've checked the code, and found a small (stupid!) bug that works when CHKUSER_STARTING_VARIABLE is defined (in such a case, no check is done on sender).

In 2.0.8 (I'll try to publish it today or tomorrow) this is fixed.

Anyway, this is the correction, inside chkuser.c, in the routine chkuser_sender:

int chkuser_sender (stralloc *sender) {

int count;

+  if (first_time_init_flag) {
+        first_time_init ();
+  }

#if !defined CHKUSER_ALWAYS_ON && defined CHKUSER_STARTING_VARIABLE
  if (starting_value == -1) {
        return CHKUSER_OK;
  }
#endif

#if defined CHKUSER_SENDER_FORMAT || defined CHKUSER_SENDER_MX

-        if (first_time_init_flag) {
-                first_time_init ();
-        }

#if defined CHKUSER_SENDER_NOCHECK_VARIABLE

Thanks,

Tonino

At 01.44 07/12/2004, you wrote:
On Tue, 26 Oct 2004, tonix (Antonio Nati) wrote:

Patch is working in a production enviromnent, but it is anyway released as "development" version, because changes are so important that I'ld like to have a wider testing.

As usual, please help me testing it.
Any bug warning, feedback or comment is welcome!

It looks like there are some issues with verifying the sender dns...

Two things I've noticed:

-This patch seems to undo the "mfcheck" patch.  Previous to patching with chkuser, qmail-smtpd would reject any mail without a proper dns entry for the envelope sender, now it seems to let that all through.  My only patches are Bill Shupp's toaster patch and chkuser 2.0.7.

-Turning on what I think is the equivalent option in chkuser does not seem to do anything (#define CHKUSER_SENDER_MX).

For example, with /var/qmail/control/mfcheck set to 1 and the above define set in chkuser_settings.h:

[EMAIL PROTECTED]/home/spork]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost
Escape character is '^]'.
220 xena.foo.net UCE PROHIBITED ESMTP
mail from: [EMAIL PROTECTED]
250 ok
quit
221 xena.foo.net UCE PROHIBITED
Connection closed by foreign host.

And just to be sure, from outside any tcprules checks:

[EMAIL PROTECTED] telnet mail.foo.net 25
Trying 216.220.96.26...
Connected to mail.foo.net.
Escape character is '^]'.
220 xena.foo.net UCE PROHIBITED ESMTP
mail from: [EMAIL PROTECTED]
250 ok
quit
221 xena.foo.net UCE PROHIBITED
Connection closed by foreign host.

[EMAIL PROTECTED] host -t mx no.real.domain.here.tv.us
Host not found.

That should be rejected outright, correct?

Thanks,

Charles


Tonino


------------------------------------------------------------
       [EMAIL PROTECTED]            Interazioni di Antonio Nati
  http://www.interazioni.it     [EMAIL PROTECTED]
------------------------------------------------------------

Reply via email to