|
[-]
[+]
|
Changed |
spamdyke.spec
|
|
|
|
[-]
[+]
|
Deleted |
spamdyke-4.0.10.tar.bz2/documentation/TODO.txt
^
|
| @@ -1,126 +0,0 @@
-TODO VERSION N+1:
- Add a forward-resolve whitelist: give a list of FQDNs, resolve each one and
- see if the IP matches the incoming IP. This will make DynDNS work.
- Credit goes to Christian Aust.
- Make find_case_insensitive_needle more efficient. Consider making it a
- complete replacement for strcasestr().
- Add support for /etc/hosts.
- Change the sender blacklist to make it possible to block null senders
- (bounces). Credit goes to Venks Izod.
- Change main() to return a different error code if config-test encounters an
- error or if spamdyke can't start for some reason. Credit goes to Eric
- Shubert.
- Change check_dnsrbl() and check_rhsbl() to keep a list of RBLs/RHSBLs and
- success/failure codes so tests won't be repeated. This will require
- changing nihdns_query() to keep track of NXDOMAIN responses so negative
- responses can be distinguished from missing responses.
- Once nihdns_query() has been changed to track NXDOMAIN responses, change the
- missing rDNS, unresolvable rDNS and missing MX filters to return permanent
- rejection codes if NXDOMAIN is received; continue using temporary codes if
- no response is received.
- Make spamdyke log message information: From/To/Cc/Subject lines (better yet
- make this configurable), presence of attachments and message size.
- Add HELO logging and filtering. Credit goes to Pavel V. Yanchenko.
- Add flags to blackhole mail instead of rejecting it. Make this work correctly
- when there are multiple recipients.
- Add the ability to redirect rejected mail to alternate addresses (substitute
- recipients). Make this work correctly for multiple recipients.
- Add the ability to redirect accepted mail to alternate addresses.
- Add the ability to BCC accepted mail to alternate addresses (recipient
- injection).
- Add recipient validation. This will probably require reimplementing
- qmail's/vpopmail's .qmail file parser. DO NOT reuse code from qmail or
- vpopmail.
- Allow filesystem-based filters to call commands to do processing for them.
- Write some example commands to do gray/black/whitelisting and recipient
- validation in MySQL.
- Consider adding a log entry on exit to show the total wall time spent, the
- time spent running filters, DNS queries, waiting on remote/child data, etc.
- Credit goes to Ulrich Eckardt.
- Add the ability to insert headers instead of rejecting a message.
- Add the ability to modify the subject line instead of rejecting a message.
- Modify the graylist filter to be more forgiving to mailing lists that use
- tagged sender addresses. Look for similarities between previously
- graylisted addresses and allow future senders that match a pattern (e.g.
- remove all numbers in the usernames). Credit goes to Eric Shubert.
- Consider adding support for the RBLSMTPD environment variable. Credit goes
- to Andras Korn.
- Add the ability to limit full logging by IP or rDNS name. Credit goes to
- Paolo.
- Fix the DNS spoofing "bug" by randomizing the outbound port with every query.
- Try not to panic about it like CERT/CC did.
-
-
-TODO VERSION N+2:
- Add a "proxy mode" that will listen for incoming connections and tunnel
- them to another server/port for non-qmail servers (or replace tcpserver
- on qmail servers). Use TLS to communicate with the remote server if
- possible. Listen on multiple interfaces/ports.
- Wrap spamdyke in an NT service so MS Exchange administrators can use it.
- Consider adding support for Maxmind's GeoIP. Credit goes to Andras Korn.
-
-
-TODO VERSION N+3:
- Implement LaBrea-style tarpitting when spamdyke is used to accept incoming
- network connections.
- Add a feature to limit simultaneous (or per-time-period) connections per
- IP/rDNS/sender/recipient.
-
-
-TODO SOONER-RATHER-THAN-LATER:
- Add a feature that would automatically whitelist senders for a recipient
- if the recipient had sent a message to the sender (an auto-whitelist).
- Credit goes to Roman V. Isaev.
- Log the Message-ID field so a message can be tracked from delivery to disk.
- spamdyke will need to add the Message-ID field if needed. Credit goes to
- Frank SDI.
- Consider something to change the per-recipient filters into global filters;
- e.g. exceeding the max recipients or hitting a recipient blacklist rejects
- _everything_, not just the recipient. Credit goes to Frank SDI.
- Rewrite the buffers in middleman() to use a ring buffer instead of constantly
- memmove()ing data around.
- Add a test mode to each filter that will run the filter and log the result
- without actually blocking the connections. That way, the admin can see what
- would happen if different filters were engaged without risking false
- negatives. Credit goes to Marcin Orlowski.
- Consider making log messages configurable with printf-style format strings.
- Credit goes to Andras Korn.
- Add a way to make the ip-in-rdns feature more or less aggressive. This would
- include matching portions of the IP address or allowing multiple characters
- betweeen octets. Credit goes to Marcin Orlowski.
- Include a sample policy page.
- Consider supporting CDB files.
- Add a flag to use regexps in email address files (recipient/sender
- white/blacklists)
- Add a way to inject headers or rewrite Subject lines for mail that should be
- blocked by a filter (but allow it through anyway).
- Change the way write() is called to check if the entire buffer was actually
- written or if a retry is needed.
- After spamdyke becomes a daemon, add a feature to periodically clean out the
- graylist folders.
- After spamdyke becomes a daemon, add a feature to periodically write statistics
- to a file or database. Perhaps listen to a FIFO so the stats can be read
- on demand.
- Rework the install documentation to make it clearer how to setup graylisting
- and how to determine permissions/ownership.
- Consider putting the graphing scripts in the distribution.
- Consider putting the spamtrap and hunter_seeker scripts in the distribution.
- Consider splitting check-rhsbl into two filters: one to check RHSBLs for the
- rDNS name and one to check RHSBLs for the sender's domain name. Credit goes
- to Andras Korn.
-
-
-TODO LATER:
- Add the ability to limit the number of incoming messages from an IP/sender/
- domain or to a recipient/domain in a given time period.
- Add support for DIGEST-MD5 SMTP AUTH.
- Add a "quick mode" for busy servers that will print a reject message and
- immediately disconnect, instead of faking an SMTP conversation.
- Consider adding an auto-whitelist feature when the remote server's IP
- matches the MX record for the sender's domain.
- Consider adding hooks for content scanners like ClamAV or SpamAssassin.
- Consider adding SPF/CSV/Sender ID/DomainKeys/DKIM checking. Does anyone
- actually use them? Does anyone care?
- Find a way to query WHOIS for incoming domain names and reject all domains
- newer than 5 days (domain tasting limit).
- Add the ability to forward to multiple different servers at the same time.
|
|
|
Deleted |
spamdyke-4.0.10.tar.bz2/tests/test-regression_027-null_characters_in_message_data/._input.txt
^
|
|
|
Deleted |
spamdyke-4.0.4.tgz
^
|
|
|
Deleted |
spamdyke-4.0.5.tgz
^
|
|
|
Deleted |
spamdyke-4.0.6.tgz
^
|
|
|
Deleted |
spamdyke-4.0.8.tgz
^
|
|
|
Deleted |
spamdyke-4.0.9.tgz
^
|
|
|
Deleted |
spamdyke-4.1.0.tar.bz2
^
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/documentation/Changelog.txt
^
|
| @@ -1,3 +1,118 @@
+VERSION 4.2.0: 2/5/2011
+ Changed read_file() to return the number of usable lines read, instead of the
+ total number of lines (including comments and whitespace).
+ Fixed a huge thinko in many calls to read_file() -- when the function returns
+ 0, the returned value is NULL. This was causing spamdyke to crash when no
+ content was read from files by "dns-blacklist-file", "dns-whitelist-file",
+ "rhs-blacklist-file", "rhs-whitelist-file" and "hostname-file". Thanks
+ to David Stiller for reporting this one and providing a lot of help in
+ tracking it down.
+ Added the option "tls-cipher-list" for specifying the list of ciphers to use
+ in SSL/TLS connections. This won't be an option many people will ever use,
+ but in specific setups it is required. Thanks to Chris Boulton for
+ suggesting this one and producing a patch to implement it.
+ Added a new value to "tls-level": "smtp-no-passthrough" to allow spamdyke to
+ offer TLS but prevent it from passing TLS through to qmail if the SSL
+ library cannot be initialized for some reason.
+ Fixed a bug in smtp_filter that allowed open relaying when spamdyke was
+ configured with "local-domains-entry" instead of "local-domains-file".
+ Moved code from do_spamdyke() that set stdin and stdout sockets to
+ non-blocking into tls_read() and tls_write() instead. Setting the sockets
+ to non-blocking through the entire run was causing some strange behavior
+ where logging would stop after a series of large inputs.
+ Refactored the address parser (yet again) to fix a bug that wasn't handling
+ routing addresses properly. Thanks to Chris Boulton for reporting this one.
+ Fixed process_config_file() to not reset a "multiple" value to default if it
+ was deliberately cleared during configuration.
+ Fixed prepare_settings() to initialize all default values before processing
+ the command line or configuration files so a "multiple" value can be cleared
+ during configuration.
+ Fixed configure.ac to use a gcc #pragma command to treat format warnings as
+ errors instead of relying on AC_LANG_WERROR (which doesn't always work).
+ Added the options "dns-query-type-a", "dns-query-type-mx",
+ "dns-query-type-ptr" and "dns-query-type-rbl" to limit the types of DNS
+ queries that can be sent for different purposes. Thanks to Teodor Milkov
+ for suggesting this one.
+ Fixed a bug that caused a timeout whenever a post-RCPT filter is triggered
+ on a non-local address. spamdyke is supposed to close the connection to
+ qmail and wait for its exit, but instead was just waiting for its exit,
+ leading to unnecessary timeouts. Thanks to Ulrich C. Manns for reporting
+ this one.
+ Fixed a typo in policy.php.example. Thanks to Richard Lamse for reporting
+ this one.
+ Fixed compiler warnings on Fedora 11. Thanks to Ertan Orhan for reporting
+ this one.
+ Fixed a bug in sendrecv where an uninitialized variable was causing erroneous
+ stalls and timeouts in CentOS 5.5.
+
+VERSION 4.1.0: 7/3/2010
+ Changed the option "hostname-file" to read /var/qmail/control/me by default.
+ Added the option "dns-resolv-conf" to read the nameserver from a file other
+ than /etc/resolv.conf if necessary. Multiple files can be read, if needed.
+ Changed all uses of strncpy() to memcpy() because strncpy() will fill the
+ remainder of the destination buffer with zeroes if the source string is
+ too short. This is not needed because all strings are being explicitly
+ terminated after copies anyway.
+ Added two new parameters to search_file() to allow the matching line data to
+ be returned to the caller.
+ Changed process_access() to save the contents of the RELAYCLIENT environment
+ variable, if set.
+ Added the timefilter program to the utils folder.
+ Reversed a small change to spamdyke_log() made 4.0.8 that will prevent buffer
+ overflows in obscure situations.
+ Changed is_ip_in_name() to look for more patterns of IP addresses in rDNS
+ names: 044.033.022.011, 44.033.022.011, 44.33.022.011 and 44.33.22.011.
+ Thanks to Eduard Svarc for suggesting this one.
+ Changed the syslog output to include an "encryption:" tag at the end that
+ shows the current status of TLS/SSL encryption. Thanks to Eric Shubert for
+ suggesting this one.
+ Added a "-R" option to smtpdummy so it will reject all recipients.
+ Completely rewrote find_address() to completely conform to RFC 2822 when
+ parsing addresses, including quoting, comments, folded whitespace and
+ all the rest.
+ Added the option "reject-identical-sender-recipient" to block any messages
+ where the sender and recipient are the same. Thanks to almost everyone
+ on the mailing list for suggesting this one.
+ Changed nihdns_mx() to tolerate MX records that contain IP addresses (illegal)
+ instead of names.
+ Fixed Makefile.in to use the CPPFLAGS variable from the "configure" script, if
+ the user provided it in an environment variable. Thanks to Iavor Stoev for
+ reporting this one.
+ Fixed the "configure" script to correctly include header files on FreeBSD 7.0.
+ Thanks to Andrew Khon for reporting this one.
+ Added a "-S" flag to sendrecv to prevent it from starting a TLS session when
+ it sees "STARTTLS".
+ Improved sendrecv's usage display to document what each option does.
+ Changed do_spamdyke() to set the stdin and stdout file descriptors to
+ nonblocking before calling middleman(). This works around a bug in the SSL
+ library that will block forever waiting for input, even after SSL_pending()
+ and/or select() has already indicated the socket is ready. Thanks to
+ Teodor Milkov for identifying this problem more than a year ago and trog for
+ producing a patch to fix it!
+ Fixed process_config_file() to reject configuration file lines with
+ bad/missing characters.
+ Fixed process_config_file() to print an "unknown option" error message instead
+ of an "illegal option" message when an unknown option is found in a
+ configuration file.
+ Added option "rejection-text-identical-sender-recipient" to set the rejection
+ message for the identical sender/recipient filter.
+ Created dnsdummy to simulate a nameserver but exit after a short while for
+ testing spamdyke's DNS routines.
+ Converted all DNS-related tests to use dnsdummy and removed all references to
+ spamdyke.org and silence.org. This will also allow the removal of the
+ (hundreds of) bogus entries from the spamdyke.org zone file.
+ Removed the use of getprotobyname() from dns.c and used the defined protocol
+ values in netinet/in.h.
+ Changed nihdns_query() to retry DNS queries via TCP if the response received
+ via UDP has the "truncation" flag set (indicating the answers are too large
+ for a UDP packet). Thanks to Roland Moelle for suggesting this one.
+ Added option "dns-tcp" to control if spamdyke will retry DNS queries via TCP.
+ Added option "dns-spoof" to control if spamdyke will attempt to detect DNS
+ spoofing and, if so, what it should do about it.
+ Fixed smtp_filter() to offer and accept SMTP AUTH (when appropriate) even if
+ the connection is already whitelisted. Thanks to Ratko Rudic for
+ reporting this one.
+
VERSION 4.0.10: 12/17/2008
Added a parameter to nihdns_a() to return the IP address to the caller.
Changed do_spamdyke() to assume the value of TCPREMOTEIP is a name if it
@@ -149,9 +264,9 @@
"long int" and "long long int" may be interchangable and not emit warnings.
Thanks to kjl for reporting this one.
-VERSION 4.0.3: 8/15/2008
+VERSION 4.0.3: 8/12/2008
Changed the configure script to detect environments where printf()/scanf()
- use "%qd" for 64-bit integers instead of "%lld" (FreeBSD). Thanks to
+ use "%qd" for 64-bit integers instead of "%lld" (FreeBSD). Thanks to
Shane Bywater for reporting this one.
Fixed load_resolver_file() to ignore invalid/unparsable nameserver values
in /etc/resolv.conf and default to 127.0.0.1 if no valid entries are
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/documentation/FAQ.html
^
|
| @@ -33,11 +33,14 @@
<h2>Feature Questions</h2>
<ul>
<li><a href="#FEATURE1">Does spamdyke run its filters in any particular order?</a></li>
-<li><a href="#FEATURE2">My users authenticate with SMTP AUTH. Can I still use spamdyke?</a></li>
-<li><a href="#FEATURE3">My users authenticate with POP3-before-SMTP. Can I still use spamdyke?</a></li>
-<li><a href="#FEATURE4">I want to block all emails unless the sender authenticates. Can spamdyke do that?</a></li>
-<li><a href="#FEATURE5">Does spamdyke support TLS?</a></li>
-<li><a href="#FEATURE6">I want to whitelist a large number of IP addresses; can I use wildcards?</a></li>
+<li><a href="#FEATURE2">If spamdyke checks IP blacklists before it checks sender whitelists, will whitelisted senders from blacklisted IPs be blocked?</a></li>
+<li><a href="#FEATURE3">My users authenticate with SMTP AUTH. Can I still use spamdyke?</a></li>
+<li><a href="#FEATURE4">My users authenticate with POP3-before-SMTP. Can I still use spamdyke?</a></li>
+<li><a href="#FEATURE5">I want to block all emails unless the sender authenticates. Can spamdyke do that?</a></li>
+<li><a href="#FEATURE6">Does spamdyke support TLS?</a></li>
+<li><a href="#FEATURE7">I want to whitelist a large number of IP addresses; can I use wildcards?</a></li>
+<li><a href="#FEATURE8">I want to disable some filters for a few domains and enable them for everyone else. Is that possible?</a></li>
+<li><a href="#FEATURE9">My users' PCs are infected with spambots and are sending spam through my server. Can I force them to authenticate to block the spam?</a></li>
</ul>
<h2>Feature Suggestions</h2>
<ul>
@@ -54,6 +57,7 @@
<li><a href="#SUGGESTION7">Instead of trying to prevent relaying itself, why doesn't spamdyke just set the <code>RELAYCLIENT</code>
environment variable based on authentication/sender address/recipient address?</a></li>
<li><a href="#SUGGESTION8">Why can't spamdyke automatically blacklist (or delay) servers that are rejected too many times?</a></li>
+<li><a href="#SUGGESTION9">Why doesn't spamdyke's graylist filter use the IP address of the remote server?</a></li>
</ul>
<h2>Troubleshooting</h2>
<ul>
@@ -73,6 +77,11 @@
<li><a href="#TROUBLE8">Why isn't spamdyke blocking messages from some blacklisted servers/senders/recipients?</a></li>
<li><a href="#TROUBLE9">I can't figure out why spamdyke isn't working correctly -- some features are malfunctioning in
strange ways <b>OR</b> I'm seeing strange/impossible error messages in my logs. What's wrong?</a></li>
+<li><a href="#TROUBLE10">Why are messages still being rejected even after I've added the sender's domain name to my rDNS whitelist? <b>OR</b>
+Why aren't message being rejected after I've added the sender's domain name to my rDNS blacklist?</a></li>
+<li><a href="#TROUBLE11">I enabled the IP-in-rDNS filter, so why isn't spamdyke blocking connections from servers
+with rDNS names that contain IP addresses?</a></li>
+<li><a href="#TROUBLE12">I'm trying to run spamdyke's <code>config-test</code> feature but it only says "Missing qmail-smtpd command". What's wrong?</a></li>
</ul>
<hr />
@@ -172,7 +181,7 @@
<h2>Do I have to install the programs from the "utils" directory? Does spamdyke use
them? Do they use spamdyke or each other?</h2>
<p>
-No. domainsplit and domain2path are just small utilities for use in writing
+No. domainsplit, domain2path and timefilter are just small utilities for use in writing
scripts. spamdyke doesn't use them or depend on them. Conversely, they don't
use or depend on spamdyke.
</p><p>
@@ -271,9 +280,10 @@
On the following systems, spamdyke's configuration script executes correctly, it compiles
without errors or warnings and displays its usage message:
<ul>
-<li>Apple OS X 10.5</li>
+<li>Apple OS X 10.6</li>
<li>CentOS 5.2 64-bit</li>
<li>Fedora Core 4</li>
+<li>Fedora 11</li>
<li>FreeBSD 2.2.2</li>
<li>FreeBSD 4.7</li>
<li>FreeBSD 6.0</li>
@@ -295,10 +305,7 @@
<a name="GEN12"></a>
<h2>I love spamdyke! How can I help? Can I send you money?</h2>
<p>
-Thank you for your generosity, but I'm not soliciting donations.
-I've put some text advertisements on the website to try to cover the cost of hosting
-this server (they don't) but that's about as far as I'm willing to go.
-I started writing spamdyke to meet my own needs.
+Thank you for your generosity, but I must decline donations. I started writing spamdyke to meet my own needs.
I continue writing it as a hobby, not to make money. I get much more pleasure and motivation from reading thank-you emails than
I would from the occasional donation.
</p><p>
@@ -341,17 +348,18 @@
</p><p>
The remaining filters are all checked during the SMTP conversation.
<dl>
-<dd>Limit the number of recipients
-<dd>Block unqualified recipient addresses
-<dd>Block relaying from unauthorized remote hosts
-<dd>Check for sender's domain MX record
-<dd>Graylisting
<dd>Check sender whitelists
-<dd>Check sender blacklists
<dd>Check right-hand-side whitelists for the sender's domain name
+<dd>Check sender blacklists
<dd>Check right-hand-side blacklists for the sender's domain name
+<dd>Check for sender's domain MX record
<dd>Check recipient whitelists
+<dd>Block relaying from unauthorized remote hosts
+<dd>Limit the number of recipients
+<dd>Block unqualified recipient addresses
<dd>Check recipient blacklists
+<dd>Check for identical sender and recipient addresses
+<dd>Graylisting
</dl>
If spamdyke is passing TLS traffic to qmail without processing (i.e.
spamdyke wasn't compiled with TLS support or doesn't have access to the server
@@ -364,6 +372,14 @@
</p>
<a name="FEATURE2"></a>
+<h2>If spamdyke checks IP blacklists before it checks sender whitelists, will whitelisted senders from blacklisted IPs be blocked?</h2>
+<p>
+No. Whitelists (all whitelists) <b>always</b> override all blacklists and all other filters.
+The order in which spamdyke checks the whitelists is not relevant; spamdyke will check all whitelists
+before it rejects a connection.
+</p>
+
+<a name="FEATURE3"></a>
<h2>My users authenticate with SMTP AUTH. Can I still use spamdyke?</h2>
<p>
Yes! As of version 2.5.0, spamdyke understands SMTP AUTH and disables all of
@@ -372,7 +388,7 @@
See the <a href="README.html">README page</a> for complete details.
</p>
-<a name="FEATURE3"></a>
+<a name="FEATURE4"></a>
<h2>My users authenticate with POP3-before-SMTP. Can I still use spamdyke?</h2>
<p>
Probably not. If your POP3 server writes authenticated IP addresses to
@@ -385,7 +401,7 @@
POP3-before-SMTP is really a kludge anyway; consider using SMTP AUTH instead.
</p>
-<a name="FEATURE4"></a>
+<a name="FEATURE5"></a>
<h2>I want to block all emails unless the sender authenticates. Can spamdyke do that?</h2>
<p>
Yes. As of version 4.0.0, spamdyke accepts the <code>smtp-auth-level</code> option. When it is set to <code>require-auth</code>,
@@ -398,7 +414,7 @@
spamdyke will disable its filters for authenticated users and block everyone else.
</p>
-<a name="FEATURE5"></a>
+<a name="FEATURE6"></a>
<h2>Does spamdyke support TLS?</h2>
<p>
As of version 2.6.0, spamdyke supports TLS (which is just another name for SSL).
@@ -416,7 +432,7 @@
See the <a href="README.html">README page</a> for complete details.
</p>
-<a name="FEATURE6"></a>
+<a name="FEATURE7"></a>
<h2>I want to whitelist a large number of IP addresses; can I use wildcards?</h2>
<p>
Yes, as of spamdyke version 2.2.0. The whitelist and blacklist IP
@@ -434,6 +450,51 @@
For complete details, see the <a href="README.html">README page</a>.
</p>
+<a name="FEATURE8"></a>
+<h2>I want to disable some filters for a few domains and enable them for everyone else. Is that possible?</h2>
+<p>
+Yes, as of spamdyke version 4.0.0. Configuration directories allow per-domain
+configuration of most of spamdyke's features.
+</p><p>
+For example, imagine the following scenario:
+The system administrator wants to check all connections for rDNS names (<code>reject-missing-rdns</code>),
+for rDNS name resolution (<code>reject-unresolvable-rdns</code>) and for their IP address
+with a keyword in their rDNS name (<code>ip-in-rdns-keyword-blacklist-file</code>). However, the
+recipients in one domain, example.com, don't like the unresolvable rDNS name filter or the
+keyword filter; they want those two disabled.
+</p><p>
+To accomplish this, spamdyke's main configuration file might contain the following
+options:
+<dl>
+<dd><code>reject-missing-rdns=1</code></dd>
+<dd><code>reject-unresolvable-rdns=1</code></dd>
+<dd><code>ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/rdns_keywords.txt</code></dd>
+<dd><code>config-dir=/etc/spamdyke/config.d</code></dd>
+</dl>
+To disable the two filters for all recipients at example.com, the following options
+would appear in a file named <code>/etc/spamdyke/config.d/_recipient_/com/example</code>:
+<dl>
+<dd><code>reject-unresolvable-rdns=0</code></dd>
+<dd><code>ip-in-rdns-keyword-blacklist-file=!!!</code></dd>
+</dl>
+Configuration directories can be used to accomplish many complex tasks. For example,
+if the file for a specific domain contained options to read blacklist and whitelist
+files from the domain owner's home directory, the domain owner could update their own
+blacklists and whitelists without help from the system administrator!
+</p><p>
+For complete details, see the <a href="README.html#CONFIGURATION_DIR">Configuration Directory documentation</a>.
+</p>
+
+<a name="FEATURE9"></a>
+<h2>My users' PCs are infected with spambots and are sending spam through my server. Can I force them to authenticate to block the spam?</h2>
+<p>
+Yes. See the above question (<a href="#FEATURE8">I want to disable some filters for a few domains and enable them for everyone else. Is that possible?</a>).
+In the configuration directory for each of your local domains, add the option:
+<dl>
+<dd><code>filter-level=require-auth</code></dd>
+</dl>
+</p>
+
<a name="SUGGESTION0"></a>
<h2>On the mailing list, you often promise changes in an upcoming version. How can I find out what you're working on?</h2>
<p>
@@ -702,6 +763,33 @@
as effective.
</p>
+<a name="SUGGESTION9"></a>
+<h2>Why doesn't spamdyke's graylist filter use the IP address of the remote server?</h2>
+<p>
+At first glance, it seems more effective to use three criteria for graylisting: the sender's email
+address, the recipient's email address and the remote server's IP address. Many graylist filters
+do this. Whether it actually stops more spam is questionable.
+</p><p>
+However, using the remote server's IP address often causes more problems than it solves.
+To understand why, consider a large mail service like GMail, Yahoo! or AOL. Such providers handle
+so many messages that they must use dozens of outbound servers to keep up with the load. Imagine
+this scenario:
+<ol>
+<li>A user on a large provider sends a message.
+<li>Server 1 attempts to deliver it. The graylist filter creates a graylist entry and rejects the connection.
+<li>Server 1 puts the message back in the queue to retry later.
+<li>Some time later, server 2 grabs the message and attempts to deliver it. Server 2's IP address is different from server 1's,
+so the graylist filter creates a new entry and rejects the connection.
+<li>Server 2 puts the message back in the queue to retry later.
+<li>Some time later, server 3 grabs the message and attempts to deliver it. Server 3's IP address is different from server 1's and server 2's,
+so the graylist filter creates a new entry and rejects the connection.
+<li>Server 3 puts the message back in the queue to retry later.
+<li>...repeat...
+<li>The message is never delivered and bounces back to the sender.
+</ol>
+By disregarding the remote server's IP address, spamdyke avoids this problem.
+</p>
+
<a name="TROUBLE1"></a>
<h2>Graylisting isn't working! What am I doing wrong?</h2>
<p>
@@ -886,25 +974,79 @@
<p>
Of course, the most likely explanation is a configuration problem. The <code>config-test</code>
feature can help find common mistakes. You may also have found a bug in spamdyke.
-<p></p>
+</p><p>
However, occassionally very strange malfunctions/errors are reported that no one is able to explain.
In those cases, the culprit often turns out to be low memory. Many qmail installations use DJB's
<code>softlimit</code> program to limit the amount of memory that can be used by a single connection.
The limit must allow enough room for spamdyke, qmail and any other filters that have been added.
If the limit is too low, the results are often strange behavior instead of the "out of memory" errors
you might expect.
-<p></p>
+</p><p>
If you're seeing strange malfunctions/errors and you suspect memory might be the issue, first try
-setting it to a rediculously high value for a short time. If the malfunctions/errors stop, you've
+setting it to a ridiculously high value for a short time. If the malfunctions/errors stop, you've
found the cause.
-<p></p>
+</p><p>
Unfortunately, there doesn't seem to be a good way to determine what the limit should be. Some tutorials recommend
10 MB, others 40 MB or even 80 MB. Some guides recommend using trial-and-error to find a limit
where everything appears to work, then doubling it.
-<p></p>
+</p><p>
Good luck!
</p>
+<a name="TROUBLE10"></a>
+<h2>Why are messages still being rejected even after I've added the sender's domain name to my rDNS whitelist? <b>OR</b>
+Why aren't message being rejected after I've added the sender's domain name to my rDNS blacklist?</h2>
+<p>
+The rDNS white/blacklist works by matching the remote server's reverse DNS name (the name that is found by querying
+the remote server's IP address through the DNS system). The sender white/blacklist works by matching the sender's email address.
+</p><p>
+In other words, they're not the same thing at all. It's very common for reverse DNS names to be different than
+the email domain name, even in the case of large companies. To allow or block connections based on reverse DNS names (i.e.
+the "origin_rdns" value in spamdyke's log messages), add the name to the rDNS whitelist or blacklist. To allow or block connections
+based on email domain names (i.e. the "from" value in spamdyke's log messages), add the name to the sender whitelist or blacklist.
+</p>
+
+<a name="TROUBLE11"></a>
+<h2>I enabled the IP-in-rDNS filter, so why isn't spamdyke blocking connections from servers
+with rDNS names that contain IP addresses?</h2>
+<p>
+The IP-in-rDNS filter requires two things to block a connection: the rDNS name must contain the IP address <b>AND</b>
+the rDNS name must contain a keyword. For example, consider the following rDNS name:
+<dl>
+<dt><code>11.22.33.44.dynamic.example.com</code></dt>
+</dl>
+Obviously it contains an IP address (11.22.33.44), but that's not enough to trigger the filter.
+If the keyword <code>dynamic</code> were supplied, spamdyke would block the connection.
+</p><p>
+However, note that the keyword <code>example</code> would not be matched. This is because <code>example</code>
+is part of the last two segments of the domain name. spamdyke will not search for keywords there because
+that would lead to lots of false positives. It is possible to use a domain name as a keyword, if it is
+prefixed with a dot. For example:
+<dl>
+<dt><code>.example.com</code></dt>
+</dl>
+All connections would be blocked where the rDNS name contained the IP address and the name ended in <code>.example.com</code>.
+</p>
+
+<a name="TROUBLE12"></a>
+<h2>I'm trying to run spamdyke's <code>config-test</code> feature but it only says "Missing qmail-smtpd command". What's wrong?</h2>
+<p>
+qmail is a strange beast. Since it's essentially unmaintained, lots of different distributions and patch sets have been
+produced to add various capabilities. In fact, spamdyke's primary purpose is to provide missing capabilities without requiring
+qmail to be patched or recompiled.
+</p><p>
+However, not all of spamdyke's filters are needed (or even appropriate) for everyone, depending on exactly what each particular qmail installation
+can do. For that reason, spamdyke's <code>config-test</code> feature interrogates qmail to see what it can do, then makes
+recommendations based on what it sees.
+</p><p>
+In order to check qmail, spamdyke needs to know the command that is used to start qmail (with all arguments).
+The error "Missing qmail-smtpd command" means the qmail command isn't being supplied on the command line, so spamdyke can't
+start qmail and check it.
+</p><p>
+The correct way to use <code>config-test</code> is to find the full spamdyke/qmail command line in your "run" file (or xinetd config file)
+and run it after adding <code>--config-test</code> near the beginning.
+</p>
+
</div>
</div>
<!--#include virtual="../includes/footer.html"-->
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/documentation/INSTALL.txt
^
|
| @@ -104,6 +104,10 @@
reconfigures syslog to save mail system logs in
/usr/local/psa/var/log/maillog).
+8) OPTIONAL: Copy the policy.php.example page from the "documentation" directory
+ to a website and change spamdyke's "policy-url" option to give its URL.
+ Be sure to test the contact form to make sure it sends messages correctly.
+
The "utils" directory contains additional utilities that spamdyke does not
require. If you wish to compile them, change to the "utils" folder, then run
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/documentation/README.html
^
|
| @@ -20,7 +20,7 @@
features and behavior. If you need documentation for an older version, each version's README
file is included in the download package for that version.
</p><p>
-<b>This document applies to spamdyke version 4.0.10.</b>
+<b>This document applies to spamdyke version 4.2.0.</b>
<ul>
<li><a href="#ABOUT">About spamdyke</a></li>
<li><a href="#SUPPORT">Support</a></li>
@@ -478,6 +478,99 @@
</td>
</tr><tr>
+<td><code>dns-query-type-a</code></td>
+<td> </td>
+<td><code>a</code> or <code>cname</code></td>
+<td>
+<code>a</code>: Request A records when querying for IP addresses.
+<br /><br />
+<code>cname</code>: Request CNAME records when querying for IP addresses.
+<br /><br />
+If <code>dns-query-type-a</code> is given multiple times, spamdyke will use a combination of the given values.
+<br /><br />
+If <code>dns-query-type-a</code> is not given, spamdyke will use a value of <code>a</code> and <code>cname</code>.
+<br /><br />
+<code>dns-query-type-a</code> is not valid within configuration directories.
+<br /><br />
+See <a href="#DNS_QUERIES">DNS Queries</a> for details.
+</td>
+
+</tr><tr>
+<td><code>dns-query-type-mx</code></td>
+<td> </td>
+<td><code>a</code>, <code>cname</code> or <code>mx</code></td>
+<td>
+<code>a</code>: Request A records when querying for mail servers.
+<br /><br />
+<code>cname</code>: Request CNAME records when querying for mail servers.
+<br /><br />
+<code>mx</code>: Request MX records when querying for mail servers.
+<br /><br />
+If <code>dns-query-type-mx</code> is given multiple times, spamdyke will use a combination of the given values.
+<br /><br />
+If <code>dns-query-type-mx</code> is not given, spamdyke will use a value of <code>a</code>, <code>cname</code> and <code>mx</code>.
+<br /><br />
+<code>dns-query-type-mx</code> is not valid within configuration directories.
+<br /><br />
+See <a href="#DNS_QUERIES">DNS Queries</a> for details.
+</td>
+
+</tr><tr>
+<td><code>dns-query-type-ptr</code></td>
+<td> </td>
+<td><code>cname</code> or <code>ptr</code></td>
+<td>
+<code>cname</code>: Request CNAME records when querying for reverse DNS names.
+<br /><br />
+<code>ptr</code>: Request PTR records when querying for reverse DNS names.
+<br /><br />
+If <code>dns-query-type-ptr</code> is given multiple times, spamdyke will use a combination of the given values.
+<br /><br />
+If <code>dns-query-type-ptr</code> is not given, spamdyke will use a value of <code>cname</code> and <code>ptr</code>.
+<br /><br />
+<code>dns-query-type-ptr</code> is not valid within configuration directories.
+<br /><br />
+See <a href="#DNS_QUERIES">DNS Queries</a> for details.
+</td>
+
+</tr><tr>
+<td><code>dns-query-type-rbl</code></td>
+<td> </td>
+<td><code>a</code>, <code>cname</code> or <code>txt</code></td>
+<td>
+<code>a</code>: Request A records when querying DNS RBLs and DNS RHSBLs.
+<br /><br />
+<code>cname</code>: Request CNAME records when querying DNS RBLs and DNS RHSBLs.
+<br /><br />
+<code>txt</code>: Request TXT records when querying DNS RBLs and DNS RHSBLs.
+<br /><br />
+If <code>dns-query-type-rbl</code> is given multiple times, spamdyke will use a combination of the given values.
+<br /><br />
+If <code>dns-query-type-rbl</code> is not given, spamdyke will use a value of <code>a</code>, <code>cname</code> and <code>txt</code>.
+<br /><br />
+<code>dns-query-type-rbl</code> is not valid within configuration directories.
+<br /><br />
+See <a href="#DNS_QUERIES">DNS Queries</a> for details.
+</td>
+
+</tr><tr>
+<td><code>dns-resolv-conf</code></td>
+<td> </td>
+<td><code>FILE</code></td>
+<td>
+Read <code>FILE</code> for the list of system nameservers and other options (e.g. ports, timeouts).
+<br /><br />
+If <code>dns-resolv-conf</code> is given multiple times, each of the given files will be read.
+<br /><br />
+If <code>dns-resolv-conf</code> is not given, spamdyke
+will read the list of nameservers from <code>/etc/resolv.conf</code>.
+<br /><br />
+<code>dns-resolv-conf</code> is not valid within configuration directories.
+<br /><br />
+See <a href="#DNS_QUERIES">DNS Queries</a> for details.
+</td>
+
+</tr><tr>
<td><code>dns-server-ip</code></td>
<td> </td>
<td><code>IPADDRESS[:PORT]</code></td>
@@ -516,6 +609,46 @@
</td>
</tr><tr>
+<td><code>dns-spoof</code></td>
+<td> </td>
+<td><code>accept-all</code>, <code>accept-same-ip</code>, <code>accept-same-port</code> or <code>reject</code></td>
+<td>
+<code>accept-all</code>: Do not check for UDP packet spoofing.
+<br/><br/>
+<code>accept-same-ip</code>: Accept UDP packets from the same IP address query packets were sent to, even if the port number is different.
+<br/><br/>
+<code>accept-same-port</code>: Accept UDP packets from the same port number query packets were sent to, even if the IP address is different.
+<br/><br/>
+<code>reject</code>: Reject all UDP packets that do not come from the same IP address and port number the query packets were sent to.
+<br /><br />
+If <code>dns-spoof</code> is given multiple times, spamdyke will use the last value it finds.
+<br /><br />
+If <code>dns-spoof</code> is not given, spamdyke will use the value <code>accept-all</code>.
+<br /><br />
+<code>dns-spoof</code> is not valid within configuration directories.
+<br /><br />
+See <a href="#DNS_QUERIES">DNS Queries</a> for details.
+</td>
+
+</tr><tr>
+<td><code>dns-tcp</code></td>
+<td> </td>
+<td><code>none</code> or <code>normal</code></td>
+<td>
+Control's whether spamdyke will perform DNS queries over TCP. If <code>normal</code> is given,
+spamdyke will use TCP for queries as needed (i.e. when a nameserver replies via UDP that a TCP
+query is required). If <code>none</code> is given, spamdyke will never use TCP for DNS queries.
+<br /><br />
+If <code>dns-tcp</code> is given multiple times, spamdyke will use the last value it finds.
+<br /><br />
+If <code>dns-tcp</code> is not given, spamdyke will use the value <code>normal</code>.
+<br /><br />
+<code>dns-tcp</code> is not valid within configuration directories.
+<br /><br />
+See <a href="#DNS_QUERIES">DNS Queries</a> for details.
+</td>
+
+</tr><tr>
<td><code>dns-timeout-secs</code></td>
<td> </td>
<td><code>SECS</code></td>
@@ -860,7 +993,7 @@
If <code>hostname</code> is given multiple times, spamdyke will use the last value it finds.
<br /><br />
If <code>hostname</code>, <code>hostname-command</code> and <code>hostname-file</code> are
-not given, spamdyke will search for the host's name in the environment or will use a default name.
+empty, spamdyke will search for the host's name in the environment or will use a default name.
<br /><br />
<code>hostname</code> is not valid within configuration directories.
<br /><br />
@@ -880,7 +1013,7 @@
If <code>hostname-command</code> is given multiple times, spamdyke will use the last value it finds.
<br /><br />
If <code>hostname</code>, <code>hostname-command</code> and <code>hostname-file</code> are
-not given, spamdyke will search for the host's name in the environment or will use a default name.
+empty, spamdyke will search for the host's name in the environment or will use a default name.
<br /><br />
<code>hostname-command</code> is not valid within configuration directories.
<br /><br />
@@ -898,8 +1031,10 @@
<br /><br />
If <code>hostname-file</code> is given multiple times, spamdyke will use the last value it finds.
<br /><br />
+If <code>hostname-file</code> is not given, spamdyke will use a value of <code>/var/qmail/control/me</code>.
+<br /><br />
If <code>hostname</code>, <code>hostname-command</code> and <code>hostname-file</code> are
-not given, spamdyke will search for the host's name in the environment or will use a default name.
+empty, spamdyke will search for the host's name in the environment or will use a default name.
<br /><br />
<code>hostname-file</code> is not valid within configuration directories.
<br /><br />
@@ -1386,6 +1521,32 @@
</td>
</tr><tr>
+<td><code>reject-identical-sender-recipient</code></td>
+<td> </td>
+<td>
+<i>optional:</i><br />
+<code>0</code>,
+<code>1</code>,
+<code>false</code>,
+<code>true</code>,
+<code>no</code> or
+<code>yes</code>
+</td>
+<td>
+Reject any connection where the sender's email address is the same
+as the recipient's email address.
+<br /><br />
+If <code>reject-identical-sender-recipient</code> is given multiple times, spamdyke will use the last value it finds.
+<br /><br />
+If <code>reject-identical-sender-recipient</code> is not given, spamdyke will not reject connections where the sender's
+email address is the same as the recipient's email address.
+<br /><br />
+If <code>reject-identical-sender-recipient</code> is given without an argument, spamdyke will use a value of <code>yes</code>.
+<br /><br />
+See <a href="#REJECTING_ADDRESSES">Rejecting Senders and Recipients</a> for details.
+</td>
+
+</tr><tr>
<td><code>reject-ip-in-cc-rdns</code></td>
<td><code>c</code></td>
<td>
@@ -1584,6 +1745,22 @@
</td>
</tr><tr>
+<td><code>rejection-text-identical-sender-recipient</code></td>
+<td> </td>
+<td><code>TEXT</code></td>
+<td>
+Send <code>TEXT</code> to the client as an error message if
+the sender's email addresses is the same as the recipient's email address.
+<br /><br />
+If <code>rejection-text-identical-sender-recipient</code> is given multiple times, spamdyke will use the last value it finds.
+<br /><br />
+If <code>rejection-text-identical-sender-recipient</code> is not given, spamdyke will use the text
+<code class="breakable">Refused. Identical sender and recipient addresses are not allowed.</code>
+<br /><br />
+See <a href="#SMTP_ERROR">SMTP Error Codes</a> for details.
+</td>
+
+</tr><tr>
<td><code>rejection-text-ip-blacklist</code></td>
<td> </td>
<td><code>TEXT</code></td>
@@ -2118,11 +2295,28 @@
</td>
</tr><tr>
+<td><code>tls-cipher-list</code></td>
+<td> </td>
+<td><code>STRING</code></td>
+<td>
+During SSL/TLS connections, use the list ciphers given in <code>STRING</code>.
+Normally this is not needed, the default list of ciphers is adequate for most usages.
+This option has no effect unless <code>tls-level</code> is also given.
+<br /><br />
+If <code>tls-cipher-list</code> is given multiple times, spamdyke will use the last value it finds.
+<br /><br />
+<code>tls-cipher-list</code> is not valid within configuration directories.
+<br /><br />
+See <a href="#TLS">TLS</a> for details.
+</td>
+
+</tr><tr>
<td><code>tls-level</code></td>
<td> </td>
<td>
<code>none</code>,
-<code>smtp</code> or
+<code>smtp</code>
+<code>smtp-no-passthrough</code> or
<code>smtps</code>
</td>
<td>
@@ -2131,6 +2325,9 @@
<code>smtp</code>: If <code>tls-certificate-file</code> is given, offer TLS during the SMTP conversation and decrypt the traffic. If <code>tls-certificate-file</code> is not given,
allow qmail to offer TLS (if it has been patched to provide TLS) and pass the encrypted traffic to qmail.
<br /><br />
+<code>smtp-no-passthrough</code>: If <code>tls-certificate-file</code> is given, offer TLS during the SMTP conversation and decrypt the traffic.
+If <code>tls-certificate-file</code> is not given, prevent TLS from starting.
+<br /><br />
<code>smtps</code>: Initiate a SSL session at the beginning of the connection, before SMTP begins.
<br /><br />
If <code>tls-level</code> is given multiple times, spamdyke will use the last value it finds.
@@ -2574,7 +2771,7 @@
Each message log entry (produced when the value of <code>log-level</code> is <code>info</code> or higher) takes the following form
(error messages and debugging statements are text preceeded by <code>ERROR:</code>, <code>FILTER:</code>, <code>DEBUG:</code> or <code>EXCESSIVE:</code>):
<dl>
-<dd><code>CODE from: SENDER to: RECIPIENT origin_ip: IPADDRESS origin_rdns: RDNSNAME auth: USERNAME [ reason: REALCODE ]</code>
+<dd><code>CODE from: SENDER to: RECIPIENT origin_ip: IPADDRESS origin_rdns: RDNSNAME auth: USERNAME encryption: TYPE [ reason: REALCODE ]</code>
</dl>
This format makes the logs very easy to parse from other scripts for monitoring
and graphing.
@@ -2595,13 +2792,17 @@
<tr>
<td><code>ALLOWED_AUTHENTICATED</code></td>
-<td>The remote client successfully authenticated using SMTP AUTH with spamdyke. If qmail is patched to provide SMTP AUTH, this code will never be used.</td>
+<td>The remote client successfully authenticated using SMTP AUTH with spamdyke. If qmail is patched to provide SMTP AUTH, this code will never be used.
+This message is only printed in full log files (see <a href="#FULL_LOGGING">Logging All Data</a>); the normal log will only contain <code>ALLOWED</code>.
+</td>
<td> </td>
</tr>
<tr>
<td><code>ALLOWED_TLS</code></td>
-<td>The remote client successfully started a TLS session with spamdyke.</td>
+<td>The remote client successfully started a TLS session with spamdyke.
+This message is only printed in full log files (see <a href="#FULL_LOGGING">Logging All Data</a>); the normal log will only contain <code>ALLOWED</code>.
+</td>
<td> </td>
</tr>
@@ -2663,6 +2864,15 @@
</tr>
<tr>
+<td><code>DENIED_IDENTICAL_SENDER_RECIPIENT</code></td>
+<td>The connection was blocked because the sender's email address is the same as
+the recipient's email address.</td>
+<td>
+<code>reject-identical-sender-recipient</code>
+</td>
+</tr>
+
+<tr>
<td><code>DENIED_IP_IN_CC_RDNS</code></td>
<td>The connection was blocked because the remote server's
IP address was found in the remote server's rDNS name <u>and</u> the remote
@@ -2861,6 +3071,39 @@
<code>USERNAME</code> is the username given during authentication, if authentication was
successful, or <code>(unknown)</code> otherwise.
</p><p>
+<code>TYPE</code> is the type of encryption used during the connection. The possible values are listed below:
+<table border=1 cellspacing=0 width=100% class="options">
+<tr>
+<td><code>TYPE</code></td>
+<td>Description</td>
+</tr>
+
+<tr>
+<td><code>(none)</code></td>
+<td>The connection is not encrypted.</td>
+</tr>
+
+<tr>
+<td><code>TLS_PASSTHROUGH</code></td>
+<td>The client started a TLS connection with qmail, not with spamdyke. spamdyke is passing the encrypted
+traffic between the server and client, but cannot decrypt the data. As a result, some filters will not
+be able to run.</td>
+</tr>
+
+<tr>
+<td><code>TLS</code></td>
+<td>The connection has been encrypted since the client started a TLS connection with spamdyke. All filters
+can run normally.</td>
+</tr>
+
+<tr>
+<td><code>SSL</code></td>
+<td>The connection has been encrypted since the very beginning because the client connected using SSL (SMTPS).
+All filters can run normally.</td>
+</tr>
+
+</table>
+</p><p>
<code>REALCODE</code> is only present if <code>CODE</code> is <code>TIMEOUT</code> and the connection was going to be
blocked anyway. For example, if a remote server has no rDNS entry and the
connection is going to be blocked but the connection times out instead, <code>CODE</code>
@@ -2878,6 +3121,7 @@
<code>rejection-text-earlytalker</code><br />
<code>rejection-text-empty-rdns</code><br />
<code>rejection-text-graylist</code><br />
+<code>rejection-text-identical-sender-recipient</code><br />
<code>rejection-text-ip-blacklist</code><br />
<code>rejection-text-ip-in-cc-rdns</code><br />
<code>rejection-text-ip-in-rdns-keyword-blacklist</code><br />
@@ -2962,6 +3206,14 @@
</tr>
<tr>
+<td><code>DENIED_IDENTICAL_SENDER_RECIPIENT</code></td>
+<td>
+<code>Refused. Identical sender and recipient addresses are not allowed.</code>
+</td>
+<td><code>rejection-text-identical-sender-recipient</code></td>
+</tr>
+
+<tr>
<td><code>DENIED_IP_IN_CC_RDNS</code></td>
<td>
<code>Refused. Your reverse DNS entry contains your IP address and a country code.</code>
@@ -3222,8 +3474,15 @@
<code>dns-level</code><br />
<code>dns-max-retries-primary</code><br />
<code>dns-max-retries-total</code><br />
+<code>dns-query-type-a</code><br/>
+<code>dns-query-type-mx</code><br/>
+<code>dns-query-type-ptr</code><br/>
+<code>dns-query-type-rbl</code><br/>
+<code>dns-resolv-conf</code><br />
<code>dns-server-ip</code><br />
<code>dns-server-ip-primary</code><br />
+<code>dns-spoof</code><br/>
+<code>dns-tcp</code><br/>
<code>dns-timeout-secs</code><br />
</h3>
<p>
@@ -3232,18 +3491,22 @@
<b>Take care when using any of these options, as setting them incorrectly can prevent spamdyke
from functioning correctly.</b> Most of the time, there is no need to use them -- spamdyke will
read its DNS information from <code>/etc/resolv.conf</code> and the environment, as documented
-in the system <code>resolver(5)</code> manual page.
+in the system <code>resolver(5)</code> manual page. If the option <code>dns-resolv-conf</code>
+is given, spamdyke will read the given file instead of <code>/etc/resolv.conf</code>.
</p><p>
spamdyke ranks nameservers into two categories: "primary" and "secondary".
Primary nameservers are queried first; secondary nameservers are only queried if no
response is received from a primary nameserver.
</p><p>
-Normally, spamdyke reads its list of nameservers from <code>/etc/resolv.conf</code>, just like
+Normally, spamdyke reads its list of nameservers from <code>/etc/resolv.conf</code>
+(or another file given with <code>dns-resolv-conf</code>), just like
any other program. It considers the first nameserver it finds in that file to be a primary
nameserver. All others are considered to be secondary nameservers. This list can be overridden,
however, using the <code>dns-server-ip</code> and <code>dns-server-ip-primary</code> options.
spamdyke also honors the <code>port</code>, <code>timeout</code> and <code>options</code>
-directives (if any) in the <code>/etc/resolv.conf</code> file. If the environment variable
+directives (if any) in the <code>/etc/resolv.conf</code> file
+(or another file given with <code>dns-resolv-conf</code>).
+If the environment variable
<code>RES_OPTIONS</code> is present, spamdyke will parse it for a timeout value.
</p><p>
If either <code>dns-server-ip</code> or <code>dns-server-ip-primary</code> are used, the file
@@ -3294,10 +3557,83 @@
queries returned no results.
</ul>
</p><p>
-<b>NOTE: Depending on the type of query spamdyke is performing, multiple packets are typically sent to each nameserver.
-For example, when querying a DNS RBL, a "query" consists of 3 packets -- one requesting A records, one requesting TXT
+Depending on the type of query spamdyke is performing, multiple packets are typically sent to each nameserver.
+By default, when querying a DNS RBL, a "query" consists of 3 packets -- one requesting A records, one requesting TXT
records and one requesting CNAME records. In the <code>aggressive</code> example above, the 18 queries would result in
-52 data packets.</b>
+52 data packets. This behavior can be controlled through the use of several options:
+<dl>
+<dt><code>dns-query-type-a</code>: Sets the types of queries that are performed when seeking an IP address when
+looking up a reverse DNS name.
+The following values can be given:</dt>
+<dd>
+<ul>
+<li><code>a</code>: Request and process DNS A records in response to queries.
+<li><code>cname</code>: Request and process DNS CNAME records in response to queries. This is desirable if the target
+name is simply an alias for another name.
+</ul>
+</dd>
+<dt><code>dns-query-type-mx</code>: Sets the types of queries that are performed when seeking a mail server record
+within the "reject-missing-sender-mx" filter.
+The following values can be given:</dt>
+<dd>
+<ul>
+<li><code>a</code>: Request and process DNS A records in response to queries. This is desirable if the name is a specific
+machine instead of a domain name.
+<li><code>cname</code>: Request and process DNS CNAME records in response to queries. This is desirable if the target
+name is simply an alias for another name.
+<li><code>mx</code>: Request and process DNS MX records in response to queries.
+</ul>
+</dd>
+<dt><code>dns-query-type-ptr</code>: Sets the types of queries that are performed when seeking a reverse DNS name.
+The following values can be given:</dt>
+<dd>
+<ul>
+<li><code>cname</code>: Request and process DNS CNAME records in response to queries. This is desirable if the target
+name is simply an alias for another name. Many ISPs delegate PTR control this way.
+<li><code>ptr</code>: Request and process DNS PTR records in response to queries.
+</ul>
+</dd>
+<dt><code>dns-query-type-rbl</code>: Sets the types of queries that are performed when querying a DNS RBL, RHSBL, DNS whitelist or RHSWL.
+The following values can be given:</dt>
+<dd>
+<ul>
+<li><code>a</code>: Request and process DNS A records in response to queries.
+<li><code>cname</code>: Request and process DNS CNAME records in response to queries.
+<li><code>txt</code>: Request and process DNS TXT records in response to queries.
+</ul>
+</dd>
+</dl>
+<b>NOTE: It is not normally necessary to set these options; they are only useful in very specific situations where a local
+DNS server does not respond quickly to a specific type of query.
+</p><p>
+Most DNS queries are performed using UDP packets, which can carry no more than 512 bytes of data.
+This is enough data for typical DNS data, but occasionally some records are too big to fit in 512 bytes. When that
+happens, the nameserver should reply with a UDP packet that indicates the data is too large. The solution is to then
+resend the query via TCP, which can handle data of any size.
+spamdyke will fall back to TCP if the <code>dns-tcp</code> option is set to <code>normal</code>. If it is <code>none</code>,
+spamdyke will not use TCP at all; it will ignore the response entirely and continue its normal query pattern.
+</p><p>
+UDP packets are stateless, which means any server on the internet can send a UDP packet to any other server at any time.
+In theory, if spamdyke sends a DNS query via UDP and a malicious server sends a UDP response at the right moment, spamdyke
+will accept it as the answer to its query. (This would be extremely difficult, as the malicious server would have
+to know a lot about spamdyke's internal state to create an acceptable reply, but it is possible).
+</p><p>
+To prevent this from happening, spamdyke always checks the response ID against the query IDs and dicards any responses
+that don't match. In addition, spamdyke can check the IP address and port number of the remote server to see if they
+match the IP and port to which the query packet(s) were sent. The following values of the <code>dns-spoof</code> option
+control spamdyke's behavior:
+<ul>
+<li><code>accept-all</code>: Accept any response from any server. This is the default.
+<li><code>accept-same-ip</code>: Accept any response as long as the IP address of the sending server is the same as the IP address
+the query was sent to. The port number may be different.
+<li><code>accept-same-port</code>: Accept any response as long as the port number on the sending server is the same as the port number
+the query was sent to. The IP address may be different. (This option may not be very useful.)
+<li><code>reject</code>: Only accept responses where the IP address and port number of the sending server match the IP address and
+port number the query was sent to.
+</ul>
+<b>NOTE: Be very careful when setting the <code>dns-spoof</code> option.
+Some DNS servers may send responses from different port numbers as part of their normal operation. Moreover, multi-homed servers
+may send responses from different IP addresses. If you don't need to use this option, don't.</b>
</p>
<a name="FILTER_LEVELS"></a>
@@ -3325,6 +3661,7 @@
<h2>TLS</h2>
<h3>
<code>tls-certificate-file</code><br />
+<code>tls-cipher-list</code><br />
<code>tls-level</code><br />
<code>tls-privatekey-file</code><br />
<code>tls-privatekey-password</code><br />
@@ -3332,8 +3669,9 @@
</h3>
<p>
TLS is another name for SSL, the same encryption protocol used by secure
-websites. TLS can be used during SMTP to
-provide secure communications between the remote client and the server.
+websites (it's called SSL when the entire connection is encrypted from the start,
+it's called TLS when the encryption is started later during the connection).
+TLS can be used during SMTP to provide secure communications between the remote client and the server.
</p><p>
spamdyke supports TLS in several ways. First, with no TLS options given,
spamdyke will identify a TLS conversation and simply pass the data back and
@@ -3351,17 +3689,27 @@
<li><code>none</code>: Do not provide or allow TLS, even if qmail supports it.
qmail's attempt to advertise its TLS support will be hidden and the remote
server's request for TLS will be denied.
-<li><code>smtp</code>: Provide TLS during the SMTP session, so that it can be
+<li><code>smtp</code>: Provide TLS during the SMTP session, so it can be
started if the remote server requests it. spamdyke will decrypt all of the
-data and pass the plaintext to qmail. qmail will not be aware that TLS is
+data and pass the plaintext to qmail. qmail will not be aware TLS is
happening. In this mode, qmail does not need to be patched to provide TLS.
+However, if the SSL library cannot be initialized for some reason (e.g.
+missing certificate, bad cipher list), the TLS data will be passed through to
+qmail in encrypted format so qmail can provide TLS (assuming qmail has been patched to support it). In this mode, spamdyke
+will not be able to read the data, so some of its filters will not function.
+<li><code>smtp-no-passthrough</code>: Provide TLS during the SMTP session, so it can be
+started if the remote server requests it. spamdyke will decrypt all of the
+data and pass the plaintext to qmail. qmail will not be aware TLS is
+happening. In this mode, qmail does not need to be patched to provide TLS.
+If spamdyke cannot start TLS for any reason, the encrypted data will not be
+passed through to qmail.
<li><code>smtps</code>: Start an SSL session as soon as the connection is
opened. This mode is called "SMTP over SSL" or "SMTPS". The remote client
must support this method. Typically, SMTPS is offered on port 465, not port
25.
</ul>
</p><p>
-If <code>tls-level</code> is <code>smtp</code> or <code>smtps</code>,
+If <code>tls-level</code> is <code>smtp</code>, <code>smtp-no-passthrough</code> or <code>smtps</code>,
the server certificate must also be provided with
the <code>tls-certificate-file</code> parameter.
</p><p>
@@ -3376,8 +3724,17 @@
Generating self-signed certificates is very easy with OpenSSL. Countless
tutorials are available on the web.
</p><p>
-If there are any problems reading the certificate, the private key or decrypting
-the private key, spamdyke will log the errors to syslog and fall back to passing
+Rarely, some situations will require specifying the list of encryption algorithms (ciphers)
+to be used during TLS. In those cases, the <code>tls-cipher-list</code> option can be used
+to pass a list of ciphers in the format expected by the OpenSSL library. The vast majority
+of spamdyke installations will not need this option -- the default list of ciphers is usually fine.
+To see the full list of available ciphers, run the command <code>openssl ciphers</code>.
+For details on how to construct the list, see <a href="http://www.openssl.org/docs/apps/ciphers.html">www.openssl.org/docs/apps/ciphers.html</a>.
+<b>NOTE:</b> Be careful to check the list of ciphers very carefully -- invalid ciphers (typos) are allowed and will be silently ignored.
+The OpenSSL library will only produce an error if none of the ciphers in the list can be used.
+</p><p>
+If there are any problems reading the certificate, the private key, decrypting
+the private key or initializing the ciphers, spamdyke will log the errors to syslog and fall back to passing
the TLS data through to qmail, if qmail has been patched to provide TLS
(or spamdyke will send the remote client an error message if qmail doesn't provide
TLS). spamdyke will also log the error messages produced by OpenSSL, even
@@ -3385,10 +3742,8 @@
</p><p>
NOTE: spamdyke does not disable any of its filters simply because a remote
client uses TLS or SSL. In SMTP, TLS/SSL is simply a method of securing the communication
-channel. It is not an authentication method. While it's true spammers aren't
-using TLS and therefore any client that does use it is unlikely to be a spammer,
-there's no reason to assume that will be true forever. spamdyke will only
-disable its filters for clients it finds on its whitelists or ones that use
+channel. It is not an authentication method and spammers are using TLS.
+spamdyke will only disable its filters for clients it finds on its whitelists or ones that use
SMTP AUTH.
</p><p>
If in doubt about enabling TLS, do it. Encrypting email data is always a
@@ -3481,8 +3836,9 @@
option can be used to provide the local server's name for this reason. When <code>hostname</code>
is used, the value should be the server's name. When <code>hostname-command</code> is used,
the value should be a command that will print the server's name as its first line of output.
-When <code>hostname-filename</code> is used, the value should be the path to a file that contains
-the server's name as its first line. <b>NOTE: If the local server's name is not provided,
+When <code>hostname-file</code> is used, the value should be the path to a file that contains
+the server's name as its first line. By default, <code>hostname-file</code> is set to <code>/var/qmail/control/me</code>.
+<b>NOTE: If the local server's name is not provided,
CRAM-MD5 will still work and it will still generate random challenge text. Using the local server's name
only makes it <i>slightly</i> more secure. It's not worth a large effort to provide it.</b>
</p><p>
@@ -3696,6 +4052,10 @@
<dd><code>11.22.033.044</code>
<dd><code>11.22.33.044</code>
<dd><code>44.33.22.11</code>
+<dd><code>44.33.22.011</code>
+<dd><code>44.33.022.011</code>
+<dd><code>44.033.022.011</code>
+<dd><code>044.033.022.011</code>
<dd><code>44.11.22.33</code>
<dd><code>33.22.11.44</code>
<dd><code>44.33.1122</code>
@@ -3859,6 +4219,7 @@
<code>local-domains-file</code><br />
<code>recipient-blacklist-entry</code><br />
<code>recipient-blacklist-file</code><br />
+<code>reject-identical-sender-recipient</code<br />
<code>reject-missing-sender-mx</code><br />
<code>sender-blacklist-entry</code><br />
<code>sender-blacklist-file</code>
@@ -3929,6 +4290,13 @@
</p><p>
Conveniently, this wildcard system matches the system used in qmail's
<code>controls/rcpthosts</code> file.
+</p><p>
+As of 2010, spammers have become fond of sending messages to an address while using
+the same address as the sender address. This bypasses a lot of spam filters that assume
+any email from a local address must be good.
+The <code>reject-identical-sender-recipient</code> will block these spam messages. This
+option is normally safe to enable, as most users authenticate to send email, which bypasses
+all of spamdyke's filters.
</p>
<a name="DNSWHITELISTS"></a>
@@ -4100,6 +4468,11 @@
As of 2008, not many ISPs are using graylisting yet, so it's still very effective.
However, it won't be difficult for spammers to circumvent it (once enough ISPs
have implemented it), so its effectiveness won't last forever.
+</p><p>
+<b>NOTE:</b> Because spamdyke's graylist filter creates lots (and lots) of small files,
+it can threaten a server's filesystem by consuming all of the available inodes
+(especially on busy servers). Be sure to monitor the number of available inodes
+in case this becomes a problem.
</p>
<a name="EARLYTALKERS"></a>
@@ -4211,6 +4584,8 @@
<dd>An example program that demonstrates finding DNS SOA records (start-of-authority) for domain names.
<dt>dnstxt
<dd>An example program that demonstrates finding DNS TXT records (text information) for fully qualified domain names.
+<dt>timefilter
+<dd>A utility for filtering log files to display log entries from within a given date range. Only really useful in scripts.
</dl>
</p><p>
None of these utilities depend on being installed in any specific folder.
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/documentation/README_rdns_file_format.html
^
|
| @@ -37,12 +37,12 @@
Two names will be matched by these entries, <code>mail.example.com</code> and
<code>smtp.example.com</code>.
</p><p>
-The rDNS names may also use wildcards by beginning with dots (<code>.</code>). For example,
+The rDNS names may also use wildcards by beginning with dots (<code>.</code>) to match whole domains. For example,
if the file contained the following entry:
<dl>
<dd><code>.example.com</code>
</dl>
-The names <code>example.com, <code>mail.example.com</code> and <code>mail.internal.example.com</code> will
+The names <code>example.com</code>, <code>mail.example.com</code> and <code>mail.internal.example.com</code> will
match. If the file contained the following entry:
<dl>
<dd><code>.mail.example.com</code>
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/documentation/UPGRADING.txt
^
|
| @@ -7,6 +7,12 @@
options and features. Be sure to check that file for full details on these
changes.
+UPGRADING FROM VERSION 4.1.0 to 4.2.0:
+ All changes are backwards compatible.
+
+UPGRADING FROM VERSION 4.0.10 to 4.1.0:
+ All changes are backwards compatible.
+
UPGRADING FROM VERSION 4.0.9 to 4.0.10:
All changes are backwards compatible.
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/documentation/development_notes
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/documentation/development_notes/TODO.txt
^
|
| @@ -0,0 +1,132 @@
+HIGHEST PRIORITIES:
+ Add recipient validation. This will probably require reimplementing
+ qmail's/vpopmail's .qmail file parser. DO NOT reuse code from qmail or
+ vpopmail.
+ DKIM/SPF support, including ability to use valid DKIM/SPF as whitelists
+ Full log conditionality, based on IP or rDNS or more.
+ Make spamdyke log message information: From/To/Cc/Subject lines (better yet
+ make this configurable), presence of attachments and message size.
+ Add flags to blackhole mail instead of rejecting it. Make this work correctly
+ when there are multiple recipients.
+ Add the ability to redirect rejected mail to alternate addresses (substitute
+ recipients). Make this work correctly for multiple recipients.
+ Add the ability to redirect accepted mail to alternate addresses.
+ Add the ability to BCC accepted mail to alternate addresses (recipient
+ injection).
+ Add the ability to insert headers instead of rejecting a message.
+ Add the ability to modify the subject line instead of rejecting a message.
+ Full database support, especially for the graylist filter, to make life
+ simpler for administrators of large sites.
+ Add a feature that would automatically whitelist senders for a recipient
+ if the recipient had sent a message to the sender (an auto-whitelist).
+ Credit goes to Roman V. Isaev.
+ Add a "proxy mode" that will listen for incoming connections and tunnel
+ them to another server/port for non-qmail servers (or replace tcpserver
+ on qmail servers). Use TLS to communicate with the remote server if
+ possible. Listen on multiple interfaces/ports.
+ Wrap spamdyke in an NT service so MS Exchange administrators can use it.
+ Tarpit mode to trap botnet spammers the way LaBrea used to trap Code Red
+ attackers.
+
+LOWER PRIORITIES:
+ Add the ability to require TLS/SSL before authentication is allowed (e.g. a
+ "require-tls" value for "smtp-auth-level". Credit goes to Eric Shubert.
+ Consider extending sender/recipient wildcards to allow user@ instead of just
+ @domain. Credit goes to stephan.
+ Consider adding a filter to block messages where the From field doesn't match
+ the envelope sender.
+ Consider changing the logging of DENIED_OTHER to include the rejection text
+ from the downstream filter. Credit goes to David Stiller.
+ Make spamdyke output a message for every connection no matter what, even a
+ short connect/disconnect. Credit goes to Eric Shubert.
+ Create an IP-testing function (to check parsability and ranges) and change all
+ of the (many) tests to use it.
+ Change the unqualified recipient filter to read /var/qmail/control/envathost
+ Add a forward-resolve whitelist: give a list of FQDNs, resolve each one and
+ see if the IP matches the incoming IP. This will make DynDNS work.
+ Credit goes to Christian Aust.
+ Make find_case_insensitive_needle more efficient. Consider making it a
+ complete replacement for strcasestr().
+ Add support for /etc/hosts.
+ Change the sender blacklist to make it possible to block null senders
+ (bounces). Credit goes to Venks Izod.
+ Change main() to return a different error code if config-test encounters an
+ error or if spamdyke can't start for some reason. Credit goes to Eric
+ Shubert.
+ Change check_dnsrbl() and check_rhsbl() to keep a list of RBLs/RHSBLs and
+ success/failure codes so tests won't be repeated. This will require
+ changing nihdns_query() to keep track of NXDOMAIN responses so negative
+ responses can be distinguished from missing responses.
+ Once nihdns_query() has been changed to track NXDOMAIN responses, change the
+ missing rDNS, unresolvable rDNS and missing MX filters to return permanent
+ rejection codes if NXDOMAIN is received; continue using temporary codes if
+ no response is received.
+ Add HELO logging and filtering. Credit goes to Pavel V. Yanchenko.
+ Allow filesystem-based filters to call commands to do processing for them.
+ Write some example commands to do gray/black/whitelisting and recipient
+ validation in MySQL.
+ Consider adding a log entry on exit to show the total wall time spent, the
+ time spent running filters, DNS queries, waiting on remote/child data, etc.
+ Credit goes to Ulrich Eckardt.
+ Modify the graylist filter to be more forgiving to mailing lists that use
+ tagged sender addresses. Look for similarities between previously
+ graylisted addresses and allow future senders that match a pattern (e.g.
+ remove all numbers in the usernames). Credit goes to Eric Shubert.
+ Consider adding support for the RBLSMTPD environment variable. Credit goes
+ to Andras Korn.
+ Add the ability to limit full logging by IP or rDNS name. Credit goes to
+ Paolo.
+ Fix the DNS spoofing "bug" by randomizing the outbound port with every query.
+ Try not to panic about it like CERT/CC did.
+ Consider adding support for Maxmind's GeoIP. Credit goes to Andras Korn.
+ Implement LaBrea-style tarpitting when spamdyke is used to accept incoming
+ network connections.
+ Add a feature to limit simultaneous (or per-time-period) connections per
+ IP/rDNS/sender/recipient.
+ Log the Message-ID field so a message can be tracked from delivery to disk.
+ spamdyke will need to add the Message-ID field if needed. Credit goes to
+ Frank SDI.
+ Consider something to change the per-recipient filters into global filters;
+ e.g. exceeding the max recipients or hitting a recipient blacklist rejects
+ _everything_, not just the recipient. Credit goes to Frank SDI.
+ Rewrite the buffers in middleman() to use a ring buffer instead of constantly
+ memmove()ing data around.
+ Add a test mode to each filter that will run the filter and log the result
+ without actually blocking the connections. That way, the admin can see what
+ would happen if different filters were engaged without risking false
+ negatives. Credit goes to Marcin Orlowski.
+ Consider making log messages configurable with printf-style format strings.
+ Credit goes to Andras Korn.
+ Add a way to make the ip-in-rdns feature more or less aggressive. This would
+ include matching portions of the IP address or allowing multiple characters
+ betweeen octets. Credit goes to Marcin Orlowski.
+ Consider supporting CDB files.
+ Add a flag to use regexps in email address files (recipient/sender
+ white/blacklists)
+ "Some people, when confronted with a problem, think 'I know, I'll use
+ regular expressions.' Now they have two problems." — Jamie Zawinski
+ After spamdyke becomes a daemon, add a feature to periodically clean out the
+ graylist folders.
+ After spamdyke becomes a daemon, add a feature to periodically write statistics
+ to a file or database. Perhaps listen to a FIFO so the stats can be read
+ on demand.
+ Rework the install documentation to make it clearer how to setup graylisting
+ and how to determine permissions/ownership.
+ Consider putting the graphing scripts in the distribution.
+ Consider putting the spamtrap and hunter_seeker scripts in the distribution.
+ Consider splitting check-rhsbl into two filters: one to check RHSBLs for the
+ rDNS name and one to check RHSBLs for the sender's domain name. Credit goes
+ to Andras Korn.
+ Add the ability to limit the number of incoming messages from an IP/sender/
+ domain or to a recipient/domain in a given time period.
+ Add support for DIGEST-MD5 SMTP AUTH.
+ Add a "quick mode" for busy servers that will print a reject message and
+ immediately disconnect, instead of faking an SMTP conversation.
+ Consider adding an auto-whitelist feature when the remote server's IP
+ matches the MX record for the sender's domain.
+ Consider adding hooks for content scanners like ClamAV or SpamAssassin.
+ Find a way to query WHOIS for incoming domain names and reject all domains
+ newer than 5 days (domain tasting limit).
+ Add the ability to forward to multiple different servers at the same time.
+ Add a way to block messages based on the character set, so foreign language
+ spam can be blocked regardless of source.
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/documentation/development_notes/parsing_addresses.txt
^
|
| @@ -0,0 +1,58 @@
+Correct email address format is documented in RFC 2822, which supercedes RFC 822.
+Notes below.
+
+FWS is:
+ zero or more ASCII 9,32 (2822#2.2.2, 2822#3.2.3)
+ zero or more CRLF (2822#3.2.3)
+ one or more ASCII 9,32 (2822#2.2.2, 2822#3.2.3)
+
+A comment is:
+ a single ( character (2822#3.2.3)
+ optional loop:
+ optional FWS (2822#3.2.3)
+ sequence of ASCII chars 1-8,11,12,14-31,33-39,42-91,93-127 (2822#3.2.3)
+ optional FWS (2822#3.2.3)
+ a single ) character (2822#3.2.3)
+
+CFWS is:
+ optional loop:
+ optional FWS (2822#3.2.3)
+ comment (2822#3.2.3)
+ optional FWS (2822#3.2.3)
+ comment OR FWS (2822#3.2.3)
+
+search for :
+search for first legal character: alphas, digits, ".!#$%&'*+-/=?^_`{}|~
+search past any CFWS (2822#3.2.4, 2822#3.2.5)
+decide if local-part is a dot-atom or a quoted-string (2822#3.4.1)
+Is dot-atom if local-part is all alpha/digits plus any of .!#$%&'*+-/=?^_`{}|~ (2822#3.2.4)
+If dot-atom:
+ search past any CFWS (2822#3.2.4)
+ accumulate all alpha/digits plus !#$%&'*+-/=?^_`{}|~ (2822#3.2.4)
+ optional loop:
+ accumulate all . (2822#3.2.4)
+ accumulate all alpha/digits plus !#$%&'*+-/=?^_`{}|~ (2822#3.2.4)
+ search past any CFWS (2822#3.2.4)
+If quoted string:
+ find and skip " (2822#3.2.5)
+ loop:
+ search past any FWS (2822#3.2.5)
+ accumulate any ASCII chars 1-8,11,12,14-31,33,35-91,93-127 (2822#3.2.5)
+ accumulate any \ followed by any character, remove \ (2822#3.2.5, 2822#3.2.2)
+ search past any FWS (2822#3.2.5)
+ find and skip " (2822#3.2.5)
+search past any CFWS (2822#3.2.4, 2822#3.2.5)
+find @ (2822#3.4.1)
+search past any CFWS (2822#3.2.4, 2822#3.4.1)
+decide if domain-part is a dot-atom or a domain-literal (2822#3.4.1)
+if dot-atom:
+ local-part is all alpha/digits plus any of .!#$%&'*+-/=?^_`{}|~ (2822#3.2.4)
+else if domain-literal:
+ find and skip [ (2822#3.4.1)
+ loop:
+ search past any FWS (2822#3.4.1)
+ accumulate any ASCII chars 1-9,11,12,14-31,33-90,94-126 (2822#3.2.1, 2822#3.4.1)
+ accumulate any \ followed by any character, remove \ (2822#3.4.1, 2822#3.2.2)
+ search past any FWS (2822#3.4.1)
+ find and skip ] (2822#3.4.1)
+search past any CFWS (2822#3.2.4, 2822#3.4.1)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/documentation/policy.php.example
^
|
| @@ -0,0 +1,442 @@
+<?php
+/**
+ * @filename spam_policy.php
+ * @author Samuel Krieg <samuel.krieg at gmail dot com>
+ * @author Sam Clippinger <samc at silence dot org>
+ * @licence http://opensource.org/licenses/gpl-2.0.php
+ * @version 1.0
+ * @date 08.08.23
+ *
+ * Based on http://iconoclast.silence.org/policy/index.html
+ * with permission of Sam Clippinger.
+ *
+ * This script is willing to be used as the Spam Policy ("policy-url") link in the Spamdyke software.
+ *
+ * Installation:
+ * 1. Define the ADMIN_EMAIL and ORG_NAME values to something nice
+ * 2. Upload this file where the policy-url is linking to
+ * 3. Test the form at the bottom of the page
+ */
+
+/****** Constants ******/
+
+// Fill up this constant with your email
+// On a default Apache installation, the SERVER_ADMIN variable is usually root@localhost
+define ('ADMIN_EMAIL', $_SERVER['SERVER_ADMIN'] );
+
+// This is your company name or organization name that will be in the page's title
+define ('ORG_NAME', 'My organization');
+
+// Use HTML anchors
+define ('USE_ANCHORS', true);
+
+/****** Functions ******/
+
+/**
+ * Check value of POST parameters
+ * Returns true if good values, false if no
+ */
+function checkParams(){
+
+ /**
+ * Check if string looks like an email
+ * returns true if yes, false if no
+ */
+ function isEmail($email){
+
+ // clean string a little bit
+ $email = rtrim($email);
+
+ // $email must look like an email
+ $a = preg_match('/^[a-z0-9._\-+]+@[a-z0-9.\-]+\.[a-z]{2,5}$/i', $email);
+
+ return $a;
+
+ }
+
+ // These fields must not be empty
+ $requiredFields = array('name', 'email', 'message');
+ // These fields must fit *one* line
+ $singleLineFields = array('name', 'email');
+
+ // I can't check params if they don't exist!
+ if (!isset($_POST) || !$_POST) return false;
+
+ // required fields must be filled
+ foreach ($requiredFields as $field)
+ if ( !isset($_POST[$field]) || !rtrim($_POST[$field]) ) return false;
+
+ // single line fields must have one line
+ foreach ($singleLineFields as $field)
+ if ( !isset($_POST[$field]) || preg_match('/[\n\r]/', $_POST[$field]) ) return false;
+
+ // special operation for email
+ if ( ($field == 'email') && (!isEmail($_POST['email'])) ) return false;
+
+ // all tests passed! good job!
+ return true;
+}
+
+/**
+ * Reads form's data and do something with it
+ */
+function processForm(){
+
+ if (!checkParams()){
+
+ // A script kiddy
+ ?><p>You are doing something wrong</p><?php
+ endScript();
+
+ }else{
+
+ if (sendMail($_POST['name'], $_POST['email'], ADMIN_EMAIL, $_POST['message'] )){
+
+ ?><p>The mail has been sent. Please be patient and we will answer you.</p><?php
+ endScript();
+
+ }else{
+
+ ?><p>There was a problem sending the mail. The system administrator will come soon to fix it. Come back later.<?php
+ endScript();
+
+ }
+ }
+}
+
+/**
+ * Sends an email
+ * (rly?)
+ */
+function sendMail($fromName, $fromEmail,$to,$msg) {
+
+ $message = buildMsg($fromName, $fromEmail,$msg);
+ $subject = 'Spam Policy Form message from '.$fromName;
+ // separate headers with "\r\n"
+ $headers = "X-Script: " . $_SERVER['SCRIPT_URI'];
+
+ // Send!
+ $res = mail($to, $subject, $message, $headers);
+ return $res;
+}
+
+/**
+ * Builds a nice message
+ */
+function buildMsg($name, $fromEmail, $message){
+
+ $msg = <<<EOM
+Hi,
+
+The user $name <{$fromEmail}> (with remote address {$_SERVER['REMOTE_ADDR']}) does not want his email to be blocked.
+His message below:
+
+------
+$message
+------
+
+--
+Spam Policy Form
+{$_SERVER['SCRIPT_URI']}
+EOM;
+
+ return $msg;
+}
+
+/**
+ * Ends the script
+ * (This is an ugly way to end a script!)
+ */
+function endScript (){
+ echo "\n</body>\n</html>";
+ exit();
+}
+
+/****** Messages and solutions ******/
+
+/**
+ * Error codes and their scolution.
+ * After wondering what's more boring between wrinting HTML or PHP, I decided to write this array.
+ *
+ * For more error codes, just rtfm: http://www.spamdyke.org/documentation/README.html#LOG
+ */
+$codes = array();
+$codes['DENIED_RBL_MATCH']['message'] = 'Refused. Your IP address is listed in the RBL at "name"';
+$codes['DENIED_RBL_MATCH']['solution'][] = 'We are using the Real Time Blacklist mentionned above. You have to contact them in order to be unlisted.';
+$codes['DENIED_RBL_MATCH']['solution'][] = 'To check where your IP address is listed, you can use <a href="http://www.blacklistalert.org/">www.blacklistalert.org</a>, <a href="http://openrbl.org/client/">www.openrbl.org/client/</a> or <a href="http://www.sorbs.net/lookup.shtml">www.sorbs.net/lookup.shtml</a>.';
+$codes['TIMEOUT']['message'] = 'Timeout. Talk faster next time.';
+$codes['TIMEOUT']['solution'][] = 'Our server can only wait so long for your server to send information. If your connection (or your server) is too slow, our server will hang up after a while. Lots of spam software seems to connect and just wait forever, so we have to give up at some point or we\'ll end up connected to everyone.';
+$codes['DENIED_TOO_MANY_RECIPIENTS']['message'] = 'Too many recipients. Try the remaining addresses again later.';
+$codes['DENIED_TOO_MANY_RECIPIENTS']['solution'][] = 'Our server will only allow incoming messages to be addressed to a small number of recipients, because spammers love to send a single message to thousands of addresses over the same connection. You shouldn\'t have seen this message - your mail server should have silently tried to resend your message to the blocked recipients.';
+$codes['DENIED_TOO_MANY_RECIPIENTS']['solution'][] = '<strong>NOTE:</strong> This filter has <strong>NOTHING</strong> to do with the number of addresses you use on the "To:" line of your message. This filter only blocks commonly exploited email delivery loophole by forcing your server to retry delivery to some recipients if there are a bunch.';
+$codes['DENIED_UNQUALIFIED_RECIPIENT']['message'] = 'Improper recipient address. Try supplying a domain name.';
+$codes['DENIED_UNQUALIFIED_RECIPIENT']['solution'][] = 'For some reason, your mail server isn\'t giving the domain name of the recipient. For example, it\'s trying to deliver to "joe" instead of "joe@example.com". Without the domain name, we can\'t get the email to the correct person. Spammers do this a lot, assuming that our server will find someone named "joe" and deliver the spam to him. We don\'t do that.';
+$codes['DENIED_GRAYLISTED']['message'] = 'Your address has been graylisted. Try again later.';
+$codes['DENIED_GRAYLISTED']['solution'][] = 'Our server will only allow incoming messages from people who have sent messages in the past. If you\'ve never sent a message to our user before, our server will ask yours to try again later, just to make sure it\'s serious. Spammers won\'t try again later, so this blocks a lot of spam.';
+$codes['DENIED_RDNS_MISSING']['message'] = 'Refused. You have no reverse DNS entry.';
+$codes['DENIED_RDNS_MISSING']['solution'][] = 'Every server on the internet should have a reverse DNS entry, especially mail servers. If you don\'t know what this means, you shouldn\'t be running a mail server. Seriously, if you don\'t know this, what else should you know?';
+$codes['DENIED_RDNS_MISSING']['solution'][] = 'Our mail server checks for reverse DNS entries. Any email coming from a server without one is blocked. This stops a lot of email from servers that shouldn\'t be sending email, such as virus-infected home computers on cable modems.';
+$codes['DENIED_RDNS_RESOLVE']['message'] = 'Refused. Your reverse DNS entry does not resolve.';
+$codes['DENIED_RDNS_RESOLVE']['solution'][] = 'Your server has a reverse DNS entry but it doesn\'t resolve. In other words, it\'s claiming to be someone it\'s not. Our server is going to block your email until your server correctly identifies itself.';
+$codes['DENIED_RDNS_RESOLVE']['solution'][] = 'To look up your mail server\'s reverse DNS, use AOL\'s rDNS tool: <a href="http://www.postmaster.aol.com/tools/rdns.html">www.postmaster.aol.com/tools/rdns.html</a>';
+$codes['DENIED_IP_IN_CC_RDNS']['message'] = 'Refused. Your reverse DNS entry contains your IP address and a country code.';
+$codes['DENIED_IP_IN_CC_RDNS']['solution'][] = 'Your server\'s reverse DNS entry contains its IP address and ends in a two-character country code. For example, if your IP address is 11.22.33.44 and your reverse DNS entry is 11.22.33.44.example.com.us, our server is going to block your email. IP addresses in reverse DNS entries usually indicate servers that shouldn\'t be sending email - just the kind of server a spammer would use. Country codes are checked because we don\'t know how to say "dynamic" in every language on earth.';
+$codes['DENIED_IP_IN_CC_RDNS']['solution'][] = 'Just change your reverse DNS entry to something meaningful.';
+$codes['DENIED_IP_IN_CC_RDNS']['solution'][] = 'To look up your mail server\'s reverse DNS, use AOL\'s rDNS tool: <a href="http://www.postmaster.aol.com/tools/rdns.html">www.postmaster.aol.com/tools/rdns.html</a>';
+$codes['DENIED_IP_IN_RDNS']['message'] = 'Refused. Your reverse DNS entry contains your IP address and a banned keyword.';
+$codes['DENIED_IP_IN_RDNS']['solution'][] = 'Your server\'s reverse DNS entry contains its IP address and a keyword that indicates its IP address was assigned dynamically. For example, if your IP address is 11.22.33.44 and your reverse DNS entry is 11.22.33.44.dynamic.example.com, our server is going to block your email. IP addresses in reverse DNS entries usually indicate servers that shouldn\'t be sending email - just the kind of server a spammer would use.';
+$codes['DENIED_IP_IN_RDNS']['solution'][] = 'Just change your reverse DNS entry to something meaningful.';
+$codes['DENIED_IP_IN_RDNS']['solution'][] = 'To look up your mail server\'s reverse DNS, use AOL\'s rDNS tool: <a href="http://www.postmaster.aol.com/tools/rdns.html">www.postmaster.aol.com/tools/rdns.html</a>';
+$codes['DENIED_EARLYTALKER']['message'] = 'Refused. You are not following the SMTP protocol.';
+$codes['DENIED_EARLYTALKER']['solution'][] = 'Your server is not following the SMTP protocol. As soon as it behaves, our server will accept your email.';
+$codes['DENIED_BLACKLIST_NAME']['message'] = 'Refused. Your domain name is blacklisted.';
+$codes['DENIED_BLACKLIST_NAME']['solution'][] = 'You (or someone else) have sent us so much spam that we\'ve added your domain name to our blacklist. Sorry about that, but we\'ve had enough and we don\'t know what else to do.';
+$codes['DENIED_BLACKLIST_IP']['message'] = 'Refused. Your IP address is blacklisted.';
+$codes['DENIED_BLACKLIST_IP']['solution'][] = 'Your server has sent us so much spam that we\'ve blacklisted your IP address. This block is temporary, usually only a few days, to give you time to think about what you\'ve done and repent your evil ways. If you persist, we\'ll block your domain name.';
+$codes['DENIED_SENDER_BLACKLISTED']['message'] = 'Refused. Your sender address has been blacklisted.';
+$codes['DENIED_SENDER_BLACKLISTED']['solution'][] = 'You (or someone else) have sent us so much spam from the same email address that we\'ve blacklisted your email address specifically, no matter where the email comes from.';
+$codes['DENIED_RECIPIENT_BLACKLISTED']['message'] = 'Refused. Mail is not being accepted at this address.';
+$codes['DENIED_RECIPIENT_BLACKLISTED']['solution'][] = 'Some of the addresses on our server get so much spam that we\'ve just closed them down. The address you\'re sending to is one of those. Stop sending email to it, please.';
+$codes['DENIED_REJECT_ALL']['message'] = 'Refused. Mail is not being accepted.';
+$codes['DENIED_REJECT_ALL']['solution'][] = 'Our server is not accepting any email at all right now. There is nothing wrong at your end, you\'re just going to have to wait until we decide to enable email again.';
+$codes['DENIED_SENDER_NO_MX']['message'] = 'Refused. The domain of your sender address has no mail exchanger (MX).';
+$codes['DENIED_SENDER_NO_MX']['solution'][] = 'Your domain\'s MX record either doesn\'t exist or lists a name that doesn\'t resolve AND your domain name doesn\'t have an A record. This means no mail to your domain can possibly be delivered, including bounce messages. Until you start accepting our mail, we won\'t accept yours.';
+$codes['DENIED_RHSBL_MATCH']['message'] = 'Refused. Your domain name is listed in the RHSBL at "name"';
+$codes['DENIED_RHSBL_MATCH']['solution'][] = 'We are using the Right-Hand-Side Blacklist mentionned above. You have to contact them in order to be unlisted.';
+$codes['DENIED_ACCESS_DENIED']['message'] = 'Refused. Access is denied.';
+$codes['DENIED_ACCESS_DENIED']['solution'][] = 'Our mail server configuration prevents us from accepting email from your server. This is not the same thing as being blacklisted; it probably means your server is misconfigured.';
+$codes['DENIED_RELAYING']['message'] = 'Refused. Sending to remote addresses (relaying) is not allowed.';
+$codes['DENIED_RELAYING']['solution'][] = 'You are attempting to use our server to send email "from" a remote address AND "to" a remote address, which is not allowed. We only accept mail that is either "to" or "from" our own users. In most cases, authenticating your connection will avoid this block.';
+$codes['DENIED_ZERO_RECIPIENTS']['message'] = 'Refused. You must specify at least one valid recipient.';
+$codes['DENIED_ZERO_RECIPIENTS']['solution'][] = 'You are attempting to deliver a message without providing any recipients. This doesn\'t make any sense.';
+$codes['DENIED_AUTH_REQUIRED']['message'] = 'Refused. Authentication is required to send mail.';
+$codes['DENIED_AUTH_REQUIRED']['solution'][] = 'We do not accept any email unless the sender authenticates first. Reconfigure your mail client and try again.';
+$codes['DENIED_IDENTICAL_SENDER_RECIPIENT']['message'] = 'Refused. Identical sender and recipient addresses are not allowed.';
+$codes['DENIED_IDENTICAL_SENDER_RECIPIENT']['solution'][] = 'You are attempting to send email both "to" and "from" the same address, which we don\'t accept. In most cases, authenticating your connection will avoid this block.';
+
+/****** HTML content ******/
+
+?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+<title><?php echo ORG_NAME ?> - Mail Policies</title>
+<style type="text/css">
+<!--
+body {
+ margin-left: 10%;
+ margin-right: 10%;
+ font: 12px Arial;
+ color: black;
+ background-color: white;
+}
+.header {
+ font-size: 18px;
+ font-weight: bold;
+}
+h2 {
+ font-style:italic;
+}
+
+h3 {
+ font-size: 14px;
+ font-family:"Courier New", Courier, monospace;
+ display: block;
+ font-weight: none;
+ background-color: #CCCCCC;
+}
+
+form {
+ position: relative;
+ width: 80%;
+ margin: inherit;
+ margin-top: 2em;
+ text-align: left;
+}
+
+fieldset {
+ margin-bottom: 1em;
+ border: 0;
+
+ width: auto;
+ margin: 0.5em;
+ background-color: #CCCCCC;
+
+ padding: 0.5em;
+}
+
+label.text {
+ display: block;
+ float: left;
+ width: 40%;
+ text-align: right;
+ margin: 0 1em 0 0;
+ padding: 0.1em;
+ border-bottom: 1px solid white;
+}
+
+input.text, textarea {
+ width: 55%;
+ border: 0;
+}
+textarea {
+ height: 10em;
+}
+
+input.button {
+ padding: 0em 2em;
+}
+
+
+-->
+</style>
+<script language="javascript" type="text/javascript" >
+<!--
+
+// Will contain the fields to check
+var elements = [];
+
+function isEmail(val){
+ return (val.match(/^[a-z0-9._\-+]+@[a-z0-9.\-]+\.[a-z]{2,5}$/i));
+}
+/* Adds an element onto the pile */
+function validate_addelement(field, dataType, phrase){
+
+ // Create an element
+ var el = [field, dataType, phrase];
+
+ //push it on pile
+ elements.push(el);
+
+}
+
+/* Checks an element */
+function validate_checkElement (fieldValue, dataType)
+{
+
+ switch (dataType){
+ case 'text':
+ return (fieldValue != "");
+ case 'email':
+ return (isEmail(fieldValue));
+ }
+
+ // don't know what to do with it
+ return true;
+
+}
+
+/*
+ * Check all fields in the "fields" array
+ * Returns true if everything is ok
+ * or false if user did not filled fields properly
+ */
+function validate_checkall(){
+
+ var len = elements.length;
+
+ // Checks all elements, returns false if there's a problem
+ for (var i = 0; i < len; i++)
+ {
+ if ( !validate_checkElement(elements[i][0].value, elements[i][1]) ) {
+ alert (elements[i][2]);
+ return false;
+ }
+ }
+
+ // No problemo! Go ahead!
+ return true;
+
+}
+//-->
+
+</script>
+</head>
+
+<body>
+<?php
+
+/**
+ * Process the form if it has been submited
+ * Quits if necessary
+ */
+if ( isset($_POST) && $_POST ) processForm();
+
+?>
+
+<h1>Your email bounced with a message leading you here. Why?</h1>
+
+<p>We hate spam. We really do. (Doesn't everyone?) To try to keep spam levels down, we've
+implemented a bunch of filters to block as much as we can. Unfortunately, nobody's perfect
+and we occassionally block email from our friends too. This page lists all of the messages
+our server sends when it blocks email so you can read about what the filter is and why you
+were blocked.</p>
+
+<p>If you're a friend and your email has been blocked, we're sorry. We really are. It wasn't personal. Please
+use the form at the bottom of this page to let us know about it. We'll fix our filters so
+you never get blocked again.</p>
+
+<p>If you're a spammer, we're not sorry at all. It was very personal. Go to hell.</p>
+<h2>Error messages you might have crossed</h2>
+<?php
+
+foreach ($codes as $key => $strings){
+
+ echo '<h3>';
+ if (USE_ANCHORS) echo '<a name="'.$key.'">';
+ echo $strings['message'];
+ if (USE_ANCHORS) echo '</a>';
+ echo "</h3>\n";
+
+ foreach ($strings['solution'] as $sol){
+ echo "<p>$sol</p>\n";
+ }
+
+}
+?>
+
+<h2>Contact form</h2>
+<p>
+If you want to contact us because you think your email is legitimate, feel free to use the contact form below.
+</p>
+
+
+<form name="contact" action="<?php echo $_SERVER['SCRIPT_URL'] ?>" method="post">
+
+ <fieldset>
+
+ <p>
+ <label class="text" for="name">Your name (required)</label>
+ <input id="name" type="text" class="text" name="name" maxlength="300" />
+ </p>
+
+ <p>
+ <label class="text" for="email">Your email address (required)</label>
+ <input id="email" type="text" class="text" name="email" maxlength="300" />
+ </p>
+
+ <p>
+ <label class="text" for="message">Your explanation of why you're being unfairly blocked (required)</label>
+ <textarea id="message" name="message" rows="" cols="" class="text" >Please stop blocking my mail!</textarea>
+ </p>
+
+ </fieldset>
+
+ <p>
+ <label class="text"> </label><input type="submit" class="button" name="submitbutton" value="Send" onclick="return(validate_checkall());" />
+ </p>
+
+</form>
+
+
+<script language="Javascript" type="text/javascript">
+<!--
+validate_addelement(document.contact.name, "text", "Please enter your name.");
+validate_addelement(document.contact.email, "text", "Please enter your email address.");
+validate_addelement(document.contact.email, "email", "Please enter a valid email address.");
+validate_addelement(document.contact.message, "text", "Please enter a message.");
+//-->
+</script>
+
+</body>
+</html>
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/documentation/spamdyke.conf.example
^
|
| @@ -1,4 +1,4 @@
-# This is an example spamdyke configuration file for spamdyke version 4.0.
+# This is an example spamdyke configuration file for spamdyke version 4.2.0.
#
# Without editing, this file will do nothing -- every available option is
# commented out. To enable options, edit the values and remove the comment
@@ -98,6 +98,13 @@
#idle-timeout-secs=SECS
################################################################################
+# SENDERS AND RECIPIENTS
+################################################################################
+# Reject all recipients that exactly match the sender address.
+# Default: no
+#reject-identical-sender-recipient
+
+################################################################################
# LOCAL BLACKLISTS
################################################################################
# Reject connections from IP addresses that match IPADDRESS.
@@ -298,7 +305,7 @@
# Read the local server's name from the first line of FILE for use during
# CRAM-MD5 authentication.
-# Default: none
+# Default: /var/qmail/control/me
#hostname-file=FILE
# Run COMMAND and read the local server's name from the first line of output
@@ -309,7 +316,7 @@
# TLS / SSL
################################################################################
# Controls the way spamdyke offers and supports TLS or SMTPS.
-# Available values: none, smtp, smtps
+# Available values: none, smtp, smtp-no-passthrough, smtps
# Default: none
#tls-level=VALUE
@@ -330,6 +337,10 @@
# Default: none
#tls-privatekey-password-file=FILE
+# Only use the ciphers in LIST during TLS or SMTPS.
+# Default: DEFAULT
+#tls-cipher-list=LIST
+
################################################################################
# RELAYING OPTIONS
################################################################################
@@ -383,6 +394,41 @@
# Default: 30
#dns-timeout-secs=SECS
+# Sets the name of the file to read for the list of default nameservers.
+# Default: /etc/resolv.conf
+#dns-resolv-conf=FILE
+
+# Controls whether TCP is used for DNS queries (when needed).
+# Available values: none, normal
+# Default: normal
+#dns-tcp=VALUE
+
+# Controls how DNS spoofing is handled.
+# Available values: accept-all, accept-same-ip, accept-same-port, reject
+# Default: accept-all
+#dns-spoof=VALUE
+
+# Controls the types of queries performed when looking up an IP address.
+# Available values: a, cname
+# Default: a + cname
+#dns-query-type-a=VALUE
+
+# Controls the types of queries performed when looking up a mail exchanger.
+# Available values: a, cname, mx
+# Default: a + cname + mx
+#dns-query-type-mx=VALUE
+
+# Controls the types of queries performed when looking up a reverse DNS record.
+# Available values: cname, ptr
+# Default: cname + ptr
+#dns-query-type-ptr=VALUE
+
+# Controls the types of queries performed when looking up a records in DNS RBLs,
+# DNS RWLs, DNS RHSBLs and DNS RHSWLs.
+# Available values: a, cname, txt
+# Default: a + cname + txt
+#dns-query-type-rbl=VALUE
+
################################################################################
# REJECTION MESSAGES
################################################################################
@@ -427,6 +473,11 @@
# Default: "Your address has been graylisted. Try again later."
#rejection-text-graylist=TEXT
+# Use TEXT as the rejection message when a recipient is blocked because it
+# exactly matches the sender address.
+# Default: "Refused. Identical sender and recipient addresses are not allowed."
+#rejection-text-identical-sender-recipient=TEXT
+
# Use TEXT as the rejection message when a connection is blocked because the
# remote server's IP address is listed in a blacklist file or directory.
# Default: "Refused. Your IP address is blacklisted."
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/Makefile.in
^
|
| @@ -1,7 +1,7 @@
# @configure_input@
################################################################################
# spamdyke -- a filter for stopping spam at connection time.
-# Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+# Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
@@ -18,7 +18,7 @@
CC := @CC@
CPP := @CPP@
-CFLAGS := @CFLAGS@ -funsigned-char
+CFLAGS := @CFLAGS@ -funsigned-char @CPPFLAGS@
LDFLAGS := @LDFLAGS@
LIBS := @LIBS@
@@ -63,7 +63,7 @@
$(CPP) $(CFLAGS) $(DEFS) configuration.c | $(CC) $(CFLAGS) $(DEFS) -x c -c -o configuration.o -
clean:
- rm -f spamdyke *.o .gdb_history
+ rm -rf spamdyke *.o .gdb_history *.dSYM
distclean: clean
rm -rf autom4te.cache config.h config.log config.status Makefile
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/base64.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/base64.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/config.h.in
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -33,6 +33,7 @@
#undef uint64_t
#undef __func__
+#undef socklen_t
#undef INADDR_LOOPBACK
@@ -44,10 +45,12 @@
#undef TIME_WITH_SYS_TIME
#undef HAVE_SYS_TIME_H
#undef HAVE_SYS_INTTYPES_H
+#undef HAVE_SYS_TYPES_H
#undef FORMAT_PID_T
#undef FORMAT_UID_T
#undef FORMAT_GID_T
+#undef FORMAT_TIME_T
#undef FORMAT_INT64_T
#undef FORMAT_UINT64_T
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/config_test.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -388,7 +388,7 @@
if (stat(target_file, &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) != S_IFREG)
+ if (!S_ISREG(tmp_stat.st_mode & S_IFMT))
{
snprintf(tmp_msg, MAX_BUF, CONFIG_TEST_MSG_REGULAR_FILE, config_test_stat_type(tmp_stat.st_mode));
SPAMDYKE_LOG_ERROR(current_settings, failure_message, option_name, target_file, tmp_msg);
@@ -689,7 +689,7 @@
(strcmp(top_ent->d_name, DIR_PARENT) != 0))
{
snprintf(top_name, MAX_BUF, "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[i], top_ent->d_name);
- if (config_test_file_type(current_settings->current_options->graylist_dir[i], top_ent) == S_IFDIR)
+ if (S_ISDIR(config_test_file_type(current_settings->current_options->graylist_dir[i], top_ent)))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TEST_GRAYLIST_DOMAIN_DIR, top_name);
@@ -721,7 +721,7 @@
(strcmp(domain_ent->d_name, DIR_PARENT) != 0))
{
snprintf(domain_name, MAX_BUF, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[i], top_ent->d_name, domain_ent->d_name);
- if (config_test_file_type(top_name, domain_ent) == S_IFDIR)
+ if (S_ISDIR(config_test_file_type(top_name, domain_ent)))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TEST_GRAYLIST_USER_DIR, top_name);
@@ -736,7 +736,7 @@
(strcmp(user_ent->d_name, DIR_PARENT) != 0))
{
snprintf(user_name, MAX_BUF, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[i], top_ent->d_name, domain_ent->d_name, user_ent->d_name);
- if (config_test_file_type(user_name, domain_ent) == S_IFDIR)
+ if (S_ISDIR(config_test_file_type(user_name, domain_ent)))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TEST_GRAYLIST_SENDER_DIR, top_name);
@@ -751,7 +751,7 @@
(strcmp(sender_ent->d_name, DIR_PARENT) != 0))
{
snprintf(sender_name, MAX_BUF, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[i], top_ent->d_name, domain_ent->d_name, user_ent->d_name, sender_ent->d_name);
- if (config_test_file_type(user_name, sender_ent) == S_IFREG)
+ if (S_ISREG(config_test_file_type(user_name, sender_ent)))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TEST_GRAYLIST_SENDER_FILE, top_name);
@@ -899,7 +899,7 @@
top_count++;
snprintf(top_name, MAX_BUF, "%s" DIR_DELIMITER_STR "%s", (*dir_array)[i], top_ent->d_name);
- if (config_test_file_type((*dir_array)[i], top_ent) == S_IFDIR)
+ if (S_ISDIR(config_test_file_type((*dir_array)[i], top_ent)))
{
if ((tld_dir = opendir(top_name)) != NULL)
{
@@ -911,7 +911,7 @@
tld_count++;
snprintf(tld_name, MAX_BUF, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", (*dir_array)[i], top_ent->d_name, tld_ent->d_name);
- if (config_test_file_type(top_name, tld_ent) == S_IFDIR)
+ if (S_ISDIR(config_test_file_type(top_name, tld_ent)))
{
if (strlen(tld_ent->d_name) != 1)
{
@@ -929,7 +929,7 @@
letter_count++;
snprintf(letter_name, MAX_BUF, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", (*dir_array)[i], top_ent->d_name, tld_ent->d_name, letter_ent->d_name);
- if (config_test_file_type(tld_name, letter_ent) == S_IFDIR)
+ if (S_ISDIR(config_test_file_type(tld_name, letter_ent)))
{
if (tld_ent->d_name[0] != letter_ent->d_name[0])
{
@@ -947,7 +947,7 @@
sld_count++;
snprintf(sld_name, MAX_BUF, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", (*dir_array)[i], top_ent->d_name, tld_ent->d_name, letter_ent->d_name, sld_ent->d_name);
- if (config_test_file_type(letter_name, sld_ent) == S_IFREG)
+ if (S_ISREG(config_test_file_type(letter_name, sld_ent)))
{
strlen_fqdn = snprintf(fqdn, MAX_BUF, ".%s.%s", letter_ent->d_name, top_ent->d_name);
strlen_filename = strlen(sld_ent->d_name);
@@ -1101,6 +1101,7 @@
{
tmp_passwd = getpwuid(tmp_stat.st_uid);
SPAMDYKE_LOG_INFO(current_settings, CONFIG_TEST_SMTPAUTH_OWNER_WARN, target_option->getopt_option.name, tmp_name, (tmp_passwd != NULL) ? tmp_passwd->pw_name : LOG_MISSING_DATA, tmp_stat.st_uid);
+ endpwent();
}
else if ((tmp_stat.st_mode & S_ISUID) == 0)
SPAMDYKE_LOG_INFO(current_settings, CONFIG_TEST_SMTPAUTH_SETUID_WARN, target_option->getopt_option.name, tmp_name);
@@ -1144,7 +1145,7 @@
}
else
{
- strncpy((char *)secret, current_settings->current_options->test_smtp_auth_password, strlen_password);
+ memcpy(secret, current_settings->current_options->test_smtp_auth_password, sizeof(char) * strlen_password);
for (j = strlen_password; j < 64; j++)
secret[j] = '\0';
}
@@ -1987,7 +1988,7 @@
{
if ((new_envp[len_envp] = malloc(sizeof(char) * (STRLEN(CONFIG_TEST_ENVIRONMENT_LOCAL_PORT) + 1))) != NULL)
{
- strncpy(new_envp[len_envp], CONFIG_TEST_ENVIRONMENT_LOCAL_PORT, STRLEN(CONFIG_TEST_ENVIRONMENT_LOCAL_PORT));
+ memcpy(new_envp[len_envp], CONFIG_TEST_ENVIRONMENT_LOCAL_PORT, sizeof(char) * STRLEN(CONFIG_TEST_ENVIRONMENT_LOCAL_PORT));
new_envp[len_envp][STRLEN(CONFIG_TEST_ENVIRONMENT_LOCAL_PORT)] = '\0';
len_envp++;
new_envp[len_envp] = NULL;
@@ -2004,7 +2005,7 @@
{
if ((new_envp[len_envp] = malloc(sizeof(char) * (STRLEN(CONFIG_TEST_ENVIRONMENT_REMOTE_NAME) + 1))) != NULL)
{
- strncpy(new_envp[len_envp], CONFIG_TEST_ENVIRONMENT_REMOTE_NAME, STRLEN(CONFIG_TEST_ENVIRONMENT_REMOTE_NAME));
+ memcpy(new_envp[len_envp], CONFIG_TEST_ENVIRONMENT_REMOTE_NAME, sizeof(char) * STRLEN(CONFIG_TEST_ENVIRONMENT_REMOTE_NAME));
new_envp[len_envp][STRLEN(CONFIG_TEST_ENVIRONMENT_REMOTE_NAME)] = '\0';
len_envp++;
new_envp[len_envp] = NULL;
@@ -2022,7 +2023,7 @@
{
if ((new_envp[len_envp] = malloc(sizeof(char) * (config_test_strlen_environment_remote_ip[j] + 1))) != NULL)
{
- strncpy(new_envp[len_envp], config_test_environment_remote_ip[j], config_test_strlen_environment_remote_ip[j]);
+ memcpy(new_envp[len_envp], config_test_environment_remote_ip[j], sizeof(char) * config_test_strlen_environment_remote_ip[j]);
new_envp[len_envp][config_test_strlen_environment_remote_ip[j]] = '\0';
len_envp++;
new_envp[len_envp] = NULL;
@@ -2067,6 +2068,8 @@
else
SPAMDYKE_LOG_INFO(current_settings, CONFIG_TEST_ERROR_UID, (tmp_passwd != NULL) ? tmp_passwd->pw_name : LOG_MISSING_DATA, tmp_uid, (tmp_group != NULL) ? tmp_group->gr_name : LOG_MISSING_DATA, tmp_gid);
+ endpwent();
+
if (!config_test_spamdyke_binary(current_settings, argc, argv))
return_value = 0;
@@ -2316,7 +2319,7 @@
SPAMDYKE_LOG_VERBOSE(current_settings, CONFIG_TEST_START_CONFIGURATION_DIR, target_option->getopt_option.name, current_settings->current_options->configuration_dir[i]);
if (stat(current_settings->current_options->configuration_dir[i], &tmp_stat) == 0)
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
+ if (S_ISDIR(tmp_stat.st_mode))
if (config_test_configuration_dir_structure(current_settings, target_option, current_settings->current_options->configuration_dir[i], 0, 0, 0, 0, 0, 0, 0, 0, 0))
SPAMDYKE_LOG_VERBOSE(current_settings, CONFIG_TEST_SUCCESS_CONFIGURATION_DIR, target_option->getopt_option.name, current_settings->current_options->configuration_dir[i]);
else
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/config_test.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/configuration.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -154,10 +154,8 @@
memcpy(¤t_settings->base_options.rejection_buf, ¤t_settings->current_options->rejection_buf, sizeof(struct rejection_data));
current_settings->base_options.rejection = ¤t_settings->base_options.rejection_buf;
- memcpy(current_settings->base_options.reject_message_buf, current_settings->current_options->reject_message_buf, MAX_BUF);
- current_settings->base_options.reject_message_buf[MAX_BUF] = '\0';
- memcpy(current_settings->base_options.short_reject_message_buf, current_settings->current_options->short_reject_message_buf, MAX_BUF);
- current_settings->base_options.short_reject_message_buf[MAX_BUF] = '\0';
+ memcpy(current_settings->base_options.reject_message_buf, current_settings->current_options->reject_message_buf, sizeof(char) * (MINVAL(strlen(current_settings->current_options->reject_message_buf), MAX_BUF) + 1));
+ memcpy(current_settings->base_options.short_reject_message_buf, current_settings->current_options->short_reject_message_buf, sizeof(char) * (MINVAL(strlen(current_settings->current_options->short_reject_message_buf), MAX_BUF) + 1));
if (current_settings->current_options->rejection_buf.reject_message == current_settings->current_options->reject_message_buf)
current_settings->base_options.rejection_buf.reject_message = current_settings->base_options.reject_message_buf;
@@ -175,10 +173,8 @@
memcpy(¤t_settings->base_options.transient_rejection_buf, ¤t_settings->current_options->transient_rejection_buf, sizeof(struct rejection_data));
current_settings->base_options.transient_rejection = ¤t_settings->base_options.transient_rejection_buf;
- memcpy(current_settings->base_options.transient_reject_message_buf, current_settings->current_options->transient_reject_message_buf, MAX_BUF);
- current_settings->base_options.transient_reject_message_buf[MAX_BUF] = '\0';
- memcpy(current_settings->base_options.transient_short_reject_message_buf, current_settings->current_options->transient_short_reject_message_buf, MAX_BUF);
- current_settings->base_options.transient_short_reject_message_buf[MAX_BUF] = '\0';
+ memcpy(current_settings->base_options.transient_reject_message_buf, current_settings->current_options->transient_reject_message_buf, sizeof(char) * (MINVAL(strlen(current_settings->current_options->transient_reject_message_buf), MAX_BUF) + 1));
+ memcpy(current_settings->base_options.transient_short_reject_message_buf, current_settings->current_options->transient_short_reject_message_buf, sizeof(char) * (MINVAL(strlen(current_settings->current_options->transient_short_reject_message_buf), MAX_BUF) + 1));
if (current_settings->current_options->transient_rejection_buf.reject_message == current_settings->current_options->transient_reject_message_buf)
current_settings->base_options.transient_rejection_buf.reject_message = current_settings->base_options.transient_reject_message_buf;
@@ -336,6 +332,232 @@
* NOTE: It is very important that these options be alphabetized by the long
* option name. process_config_file() uses a binary search algorithm to match
* entries.
+ *
+ * The option_list array is (obviously) very large and confusing. The purpose
+ * is to have only one location in the code where all of the options, their
+ * types, their arguments and their descriptions are defined. This makes
+ * adding new options a trivial exercise.
+ *
+ * Unfortunately, the size and complexity of this array seems to tickle bugs
+ * in gcc on FreeBSD systems (and only FreeBSD systems, strangely enough).
+ * An extra step in the Makefile to preprocess this file before compilation
+ * seems to work around those errors.
+ *
+ * This array is used in a number of places. It contains anonymous accessor
+ * functions for the variables that hold the option values and it holds the
+ * default values of those variables, so the array is used to initialize many
+ * variables in the filter_settings structure. Obviously the array is used
+ * when options are being parsed, either from the command line or from
+ * configuration files. Since it contains the name of every option, the
+ * acceptable values of every option and a description, it is used when the
+ * usage (or "help") message is being printed. The config-test feature uses
+ * the array to check every argument to every option for validity.
+ *
+ * Each entry in the array is a spamdyke_option structure:
+ * value_type: During option parsing, value_type determines whether the
+ * option should be read as a boolean, an integer or a string. During
+ * configuration testing, the values are tested to ensure they meet the
+ * defined purpose of the option. Must be one of the following constants:
+ *
+ * CONFIG_TYPE_NONE: This value is only set in the last member of the
+ * option_list array.
+ * CONFIG_TYPE_BOOLEAN: A yes/no option, stored as an integer.
+ * CONFIG_TYPE_INTEGER: An integer value
+ * CONFIG_TYPE_STRING_SINGLETON: A text value, stored only once. If the
+ * option is encountered multiple times, only the last value will be
+ * retained.
+ * CONFIG_TYPE_STRING_ARRAY: A text value, can be given multiple times.
+ * Each value is retained in an array.
+ * CONFIG_TYPE_FILE_SINGLETON: A path to a file or directory, given as
+ * text, stored only once. If the option is encountered multiple times,
+ * only the last value will be retained.
+ * CONFIG_TYPE_FILE_NOT_DIR_SINGLETON: A path that must be to a file, not
+ * a directory, given as text, stored only once. If the option is
+ * encountered multiple times, only the last value will be retained.
+ * CONFIG_TYPE_FILE_ARRAY: A path to a file or directory, given as text,
+ * can be given multiple times. Each value is retained in an array.
+ * CONFIG_TYPE_FILE_NOT_DIR_ARRAY: A path that must be to a file, not a
+ * directory, given as text, can be given multiple times. Each value is
+ * retained in an array.
+ * CONFIG_TYPE_DIR_SINGLETON: A path that must be to a directory, not a
+ * file, given as text, stored only once. If the option is encountered
+ * multiple times, only the last value will be retained.
+ * CONFIG_TYPE_DIR_ARRAY: A path that must be to a directory, not a file,
+ * given as text, can be given multiple times. Each value is retained
+ * in an array.
+ * CONFIG_TYPE_COMMAND_SINGLETON: A command path and arguments, given as
+ * a text string, stored only once. If the option is encountered
+ * multiple times, only the last value will be retained.
+ * CONFIG_TYPE_COMMAND_ARRAY: A command path and arguments, given as a
+ * text string, can be given multiple times. Each value is retained in
+ * an array.
+ * CONFIG_TYPE_NAME_ONCE: A text value that is matched against a
+ * predefined array of valid values. If a match is found, an integer
+ * variable is set to a corresponding value. Can only be given once.
+ * If the option is encountered multiple times, only the last value will
+ * be retained.
+ * CONFIG_TYPE_NAME_MULTIPLE: A text value that is matched against a
+ * predefined array of valid values. If a match is found, an integer
+ * variable is updated with the bitwise OR of the new value with the old
+ * one. Can be given multiple times. NOTE: It is possible to completely
+ * clear a "multiple" value during configuration, leaving the value 0.
+ * The code that uses the value must handle this gracefully.
+ * CONFIG_TYPE_OPTION_SINGLETON: A text value that may be given through a
+ * command line or configuration file option but is more commonly found
+ * listed in a file full of values (e.g. blacklist entries). Can be
+ * given only once. If the option is encountered multiple times, only
+ * the last value will be retained.
+ * CONFIG_TYPE_OPTION_ARRAY: A text value that may be given through a
+ * command line or configuration file option but is more commonly found
+ * listed in a file full of values (e.g. blacklist entries). Can be
+ * given multiple times. Each value is retained in an array.
+ * CONFIG_TYPE_ACTION_ONCE or CONFIG_TYPE_ACTION_MULTIPLE: An option that
+ * triggers an action as soon as option parsing is complete, as opposed
+ * to setting a variable to be used later. At this time, both the _ONCE
+ * and _MULTIPLE values mean the same thing.
+ *
+ * access_type: During configuration testing, determines the filesystem
+ * permissions that should be expected. Must be one of the following
+ * constants:
+ *
+ * CONFIG_ACCESS_NONE: No filesystem permissions are appropriate, no
+ * testing should be performed.
+ * CONFIG_ACCESS_READ_ONLY: Only read permissions are required.
+ * CONFIG_ACCESS_WRITE_ONLY: Only write permissions are required.
+ * CONFIG_ACCESS_READ_WRITE: Reading and writing permissions are required.
+ * CONFIG_ACCESS_EXECUTE: Execute permissions are required.
+ *
+ * location: During option parsing, determines the valid places an option
+ * can be given. The "help" option is not valid in a configuration file,
+ * for example. Must be a bitwise OR of one or more of the following
+ * values:
+ *
+ * CONFIG_LOCATION_CMDLINE: The option may be given on the command line.
+ * CONFIG_LOCATION_GLOBAL_FILE: The option may be given in a global
+ * configuration file (as opposed to a file within a configuration
+ * directory).
+ * CONFIG_LOCATION_DIR: The option may be given in a file within a
+ * configuration directory.
+ *
+ * getopt_option: An entry in the array to be passed to getopt_long(),
+ * describing this option. This structure gives the long and short versions
+ * of the option, along with whether arguments are optional or required.
+ *
+ * default_value: The default value of the variable that holds the value of
+ * this option. This value is used when all the variables are initialized.
+ * As a union, only one member needs to be given a value. The following
+ * union members are available:
+ *
+ * integer_value: Used when value_type is CONFIG_TYPE_BOOLEAN,
+ * CONFIG_TYPE_INTEGER, CONFIG_TYPE_NAME_ONCE or
+ * CONFIG_TYPE_NAME_MULTIPLE.
+ * string_value: Used when value_type is anything else.
+ *
+ * missing_value: If the option accepts an argument but does not require one,
+ * missing_value gives the value stored in the variable if no argument is
+ * given. As a union, only one member needs to be given a value. The
+ * following union members are available:
+ *
+ * integer_value: Used when value_type is CONFIG_TYPE_BOOLEAN,
+ * CONFIG_TYPE_INTEGER, CONFIG_TYPE_NAME_ONCE or
+ * CONFIG_TYPE_NAME_MULTIPLE.
+ * string_value: Used when value_type is anything else.
+ *
+ * getter: The function pointer stored in the getter union is used to access
+ * the variable that holds the value of this option. The functions are
+ * what gcc refers to as "bracketed expressions" and every other language
+ * calls "anonymous functions" -- nameless functions that only exist on the
+ * stack. As a union, only one member needs to be given a value. In this
+ * union, each member should be set with a specific macro from spamdyke.h:
+ * get_integer: Set using CONFIG_ACCESSOR_INTEGER(MEMBER) when MEMBER is
+ * an integer variable within the option_set structure.
+ * get_string: Set using CONFIG_ACCESSOR_STRING(MEMBER) when MEMBER is a
+ * string variable (char*) within the option_set structure.
+ * get_string_array: Set using CONFIG_ACCESSOR_STRING_ARRAY(MEMBER) when
+ * MEMBER is an array of strings (char**) within the option_set
+ * structure.
+ *
+ * validity: The value stored in the validity union is used to determine if
+ * the supplied value(s) are valid. The following union members are
+ * available:
+ * max_strlen: Used when value_type is *not* CONFIG_TYPE_INTEGER,
+ * CONFIG_TYPE_NAME_ONCE or CONFIG_TYPE_NAME_MULTIPLE.
+ * If the given value is larger than max_strlen, it is truncated at
+ * max_strlen characters. Setting this field to 0 disables the
+ * truncation.
+ * integer_range: Used when value_type is CONFIG_TYPE_INTEGER. The
+ * structure members minimum and maximum are the minimum and maximum
+ * acceptable values, respectively.
+ * string_list: Used when value_type is CONFIG_TYPE_NAME_ONCE or
+ * CONFIG_TYPE_NAME_MULTIPLE. The structure members are:
+ * integers: Must be set to an array of integers. When an element in
+ * strings is matched, the variable will be set to the integer value
+ * at the same index in the integers array. The size of the
+ * array must be the size of the strings array, not including the
+ * terminating NULL. No terminating element is needed in the
+ * integers array.
+ * strings: Must be set to a NULL-terminated array of strings. When a
+ * value is given, it will be compared to each element in strings to
+ * find a match.
+ *
+ * set_consequence: Determines what spamdyke should do when this option is
+ * set. For most options, this should be FILTER_DECISION_UNDECIDED, which
+ * allows spamdyke to continue running normally. Only two other
+ * FILTER_DECISION values are valid in the option_list array:
+ * FILTER_DECISION_CONFIG_TEST: Run the config-test feature and exit; do
+ * not run spamdyke normally.
+ * FILTER_DECISION_ERROR: An error has occurred; exit immediately.
+ *
+ * set_grace: Determines how quickly spamdyke will begin sending rejection
+ * messages if this option is set (i.e. how much "grace" incoming
+ * connections are given). For example, if the empty rDNS filter is
+ * triggered, spamdyke will normally close qmail and begin sending rejection
+ * text immediately. But if a sender whitelist has been specified,
+ * spamdyke should wait until after the sender has been identified and check
+ * the whitelist before giving up. spamdyke will use the highest grace
+ * level given by any set option. The values are (in ascending order):
+ * FILTER_GRACE_NONE: this option has no effect on the grace level
+ * FILTER_GRACE_AFTER_FROM: spamdyke should not close qmail until after
+ * the sender has been identified
+ * FILTER_GRACE_AFTER_TO: spamdyke should not close qmail until after all
+ * recipients have been identified
+ * FILTER_GRACE_AFTER_DATA: spamdyke should not close qmail until the
+ * remote server tries to start sending message data
+ *
+ * test_function: A pointer to a function that can test the value of this
+ * option, if it needs special handling beyond checking the input value is
+ * appropriate. If checking the type and validity is enough, test_function
+ * should be NULL. test_function is only used by the config-test feature.
+ *
+ * additional_set_actions: If setting this option should have additional
+ * side effects, code provided in additional_set_actions will be run after
+ * the value is set. The value of additional_set_actions should be set
+ * using the CONFIG_SET_ACTION() macro or NULL if no further action is
+ * needed. NOTE: because options may be given in any order, any side effect
+ * that compares this option's value to another option's value should be
+ * duplicated in the other option's additional_set_actions as well.
+ * Otherwise, reversing the order of the options in the configuration file
+ * or on the command line will change spamdyke's behavior.
+ *
+ * additional_actions: This field is just like additional_set_actions but it
+ * is evaluated after all options have been parsed and set. It should be
+ * set using the CONFIG_ACTION() macro.
+ *
+ * help_argument: Used by usage() when constructing the usage message. Each
+ * option's long name is printed followed by help_argument, if it is not
+ * NULL. This gives a way to show required or optional portions of the
+ * argument and give it a name that can be reference in help_text.
+ *
+ * help_text: Used by usage() to describe the option. This text should always
+ * end by describing the default value of the option. It is not necessary
+ * to mention whether the option is only accepted once or multiple times;
+ * usage() will do this automatically. usage() will also perform line
+ * wrapping, so help_text should never include any embedded newlines.
+ *
+ * value_set: Used internally to track whether the option was set while
+ * initially parsing the command line (needed to tell the difference between
+ * 0 values that were never set and 0 values that were deliberately
+ * cleared). This value does not need to be set in the option_list array.
*/
struct spamdyke_option option_list[] = {
{
@@ -642,6 +864,115 @@
"Send at most NUM packets to the DNS server(s) (primary or not) for any DNS query. Default: " STRINGIFY(DEFAULT_NIHDNS_ATTEMPTS_TOTAL) "."
},
{
+ CONFIG_TYPE_NAME_MULTIPLE,
+ CONFIG_ACCESS_NONE,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
+ { "dns-query-type-a", required_argument, NULL, -1 },
+ { .integer_value = CONFIG_DNS_TYPE_A | CONFIG_DNS_TYPE_CNAME },
+ { .integer_value = CONFIG_DNS_TYPE_A | CONFIG_DNS_TYPE_CNAME },
+ { .get_integer = CONFIG_ACCESSOR_INTEGER(nihdns_query_type_a) },
+ { .string_list =
+ {
+ .integers = (int []){ CONFIG_DNS_TYPE_A, CONFIG_DNS_TYPE_CNAME },
+ .strings = (char *[]){ "a", "cname", NULL }
+ }
+ },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ "TYPE",
+ "Use only TYPE query types when querying DNS for IP addresses. The names of the values correspond to the names of the possible DNS query types."
+ " If you have any doubt, DO NOT use this option. Default: a and cname"
+ },
+ {
+ CONFIG_TYPE_NAME_MULTIPLE,
+ CONFIG_ACCESS_NONE,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
+ { "dns-query-type-mx", required_argument, NULL, -1 },
+ { .integer_value = CONFIG_DNS_TYPE_MX | CONFIG_DNS_TYPE_A | CONFIG_DNS_TYPE_CNAME },
+ { .integer_value = CONFIG_DNS_TYPE_MX | CONFIG_DNS_TYPE_A | CONFIG_DNS_TYPE_CNAME },
+ { .get_integer = CONFIG_ACCESSOR_INTEGER(nihdns_query_type_mx) },
+ { .string_list =
+ {
+ .integers = (int []){ CONFIG_DNS_TYPE_A, CONFIG_DNS_TYPE_CNAME, CONFIG_DNS_TYPE_MX },
+ .strings = (char *[]){ "a", "cname", "mx", NULL }
+ }
+ },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ "TYPE",
+ "Use only TYPE query types when querying DNS for MX records. The names of the values correspond to the names of the possible DNS query types."
+ " If you have any doubt, DO NOT use this option. Default: a, cname and mx"
+ },
+ {
+ CONFIG_TYPE_NAME_MULTIPLE,
+ CONFIG_ACCESS_NONE,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
+ { "dns-query-type-ptr", required_argument, NULL, -1 },
+ { .integer_value = CONFIG_DNS_TYPE_CNAME | CONFIG_DNS_TYPE_PTR },
+ { .integer_value = CONFIG_DNS_TYPE_CNAME | CONFIG_DNS_TYPE_PTR },
+ { .get_integer = CONFIG_ACCESSOR_INTEGER(nihdns_query_type_ptr) },
+ { .string_list =
+ {
+ .integers = (int []){ CONFIG_DNS_TYPE_CNAME, CONFIG_DNS_TYPE_PTR },
+ .strings = (char *[]){ "cname", "ptr", NULL }
+ }
+ },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ "TYPE",
+ "Use only TYPE query types when querying DNS for reverse DNS records. The names of the values correspond to the names of the possible DNS query types."
+ " If you have any doubt, DO NOT use this option. Default: cname and ptr"
+ },
+ {
+ CONFIG_TYPE_NAME_MULTIPLE,
+ CONFIG_ACCESS_NONE,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
+ { "dns-query-type-rbl", required_argument, NULL, -1 },
+ { .integer_value = CONFIG_DNS_TYPE_TXT | CONFIG_DNS_TYPE_A | CONFIG_DNS_TYPE_CNAME },
+ { .integer_value = CONFIG_DNS_TYPE_TXT | CONFIG_DNS_TYPE_A | CONFIG_DNS_TYPE_CNAME },
+ { .get_integer = CONFIG_ACCESSOR_INTEGER(nihdns_query_type_rbl) },
+ { .string_list =
+ {
+ .integers = (int []){ CONFIG_DNS_TYPE_A, CONFIG_DNS_TYPE_CNAME, CONFIG_DNS_TYPE_TXT },
+ .strings = (char *[]){ "a", "cname", "txt", NULL }
+ }
+ },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ "TYPE",
+ "Use only TYPE query types when querying DNS RBLs, DNS RWLs, DNS RHSBLs and DNS RHSWLs. The names of the values correspond to the names of the possible DNS query types."
+ " If you have any doubt, DO NOT use this option. Default: a, cname and txt"
+ },
+ {
+ CONFIG_TYPE_FILE_ARRAY,
+ CONFIG_ACCESS_READ_ONLY,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
+ { "dns-resolv-conf", required_argument, NULL, -1 },
+ { .string_value = DEFAULT_NIHDNS_RESOLVER_FILENAME },
+ { .string_value = NULL },
+ { .get_string_array = CONFIG_ACCESSOR_STRING_ARRAY(nihdns_resolv_conf) },
+ { .max_strlen = 0 },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ "FILE",
+ "Read the list of system nameservers and DNS resolver options from FILE. Default: " DEFAULT_NIHDNS_RESOLVER_FILENAME
+ },
+ {
CONFIG_TYPE_STRING_ARRAY,
CONFIG_ACCESS_NONE,
CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
@@ -657,7 +988,7 @@
NULL,
"IP[:PORT]",
"After sending a number of packets (set with \"max-dns-packets-primary\") to the primary DNS server(s) (set with \"dns-server-ip-primary\"), begin sending packets to the DNS server at IP"
- " on port PORT (if present, otherwise use port " STRINGIFY(DEFAULT_NIHDNS_PORT) "). Default: nameserver configuration is read from " DEFAULT_NIHDNS_RESOLVER_FILENAME "."
+ " on port PORT (if present, otherwise use port " STRINGIFY(DEFAULT_NIHDNS_PORT) "). Default: nameserver configuration is read from the file given with \"dns-resolv-conf\"."
},
{
CONFIG_TYPE_STRING_ARRAY,
@@ -675,7 +1006,54 @@
NULL,
"IP[:PORT]",
"Perform initial DNS queries using the DNS server at IP on port PORT (if given, otherwise use port " STRINGIFY(DEFAULT_NIHDNS_PORT) ")."
- " Default: nameserver configuration is read from " DEFAULT_NIHDNS_RESOLVER_FILENAME "."
+ " Default: nameserver configuration is read from the file given with \"dns-resolv-conf\"."
+ },
+ {
+ CONFIG_TYPE_NAME_ONCE,
+ CONFIG_ACCESS_NONE,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
+ { "dns-spoof", required_argument, NULL, -1 },
+ { .integer_value = NIHDNS_SPOOF_ACCEPT_ALL },
+ { .integer_value = NIHDNS_SPOOF_ACCEPT_ALL },
+ { .get_integer = CONFIG_ACCESSOR_INTEGER(nihdns_spoof) },
+ { .string_list =
+ {
+ .integers = (int []){ NIHDNS_SPOOF_ACCEPT_ALL, NIHDNS_SPOOF_ACCEPT_SAME_IP, NIHDNS_SPOOF_ACCEPT_SAME_PORT, NIHDNS_SPOOF_REJECT },
+ .strings = (char *[]){ "accept-all", "accept-same-ip", "accept-same-port", "reject", NULL }
+ }
+ },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ "LEVEL",
+ "Sets the tolerance of the DNS resolver to potential spoofing attempts (i.e. when a UDP packet is received from a different IP or port than the query was sent to) to LEVEL:"
+ " accept-all = accept all replies regardless of origin, accept-same-ip = accept all replies as long as the IP address is the same (even if the port has changed),"
+ " accept-same-port = accept all replies as long as the port is the same (even if the IP has changed), reject = do not accept any reply if the IP address or port has"
+ " changed. Default: accept-all"
+ },
+ {
+ CONFIG_TYPE_NAME_ONCE,
+ CONFIG_ACCESS_NONE,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
+ { "dns-tcp", required_argument, NULL, -1 },
+ { .integer_value = NIHDNS_TCP_NORMAL },
+ { .integer_value = NIHDNS_TCP_NORMAL },
+ { .get_integer = CONFIG_ACCESSOR_INTEGER(nihdns_tcp) },
+ { .string_list =
+ {
+ .integers = (int []){ NIHDNS_TCP_NONE, NIHDNS_TCP_NORMAL },
+ .strings = (char *[]){ "none", "normal", NULL }
+ }
+ },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ "LEVEL",
+ "Sets the DNS resolver TCP behavior to LEVEL: none = DNS queries will never be sent via TCP, normal = DNS queries will be sent via TCP if necessary. Default: normal"
},
{
CONFIG_TYPE_INTEGER,
@@ -1167,7 +1545,7 @@
CONFIG_ACCESS_READ_ONLY,
CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
{ "hostname-file", required_argument, NULL, -1 },
- { .string_value = NULL },
+ { .string_value = DEFAULT_CONTROL_HOSTNAME },
{ .string_value = NULL },
{ .get_string = CONFIG_ACCESSOR_STRING(local_server_name_file) },
{ .max_strlen = 0 },
@@ -1178,7 +1556,7 @@
NULL,
"FILE",
"Read the fully qualified domain name of this host from the first line of FILE. This value is only used to create an encrypted challenge during SMTP AUTH challenge-response."
- " This option is ignored if \"hostname\" is given. Default: do not read the hostname from a file."
+ " This option is ignored if \"hostname\" is given. Default: " DEFAULT_CONTROL_HOSTNAME
},
{
CONFIG_TYPE_INTEGER,
@@ -1641,6 +2019,23 @@
CONFIG_TYPE_BOOLEAN,
CONFIG_ACCESS_NONE,
CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE | CONFIG_LOCATION_DIR,
+ { "reject-identical-sender-recipient", optional_argument, NULL, -1 },
+ { .integer_value = 0 },
+ { .integer_value = 1 },
+ { .get_integer = CONFIG_ACCESSOR_INTEGER(check_identical_from_to) },
+ { 0 },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ "Reject attempts to deliver messages where the sender and recipient addresses are the same. Default: allow delivery when the sender and recipient addresses are the same."
+ },
+ {
+ CONFIG_TYPE_BOOLEAN,
+ CONFIG_ACCESS_NONE,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE | CONFIG_LOCATION_DIR,
{ "reject-ip-in-cc-rdns", optional_argument, NULL, 'c' },
{ .integer_value = 0 },
{ .integer_value = 1 },
@@ -1831,6 +2226,23 @@
CONFIG_TYPE_STRING_SINGLETON,
CONFIG_ACCESS_NONE,
CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE | CONFIG_LOCATION_DIR,
+ { "rejection-text-identical-sender-recipient", required_argument, NULL, -1 },
+ { .string_value = NULL },
+ { .string_value = NULL },
+ { .get_string = CONFIG_ACCESSOR_STRING(rejection_text[REJECTION_IDENTICAL_FROM_TO]) },
+ { .max_strlen = 100 },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ "TEXT",
+ "Use TEXT as the rejection message when a recipient is blocked because it is identical to a sender address. Default: \"" ERROR_IDENTICAL_FROM_TO "\""
+ },
+ {
+ CONFIG_TYPE_STRING_SINGLETON,
+ CONFIG_ACCESS_NONE,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE | CONFIG_LOCATION_DIR,
{ "rejection-text-ip-blacklist", required_argument, NULL, -1 },
{ .string_value = NULL },
{ .string_value = NULL },
@@ -2367,6 +2779,24 @@
" Ignored if \"tls-level\" is none."
},
{
+ CONFIG_TYPE_STRING_SINGLETON,
+ CONFIG_ACCESS_NONE,
+ CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
+ { "tls-cipher-list", required_argument, NULL, -1 },
+ { .string_value = DEFAULT_TLS_CIPHER_LIST },
+ { .string_value = DEFAULT_TLS_CIPHER_LIST },
+ { .get_string = CONFIG_ACCESSOR_STRING(tls_cipher_list) },
+ { .max_strlen = 0 },
+ FILTER_DECISION_UNDECIDED,
+ FILTER_GRACE_NONE,
+ NULL,
+ NULL,
+ NULL,
+ "STRING",
+ "Sets the list of supported TLS ciphers in the OpenSSL library before accepting any TLS connections. For most situations, the default cipher list is acceptable."
+ " Ignored if \"tls-level\" is none. Default: " DEFAULT_TLS_CIPHER_LIST
+ },
+ {
CONFIG_TYPE_NAME_ONCE,
CONFIG_ACCESS_NONE,
CONFIG_LOCATION_CMDLINE | CONFIG_LOCATION_GLOBAL_FILE,
@@ -2376,8 +2806,8 @@
{ .get_integer = CONFIG_ACCESSOR_INTEGER(tls_level) },
{ .string_list =
{
- .integers = (int []){ TLS_LEVEL_NONE, TLS_LEVEL_PROTOCOL, TLS_LEVEL_SMTPS },
- .strings = (char *[]){ "none", "smtp", "smtps", NULL },
+ .integers = (int []){ TLS_LEVEL_NONE, TLS_LEVEL_PROTOCOL, TLS_LEVEL_PROTOCOL_SPAMDYKE, TLS_LEVEL_SMTPS },
+ .strings = (char *[]){ "none", "smtp", "smtp-no-passthrough", "smtps", NULL },
}
},
FILTER_DECISION_UNDECIDED,
@@ -2387,8 +2817,9 @@
NULL,
"LEVEL",
"Offer TLS support LEVEL. LEVEL must be one of: none = do not support or allow TLS, even if qmail provides it, smtp"
- " = support TLS during SMTP if possible (or allow passthrough if not), smtps = start TLS as soon as the connection starts (SMTPS). If LEVEL is \"smtp\" and \"tls-certificate-file\""
- " is not given, TLS traffic will be passed through without decryption. If LEVEL is \"smtps\", \"tls-certificate-file\" is required. Default: smtp"
+ " = support TLS during SMTP if possible (or allow passthrough if not), smtp-no-passthrough = support TLS during SMTP if possible but do not allow passthrough,"
+ " smtps = start TLS as soon as the connection starts (SMTPS). If LEVEL is \"smtp\" and \"tls-certificate-file\""
+ " is not given, TLS traffic will be passed through without decryption. If LEVEL is \"smtp-no-passthrough\" or \"smtps\", \"tls-certificate-file\" is required. Default: smtp"
},
{
CONFIG_TYPE_FILE_SINGLETON,
@@ -2474,6 +2905,10 @@
tmp_settings.current_environment = envp;
tmp_settings.original_environment = envp;
+ /*
+ * init_option_set() will initialize all variables referenced in option_list
+ * above. Only the remaining variables need to be initialized here.
+ */
tmp_settings.server_name[0] = '\0';
tmp_settings.strlen_server_name = 0;
tmp_settings.server_ip = NULL;
@@ -2482,15 +2917,16 @@
tmp_settings.ip_in_server_name = -1;
tmp_settings.allow_relay = 1;
+ tmp_settings.additional_domain_text[0] = '\0';
tmp_settings.inside_data = 0;
tmp_settings.num_rcpt_to = 0;
tmp_settings.local_sender = 1;
tmp_settings.local_recipient = 1;
- tmp_settings.sender_address[0] = '\0';
- tmp_settings.sender_domain = NULL;
- tmp_settings.recipient_address[0] = '\0';
- tmp_settings.recipient_domain = NULL;
+ tmp_settings.sender_username[0] = '\0';
+ tmp_settings.sender_domain[0] = '\0';
+ tmp_settings.recipient_username[0] = '\0';
+ tmp_settings.recipient_domain[0] = '\0';
tmp_settings.configuration_path[0] = '\0';
tmp_settings.child_argv = NULL;
@@ -2502,6 +2938,9 @@
tmp_settings.smtp_auth_response[0] = '\0';
tmp_settings.smtp_auth_username[0] = '\0';
+ tmp_settings.connection_start = 0;
+ tmp_settings.command_start = 0;
+
tmp_settings.tls_state = TLS_STATE_INACTIVE;
#ifdef HAVE_LIBSSL
@@ -2522,7 +2961,7 @@
else if (option_list[i].getopt_option.val > tmp_settings.max_short_code)
tmp_settings.max_short_code = option_list[i].getopt_option.val;
- if ((tmp_settings.option_lookup = malloc((num_options + tmp_settings.max_short_code + 1) * sizeof(struct spamdyke_option *))) != NULL)
+ if ((tmp_settings.option_lookup = malloc(sizeof(struct spamdyke_option *) * (num_options + tmp_settings.max_short_code + 1))) != NULL)
{
for (i = 0; i < (num_options + tmp_settings.max_short_code); i++)
tmp_settings.option_lookup[i] = NULL;
@@ -2548,69 +2987,77 @@
}
else
{
- usage(&tmp_settings, 0, LOG_ERROR_MALLOC "\n", (unsigned long)((num_options + tmp_settings.max_short_code + 1) * sizeof(struct spamdyke_option *)));
+ usage(&tmp_settings, 0, LOG_ERROR_MALLOC "\n", (unsigned long)(sizeof(struct spamdyke_option *) * (num_options + tmp_settings.max_short_code + 1)));
continue_processing = 0;
}
/* Set some default values */
- if (continue_processing)
- for (i = 0; option_list[i].value_type != CONFIG_TYPE_NONE; i++)
- switch (option_list[i].value_type)
- {
- case CONFIG_TYPE_BOOLEAN:
- case CONFIG_TYPE_INTEGER:
- if ((option_list[i].getter.get_integer != NULL) &&
- ((ptr.integer_ptr = (*(option_list[i].getter.get_integer))(&tmp_settings.base_options)) != NULL))
- *(ptr.integer_ptr) = option_list[i].default_value.integer_value;
+ for (i = 0; continue_processing && (option_list[i].value_type != CONFIG_TYPE_NONE); i++)
+ {
+ option_list[i].value_set = 0;
- break;
- case CONFIG_TYPE_NAME_ONCE:
- case CONFIG_TYPE_NAME_MULTIPLE:
- if ((option_list[i].getter.get_integer != NULL) &&
- ((ptr.integer_ptr = (*(option_list[i].getter.get_integer))(&tmp_settings.base_options)) != NULL))
- *(ptr.integer_ptr) = 0;
+ switch (option_list[i].value_type)
+ {
+ case CONFIG_TYPE_BOOLEAN:
+ case CONFIG_TYPE_INTEGER:
+ if ((option_list[i].getter.get_integer != NULL) &&
+ ((ptr.integer_ptr = (*(option_list[i].getter.get_integer))(&tmp_settings.base_options)) != NULL))
+ *(ptr.integer_ptr) = option_list[i].default_value.integer_value;
- break;
- case CONFIG_TYPE_STRING_SINGLETON:
- case CONFIG_TYPE_FILE_SINGLETON:
- case CONFIG_TYPE_FILE_NOT_DIR_SINGLETON:
- case CONFIG_TYPE_DIR_SINGLETON:
- case CONFIG_TYPE_COMMAND_SINGLETON:
- case CONFIG_TYPE_OPTION_SINGLETON:
- if ((option_list[i].getter.get_string != NULL) &&
- ((ptr.string_ptr = (*(option_list[i].getter.get_string))(&tmp_settings.base_options)) != NULL))
+ break;
+ case CONFIG_TYPE_NAME_ONCE:
+ if ((option_list[i].getter.get_integer != NULL) &&
+ ((ptr.integer_ptr = (*(option_list[i].getter.get_integer))(&tmp_settings.base_options)) != NULL))
+ *(ptr.integer_ptr) = option_list[i].default_value.integer_value;
+
+ break;
+ case CONFIG_TYPE_NAME_MULTIPLE:
+ if ((option_list[i].getter.get_integer != NULL) &&
+ ((ptr.integer_ptr = (*(option_list[i].getter.get_integer))(&tmp_settings.base_options)) != NULL))
+ *(ptr.integer_ptr) = 0;
+
+ break;
+ case CONFIG_TYPE_STRING_SINGLETON:
+ case CONFIG_TYPE_FILE_SINGLETON:
+ case CONFIG_TYPE_FILE_NOT_DIR_SINGLETON:
+ case CONFIG_TYPE_DIR_SINGLETON:
+ case CONFIG_TYPE_COMMAND_SINGLETON:
+ case CONFIG_TYPE_OPTION_SINGLETON:
+ if ((option_list[i].getter.get_string != NULL) &&
+ ((ptr.string_ptr = (*(option_list[i].getter.get_string))(&tmp_settings.base_options)) != NULL))
+ {
+ *(ptr.string_ptr) = NULL;
+ if (option_list[i].default_value.string_value != NULL)
{
- *(ptr.string_ptr) = NULL;
- if (option_list[i].default_value.string_value != NULL)
+ tmp_strlen = strlen(option_list[i].default_value.string_value);
+ if ((tmp_char = (char *)malloc(sizeof(char) * (tmp_strlen + 1))) != NULL)
{
- tmp_strlen = strlen(option_list[i].default_value.string_value);
- if ((tmp_char = (char *)malloc(tmp_strlen + 1)) != NULL)
- {
- strncpy(tmp_char, option_list[i].default_value.string_value, tmp_strlen);
- tmp_char[tmp_strlen] = '\0';
- *(ptr.string_ptr) = tmp_char;
- }
- else
- {
- usage(&tmp_settings, 0, LOG_ERROR_MALLOC "\n", tmp_strlen + 1);
- continue_processing = 0;
- }
+ memcpy(tmp_char, option_list[i].default_value.string_value, sizeof(char) * tmp_strlen);
+ tmp_char[tmp_strlen] = '\0';
+ *(ptr.string_ptr) = tmp_char;
+ }
+ else
+ {
+ usage(&tmp_settings, 0, LOG_ERROR_MALLOC "\n", (unsigned long)(sizeof(char) * (strlen(option_list[i].default_value.string_value) + 1)));
+ continue_processing = 0;
}
}
+ }
- break;
- case CONFIG_TYPE_STRING_ARRAY:
- case CONFIG_TYPE_FILE_ARRAY:
- case CONFIG_TYPE_FILE_NOT_DIR_ARRAY:
- case CONFIG_TYPE_DIR_ARRAY:
- case CONFIG_TYPE_COMMAND_ARRAY:
- case CONFIG_TYPE_OPTION_ARRAY:
- if ((option_list[i].getter.get_string_array != NULL) &&
- ((ptr.string_array_ptr = (*(option_list[i].getter.get_string_array))(&tmp_settings.base_options)) != NULL))
- *(ptr.string_array_ptr) = NULL;
+ break;
+ case CONFIG_TYPE_STRING_ARRAY:
+ case CONFIG_TYPE_FILE_ARRAY:
+ case CONFIG_TYPE_FILE_NOT_DIR_ARRAY:
+ case CONFIG_TYPE_DIR_ARRAY:
+ case CONFIG_TYPE_COMMAND_ARRAY:
+ case CONFIG_TYPE_OPTION_ARRAY:
+ if ((option_list[i].getter.get_string_array != NULL) &&
+ ((ptr.string_array_ptr = (*(option_list[i].getter.get_string_array))(&tmp_settings.base_options)) != NULL))
+ *(ptr.string_array_ptr) = NULL;
- break;
- }
+ break;
+ }
+ }
if (continue_processing)
{
@@ -2676,14 +3123,14 @@
{
group_ptr[0] = '\0';
group_ptr += STRLEN(USER_DELIMITER);
-
+
if (sscanf(group_ptr, FORMAT_GID_T, &tmp_gid) &&
snprintf(tmp_name, MAX_BUF, FORMAT_GID_T, tmp_gid) &&
!strcmp(tmp_name, group_ptr))
tmp_group = getgrgid(tmp_gid);
else
tmp_group = getgrnam(group_ptr);
-
+
if (tmp_group != NULL)
if (setgid(tmp_group->gr_gid) == 0)
SPAMDYKE_LOG_EXCESSIVE(&tmp_settings, LOG_DEBUGX_SETGROUP, tmp_group->gr_name, tmp_group->gr_gid);
@@ -2691,15 +3138,15 @@
SPAMDYKE_LOG_ERROR(&tmp_settings, LOG_ERROR_SETGROUP, tmp_group->gr_name, tmp_group->gr_gid, strerror(errno));
else
SPAMDYKE_LOG_ERROR(&tmp_settings, LOG_ERROR_GETGROUP, group_ptr);
- }
-
+ }
+
if (sscanf(tmp_settings.current_options->run_user, FORMAT_UID_T, &tmp_uid) &&
snprintf(tmp_name, MAX_BUF, FORMAT_UID_T, tmp_uid) &&
!strcmp(tmp_name, tmp_settings.current_options->run_user))
tmp_passwd = getpwuid(tmp_uid);
else
tmp_passwd = getpwnam(tmp_settings.current_options->run_user);
-
+
if (tmp_passwd != NULL)
if (setuid(tmp_passwd->pw_uid) == 0)
SPAMDYKE_LOG_EXCESSIVE(&tmp_settings, LOG_DEBUGX_SETUSER, tmp_passwd->pw_name, tmp_passwd->pw_uid);
@@ -2707,10 +3154,12 @@
SPAMDYKE_LOG_ERROR(&tmp_settings, LOG_ERROR_SETUSER, tmp_passwd->pw_name, tmp_passwd->pw_uid, strerror(errno));
else
SPAMDYKE_LOG_ERROR(&tmp_settings, LOG_ERROR_GETUSER, tmp_settings.current_options->run_user);
- }
+ }
else
SPAMDYKE_LOG_DEBUG(&tmp_settings, LOG_DEBUG_NO_SETUSER, ((tmp_passwd = getpwuid(geteuid())) != NULL) ? tmp_passwd->pw_name : LOG_MISSING_DATA, geteuid());
+ endpwent();
+
if (tmp_settings.current_options->config_file != NULL)
for (i = 0; tmp_settings.current_options->config_file[i] != NULL; i++)
if ((tmp_settings.current_options->filter_action = process_config_file(&tmp_settings, tmp_settings.current_options->config_file[i], tmp_settings.current_options->filter_action, CONFIG_LOCATION_GLOBAL_FILE, NULL)) == FILTER_DECISION_ERROR)
@@ -2720,30 +3169,26 @@
}
/* Set remaining default values */
- if (continue_processing)
- for (i = 0; option_list[i].value_type != CONFIG_TYPE_NONE; i++)
+ for (i = 0; continue_processing && (option_list[i].value_type != CONFIG_TYPE_NONE); i++)
+ if (!option_list[i].value_set)
switch (option_list[i].value_type)
{
- case CONFIG_TYPE_NAME_ONCE:
case CONFIG_TYPE_NAME_MULTIPLE:
if ((option_list[i].getter.get_integer != NULL) &&
- ((ptr.integer_ptr = (*(option_list[i].getter.get_integer))(&tmp_settings.base_options)) != NULL) &&
- (*(ptr.integer_ptr) == 0))
+ ((ptr.integer_ptr = (*(option_list[i].getter.get_integer))(&tmp_settings.base_options)) != NULL))
*(ptr.integer_ptr) = option_list[i].default_value.integer_value;
break;
case CONFIG_TYPE_STRING_ARRAY:
case CONFIG_TYPE_FILE_ARRAY:
+ case CONFIG_TYPE_FILE_NOT_DIR_ARRAY:
case CONFIG_TYPE_DIR_ARRAY:
case CONFIG_TYPE_COMMAND_ARRAY:
case CONFIG_TYPE_OPTION_ARRAY:
- if ((option_list[i].getter.get_string_array != NULL) &&
- ((ptr.string_array_ptr = (*(option_list[i].getter.get_string_array))(&tmp_settings.base_options)) != NULL) &&
- (*(ptr.string_array_ptr) == NULL))
- {
- if (option_list[i].default_value.string_value != NULL)
- continue_processing = append_string(NULL, ptr.string_array_ptr, option_list[i].default_value.string_value, strlen(option_list[i].default_value.string_value));
- }
+ if ((option_list[i].default_value.string_value != NULL) &&
+ (option_list[i].getter.get_string_array != NULL) &&
+ ((ptr.string_array_ptr = (*(option_list[i].getter.get_string_array))(&tmp_settings.base_options)) != NULL))
+ continue_processing = append_string(NULL, ptr.string_array_ptr, option_list[i].default_value.string_value, strlen(option_list[i].default_value.string_value));
break;
}
@@ -2938,12 +3383,12 @@
tmp_char = NULL;
if ((strlen_target_string == -1) ||
- ((tmp_char = malloc(strlen_target_string + 1)) != NULL))
+ ((tmp_char = malloc(sizeof(char) * (strlen_target_string + 1))) != NULL))
if ((tmp_array = realloc((*target_list), sizeof(char *) * (i + 2))) != NULL)
{
if (strlen_target_string >= 0)
{
- memcpy(tmp_char, target_string, strlen_target_string);
+ memcpy(tmp_char, target_string, sizeof(char) * strlen_target_string);
tmp_char[strlen_target_string] = '\0';
tmp_array[i] = tmp_char;
}
@@ -2961,7 +3406,7 @@
free(tmp_char);
}
else
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(strlen_target_string + 1));
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(sizeof(char) * (strlen_target_string + 1)));
return(return_value);
}
@@ -2995,6 +3440,7 @@
return_value = current_return_value;
changed_value = 0;
+ remove_value = 0;
if (target_option != NULL)
switch (target_option->value_type)
@@ -3149,6 +3595,7 @@
{
*(ptr.integer_ptr) = 0;
input_value_ptr = NULL;
+ changed_value = 1;
}
else if (strncmp(input_value, CONFIG_VALUE_REMOVE, STRLEN(CONFIG_VALUE_REMOVE)) == 0)
{
@@ -3302,7 +3749,7 @@
if ((tmp_char = (char *)realloc(*(ptr.string_ptr), tmp_int + 1)) != NULL)
{
- strncpy(tmp_char, input_value_ptr, tmp_int);
+ memcpy(tmp_char, input_value_ptr, sizeof(char) * tmp_int);
tmp_char[tmp_int] = '\0';
*(ptr.string_ptr) = tmp_char;
changed_value = 1;
@@ -3315,7 +3762,7 @@
}
else
{
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, tmp_int + 1);
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(sizeof(char) * (strlen(input_value_ptr) + 1)));
return_value = FILTER_DECISION_ERROR;
}
}
@@ -3517,6 +3964,9 @@
(target_option->additional_set_actions != NULL))
return_value = (*(target_option->additional_set_actions))(current_settings, return_value, input_value, history);
+ if (changed_value)
+ target_option->value_set = 1;
+
return(return_value);
}
@@ -3549,6 +3999,8 @@
char ***string_array_ptr;
} ptr;
int num_config_file;
+ int directive_pos;
+ int value_pos;
return_value = current_return_value;
@@ -3580,10 +4032,13 @@
{
value[0] = '\0';
- if ((sscanf(tmp_buf, "%[^= \t\r\n]%*[ \t]" VALUE_DELIMITER "%*[ \t]%[^\r\n]", directive, value) != 2) &&
- (sscanf(tmp_buf, "%[^= \t\r\n]" VALUE_DELIMITER "%*[ \t]%[^\r\n]", directive, value) != 2) &&
- (sscanf(tmp_buf, "%[^= \t\r\n]%*[ \t]" VALUE_DELIMITER "%[^\r\n]", directive, value) != 2))
- sscanf(tmp_buf, "%[^= \t\r\n]" VALUE_DELIMITER "%[^\r\n]", directive, value);
+ if ((sscanf(tmp_buf, "%[^" VALUE_DELIMITER " \t\r\n]%*[ \t]%n" VALUE_DELIMITER "%*[ \t]%[^\r\n]%n", directive, &directive_pos, value, &value_pos) != 2) &&
+ (sscanf(tmp_buf, "%[^" VALUE_DELIMITER " \t\r\n]%n" VALUE_DELIMITER "%*[ \t]%[^\r\n]%n", directive, &directive_pos, value, &value_pos) != 2) &&
+ (sscanf(tmp_buf, "%[^" VALUE_DELIMITER " \t\r\n]%*[ \t]%n" VALUE_DELIMITER "%[^\r\n]%n", directive, &directive_pos, value, &value_pos) != 2))
+ sscanf(tmp_buf, "%[^" VALUE_DELIMITER " \t\r\n]%n" VALUE_DELIMITER "%[^\r\n]%n", directive, &directive_pos, value, &value_pos);
+
+ for (strlen_directive = 0; directive[strlen_directive] != '\0'; strlen_directive++)
+ directive[strlen_directive] = tolower((int)directive[strlen_directive]);
strlen_value = strlen(value);
for (i = strlen_value - 1; i >= 0; i--)
@@ -3592,46 +4047,60 @@
else
break;
- for (strlen_directive = 0; directive[strlen_directive] != '\0'; strlen_directive++)
- directive[strlen_directive] = tolower((int)directive[strlen_directive]);
-
- min_index = 0;
- max_index = current_settings->num_options - 1;
- while (max_index >= min_index)
- {
- i = ((max_index - min_index) / 2) + min_index;
- if ((compare_result = strcmp(directive, current_settings->option_list[i].getopt_option.name)) < 0)
- max_index = i - 1;
- else if (compare_result > 0)
- min_index = i + 1;
- else
+ for (i = ((value[0] == '\0') ? directive_pos : value_pos); i < strlen_buf; i++)
+ if (!isspace((int)tmp_buf[i]))
{
- if (current_settings->option_list[i].location & context)
- {
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_SET_VALUE_FROM_FILE, directive, config_filename, line_num + 1, value);
- return_value = set_config_value(current_settings, context, ¤t_settings->option_list[i], value, return_value, current_action);
- }
- else if ((context & CONFIG_LOCATION_MASK_ERRORS_CRITICAL) != 0)
+ if ((context & CONFIG_LOCATION_MASK_ERRORS_CRITICAL) != 0)
{
- usage(current_settings, 0, ERROR_CONFIG_ILLEGAL_OPTION_FILE "\n", config_filename, line_num + 1, directive);
+ usage(current_settings, 0, ERROR_CONFIG_SYNTAX_OPTION_FILE "\n", config_filename, line_num + 1, strlen_buf, tmp_buf);
return_value = FILTER_DECISION_ERROR;
}
else
- SPAMDYKE_LOG_ERROR(current_settings, ERROR_CONFIG_ILLEGAL_OPTION_FILE, config_filename, line_num + 1, directive);
+ SPAMDYKE_LOG_ERROR(current_settings, ERROR_CONFIG_SYNTAX_OPTION_FILE, config_filename, line_num + 1, strlen_buf, tmp_buf);
break;
}
- }
- if (min_index > max_index)
+ if (return_value != FILTER_DECISION_ERROR)
{
- if ((context & CONFIG_LOCATION_MASK_ERRORS_CRITICAL) != 0)
+ min_index = 0;
+ max_index = current_settings->num_options - 1;
+ while (max_index >= min_index)
{
- usage(current_settings, 0, ERROR_CONFIG_UNKNOWN_OPTION_FILE "\n", config_filename, line_num + 1, directive);
- return_value = FILTER_DECISION_ERROR;
+ i = ((max_index - min_index) / 2) + min_index;
+ if ((compare_result = strcmp(directive, current_settings->option_list[i].getopt_option.name)) < 0)
+ max_index = i - 1;
+ else if (compare_result > 0)
+ min_index = i + 1;
+ else
+ {
+ if (current_settings->option_list[i].location & context)
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_SET_VALUE_FROM_FILE, directive, config_filename, line_num + 1, value);
+ return_value = set_config_value(current_settings, context, ¤t_settings->option_list[i], value, return_value, current_action);
+ }
+ else if ((context & CONFIG_LOCATION_MASK_ERRORS_CRITICAL) != 0)
+ {
+ usage(current_settings, 0, ERROR_CONFIG_ILLEGAL_OPTION_FILE "\n", config_filename, line_num + 1, directive);
+ return_value = FILTER_DECISION_ERROR;
+ }
+ else
+ SPAMDYKE_LOG_ERROR(current_settings, ERROR_CONFIG_ILLEGAL_OPTION_FILE, config_filename, line_num + 1, directive);
+
+ break;
+ }
+ }
+
+ if (min_index > max_index)
+ {
+ if ((context & CONFIG_LOCATION_MASK_ERRORS_CRITICAL) != 0)
+ {
+ usage(current_settings, 0, ERROR_CONFIG_UNKNOWN_OPTION_FILE "\n", config_filename, line_num + 1, directive);
+ return_value = FILTER_DECISION_ERROR;
+ }
+ else
+ SPAMDYKE_LOG_ERROR(current_settings, ERROR_CONFIG_UNKNOWN_OPTION_FILE, config_filename, line_num + 1, directive);
}
- else
- SPAMDYKE_LOG_ERROR(current_settings, ERROR_CONFIG_ILLEGAL_OPTION_FILE, config_filename, line_num + 1, directive);
}
}
@@ -3649,11 +4118,13 @@
if (return_value != FILTER_DECISION_ERROR)
{
+ /*
+ * If the value was cleared during configuration, it is reset to default.
+ */
for (i = 0; current_settings->option_list[i].value_type != CONFIG_TYPE_NONE; i++)
switch (current_settings->option_list[i].value_type)
{
case CONFIG_TYPE_NAME_ONCE:
- case CONFIG_TYPE_NAME_MULTIPLE:
if ((current_settings->option_list[i].getter.get_integer != NULL) &&
((ptr.integer_ptr = (*(current_settings->option_list[i].getter.get_integer))(current_settings->current_options)) != NULL) &&
(*(ptr.integer_ptr) == 0))
@@ -3690,7 +4161,7 @@
* error: FILTER_DECISION_ERROR
* otherwise: return value from process_config_file()
*/
-int process_config_dir(struct filter_settings *current_settings, char *target_dir, char *target_ip, char *target_name, char *target_sender_address, char *target_sender_domain, char *target_recipient_address, char *target_recipient_domain, int current_return_value, int *return_processed_file)
+int process_config_dir(struct filter_settings *current_settings, char *target_dir, char *target_ip, char *target_name, char *target_sender_username, char *target_sender_domain, char *target_recipient_username, char *target_recipient_domain, int current_return_value, int *return_processed_file)
{
int return_value;
int i;
@@ -3727,7 +4198,7 @@
if (stat(tmp_path[0], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
+ if (S_ISDIR(tmp_stat.st_mode))
{
if ((sscanf(target_ip, "%3[0-9].%3[0-9].%3[0-9].%3[0-9]", ip_octets[0], ip_octets[1], ip_octets[2], ip_octets[3]) == 4) &&
(sscanf(ip_octets[0], "%d", &ip_ints[0]) == 1) &&
@@ -3753,15 +4224,15 @@
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_SEARCH, tmp_path[i]);
if (stat(tmp_path[i], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
+ if (S_ISDIR(tmp_stat.st_mode))
{
- return_value = process_config_dir(current_settings, tmp_path[i], NULL, target_name, target_sender_address, target_sender_domain, target_recipient_address, target_recipient_domain, return_value, processed_file);
+ return_value = process_config_dir(current_settings, tmp_path[i], NULL, target_name, target_sender_username, target_sender_domain, target_recipient_username, target_recipient_domain, return_value, processed_file);
if ((return_value == FILTER_DECISION_ERROR) ||
((current_settings->current_options->configuration_dir_search & CONFIG_DIR_SEARCH_ALL_IP) == 0))
break;
}
- else if ((tmp_stat.st_mode & S_IFMT) == S_IFREG)
+ else if (S_ISREG(tmp_stat.st_mode))
{
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_FILE, tmp_path[i]);
return_value = process_config_file(current_settings, tmp_path[i], return_value, CONFIG_LOCATION_DIR, NULL);
@@ -3796,9 +4267,9 @@
if (stat(tmp_path[0], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
+ if (S_ISDIR(tmp_stat.st_mode))
{
- strncpy(tmp_path[2], target_name, MINVAL(strlen_path[2], MAX_BUF));
+ memcpy(tmp_path[2], target_name, sizeof(char) * MINVAL(strlen_path[2], MAX_BUF));
tmp_path[2][MINVAL(strlen_path[2], MAX_BUF)] = '\0';
strlen_path[1] = 0;
@@ -3825,15 +4296,15 @@
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_SEARCH, tmp_path[0]);
if (stat(tmp_path[0], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
+ if (S_ISDIR(tmp_stat.st_mode))
{
- return_value = process_config_dir(current_settings, tmp_path[0], target_ip, NULL, target_sender_address, target_sender_domain, target_recipient_address, target_recipient_domain, return_value, processed_file);
+ return_value = process_config_dir(current_settings, tmp_path[0], target_ip, NULL, target_sender_username, target_sender_domain, target_recipient_username, target_recipient_domain, return_value, processed_file);
if ((return_value == FILTER_DECISION_ERROR) ||
((current_settings->current_options->configuration_dir_search & CONFIG_DIR_SEARCH_ALL_RDNS) == 0))
break;
}
- else if ((tmp_stat.st_mode & S_IFMT) == S_IFREG)
+ else if (S_ISREG(tmp_stat.st_mode))
{
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_FILE, tmp_path[0]);
return_value = process_config_file(current_settings, tmp_path[0], return_value, CONFIG_LOCATION_DIR, NULL);
@@ -3865,7 +4336,7 @@
if ((return_value != FILTER_DECISION_ERROR) &&
(!processed_file[2] ||
((current_settings->current_options->configuration_dir_search & CONFIG_DIR_SEARCH_ALL_SENDER) != 0)) &&
- (target_sender_address != NULL) &&
+ (target_sender_username != NULL) &&
(target_sender_domain != NULL) &&
((strlen_path[2] = strlen(target_sender_domain)) > 0))
{
@@ -3874,11 +4345,11 @@
if (stat(tmp_path[0], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
+ if (S_ISDIR(tmp_stat.st_mode))
{
found_sender_dir = 1;
- strncpy(tmp_path[2], target_sender_domain, MINVAL(strlen_path[2], MAX_BUF));
+ memcpy(tmp_path[2], target_sender_domain, sizeof(char) * MINVAL(strlen_path[2], MAX_BUF));
tmp_path[2][MINVAL(strlen_path[2], MAX_BUF)] = '\0';
strlen_path[1] = 0;
@@ -3898,14 +4369,14 @@
strlen_path[1] += snprintf(tmp_path[1] + strlen_path[1], MAX_BUF - strlen_path[1], DIR_DELIMITER_STR "%s", tmp_path[2]);
- strlen_path[0] = snprintf(tmp_path[0], MAX_BUF, "%s" DIR_DELIMITER_STR CONFIG_DIR_SENDER "%s" DIR_DELIMITER_STR CONFIG_DIR_USERNAME DIR_DELIMITER_STR "%s", target_dir, tmp_path[1], canonicalize_path(tmp_path[3], MAX_BUF, target_sender_address, (target_sender_domain - target_sender_address) - 1));
+ strlen_path[0] = snprintf(tmp_path[0], MAX_BUF, "%s" DIR_DELIMITER_STR CONFIG_DIR_SENDER "%s" DIR_DELIMITER_STR CONFIG_DIR_USERNAME DIR_DELIMITER_STR "%s", target_dir, tmp_path[1], canonicalize_path(tmp_path[3], MAX_BUF, target_sender_username, -1));
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_SEARCH, tmp_path[0]);
if (stat(tmp_path[0], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
- return_value = process_config_dir(current_settings, tmp_path[0], target_ip, target_name, NULL, target_sender_domain, target_recipient_address, target_recipient_domain, return_value, processed_file);
- else if ((tmp_stat.st_mode & S_IFMT) == S_IFREG)
+ if (S_ISDIR(tmp_stat.st_mode))
+ return_value = process_config_dir(current_settings, tmp_path[0], target_ip, target_name, NULL, target_sender_domain, target_recipient_username, target_recipient_domain, return_value, processed_file);
+ else if (S_ISREG(tmp_stat.st_mode))
{
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_FILE, tmp_path[0]);
return_value = process_config_file(current_settings, tmp_path[0], return_value, CONFIG_LOCATION_DIR, NULL);
@@ -3930,7 +4401,7 @@
((strlen_path[2] = strlen(target_sender_domain)) > 0) &&
found_sender_dir)
{
- strncpy(tmp_path[2], target_sender_domain, MINVAL(strlen_path[2], MAX_BUF));
+ memcpy(tmp_path[2], target_sender_domain, sizeof(char) * MINVAL(strlen_path[2], MAX_BUF));
tmp_path[2][MINVAL(strlen_path[2], MAX_BUF)] = '\0';
strlen_path[1] = 0;
@@ -3958,15 +4429,15 @@
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_SEARCH, tmp_path[0]);
if (stat(tmp_path[0], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
+ if (S_ISDIR(tmp_stat.st_mode))
{
- return_value = process_config_dir(current_settings, tmp_path[0], target_ip, target_name, NULL, NULL, target_recipient_address, target_recipient_domain, return_value, processed_file);
+ return_value = process_config_dir(current_settings, tmp_path[0], target_ip, target_name, NULL, NULL, target_recipient_username, target_recipient_domain, return_value, processed_file);
if ((return_value == FILTER_DECISION_ERROR) ||
((current_settings->current_options->configuration_dir_search & CONFIG_DIR_SEARCH_ALL_SENDER) == 0))
break;
}
- else if ((tmp_stat.st_mode & S_IFMT) == S_IFREG)
+ else if (S_ISREG(tmp_stat.st_mode))
{
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_FILE, tmp_path[0]);
return_value = process_config_file(current_settings, tmp_path[0], return_value, CONFIG_LOCATION_DIR, NULL);
@@ -3993,7 +4464,7 @@
if ((return_value != FILTER_DECISION_ERROR) &&
(!processed_file[3] ||
((current_settings->current_options->configuration_dir_search & CONFIG_DIR_SEARCH_ALL_RECIPIENT) != 0)) &&
- (target_recipient_address != NULL) &&
+ (target_recipient_username != NULL) &&
(target_recipient_domain != NULL) &&
((strlen_path[2] = strlen(target_recipient_domain)) > 0))
{
@@ -4002,11 +4473,11 @@
if (stat(tmp_path[0], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
+ if (S_ISDIR(tmp_stat.st_mode))
{
found_recipient_dir = 1;
- strncpy(tmp_path[2], target_recipient_domain, MINVAL(strlen_path[2], MAX_BUF));
+ memcpy(tmp_path[2], target_recipient_domain, sizeof(char) * MINVAL(strlen_path[2], MAX_BUF));
tmp_path[2][MINVAL(strlen_path[2], MAX_BUF)] = '\0';
strlen_path[1] = 0;
@@ -4026,14 +4497,14 @@
strlen_path[1] += snprintf(tmp_path[1] + strlen_path[1], MAX_BUF - strlen_path[1], DIR_DELIMITER_STR "%s", tmp_path[2]);
- strlen_path[0] = snprintf(tmp_path[0], MAX_BUF, "%s" DIR_DELIMITER_STR CONFIG_DIR_RECIPIENT "%s" DIR_DELIMITER_STR CONFIG_DIR_USERNAME DIR_DELIMITER_STR "%s", target_dir, tmp_path[1], canonicalize_path(tmp_path[3], MAX_BUF, target_recipient_address, (target_recipient_domain - target_recipient_address) - 1));
+ strlen_path[0] = snprintf(tmp_path[0], MAX_BUF, "%s" DIR_DELIMITER_STR CONFIG_DIR_RECIPIENT "%s" DIR_DELIMITER_STR CONFIG_DIR_USERNAME DIR_DELIMITER_STR "%s", target_dir, tmp_path[1], canonicalize_path(tmp_path[3], MAX_BUF, target_recipient_username, -1));
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_SEARCH, tmp_path[0]);
if (stat(tmp_path[0], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
- return_value = process_config_dir(current_settings, tmp_path[0], target_ip, target_name, target_sender_address, target_sender_domain, NULL, target_recipient_domain, return_value, processed_file);
- else if ((tmp_stat.st_mode & S_IFMT) == S_IFREG)
+ if (S_ISDIR(tmp_stat.st_mode))
+ return_value = process_config_dir(current_settings, tmp_path[0], target_ip, target_name, target_sender_username, target_sender_domain, NULL, target_recipient_domain, return_value, processed_file);
+ else if (S_ISREG(tmp_stat.st_mode))
{
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_FILE, tmp_path[0]);
return_value = process_config_file(current_settings, tmp_path[0], return_value, CONFIG_LOCATION_DIR, NULL);
@@ -4058,7 +4529,7 @@
((strlen_path[2] = strlen(target_recipient_domain)) > 0) &&
found_recipient_dir)
{
- strncpy(tmp_path[2], target_recipient_domain, MINVAL(strlen_path[2], MAX_BUF));
+ memcpy(tmp_path[2], target_recipient_domain, sizeof(char) * MINVAL(strlen_path[2], MAX_BUF));
tmp_path[2][MINVAL(strlen_path[2], MAX_BUF)] = '\0';
strlen_path[1] = 0;
@@ -4086,14 +4557,14 @@
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_SEARCH, tmp_path[0]);
if (stat(tmp_path[0], &tmp_stat) == 0)
{
- if ((tmp_stat.st_mode & S_IFMT) == S_IFDIR)
+ if (S_ISDIR(tmp_stat.st_mode))
{
- return_value = process_config_dir(current_settings, tmp_path[0], target_ip, target_name, target_sender_address, target_sender_domain, NULL, NULL, return_value, processed_file);
+ return_value = process_config_dir(current_settings, tmp_path[0], target_ip, target_name, target_sender_username, target_sender_domain, NULL, NULL, return_value, processed_file);
if ((current_settings->current_options->configuration_dir_search & CONFIG_DIR_SEARCH_ALL_RECIPIENT) == 0)
break;
}
- else if ((tmp_stat.st_mode & S_IFMT) == S_IFREG)
+ else if (S_ISREG(tmp_stat.st_mode))
{
SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_CONFIG_FILE, tmp_path[0]);
return_value = process_config_file(current_settings, tmp_path[0], return_value, CONFIG_LOCATION_DIR, NULL);
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/configuration.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/configure
^
|
| @@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for spamdyke 4.0.10.
+# Generated by GNU Autoconf 2.61 for spamdyke 4.2.0.
#
# Report bugs to <samc (at) silence (dot) org>.
#
@@ -574,8 +574,8 @@
# Identity of this package.
PACKAGE_NAME='spamdyke'
PACKAGE_TARNAME='-spamdyke-'
-PACKAGE_VERSION='4.0.10'
-PACKAGE_STRING='spamdyke 4.0.10'
+PACKAGE_VERSION='4.2.0'
+PACKAGE_STRING='spamdyke 4.2.0'
PACKAGE_BUGREPORT='samc (at) silence (dot) org'
ac_unique_file="spamdyke.h"
@@ -1178,7 +1178,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures spamdyke 4.0.10 to adapt to many kinds of systems.
+\`configure' configures spamdyke 4.2.0 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1239,7 +1239,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of spamdyke 4.0.10:";;
+ short | recursive ) echo "Configuration of spamdyke 4.2.0:";;
esac
cat <<\_ACEOF
@@ -1332,7 +1332,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-spamdyke configure 4.0.10
+spamdyke configure 4.2.0
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1346,7 +1346,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by spamdyke $as_me 4.0.10, which was
+It was created by spamdyke $as_me 4.2.0, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -2894,7 +2894,7 @@
else
ac_cv_header_stdc=no
fi
-rm -f conftest*
+rm -f -r conftest*
fi
@@ -2915,7 +2915,7 @@
else
ac_cv_header_stdc=no
fi
-rm -f conftest*
+rm -f -r conftest*
fi
@@ -3359,6 +3359,214 @@
done
+
+for ac_header in sys/types.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+else
+ # Is the header compilable?
+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_compiler=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+
+rm -f conftest.err conftest.$ac_ext
+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6; }
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ ( cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to samc (at) silence (dot) org ##
+## ------------------------------------------ ##
+_ASBOX
+ ) | sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+
+for ac_header in stdint.h sys/inttypes.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+ #ifdef HAVE_NUMBER_H
+ #include <number.h>
+ #endif
+
+
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ eval "$as_ac_Header=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_Header=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_Header'}'`
+ { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
{ echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5
echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6; }
if test "${ac_cv_header_time+set}" = set; then
@@ -5822,6 +6030,56 @@
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: checking whether GCC diagnostic pragma directives are supported" >&5
+echo $ECHO_N "checking whether GCC diagnostic pragma directives are supported... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+ #pragma GCC diagnostic error "-Wformat"
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ { echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
+ cat >>confdefs.h <<\_ACEOF
+#define USE_PRAGMA 1
+_ACEOF
+
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
{ echo "$as_me:$LINENO: checking whether pid_t is an unsigned int or an unsigned long" >&5
echo $ECHO_N "checking whether pid_t is an unsigned int or an unsigned long... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
@@ -5832,6 +6090,9 @@
/* end confdefs.h. */
#include <stdio.h>
#include <unistd.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif
int
main ()
{
@@ -5888,6 +6149,9 @@
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif
int
main ()
{
@@ -5944,6 +6208,9 @@
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif
int
main ()
{
@@ -5989,19 +6256,85 @@
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-{ echo "$as_me:$LINENO: checking whether long long ints are supported in a test program" >&5
-echo $ECHO_N "checking whether long long ints are supported in a test program... $ECHO_C" >&6; }
+{ echo "$as_me:$LINENO: checking whether time_t is an int or a long" >&5
+echo $ECHO_N "checking whether time_t is an int or a long... $ECHO_C" >&6; }
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
+ #include <stdio.h>
+ #include <time.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif
+int
+main ()
+{
+ printf("%d", time(NULL));
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ { echo "$as_me:$LINENO: result: int" >&5
+echo "${ECHO_T}int" >&6; }
+ cat >>confdefs.h <<\_ACEOF
+#define FORMAT_TIME_T "%d"
+_ACEOF
+
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+ { echo "$as_me:$LINENO: result: long" >&5
+echo "${ECHO_T}long" >&6; }
+ cat >>confdefs.h <<\_ACEOF
+#define FORMAT_TIME_T "%ld"
+_ACEOF
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+{ echo "$as_me:$LINENO: checking whether int64_ts are supported in a test program" >&5
+echo $ECHO_N "checking whether int64_ts are supported in a test program... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+ #ifdef HAVE_INTTYPES_H
+ #include <inttypes.h>
+ #endif
+ #ifdef HAVE_STDINT_H
+ #include <stdint.h>
+ #endif
+ #ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
+ #endif
int
main ()
{
- long long int tmp;
+ int64_t tmp;
tmp = 0x7777777777777777ULL;
;
return 0;
@@ -6041,11 +6374,23 @@
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
- #include <stdio.h>
+ #ifdef HAVE_INTTYPES_H
+ #include <inttypes.h>
+ #endif
+ #ifdef HAVE_STDINT_H
+ #include <stdint.h>
+ #endif
+ #ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
+ #endif
+ #include <stdio.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif
int
main ()
{
- long long int tmp;
+ int64_t tmp;
tmp = 0x7777777777777777ULL;
if ((sscanf("1", "%ld", &tmp) != 1) ||
(tmp != 1))
@@ -6110,11 +6455,23 @@
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
- #include <stdio.h>
+ #ifdef HAVE_INTTYPES_H
+ #include <inttypes.h>
+ #endif
+ #ifdef HAVE_STDINT_H
+ #include <stdint.h>
+ #endif
+ #ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
+ #endif
+ #include <stdio.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif
int
main ()
{
- long long int tmp;
+ int64_t tmp;
tmp = 0x7777777777777777ULL;
if ((sscanf("1", "%lld", &tmp) != 1) ||
(tmp != 1))
@@ -6179,11 +6536,23 @@
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
- #include <stdio.h>
+ #ifdef HAVE_INTTYPES_H
+ #include <inttypes.h>
+ #endif
+ #ifdef HAVE_STDINT_H
+ #include <stdint.h>
+ #endif
+ #ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
+ #endif
+ #include <stdio.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif
int
main ()
{
- long long int tmp;
+ int64_t tmp;
tmp = 0x7777777777777777ULL;
if ((sscanf("1", "%qd", &tmp) != 1) ||
(tmp != 1))
@@ -6374,6 +6743,58 @@
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ echo "$as_me:$LINENO: checking whether socklen_t is available" >&5
+echo $ECHO_N "checking whether socklen_t is available... $ECHO_C" >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+ #include <sys/socket.h>
+int
+main ()
+{
+ socklen_t foo;
+ foo = 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ { echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6; }
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ { echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6; }
+ cat >>confdefs.h <<\_ACEOF
+#define socklen_t uint32_t
+_ACEOF
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
ac_config_files="$ac_config_files Makefile"
cat >confcache <<\_ACEOF
@@ -6772,7 +7193,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by spamdyke $as_me 4.0.10, which was
+This file was extended by spamdyke $as_me 4.2.0, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -6821,7 +7242,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-spamdyke config.status 4.0.10
+spamdyke config.status 4.2.0
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/configure.ac
^
|
| @@ -1,7 +1,7 @@
# Process this file with autoconf to produce a configure script.
################################################################################
# spamdyke -- a filter for stopping spam at connection time.
-# Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+# Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
@@ -17,7 +17,7 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
AC_PREREQ(2.59)
-AC_INIT([[spamdyke]], [[4.0.10]], [[samc (at) silence (dot) org]])
+AC_INIT([[spamdyke]], [[4.2.0]], [[samc (at) silence (dot) org]])
AC_CONFIG_SRCDIR([spamdyke.h])
AC_CONFIG_HEADER([config.h])
@@ -29,6 +29,15 @@
AC_CHECK_HEADERS([stdint.h])
AC_CHECK_HEADERS([sys/inttypes.h])
+AC_CHECK_HEADERS([sys/types.h])
+AC_CHECK_HEADERS([stdint.h sys/inttypes.h],
+ [],
+ [],
+ [[ #ifdef HAVE_NUMBER_H
+ #include <number.h>
+ #endif
+ ]])
+
AC_HEADER_TIME
AC_TYPE_INT16_T
@@ -211,9 +220,19 @@
])
])
+AC_MSG_CHECKING([whether GCC diagnostic pragma directives are supported])
+AC_TRY_COMPILE([ #pragma GCC diagnostic error "-Wformat" ],
+ [ ],
+ [ AC_MSG_RESULT([yes])
+ AC_DEFINE([USE_PRAGMA], [1]) ],
+ [ AC_MSG_RESULT([no]) ])
+
AC_MSG_CHECKING([whether pid_t is an unsigned int or an unsigned long])
AC_TRY_COMPILE([ #include <stdio.h>
- #include <unistd.h> ],
+ #include <unistd.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif ],
[ printf("%u", getpid()); ],
[ AC_MSG_RESULT([unsigned int])
AC_DEFINE([FORMAT_PID_T], ["%u"]) ],
@@ -223,7 +242,10 @@
AC_MSG_CHECKING([whether uid_t is an unsigned int or an unsigned long])
AC_TRY_COMPILE([ #include <stdio.h>
#include <sys/types.h>
- #include <unistd.h> ],
+ #include <unistd.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif ],
[ printf("%u", getuid()); ],
[ AC_MSG_RESULT([unsigned int])
AC_DEFINE([FORMAT_UID_T], ["%u"]) ],
@@ -233,21 +255,56 @@
AC_MSG_CHECKING([whether gid_t is an unsigned int or an unsigned long])
AC_TRY_COMPILE([ #include <stdio.h>
#include <sys/types.h>
- #include <unistd.h> ],
+ #include <unistd.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif ],
[ printf("%u", getgid()); ],
[ AC_MSG_RESULT([unsigned int])
AC_DEFINE([FORMAT_GID_T], ["%u"]) ],
[ AC_MSG_RESULT([unsigned long])
AC_DEFINE([FORMAT_GID_T], ["%lu"]) ])
-AC_MSG_CHECKING([whether long long ints are supported in a test program])
-AC_TRY_COMPILE([],
- [ long long int tmp;
+AC_MSG_CHECKING([whether time_t is an int or a long])
+AC_TRY_COMPILE([ #include <stdio.h>
+ #include <time.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif ],
+ [ printf("%d", time(NULL)); ],
+ [ AC_MSG_RESULT([int])
+ AC_DEFINE([FORMAT_TIME_T], ["%d"]) ],
+ [ AC_MSG_RESULT([long])
+ AC_DEFINE([FORMAT_TIME_T], ["%ld"]) ])
+
+AC_MSG_CHECKING([whether int64_ts are supported in a test program])
+AC_TRY_COMPILE([ #ifdef HAVE_INTTYPES_H
+ #include <inttypes.h>
+ #endif
+ #ifdef HAVE_STDINT_H
+ #include <stdint.h>
+ #endif
+ #ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
+ #endif ],
+ [ int64_t tmp;
tmp = 0x7777777777777777ULL; ],
[ AC_MSG_RESULT([yes])
AC_MSG_CHECKING([whether printf()/scanf() uses %ld for 64-bit integers])
- AC_RUN_IFELSE([ AC_LANG_PROGRAM([ #include <stdio.h> ],
- [ long long int tmp;
+ AC_RUN_IFELSE([ AC_LANG_PROGRAM([ #ifdef HAVE_INTTYPES_H
+ #include <inttypes.h>
+ #endif
+ #ifdef HAVE_STDINT_H
+ #include <stdint.h>
+ #endif
+ #ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
+ #endif
+ #include <stdio.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif ],
+ [ int64_t tmp;
tmp = 0x7777777777777777ULL;
if ((sscanf("1", "%ld", &tmp) != 1) ||
(tmp != 1))
@@ -260,8 +317,20 @@
AC_DEFINE([FORMAT_UINT64_T], ["%lu"]) ],
[ AC_MSG_RESULT([no])
AC_MSG_CHECKING([whether printf()/scanf() uses %lld for 64-bit integers])
- AC_RUN_IFELSE([ AC_LANG_PROGRAM([ #include <stdio.h> ],
- [ long long int tmp;
+ AC_RUN_IFELSE([ AC_LANG_PROGRAM([ #ifdef HAVE_INTTYPES_H
+ #include <inttypes.h>
+ #endif
+ #ifdef HAVE_STDINT_H
+ #include <stdint.h>
+ #endif
+ #ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
+ #endif
+ #include <stdio.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif ],
+ [ int64_t tmp;
tmp = 0x7777777777777777ULL;
if ((sscanf("1", "%lld", &tmp) != 1) ||
(tmp != 1))
@@ -274,8 +343,20 @@
AC_DEFINE([FORMAT_UINT64_T], ["%llu"]) ],
[ AC_MSG_RESULT([no])
AC_MSG_CHECKING([whether printf()/scanf() uses %qd for 64-bit integers])
- AC_RUN_IFELSE([ AC_LANG_PROGRAM([ #include <stdio.h> ],
- [ long long int tmp;
+ AC_RUN_IFELSE([ AC_LANG_PROGRAM([ #ifdef HAVE_INTTYPES_H
+ #include <inttypes.h>
+ #endif
+ #ifdef HAVE_STDINT_H
+ #include <stdint.h>
+ #endif
+ #ifdef HAVE_SYS_TYPES_H
+ #include <sys/types.h>
+ #endif
+ #include <stdio.h>
+ #ifdef USE_PRAGMA
+ #pragma GCC diagnostic error "-Wformat"
+ #endif ],
+ [ int64_t tmp;
tmp = 0x7777777777777777ULL;
if ((sscanf("1", "%qd", &tmp) != 1) ||
(tmp != 1))
@@ -311,5 +392,14 @@
AC_DEFINE([__func__], ["(unknown)"]) ])
])
+AC_MSG_CHECKING([whether socklen_t is available])
+AC_TRY_COMPILE([ #include <sys/socket.h> ],
+ [ socklen_t foo;
+ foo = 0; ],
+ [ AC_MSG_RESULT([yes]) ],
+ [ AC_MSG_RESULT([no])
+ AC_DEFINE([socklen_t], [uint32_t])
+ ])
+
AC_CONFIG_FILES([Makefile])
AC_OUTPUT
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/dns.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -27,6 +27,7 @@
#include <ctype.h>
#include <netdb.h>
#include <strings.h>
+#include <fcntl.h>
#include "config.h"
@@ -84,25 +85,25 @@
* IF THE TYPE IS A:
* The first 4 bytes are the four octets of the IP address.
*
- * IF THE TYPE IS NIHDNS_TYPE_TXT:
+ * IF THE TYPE IS TXT:
* The first 8 bits are an unsigned integer indicating the total length of
* the text response. The following bytes are the ASCII text of the response.
*
- * IF THE TYPE IS NIHDNS_TYPE_PTR OR NIHDNS_TYPE_NS:
+ * IF THE TYPE IS PTR OR NS:
* All of the bytes are the compressed name of the result. They can be
* decoded with dn_expand().
*
- * IF THE TYPE IS NIHDNS_TYPE_CNAME:
+ * IF THE TYPE IS CNAME:
* All of the bytes are the compressed name of the CNAME entry. They can be
* decoded with dn_expand().
*
- * IF THE TYPE IS NIHDNS_TYPE_MX:
+ * IF THE TYPE IS MX:
* Each answer begins with an unsigned 16 bit integer indicating the preference
* of the mail server (lower preferences should be contacted first). The
* remainder of the answer is the mail server name. It can be decoded with
* dn_expand().
*
- * IF THE TYPE IS NIHDNS_TYPE_SOA:
+ * IF THE TYPE IS SOA:
* The first section of bytes are the compressed name of the primary NS server.
* They can be decoded with dn_expand(). The second section of bytes are the
* compressed name of the administrator's mailbox. They can be decoded with
@@ -190,7 +191,7 @@
return_value++;
}
- strncpy(return_buf + return_value, tmp_ptr + 1, MINVAL(tmp_ptr[0], length_return_buf - return_value));
+ memcpy(return_buf + return_value, tmp_ptr + 1, MINVAL(tmp_ptr[0], length_return_buf - return_value));
return_value += tmp_ptr[0];
return_buf[return_value] = '\0';
if (((tmp_ptr += tmp_ptr[0] + 1) > answer_end) ||
@@ -251,28 +252,28 @@
return(!error_occurred ? (tmp_ptr - answer_ptr) : -1);
}
-void nihdns_empty_buffer(int dns_socket)
+void nihdns_empty_udp_buffer(int udp_socket)
{
fd_set read_fds;
int select_result;
- char tmp_buf[MAX_DNS_PACKET_BYTES];
+ char tmp_buf[MAX_DNS_PACKET_BYTES_UDP];
struct timeval tmp_timeval;
- if (dns_socket >= 0)
+ if (udp_socket >= 0)
{
select_result = 0;
do
{
if (select_result > 0)
- recvfrom(dns_socket, tmp_buf, MAX_DNS_PACKET_BYTES, 0, NULL, NULL);
+ recvfrom(udp_socket, tmp_buf, MAX_DNS_PACKET_BYTES_UDP, 0, NULL, NULL);
FD_ZERO(&read_fds);
- FD_SET(dns_socket, &read_fds);
+ FD_SET(udp_socket, &read_fds);
tmp_timeval.tv_sec = 0;
tmp_timeval.tv_usec = 0;
}
- while ((select_result = select(dns_socket + 1, &read_fds, NULL, NULL, &tmp_timeval)) > 0);
+ while ((select_result = select(udp_socket + 1, &read_fds, NULL, NULL, &tmp_timeval)) > 0);
}
return;
@@ -390,11 +391,11 @@
int nihdns_initialize(struct filter_settings *current_settings, int close_socket)
{
- static int dns_socket = -1;
+ static int udp_socket = -1;
+ int i;
char *resolv_env;
char timeout[6];
int target_timeout;
- struct protoent *tmp_protoent;
struct sockaddr_in tmp_sockaddr;
int max_buf_socket = MAX_BUF_SOCKET;
int default_port;
@@ -415,8 +416,12 @@
free_string_array(¤t_settings->current_options->nihdns_primary_server_list, current_settings->base_options.nihdns_primary_server_list);
free_string_array(¤t_settings->current_options->nihdns_secondary_server_list, current_settings->base_options.nihdns_secondary_server_list);
- load_resolver_file(current_settings, DEFAULT_NIHDNS_RESOLVER_FILENAME, &default_port);
- print_configuration(current_settings);
+ if (current_settings->current_options->nihdns_resolv_conf != NULL)
+ for (i = 0; current_settings->current_options->nihdns_resolv_conf[i] != NULL; i++)
+ {
+ load_resolver_file(current_settings, current_settings->current_options->nihdns_resolv_conf[i], &default_port);
+ print_configuration(current_settings);
+ }
if (nihdns_parse_servers(current_settings, default_port) == 0)
{
@@ -439,7 +444,7 @@
}
}
- if (dns_socket == -1)
+ if (udp_socket == -1)
{
if ((current_settings->current_options->nihdns_primary_server_data[0].sin_addr.s_addr != INADDR_ANY) ||
(current_settings->current_options->nihdns_secondary_server_data[0].sin_addr.s_addr != INADDR_ANY))
@@ -474,41 +479,61 @@
tmp_sockaddr.sin_addr.s_addr = htonl(INADDR_ANY);
bzero(&tmp_sockaddr.sin_zero, 8);
- if ((tmp_protoent = getprotobyname(PROTOCOL_NAME_UDP)) != NULL)
+ if ((udp_socket = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) != -1)
{
- if ((dns_socket = socket(PF_INET, SOCK_DGRAM, tmp_protoent->p_proto)) != -1)
+ if (fcntl(udp_socket, F_SETFL, fcntl(udp_socket, F_GETFL, 0) | O_NONBLOCK) == -1)
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_NONBLOCK_DNS_UDP "%s", strerror(errno));
+
+ if (bind(udp_socket, (struct sockaddr *)&tmp_sockaddr, sizeof(struct sockaddr)) == 0)
{
- if (bind(dns_socket, (struct sockaddr *)&tmp_sockaddr, sizeof(struct sockaddr)) == 0)
- {
- if (setsockopt(dns_socket, SOL_SOCKET, SO_RCVBUF, (char *)&max_buf_socket, sizeof(int)) != 0)
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SETSOCKOPT, strerror(errno));
+ if (setsockopt(udp_socket, SOL_SOCKET, SO_RCVBUF, (char *)&max_buf_socket, sizeof(int)) != 0)
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SETSOCKOPT, strerror(errno));
- if (setsockopt(dns_socket, SOL_SOCKET, SO_SNDBUF, (char *)&max_buf_socket, sizeof(int)) != 0)
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SETSOCKOPT, strerror(errno));
- }
- else
- {
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_BIND, strerror(errno));
- close(dns_socket);
- dns_socket = -1;
- }
+ if (setsockopt(udp_socket, SOL_SOCKET, SO_SNDBUF, (char *)&max_buf_socket, sizeof(int)) != 0)
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SETSOCKOPT, strerror(errno));
}
else
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SOCKET, strerror(errno));
+ {
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_BIND, strerror(errno));
+ close(udp_socket);
+ udp_socket = -1;
+ }
}
else
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_GETPROTOBYNAME);
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SOCKET_UDP, strerror(errno));
}
}
}
- else if (dns_socket != -1)
+ else if (udp_socket != -1)
{
- /* FIXME: This isn't really necessary and might be causing problems: nihdns_empty_buffer(dns_socket); */
- close(dns_socket);
- dns_socket = -1;
+ nihdns_empty_udp_buffer(udp_socket);
+ close(udp_socket);
+ udp_socket = -1;
}
- return(dns_socket);
+ return(udp_socket);
+ }
+
+/*
+ * Return value:
+ * ERROR: -1
+ * SUCCESS: fd of socket
+ */
+int nihdns_create_socket_tcp(struct filter_settings *current_settings)
+ {
+ int return_value;
+
+ return_value = -1;
+
+ if ((return_value = socket(AF_INET, SOCK_STREAM, 0)) != -1)
+ {
+ if (fcntl(return_value, F_SETFL, fcntl(return_value, F_GETFL, 0) | O_NONBLOCK) == -1)
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_NONBLOCK_DNS_TCP "%s", strerror(errno));
+ }
+ else
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SOCKET_TCP, strerror(errno));
+
+ return(return_value);
}
/*
@@ -516,7 +541,7 @@
* ERROR: -1
* SUCCESS: size of packet
*/
-int nihdns_create_packet(int id, char *target_name, int type, char *return_query, int length_return_query)
+int nihdns_create_packet(struct filter_settings *current_settings, int id, char *target_name, int type, char *return_query, int length_return_query)
{
static char packet_template[] = { /* ID */ 0x00, 0x00,
/* QR, OPCODE, AA, TC, RD, RA, RCODE */ 0x01, 0x00,
@@ -534,88 +559,103 @@
return_value = -1;
if ((target_name != NULL) &&
- ((strlen_target_name = strlen(target_name)) > 0) &&
- (length_return_query > (sizeof(packet_template) + strlen_target_name + 10)))
+ ((strlen_target_name = strlen(target_name)) > 0))
{
- memcpy(return_query, packet_template, sizeof(packet_template));
-
- tmp_num = id;
- return_query[0] = ((char *)&tmp_num)[0];
- return_query[1] = ((char *)&tmp_num)[1];
-
- tmp_num = htons(1L);
- return_query[4] = ((char *)&tmp_num)[0];
- return_query[5] = ((char *)&tmp_num)[1];
-
- last_ptr = return_query + sizeof(packet_template);
- tmp_ptr = return_query + sizeof(packet_template) + 1;
-
- for (i = 0; i < strlen_target_name; i++)
- if (target_name[i] != '.')
- {
- tmp_ptr[0] = target_name[i];
- tmp_ptr++;
- }
- else
- {
- last_ptr[0] = (tmp_ptr - last_ptr) - 1;
- last_ptr = tmp_ptr;
- tmp_ptr++;
- }
-
- last_ptr[0] = (tmp_ptr - last_ptr) - 1;
- tmp_ptr[0] = 0x00;
- tmp_ptr++;
-
- tmp_num = htons(type);
- tmp_ptr[0] = ((char *)&tmp_num)[0];
- tmp_ptr[1] = ((char *)&tmp_num)[1];
- tmp_ptr += 2;
-
- tmp_num = htons(NIHDNS_CLASS_INTERNET);
- tmp_ptr[0] = ((char *)&tmp_num)[0];
- tmp_ptr[1] = ((char *)&tmp_num)[1];
- tmp_ptr += 2;
-
- return_value = tmp_ptr - return_query;
+ if (length_return_query > (sizeof(packet_template) + strlen_target_name + 10))
+ {
+ memcpy(return_query, packet_template, sizeof(packet_template));
+
+ tmp_num = id;
+ return_query[0] = ((char *)&tmp_num)[0];
+ return_query[1] = ((char *)&tmp_num)[1];
+
+ tmp_num = htons(1L);
+ return_query[4] = ((char *)&tmp_num)[0];
+ return_query[5] = ((char *)&tmp_num)[1];
+
+ last_ptr = return_query + sizeof(packet_template);
+ tmp_ptr = return_query + sizeof(packet_template) + 1;
+
+ for (i = 0; i < strlen_target_name; i++)
+ if (target_name[i] != '.')
+ {
+ tmp_ptr[0] = target_name[i];
+ tmp_ptr++;
+ }
+ else
+ {
+ last_ptr[0] = (tmp_ptr - last_ptr) - 1;
+ last_ptr = tmp_ptr;
+ tmp_ptr++;
+ }
+
+ last_ptr[0] = (tmp_ptr - last_ptr) - 1;
+ tmp_ptr[0] = 0x00;
+ tmp_ptr++;
+
+ tmp_num = htons(type);
+ tmp_ptr[0] = ((char *)&tmp_num)[0];
+ tmp_ptr[1] = ((char *)&tmp_num)[1];
+ tmp_ptr += 2;
+
+ tmp_num = htons(NIHDNS_CLASS_INTERNET);
+ tmp_ptr[0] = ((char *)&tmp_num)[0];
+ tmp_ptr[1] = ((char *)&tmp_num)[1];
+ tmp_ptr += 2;
+
+ return_value = tmp_ptr - return_query;
+ }
+ else
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_OVERSIZE_QUERY, length_return_query, target_name, nihdns_type_name(type));
}
return(return_value);
}
/*
- Return value:
- ERROR (no response): -1
- NO RESULT (negative query): 0
- FOUND RESULT: length of answer
+ * Expects:
+ * target_name_array must contain FQDNs, not relational names
+ * return_answer must not be NULL
+ *
+ * Return value:
+ * ERROR (no response): -1
+ * NO RESULT (negative query): 0
+ * FOUND RESULT: length of answer
*/
-int nihdns_query(struct filter_settings *current_settings, char **target_name_array, int num_types, int *types, char *return_answer, int return_answer_length, char **return_answer_start, int *return_target_name_index)
+int nihdns_query(struct filter_settings *current_settings, char **target_name_array, int type_array, char *return_answer, int return_answer_length, char **return_answer_start, int *return_target_name_index)
{
static unsigned short query_id = 0;
+ static int config_type_array[] = CONFIG_DNS_TYPE_ARRAY;
+ static int nihdns_type_array[] = NIHDNS_TYPE_ARRAY;
int return_value;
int i;
int j;
int k;
int num_names;
int active_types;
- int dns_socket;
+ int udp_socket;
char *question;
- char answer[MAX_DNS_PACKET_BYTES];
+ char *answer;
+ char packet_buf[MAX_DNS_PACKET_BYTES_UDP + 2];
char *answer_ptr;
char *answer_start;
+ char **tcp_buf;
+ int *tcp_buf_strlen;
+ int *tcp_answer_len;
int num_questions;
int size;
int num_answers;
int type;
int *question_length;
- int *type_list;
- unsigned short tmp_id;
+ int *socket_list;
+ unsigned short tmp_num;
unsigned short response_id;
unsigned short start_id;
int sendto_result;
int select_result;
int response_length;
fd_set read_fds;
+ fd_set write_fds;
struct timeval tmp_timeval;
time_t start_time;
int num_queries;
@@ -624,28 +664,85 @@
int num_secondary;
int num_packets_sent;
struct sockaddr_in *target_server;
+ int max_socket;
+ struct sockaddr_in server_address;
+ socklen_t server_address_len;
+ int num_types;
+ int types[NUM_NIHDNS_TYPE];
return_value = -1;
error_occurred = 0;
+ num_names = 0;
+ udp_socket = 0;
question = NULL;
question_length = NULL;
- type_list = NULL;
+ socket_list = NULL;
+ tcp_buf = NULL;
+ tcp_buf_strlen = NULL;
+ tcp_answer_len = NULL;
if (query_id == 0)
query_id = (int)random();
- if ((dns_socket = nihdns_initialize(current_settings, 0)) != -1)
+ num_types = 0;
+ for (i = 0; i < NUM_NIHDNS_TYPE; i++)
+ if ((type_array & config_type_array[i]) == config_type_array[i])
+ {
+ types[num_types] = nihdns_type_array[i];
+ num_types++;
+ }
+
+ if ((num_types > 0) &&
+ ((udp_socket = nihdns_initialize(current_settings, 0)) != -1))
{
- nihdns_empty_buffer(dns_socket);
+ nihdns_empty_udp_buffer(udp_socket);
for (num_names = 0; target_name_array[num_names] != NULL; num_names++);
- if ((question = (char *)malloc(sizeof(char) * MAX_DNS_PACKET_BYTES * num_names * num_types)) != NULL)
+ if ((question = (char *)malloc(sizeof(char) * MAX_DNS_PACKET_BYTES_UDP * num_names * num_types)) != NULL)
{
if ((question_length = (int *)malloc(sizeof(int) * num_names * num_types)) != NULL)
{
- if ((type_list = (int *)malloc(sizeof(int) * num_names * num_types)) == NULL)
+ if ((socket_list = (int *)malloc(sizeof(int) * num_names * num_types)) != NULL)
+ {
+ for (i = 0; i < (num_names * num_types); i++)
+ socket_list[i] = -1;
+
+ if ((tcp_buf = (char **)malloc(sizeof(char *) * num_names * num_types)) != NULL)
+ {
+ for (i = 0; i < (num_names * num_types); i++)
+ tcp_buf[i] = NULL;
+
+ if ((tcp_buf_strlen = (int *)malloc(sizeof(int) * num_names * num_types)) != NULL)
+ {
+ for (i = 0; i < (num_names * num_types); i++)
+ tcp_buf_strlen[i] = 0;
+
+ if ((tcp_answer_len = (int *)malloc(sizeof(int) * num_names * num_types)) != NULL)
+ {
+ for (i = 0; i < (num_names * num_types); i++)
+ tcp_answer_len[i] = 0;
+ }
+ else
+ {
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(sizeof(int) * num_names * num_types));
+ error_occurred = 1;
+ }
+ }
+ else
+ {
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(sizeof(int) * num_names * num_types));
+ error_occurred = 1;
+ }
+ }
+ else
+ {
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(sizeof(char *) * num_names * num_types));
+ error_occurred = 1;
+ }
+ }
+ else
{
SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(sizeof(int) * num_names * num_types));
error_occurred = 1;
@@ -659,7 +756,7 @@
}
else
{
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(sizeof(char) * MAX_DNS_PACKET_BYTES * num_names * num_types));
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(sizeof(char) * MAX_DNS_PACKET_BYTES_UDP * num_names * num_types));
error_occurred = 1;
}
@@ -671,8 +768,8 @@
for (j = 0; j < num_names; j++)
for (i = 0; i < num_types; i++)
{
- type_list[(j * num_types) + i] = types[i];
- if ((question_length[(j * num_types) + i] = nihdns_create_packet(query_id, target_name_array[j], types[i], question + (((j * num_types) + i) * MAX_DNS_PACKET_BYTES), MAX_DNS_PACKET_BYTES)) > 0)
+ socket_list[(j * num_types) + i] = udp_socket;
+ if ((question_length[(j * num_types) + i] = nihdns_create_packet(current_settings, query_id, target_name_array[j], types[i], question + (((j * num_types) + i) * MAX_DNS_PACKET_BYTES_UDP), MAX_DNS_PACKET_BYTES_UDP)) > 0)
query_id++;
}
@@ -689,6 +786,10 @@
switch (current_settings->current_options->nihdns_level)
{
case NIHDNS_LEVEL_NORMAL:
+ /*
+ * The server_data arrays are terminated by
+ * .sin_addr.s_addr == INADDR_ANY
+ */
if (num_primary == -1)
for (num_primary = 0; current_settings->current_options->nihdns_primary_server_data[num_primary].sin_addr.s_addr != INADDR_ANY; num_primary++);
if (num_secondary == -1)
@@ -710,14 +811,17 @@
target_server = (i < num_primary) ? ¤t_settings->current_options->nihdns_primary_server_data[i] : ¤t_settings->current_options->nihdns_secondary_server_data[i - num_primary];
}
+ /*
+ * Send one packet to one server for each name
+ */
for (k = 0; (k < num_names) && !error_occurred && (num_packets_sent == 0); k++)
for (j = 0; j < num_types; j++)
- if (type_list[(k * num_types) + j] != NIHDNS_TYPE_ANY)
+ if (socket_list[(k * num_types) + j] == udp_socket)
{
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_QUERY, question_length[(k * num_types) + j], question[((k * num_types) + j) * MAX_DNS_PACKET_BYTES], question[(((k * num_types) + j) * MAX_DNS_PACKET_BYTES) + 1], target_name_array[k], nihdns_type_name(types[j]), inet_ntoa(target_server->sin_addr), ntohs(target_server->sin_port), num_queries + 1);
- if ((sendto_result = sendto(dns_socket, question + (((k * num_types) + j) * MAX_DNS_PACKET_BYTES), question_length[(k * num_types) + j], 0, (struct sockaddr *)target_server, sizeof(struct sockaddr))) == -1)
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_QUERY, question_length[(k * num_types) + j], question[((k * num_types) + j) * MAX_DNS_PACKET_BYTES_UDP], question[(((k * num_types) + j) * MAX_DNS_PACKET_BYTES_UDP) + 1], target_name_array[k], nihdns_type_name(types[j]), inet_ntoa(target_server->sin_addr), ntohs(target_server->sin_port), num_queries + 1);
+ if ((sendto_result = sendto(udp_socket, question + (((k * num_types) + j) * MAX_DNS_PACKET_BYTES_UDP), question_length[(k * num_types) + j], 0, (struct sockaddr *)target_server, sizeof(struct sockaddr))) == -1)
{
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SENDTO, strerror(errno));
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SENDTO, question_length[(k * num_types) + j], strerror(errno));
error_occurred = 1;
num_packets_sent = 0;
break;
@@ -742,17 +846,24 @@
break;
case NIHDNS_LEVEL_AGGRESSIVE:
+ /*
+ * The server_data arrays are terminated by
+ * .sin_addr.s_addr == INADDR_ANY
+ */
for (i = 0; current_settings->current_options->nihdns_primary_server_data[i].sin_addr.s_addr != INADDR_ANY; i++)
{
+ /*
+ * Send packets to each server for each name
+ */
error_occurred = 0;
for (k = 0; (k < num_names) && !error_occurred; k++)
for (j = 0; j < num_types; j++)
- if (type_list[(k * num_types) + j] != NIHDNS_TYPE_ANY)
+ if (socket_list[(k * num_types) + j] == udp_socket)
{
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_QUERY, question_length[(k * num_types) + j], question[((k * num_types) + j) * MAX_DNS_PACKET_BYTES], question[(((k * num_types) + j) * MAX_DNS_PACKET_BYTES) + 1], target_name_array[k], nihdns_type_name(types[j]), inet_ntoa(current_settings->current_options->nihdns_primary_server_data[i].sin_addr), ntohs(current_settings->current_options->nihdns_primary_server_data[i].sin_port), num_queries + 1);
- if ((sendto_result = sendto(dns_socket, question + (((k * num_types) + j) * MAX_DNS_PACKET_BYTES), question_length[(k * num_types) + j], 0, (struct sockaddr *)¤t_settings->current_options->nihdns_primary_server_data[i], sizeof(struct sockaddr))) == -1)
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_QUERY, question_length[(k * num_types) + j], question[((k * num_types) + j) * MAX_DNS_PACKET_BYTES_UDP], question[(((k * num_types) + j) * MAX_DNS_PACKET_BYTES_UDP) + 1], target_name_array[k], nihdns_type_name(types[j]), inet_ntoa(current_settings->current_options->nihdns_primary_server_data[i].sin_addr), ntohs(current_settings->current_options->nihdns_primary_server_data[i].sin_port), num_queries + 1);
+ if ((sendto_result = sendto(udp_socket, question + (((k * num_types) + j) * MAX_DNS_PACKET_BYTES_UDP), question_length[(k * num_types) + j], 0, (struct sockaddr *)¤t_settings->current_options->nihdns_primary_server_data[i], sizeof(struct sockaddr))) == -1)
{
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SENDTO, strerror(errno));
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SENDTO, question_length[(k * num_types) + j], strerror(errno));
error_occurred = 1;
break;
}
@@ -767,6 +878,10 @@
}
}
+ /*
+ * The server_data arrays are terminated by
+ * .sin_addr.s_addr == INADDR_ANY
+ */
if ((num_queries >= current_settings->current_options->nihdns_attempts_primary) ||
(current_settings->current_options->nihdns_primary_server_data[0].sin_addr.s_addr == INADDR_ANY))
for (i = 0; current_settings->current_options->nihdns_secondary_server_data[i].sin_addr.s_addr != INADDR_ANY; i++)
@@ -774,12 +889,12 @@
error_occurred = 0;
for (k = 0; (k < num_names) && !error_occurred; k++)
for (j = 0; j < num_types; j++)
- if (type_list[(k * num_types) + j] != NIHDNS_TYPE_ANY)
+ if (socket_list[(k * num_types) + j] == udp_socket)
{
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_QUERY, question_length[(k * num_types) + j], question[((k * num_types) + j) * MAX_DNS_PACKET_BYTES], question[(((k * num_types) + j) * MAX_DNS_PACKET_BYTES) + 1], target_name_array[k], nihdns_type_name(types[j]), inet_ntoa(current_settings->current_options->nihdns_secondary_server_data[i].sin_addr), ntohs(current_settings->current_options->nihdns_secondary_server_data[i].sin_port), num_queries + 1);
- if ((sendto_result = sendto(dns_socket, question + (((k * num_types) + j) * MAX_DNS_PACKET_BYTES), question_length[(k * num_types) + j], 0, (struct sockaddr *)¤t_settings->current_options->nihdns_secondary_server_data[i], sizeof(struct sockaddr))) == -1)
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_QUERY, question_length[(k * num_types) + j], question[((k * num_types) + j) * MAX_DNS_PACKET_BYTES_UDP], question[(((k * num_types) + j) * MAX_DNS_PACKET_BYTES_UDP) + 1], target_name_array[k], nihdns_type_name(types[j]), inet_ntoa(current_settings->current_options->nihdns_secondary_server_data[i].sin_addr), ntohs(current_settings->current_options->nihdns_secondary_server_data[i].sin_port), num_queries + 1);
+ if ((sendto_result = sendto(udp_socket, question + (((k * num_types) + j) * MAX_DNS_PACKET_BYTES_UDP), question_length[(k * num_types) + j], 0, (struct sockaddr *)¤t_settings->current_options->nihdns_secondary_server_data[i], sizeof(struct sockaddr))) == -1)
{
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SENDTO, strerror(errno));
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SENDTO, question_length[(k * num_types) + j], strerror(errno));
error_occurred = 1;
break;
}
@@ -801,94 +916,266 @@
if (num_packets_sent > 0)
{
- FD_ZERO(&read_fds);
- FD_SET(dns_socket, &read_fds);
-
tmp_timeval.tv_sec = MINVAL(current_settings->current_options->nihdns_timeout_total_secs - (time(NULL) - start_time), current_settings->current_options->nihdns_timeout_total_secs / current_settings->current_options->nihdns_attempts_total);
tmp_timeval.tv_usec = 0;
- while ((tmp_timeval.tv_sec > 0) &&
- ((select_result = select(dns_socket + 1, &read_fds, NULL, NULL, &tmp_timeval)) > 0))
+ while (!error_occurred &&
+ (tmp_timeval.tv_sec > 0))
{
- if ((response_length = recvfrom(dns_socket, answer, MAX_DNS_PACKET_BYTES, 0, NULL, NULL)) > 0)
- {
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_RECEIVED, response_length, answer[0], answer[1]);
-
- ((char *)&tmp_id)[0] = answer[0];
- ((char *)&tmp_id)[1] = answer[1];
- response_id = tmp_id;
-
- if ((response_id >= start_id) &&
- (response_id < ((num_names * num_types) + start_id)) &&
- (type_list[response_id - start_id] != NIHDNS_TYPE_ANY))
+ FD_ZERO(&read_fds);
+ FD_ZERO(&write_fds);
+ FD_SET(udp_socket, &read_fds);
+
+ max_socket = udp_socket;
+ for (i = 0; i < (num_names * num_types); i++)
+ if ((socket_list[i] != -1) &&
+ (socket_list[i] != udp_socket))
{
- response_id -= start_id;
-
- /* Skip DNS packet header */
- answer_ptr = answer + sizeof(struct nihdns_header);
+ if (tcp_answer_len[i] == -1)
+ FD_SET(socket_list[i], &write_fds);
+ else
+ FD_SET(socket_list[i], &read_fds);
- /* Skip the questions */
- num_questions = ntohs((unsigned short)((struct nihdns_header *)&answer)->qdcount);
- num_answers = ntohs((unsigned short)((struct nihdns_header *)&answer)->ancount);
+ max_socket = MAXVAL(max_socket, socket_list[i]);
+ }
- if (num_answers > 0)
+ if ((select_result = select(max_socket + 1, &read_fds, &write_fds, NULL, &tmp_timeval)) > 0)
+ {
+ response_length = 0;
+ answer = NULL;
+
+ if (FD_ISSET(udp_socket, &read_fds))
+ {
+ server_address_len = sizeof(struct sockaddr_in);
+ response_length = recvfrom(udp_socket, packet_buf, MAX_DNS_PACKET_BYTES_UDP, 0, (struct sockaddr *)&server_address, &server_address_len);
+ answer = packet_buf;
+
+ /*
+ * Safety check to prevent DNS spoofing: compare server_address to
+ * our DNS servers according to the value of nihdns_spoof.
+ */
+ if (current_settings->current_options->nihdns_spoof != NIHDNS_SPOOF_ACCEPT_ALL)
{
- for (i = 0; i < num_questions; i++)
- if ((size = nihdns_skip(answer_ptr, answer + response_length)) >= 0)
- answer_ptr += size + sizeof(uint16_t) + sizeof(uint16_t);
- else
+ for (i = 0; current_settings->current_options->nihdns_primary_server_data[i].sin_addr.s_addr != INADDR_ANY; i++)
+ if (((current_settings->current_options->nihdns_spoof == NIHDNS_SPOOF_ACCEPT_SAME_PORT) ||
+ (current_settings->current_options->nihdns_primary_server_data[i].sin_addr.s_addr == server_address.sin_addr.s_addr)) &&
+ ((current_settings->current_options->nihdns_spoof == NIHDNS_SPOOF_ACCEPT_SAME_IP) ||
+ (current_settings->current_options->nihdns_primary_server_data[i].sin_port == server_address.sin_port)))
break;
-
- if (i == num_questions)
+
+ if (current_settings->current_options->nihdns_primary_server_data[i].sin_addr.s_addr == INADDR_ANY)
+ for (i = 0; current_settings->current_options->nihdns_secondary_server_data[i].sin_addr.s_addr != INADDR_ANY; i++)
+ if (((current_settings->current_options->nihdns_spoof == NIHDNS_SPOOF_ACCEPT_SAME_PORT) ||
+ (current_settings->current_options->nihdns_secondary_server_data[i].sin_addr.s_addr == server_address.sin_addr.s_addr)) &&
+ ((current_settings->current_options->nihdns_spoof == NIHDNS_SPOOF_ACCEPT_SAME_IP) ||
+ (current_settings->current_options->nihdns_secondary_server_data[i].sin_port == server_address.sin_port)))
+ break;
+
+ if (current_settings->current_options->nihdns_secondary_server_data[i].sin_addr.s_addr == INADDR_ANY)
+ {
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_UDP_SPOOF, inet_ntoa(server_address.sin_addr), ntohs(server_address.sin_port));
+ response_length = 0;
+ }
+ }
+ }
+ else
+ for (i = 0; i < (num_types * num_names); i++)
+ if ((socket_list[i] != -1) &&
+ (socket_list[i] != udp_socket))
{
- answer_start = answer_ptr;
- for (i = 0; i < num_answers; i++)
- if ((size = nihdns_skip(answer_ptr, answer + response_length)) >= 0)
+ if (FD_ISSET(socket_list[i], &read_fds) &&
+ (tcp_answer_len[i] == 0))
+ {
+ if ((tcp_buf[i] != NULL) ||
+ ((tcp_buf[i] = (char *)malloc(sizeof(char) * MAX_DNS_PACKET_BYTES_TCP)) != NULL))
{
- answer_ptr += size;
- type = NIHDNS_GETINT16(answer_ptr);
- answer_ptr += sizeof(uint16_t);
-
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_RECEIVED_TYPE, nihdns_type_name(type));
- if (type == type_list[response_id])
+ /*
+ * When DNS responses are sent via TCP, the first two bytes
+ * of the response are the length of the entire response
+ * (not including the two additional bytes themselves),
+ * which may be sent in many packets. So it may take
+ * several read()s to accumulate the entire thing.
+ * tcp_answer_len[i] stores the total length from the first
+ * packet, tcp_buf_strlen[i] stores the number of bytes
+ * received so far.
+ */
+ if ((response_length = read(socket_list[i], tcp_buf[i] + tcp_buf_strlen[i], MAX_DNS_PACKET_BYTES_TCP - tcp_buf_strlen[i])) > 0)
{
- memcpy(return_answer, answer, MINVAL(response_length, return_answer_length));
- if (return_answer_start != NULL)
- *return_answer_start = return_answer + (answer_start - answer);
- if (return_target_name_index != NULL)
- *return_target_name_index = response_id / num_types;
-
- return_value = MINVAL(response_length, return_answer_length);
- break;
+ tcp_buf_strlen[i] += response_length;
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_RECEIVED_TCP, response_length, tcp_buf_strlen[i], tcp_answer_len[i]);
+ if (tcp_buf_strlen[i] >= 2)
+ {
+ if (tcp_answer_len[i] == 0)
+ {
+ ((char *)&tmp_num)[0] = tcp_buf[i][0];
+ ((char *)&tmp_num)[1] = tcp_buf[i][1];
+ tcp_answer_len[i] = ntohs(tmp_num) + 2;
+ }
+
+ if (tcp_buf_strlen[i] == tcp_answer_len[i])
+ {
+ answer = tcp_buf[i] + 2;
+ response_length = tcp_answer_len[i] - 2;
+ }
+ else if (tcp_answer_len[i] > MAX_DNS_PACKET_BYTES_TCP)
+ {
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_OVERSIZE, target_name_array[i % num_names], tcp_answer_len[i], MAX_DNS_PACKET_BYTES_TCP);
+ close(socket_list[i]);
+ socket_list[i] = -1;
+ }
+ else
+ response_length = 0;
+ }
}
}
- }
- }
- else
- {
- type_list[response_id] = NIHDNS_TYPE_ANY;
- active_types--;
- }
+ else
+ {
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, (unsigned long)(sizeof(char) * MAX_DNS_PACKET_BYTES_TCP));
+ error_occurred = 1;
+ }
+
+ break;
+ }
+ else if (FD_ISSET(socket_list[i], &write_fds) &&
+ (tcp_answer_len[i] == -1))
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_QUERY_TCP, question_length[i], question[i * MAX_DNS_PACKET_BYTES_UDP], question[(i * MAX_DNS_PACKET_BYTES_UDP) + 1], target_name_array[i % num_names], nihdns_type_name(types[i / num_names]));
- if (active_types == 0)
- {
- for (i = 0; i < num_names; i++)
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_NEGATIVE, target_name_array[i]);
+ memcpy(packet_buf + 2, question + (i * MAX_DNS_PACKET_BYTES_UDP), question_length[i]);
+ tmp_num = htons(question_length[i]);
+ packet_buf[0] = ((char *)&tmp_num)[0];
+ packet_buf[1] = ((char *)&tmp_num)[1];
- return_value = 0;
- break;
+ if (write(socket_list[i], packet_buf, question_length[i] + 2) != -1)
+ tcp_answer_len[i] = 0;
+ else
+ {
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_WRITE "%s", question_length[i] + 2, socket_list[i], strerror(errno));
+ close(socket_list[i]);
+ socket_list[i] = -1;
+ }
+
+ break;
+ }
+ }
+
+ if (response_length > 0)
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_RECEIVED, response_length, answer[0], answer[1]);
+
+ ((char *)&tmp_num)[0] = answer[0];
+ ((char *)&tmp_num)[1] = answer[1];
+ response_id = tmp_num;
+
+ if ((response_id >= start_id) &&
+ (response_id < ((num_names * num_types) + start_id)) &&
+ (socket_list[response_id - start_id] != -1))
+ {
+ response_id -= start_id;
+
+ /*
+ * Examine the DNS packet header to see if the response is
+ * truncated
+ */
+ if (((answer[2] & 0x02) != 0x02) ||
+ (current_settings->current_options->nihdns_tcp == NIHDNS_TCP_NONE))
+ {
+ /* Skip the header */
+ answer_ptr = answer + sizeof(struct nihdns_header);
+
+ /* Skip the questions */
+ num_questions = ntohs((unsigned short)((struct nihdns_header *)answer)->qdcount);
+ num_answers = ntohs((unsigned short)((struct nihdns_header *)answer)->ancount);
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_COUNTS, answer[0], answer[1], num_questions, num_answers);
+
+ if (num_answers > 0)
+ {
+ for (i = 0; i < num_questions; i++)
+ if ((size = nihdns_skip(answer_ptr, answer + response_length)) >= 0)
+ answer_ptr += size + sizeof(uint16_t) + sizeof(uint16_t);
+ else
+ break;
+
+ if (i == num_questions)
+ {
+ answer_start = answer_ptr;
+ for (i = 0; i < num_answers; i++)
+ if ((size = nihdns_skip(answer_ptr, answer + response_length)) >= 0)
+ {
+ answer_ptr += size;
+ type = NIHDNS_GETINT16(answer_ptr);
+ answer_ptr += sizeof(uint16_t);
+
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_RECEIVED_TYPE, nihdns_type_name(type), nihdns_type_name(types[response_id % num_types]));
+ if (type == types[response_id % num_types])
+ {
+ memcpy(return_answer, answer, MINVAL(response_length, return_answer_length));
+ if (return_answer_start != NULL)
+ *return_answer_start = return_answer + (answer_start - answer);
+ if (return_target_name_index != NULL)
+ *return_target_name_index = response_id / num_types;
+
+ return_value = MINVAL(response_length, return_answer_length);
+ break;
+ }
+ }
+ }
+ }
+ else
+ {
+ /*
+ * The response contained no answers, which means "not found".
+ * Setting the socket_list element to -1 will prevent
+ * requerying this name/type combo
+ */
+ if ((socket_list[response_id] != -1) &&
+ (socket_list[response_id] != udp_socket))
+ close(socket_list[response_id]);
+
+ socket_list[response_id] = -1;
+ active_types--;
+ }
+ }
+ else
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_TRUNCATED, answer[0], answer[1]);
+ if ((socket_list[response_id] = nihdns_create_socket_tcp(current_settings)) != -1)
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_CONNECT, inet_ntoa(server_address.sin_addr), ntohs(server_address.sin_port));
+ if ((connect(socket_list[response_id], (struct sockaddr *)&server_address, server_address_len) != -1) ||
+ (errno == EINPROGRESS))
+ tcp_answer_len[response_id] = -1;
+ else
+ {
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_CONNECT "%s", inet_ntoa(server_address.sin_addr), ntohs(server_address.sin_port), strerror(errno));
+ close(socket_list[response_id]);
+ socket_list[response_id] = -1;
+ }
+ }
+ }
+
+ if (active_types == 0)
+ {
+ for (i = 0; i < num_names; i++)
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_NEGATIVE, target_name_array[i]);
+
+ return_value = 0;
+ break;
+ }
+
+ if (return_value >= 0)
+ break;
}
-
- if (return_value >= 0)
- break;
}
+
+ if (return_value >= 0)
+ break;
+
+ tmp_timeval.tv_sec = MINVAL(current_settings->current_options->nihdns_timeout_total_secs - (time(NULL) - start_time), current_settings->current_options->nihdns_timeout_total_secs / current_settings->current_options->nihdns_attempts_total);
+ tmp_timeval.tv_usec = 0;
}
-
- if (return_value >= 0)
+ else
break;
-
- tmp_timeval.tv_sec = MINVAL(current_settings->current_options->nihdns_timeout_total_secs - (time(NULL) - start_time), current_settings->current_options->nihdns_timeout_total_secs / current_settings->current_options->nihdns_attempts_total);
- tmp_timeval.tv_usec = 0;
}
if (return_value >= 0)
@@ -897,7 +1184,8 @@
else
break;
}
- while (num_queries < current_settings->current_options->nihdns_attempts_total);
+ while (!error_occurred &&
+ (num_queries < current_settings->current_options->nihdns_attempts_total));
}
}
@@ -905,8 +1193,27 @@
free(question);
if (question_length != NULL)
free(question_length);
- if (type_list != NULL)
- free(type_list);
+ if (socket_list != NULL)
+ {
+ for (i = 0; i < (num_names * num_types); i++)
+ if ((socket_list[i] != -1) &&
+ (socket_list[i] != udp_socket))
+ close(socket_list[i]);
+
+ free(socket_list);
+ }
+ if (tcp_buf != NULL)
+ {
+ for (i = 0; i < (num_names * num_types); i++)
+ if (tcp_buf[i] != NULL)
+ free(tcp_buf[i]);
+
+ free(tcp_buf);
+ }
+ if (tcp_buf_strlen != NULL)
+ free(tcp_buf_strlen);
+ if (tcp_answer_len != NULL)
+ free(tcp_answer_len);
return(return_value);
}
@@ -919,11 +1226,10 @@
*/
int nihdns_rbl(struct filter_settings *current_settings, char **target_name_array, char *target_message_format, char *target_message_buf, int size_target_message_buf, char **target_rbl_array, int *return_target_name_index, struct previous_action *history)
{
- static int types[] = { NIHDNS_TYPE_TXT, NIHDNS_TYPE_A, NIHDNS_TYPE_CNAME };
int return_value;
int i;
int j;
- char answer[MAX_DNS_PACKET_BYTES];
+ char answer[MAX_DNS_PACKET_BYTES_UDP];
char host[MAX_HOSTNAME + 1];
char *answer_ptr;
char *cname_ptr[MAX_DNS_QUERIES - 1];
@@ -942,18 +1248,26 @@
struct previous_action *tmp_lookup;
char **cname_array;
int tmp_strlen;
+ union
+ {
+ char *char_ptr;
+ struct nihdns_header *header_ptr;
+ } recast;
return_value = 0;
target_name_index = 0;
- memset(answer, 0, MAX_DNS_PACKET_BYTES);
+ memset(answer, 0, MAX_DNS_PACKET_BYTES_UDP);
current_lookup.count = 0;
if ((target_name_array != NULL) &&
(target_rbl_array != NULL) &&
- (answer_length = nihdns_query(current_settings, target_name_array, sizeof(types) / sizeof(int), types, answer, MAX_DNS_PACKET_BYTES, &answer_ptr, &target_name_index)) > 0)
+ (answer_length = nihdns_query(current_settings, target_name_array, current_settings->current_options->nihdns_query_type_rbl, answer, MAX_DNS_PACKET_BYTES_UDP, &answer_ptr, &target_name_index)) > 0)
{
- num_answers = ntohs((unsigned short)((struct nihdns_header *)&answer)->ancount);
+ // This seems silly, but it defeats a strict-aliasing warning from gcc when
+ // a more conventional cast is used: (struct nihdns_header *)&answer
+ recast.char_ptr = answer;
+ num_answers = ntohs((unsigned short)recast.header_ptr->ancount);
num_cnames = 0;
exit_loop = 0;
@@ -974,7 +1288,7 @@
txt_length = (char)*answer_ptr;
answer_ptr++;
- if ((txt_length >= 0) &&
+ if ((txt_length > 0) &&
(txt_length < size))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_TXT, target_name_array[target_name_index], MINVAL(txt_length, MAX_BUF - 2), answer_ptr);
@@ -991,6 +1305,8 @@
return_value = 1;
answer_ptr += size - 1;
}
+ else if (size == 0)
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_EMPTY_DATA, NULL);
else
{
SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_RESPONSE, target_name_array[target_name_index]);
@@ -1074,7 +1390,7 @@
(num_queries < MAX_DNS_QUERIES))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_CNAME, target_name_array[target_name_index], host);
- strncpy(cname_array[j], (char *)host, size);
+ memcpy(cname_array[j], host, sizeof(char) * size);
cname_array[j][size] = '\0';
cname_array[j + 1] = NULL;
j++;
@@ -1120,10 +1436,9 @@
*/
int nihdns_ptr_lookup(struct filter_settings *current_settings, char *target_name, struct previous_action *history)
{
- static int types[] = { NIHDNS_TYPE_PTR, NIHDNS_TYPE_CNAME };
int return_value;
int i;
- char answer[MAX_DNS_PACKET_BYTES];
+ char answer[MAX_DNS_PACKET_BYTES_UDP];
char host[MAX_HOSTNAME + 1];
char *answer_ptr;
char *cname_ptr[MAX_DNS_QUERIES - 1];
@@ -1137,19 +1452,27 @@
struct previous_action current_lookup;
struct previous_action *tmp_lookup;
char *target_name_array[2];
+ union
+ {
+ char *char_ptr;
+ struct nihdns_header *header_ptr;
+ } recast;
return_value = 0;
- memset(answer, 0, MAX_DNS_PACKET_BYTES);
+ memset(answer, 0, MAX_DNS_PACKET_BYTES_UDP);
current_lookup.count = 0;
target_name_array[0] = target_name;
target_name_array[1] = NULL;
if ((target_name != NULL) &&
- ((answer_length = nihdns_query(current_settings, target_name_array, sizeof(types) / sizeof(int), types, answer, MAX_DNS_PACKET_BYTES, &answer_ptr, NULL)) > 0))
+ ((answer_length = nihdns_query(current_settings, target_name_array, current_settings->current_options->nihdns_query_type_ptr, answer, MAX_DNS_PACKET_BYTES_UDP, &answer_ptr, NULL)) > 0))
{
- num_answers = ntohs((unsigned short)((struct nihdns_header *)&answer)->ancount);
+ // This seems silly, but it defeats a strict-aliasing warning from gcc when
+ // a more conventional cast is used: (struct nihdns_header *)&answer
+ recast.char_ptr = answer;
+ num_answers = ntohs((unsigned short)recast.header_ptr->ancount);
num_cnames = 0;
exit_loop = 0;
@@ -1166,7 +1489,7 @@
switch (type)
{
case NIHDNS_TYPE_PTR:
- if ((size = nihdns_expand(answer, answer + answer_length, answer_ptr, (char *)host, MAX_HOSTNAME)) >= 0)
+ if ((size = nihdns_expand(answer, answer + answer_length, answer_ptr, (char *)host, MAX_HOSTNAME)) > 0)
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_PTR, target_name, size, size, host);
@@ -1179,6 +1502,8 @@
return_value = 1;
answer_ptr += size;
}
+ else if (size == 0)
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_EMPTY_DATA, NULL);
else
{
SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_COMPRESSION, target_name);
@@ -1265,17 +1590,18 @@
}
/*
+ * return_octets must be an array of at least four elements if not NULL.
+ *
* Return value:
* FAILURE: 0
* SUCCESS: 1
*/
-int nihdns_mx(struct filter_settings *current_settings, char *target_name, struct previous_action *history)
+int nihdns_a_inner(struct filter_settings *current_settings, char *target_name, int *return_octets, struct previous_action *history, int disqualify_localhost, int target_query_type)
{
static int localhost_octets[] = LOCALHOST_OCTETS;
- static int types[] = { NIHDNS_TYPE_MX, NIHDNS_TYPE_A, NIHDNS_TYPE_CNAME };
int return_value;
int i;
- char answer[MAX_DNS_PACKET_BYTES];
+ char answer[MAX_DNS_PACKET_BYTES_UDP];
char host[MAX_HOSTNAME + 1];
char *answer_ptr;
char *cname_ptr[MAX_DNS_QUERIES - 1];
@@ -1285,24 +1611,31 @@
int type;
int num_answers;
int num_queries;
- int preference;
int exit_loop;
struct previous_action current_lookup;
struct previous_action *tmp_lookup;
char *target_name_array[2];
+ union
+ {
+ char *char_ptr;
+ struct nihdns_header *header_ptr;
+ } recast;
return_value = 0;
- memset(answer, 0, MAX_DNS_PACKET_BYTES);
+ memset(answer, 0, MAX_DNS_PACKET_BYTES_UDP);
current_lookup.count = 0;
target_name_array[0] = target_name;
target_name_array[1] = NULL;
if ((target_name != NULL) &&
- ((answer_length = nihdns_query(current_settings, target_name_array, sizeof(types) / sizeof(int), types, answer, MAX_DNS_PACKET_BYTES, &answer_ptr, NULL)) > 0))
+ ((answer_length = nihdns_query(current_settings, target_name_array, target_query_type, answer, MAX_DNS_PACKET_BYTES_UDP, &answer_ptr, NULL)) > 0))
{
- num_answers = ntohs((unsigned short)((struct nihdns_header *)&answer)->ancount);
+ // This seems silly, but it defeats a strict-aliasing warning from gcc when
+ // a more conventional cast is used: (struct nihdns_header *)&answer
+ recast.char_ptr = answer;
+ num_answers = ntohs((unsigned short)recast.header_ptr->ancount);
num_cnames = 0;
exit_loop = 0;
@@ -1319,35 +1652,27 @@
switch (type)
{
- case NIHDNS_TYPE_MX:
- preference = NIHDNS_GETINT16(answer_ptr);
- answer_ptr += sizeof(uint16_t);
-
- if ((size = nihdns_expand(answer, answer + answer_length, answer_ptr, (char *)host, MAX_HOSTNAME)) >= 0)
- {
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_MX, target_name, preference, host);
-
- return_value = nihdns_a(current_settings, (char *)host, NULL, NULL, 1);
- answer_ptr += size;
- }
- else
- {
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_COMPRESSION, target_name);
- exit_loop = 1;
- }
-
- break;
case NIHDNS_TYPE_A:
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_A, target_name, answer_ptr[0], answer_ptr[1], answer_ptr[2], answer_ptr[3]);
- if ((answer_ptr[0] != localhost_octets[0]) ||
+ if (!disqualify_localhost ||
+ (answer_ptr[0] != localhost_octets[0]) ||
(answer_ptr[1] != localhost_octets[1]) ||
(answer_ptr[2] != localhost_octets[2]) ||
(answer_ptr[3] != localhost_octets[3]))
+ {
+ if (return_octets != NULL)
+ {
+ return_octets[0] = answer_ptr[0];
+ return_octets[1] = answer_ptr[1];
+ return_octets[2] = answer_ptr[2];
+ return_octets[3] = answer_ptr[3];
+ }
+
return_value = 1;
+ }
answer_ptr += 4;
-
break;
case NIHDNS_TYPE_CNAME:
cname_ptr[num_cnames] = answer_ptr;
@@ -1363,16 +1688,16 @@
break;
default:
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_UNKNOWN_TYPE, target_name, LOG_MESSAGE_DNS_TYPE_MX LOG_MESSAGE_DNS_SEPARATOR LOG_MESSAGE_DNS_TYPE_A LOG_MESSAGE_DNS_SEPARATOR LOG_MESSAGE_DNS_TYPE_CNAME, nihdns_type_name(type));
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_UNKNOWN_TYPE, target_name, LOG_MESSAGE_DNS_TYPE_A LOG_MESSAGE_DNS_SEPARATOR LOG_MESSAGE_DNS_TYPE_CNAME, nihdns_type_name(type));
exit_loop = 1;
break;
}
- }
- else
- {
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_COMPRESSION, target_name);
- break;
- }
+ }
+ else
+ {
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_COMPRESSION, target_name);
+ break;
+ }
for (i = 0; (i < num_cnames) && !return_value; i++)
if ((size = nihdns_expand(answer, answer + answer_length, cname_ptr[i], (char *)host, MAX_HOSTNAME)) >= 0)
@@ -1393,7 +1718,7 @@
}
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_CNAME, target_name, host);
- return_value = ((tmp_lookup == NULL) && (num_queries < MAX_DNS_QUERIES)) ? nihdns_mx(current_settings, (char *)host, ¤t_lookup) : 0;
+ return_value = ((tmp_lookup == NULL) && (num_queries < MAX_DNS_QUERIES)) ? nihdns_a_inner(current_settings, (char *)host, return_octets, ¤t_lookup, disqualify_localhost, target_query_type) : 0;
answer_ptr += size;
}
else
@@ -1415,11 +1740,20 @@
*/
int nihdns_a(struct filter_settings *current_settings, char *target_name, int *return_octets, struct previous_action *history, int disqualify_localhost)
{
+ return(nihdns_a_inner(current_settings, target_name, return_octets, history, disqualify_localhost, current_settings->current_options->nihdns_query_type_a));
+ }
+
+/*
+ * Return value:
+ * FAILURE: 0
+ * SUCCESS: 1
+ */
+int nihdns_mx(struct filter_settings *current_settings, char *target_name, struct previous_action *history)
+ {
static int localhost_octets[] = LOCALHOST_OCTETS;
- static int types[] = { NIHDNS_TYPE_A, NIHDNS_TYPE_CNAME };
int return_value;
int i;
- char answer[MAX_DNS_PACKET_BYTES];
+ char answer[MAX_DNS_PACKET_BYTES_UDP];
char host[MAX_HOSTNAME + 1];
char *answer_ptr;
char *cname_ptr[MAX_DNS_QUERIES - 1];
@@ -1429,23 +1763,34 @@
int type;
int num_answers;
int num_queries;
+ int preference;
int exit_loop;
struct previous_action current_lookup;
struct previous_action *tmp_lookup;
char *target_name_array[2];
+ char ip_octets[4][4];
+ int ip_ints[4];
+ union
+ {
+ char *char_ptr;
+ struct nihdns_header *header_ptr;
+ } recast;
return_value = 0;
- memset(answer, 0, MAX_DNS_PACKET_BYTES);
+ memset(answer, 0, MAX_DNS_PACKET_BYTES_UDP);
current_lookup.count = 0;
target_name_array[0] = target_name;
target_name_array[1] = NULL;
if ((target_name != NULL) &&
- ((answer_length = nihdns_query(current_settings, target_name_array, sizeof(types) / sizeof(int), types, answer, MAX_DNS_PACKET_BYTES, &answer_ptr, NULL)) > 0))
+ ((answer_length = nihdns_query(current_settings, target_name_array, current_settings->current_options->nihdns_query_type_mx, answer, MAX_DNS_PACKET_BYTES_UDP, &answer_ptr, NULL)) > 0))
{
- num_answers = ntohs((unsigned short)((struct nihdns_header *)&answer)->ancount);
+ // This seems silly, but it defeats a strict-aliasing warning from gcc when
+ // a more conventional cast is used: (struct nihdns_header *)&answer
+ recast.char_ptr = answer;
+ num_answers = ntohs((unsigned short)recast.header_ptr->ancount);
num_cnames = 0;
exit_loop = 0;
@@ -1462,27 +1807,56 @@
switch (type)
{
+ case NIHDNS_TYPE_MX:
+ preference = NIHDNS_GETINT16(answer_ptr);
+ answer_ptr += sizeof(uint16_t);
+
+ if ((size = nihdns_expand(answer, answer + answer_length, answer_ptr, (char *)host, MAX_HOSTNAME)) > 0)
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_MX, target_name, preference, host);
+
+ if ((sscanf(host, "%3[0-9].%3[0-9].%3[0-9].%3[0-9]", ip_octets[0], ip_octets[1], ip_octets[2], ip_octets[3]) == 4) &&
+ (sscanf(ip_octets[0], "%d", &ip_ints[0]) == 1) &&
+ (ip_ints[0] >= 0) &&
+ (ip_ints[0] <= 255) &&
+ (sscanf(ip_octets[1], "%d", &ip_ints[1]) == 1) &&
+ (ip_ints[1] >= 0) &&
+ (ip_ints[1] <= 255) &&
+ (sscanf(ip_octets[2], "%d", &ip_ints[2]) == 1) &&
+ (ip_ints[2] >= 0) &&
+ (ip_ints[2] <= 255) &&
+ (sscanf(ip_octets[3], "%d", &ip_ints[3]) == 1) &&
+ (ip_ints[3] >= 0) &&
+ (ip_ints[3] <= 255))
+ {
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_MX_IP, host, target_name);
+ return_value = 1;
+ }
+ else
+ return_value = nihdns_a_inner(current_settings, (char *)host, NULL, NULL, 1, current_settings->current_options->nihdns_query_type_mx);
+
+ answer_ptr += size;
+ }
+ else if (size == 0)
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_EMPTY_DATA, NULL);
+ else if (size < 0)
+ {
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_COMPRESSION, target_name);
+ exit_loop = 1;
+ }
+
+ break;
case NIHDNS_TYPE_A:
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_A, target_name, answer_ptr[0], answer_ptr[1], answer_ptr[2], answer_ptr[3]);
- if (!disqualify_localhost ||
- (answer_ptr[0] != localhost_octets[0]) ||
+ if ((answer_ptr[0] != localhost_octets[0]) ||
(answer_ptr[1] != localhost_octets[1]) ||
(answer_ptr[2] != localhost_octets[2]) ||
(answer_ptr[3] != localhost_octets[3]))
- {
- if (return_octets != NULL)
- {
- return_octets[0] = answer_ptr[0];
- return_octets[1] = answer_ptr[1];
- return_octets[2] = answer_ptr[2];
- return_octets[3] = answer_ptr[3];
- }
-
return_value = 1;
- }
answer_ptr += 4;
+
break;
case NIHDNS_TYPE_CNAME:
cname_ptr[num_cnames] = answer_ptr;
@@ -1498,16 +1872,16 @@
break;
default:
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_UNKNOWN_TYPE, target_name, LOG_MESSAGE_DNS_TYPE_A LOG_MESSAGE_DNS_SEPARATOR LOG_MESSAGE_DNS_TYPE_CNAME, nihdns_type_name(type));
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_UNKNOWN_TYPE, target_name, LOG_MESSAGE_DNS_TYPE_MX LOG_MESSAGE_DNS_SEPARATOR LOG_MESSAGE_DNS_TYPE_A LOG_MESSAGE_DNS_SEPARATOR LOG_MESSAGE_DNS_TYPE_CNAME, nihdns_type_name(type));
exit_loop = 1;
break;
}
- }
- else
- {
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_COMPRESSION, target_name);
- break;
- }
+ }
+ else
+ {
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_DNS_COMPRESSION, target_name);
+ break;
+ }
for (i = 0; (i < num_cnames) && !return_value; i++)
if ((size = nihdns_expand(answer, answer + answer_length, cname_ptr[i], (char *)host, MAX_HOSTNAME)) >= 0)
@@ -1528,7 +1902,7 @@
}
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_DNS_CNAME, target_name, host);
- return_value = ((tmp_lookup == NULL) && (num_queries < MAX_DNS_QUERIES)) ? nihdns_a(current_settings, (char *)host, return_octets, ¤t_lookup, disqualify_localhost) : 0;
+ return_value = ((tmp_lookup == NULL) && (num_queries < MAX_DNS_QUERIES)) ? nihdns_mx(current_settings, (char *)host, ¤t_lookup) : 0;
answer_ptr += size;
}
else
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/dns.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/environment.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/environment.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/exec.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -386,7 +386,7 @@
child_argv = NULL;
strlen_command_line = strlen(command_line);
- if ((tmp_command_line = (char *)malloc(strlen_command_line + 1)) != NULL)
+ if ((tmp_command_line = (char *)malloc(sizeof(char) * (strlen_command_line + 1))) != NULL)
{
argc = 1;
@@ -419,12 +419,12 @@
free(child_argv);
}
else
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, strlen_command_line + 1);
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, sizeof(char) * (strlen_command_line + 1));
free(tmp_command_line);
}
else
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, strlen_command_line + 1);
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, sizeof(char) * (strlen_command_line + 1));
}
return(return_value);
@@ -537,22 +537,22 @@
if (strlen_input_buf >= MAX_COMMAND_BUF)
{
if (size_return_content == -1)
- if ((tmp_alloc = realloc(tmp_return_content, strlen_input_total + 1)) != NULL)
+ if ((tmp_alloc = realloc(tmp_return_content, sizeof(char) * (strlen_input_total + 1))) != NULL)
{
- strncpy(tmp_alloc + (strlen_input_total - strlen_input_buf), input_buf, strlen_input_buf);
+ memcpy(tmp_alloc + (strlen_input_total - strlen_input_buf), input_buf, sizeof(char) * strlen_input_buf);
tmp_alloc[strlen_input_total] = '\0';
tmp_return_content = tmp_alloc;
}
else
{
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, strlen_input_total + 1);
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, sizeof(char) * (strlen_input_total + 1));
return_value = -1;
break;
}
else if ((strlen_input_total - strlen_input_buf) < size_return_content)
{
tmp_strlen = MINVAL(size_return_content, strlen_input_total);
- strncpy(*return_content, input_buf, tmp_strlen);
+ memcpy(*return_content, input_buf, sizeof(char) * tmp_strlen);
(*return_content)[tmp_strlen] = '\0';
}
else
@@ -665,21 +665,21 @@
if (strlen_input_buf > 0)
{
if (size_return_content == -1)
- if ((tmp_alloc = realloc(tmp_return_content, strlen_input_total + 1)) != NULL)
+ if ((tmp_alloc = realloc(tmp_return_content, sizeof(char) * (strlen_input_total + 1))) != NULL)
{
- strncpy(tmp_alloc + (strlen_input_total - strlen_input_buf), input_buf, strlen_input_buf);
+ memcpy(tmp_alloc + (strlen_input_total - strlen_input_buf), input_buf, sizeof(char) * strlen_input_buf);
tmp_alloc[strlen_input_total] = '\0';
tmp_return_content = tmp_alloc;
}
else
{
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, strlen_input_total + 1);
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, sizeof(char) * (strlen_input_total + 1));
return_value = -1;
}
else if ((strlen_input_total - strlen_input_buf) < size_return_content)
{
tmp_strlen = MINVAL(size_return_content, strlen_input_total);
- strncpy(*return_content, input_buf, tmp_strlen);
+ memcpy(*return_content, input_buf, sizeof(char) * tmp_strlen);
(*return_content)[tmp_strlen] = '\0';
}
}
@@ -810,7 +810,7 @@
child_argv = NULL;
strlen_command_line = strlen(command_line);
- if ((tmp_command_line = (char *)malloc(strlen_command_line + 1)) != NULL)
+ if ((tmp_command_line = (char *)malloc(sizeof(char) * (strlen_command_line + 1))) != NULL)
{
argc = 1;
@@ -843,12 +843,12 @@
free(child_argv);
}
else
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, strlen_command_line + 1);
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, sizeof(char) * (strlen_command_line + 1));
free(tmp_command_line);
}
else
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, strlen_command_line + 1);
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, sizeof(char) * (strlen_command_line + 1));
}
return(return_value);
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/exec.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/filter.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -27,6 +27,7 @@
#include <sys/types.h>
#include <unistd.h>
#include <sys/stat.h>
+#include <pwd.h>
#include <errno.h>
#include "config.h"
@@ -67,7 +68,7 @@
{
memcpy(target_rejection_buf, &rejection[rejection_index], sizeof(struct rejection_data));
target_rejection_buf->strlen_reject_message = MINVAL(strlen(current_settings->current_options->rejection_text[rejection_index]), size_target_message_buf);
- memcpy(target_message_buf, current_settings->current_options->rejection_text[rejection_index], target_rejection_buf->strlen_reject_message);
+ memcpy(target_message_buf, current_settings->current_options->rejection_text[rejection_index], sizeof(char) * target_rejection_buf->strlen_reject_message);
target_message_buf[target_rejection_buf->strlen_reject_message] = '\0';
target_rejection_buf->reject_message = target_message_buf;
@@ -224,6 +225,54 @@
}
/*
+ * This block looks for the reversed zero-padded dotted-quad IP address in
+ * the rDNS name. For example, if the IP is 11.22.33.44, this block looks
+ * for 044.033.022.011.
+ */
+ if (!return_value)
+ {
+ tmp_strlen = snprintf(tmp_ip, MAX_IP, "%.3d.%.3d.%.3d.%.3d", ip_ints[3], ip_ints[2], ip_ints[1], ip_ints[0]);
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_IP_IN_RDNS, tmp_strlen, tmp_ip, strlen_target_name, target_name);
+ return_value = search_ip(tmp_ip, tmp_strlen, target_name, strlen_target_name);
+ }
+
+ /*
+ * This block looks for the reversed partially zero-padded dotted-quad IP
+ * address in the rDNS name. For example, if the IP is 11.22.33.44, this
+ * block looks for 44.033.022.011.
+ */
+ if (!return_value)
+ {
+ tmp_strlen = snprintf(tmp_ip, MAX_IP, "%s.%.3d.%.3d.%.3d", ip_octets[3], ip_ints[2], ip_ints[1], ip_ints[0]);
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_IP_IN_RDNS, tmp_strlen, tmp_ip, strlen_target_name, target_name);
+ return_value = search_ip(tmp_ip, tmp_strlen, target_name, strlen_target_name);
+ }
+
+ /*
+ * This block looks for the reversed partially zero-padded dotted-quad IP
+ * address in the rDNS name. For example, if the IP is 11.22.33.44, this
+ * block looks for 44.33.022.011.
+ */
+ if (!return_value)
+ {
+ tmp_strlen = snprintf(tmp_ip, MAX_IP, "%s.%s.%.3d.%.3d", ip_octets[3], ip_octets[2], ip_ints[1], ip_ints[0]);
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_IP_IN_RDNS, tmp_strlen, tmp_ip, strlen_target_name, target_name);
+ return_value = search_ip(tmp_ip, tmp_strlen, target_name, strlen_target_name);
+ }
+
+ /*
+ * This block looks for the reversed partially zero-padded dotted-quad IP
+ * address in the rDNS name. For example, if the IP is 11.22.33.44, this
+ * block looks for 44.33.22.011.
+ */
+ if (!return_value)
+ {
+ tmp_strlen = snprintf(tmp_ip, MAX_IP, "%s.%s.%s.%.3d", ip_octets[3], ip_octets[2], ip_octets[1], ip_ints[0]);
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_IP_IN_RDNS, tmp_strlen, tmp_ip, strlen_target_name, target_name);
+ return_value = search_ip(tmp_ip, tmp_strlen, target_name, strlen_target_name);
+ }
+
+ /*
* This block looks for the slightly out-of-order dotted-quad IP address in the rDNS
* name. For example, if the IP is 11.22.33.44, this block looks for
* 44.11.22.33
@@ -1381,7 +1430,10 @@
for (i = 0; current_settings->current_options->dnsrwl_fqdn_file[i] != NULL; i++)
if (read_file(current_settings, current_settings->current_options->dnsrwl_fqdn_file[i], &name_array, num_names, 1, -1) != -1)
- for (; name_array[num_names] != NULL; num_names++);
+ {
+ if (name_array != NULL)
+ for (; name_array[num_names] != NULL; num_names++);
+ }
else
{
return_value = FILTER_DECISION_ERROR;
@@ -1466,7 +1518,10 @@
for (i = 0; current_settings->current_options->rhswl_fqdn_file[i] != NULL; i++)
if (read_file(current_settings, current_settings->current_options->rhswl_fqdn_file[i], &name_array, num_names, 1, -1) != -1)
- for (; name_array[num_names] != NULL; num_names++);
+ {
+ if (name_array != NULL)
+ for (; name_array[num_names] != NULL; num_names++);
+ }
else
{
return_value = FILTER_DECISION_ERROR;
@@ -1548,7 +1603,10 @@
for (i = 0; current_settings->current_options->dnsrbl_fqdn_file[i] != NULL; i++)
if (read_file(current_settings, current_settings->current_options->dnsrbl_fqdn_file[i], &name_array, num_names, 1, -1) != -1)
- for (; name_array[num_names] != NULL; num_names++);
+ {
+ if (name_array != NULL)
+ for (; name_array[num_names] != NULL; num_names++);
+ }
else
{
return_value = FILTER_DECISION_ERROR;
@@ -1638,7 +1696,10 @@
for (i = 0; current_settings->current_options->rhsbl_fqdn_file[i] != NULL; i++)
if (read_file(current_settings, current_settings->current_options->rhsbl_fqdn_file[i], &name_array, num_names, 1, -1) != -1)
- for (; name_array[num_names] != NULL; num_names++);
+ {
+ if (name_array != NULL)
+ for (; name_array[num_names] != NULL; num_names++);
+ }
else
{
return_value = FILTER_DECISION_ERROR;
@@ -1732,6 +1793,7 @@
int return_value;
int i;
int search_return;
+ char tmp_sender_address[MAX_ADDRESS + 1];
int strlen_sender_address;
return_value = FILTER_DECISION_UNDECIDED;
@@ -1742,20 +1804,21 @@
!(*return_action_locked)) &&
((current_settings->current_options->whitelist_sender != NULL) ||
(current_settings->current_options->whitelist_sender_file != NULL)) &&
- ((strlen_sender_address = strlen(current_settings->sender_address)) > 0))
+ (reassemble_address(current_settings->sender_username, current_settings->sender_domain, NULL, tmp_sender_address, MAX_ADDRESS, &strlen_sender_address) != NULL) &&
+ (strlen_sender_address > 0))
{
- SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_SENDER_WHITELIST, current_settings->sender_address);
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_SENDER_WHITELIST, tmp_sender_address);
if (current_settings->current_options->whitelist_sender != NULL)
for (i = 0; current_settings->current_options->whitelist_sender[i] != NULL; i++)
- if (examine_entry(current_settings->sender_address, strlen_sender_address, current_settings->current_options->whitelist_sender[i], strlen(current_settings->current_options->whitelist_sender[i]), '@', "@.", '@', "@"))
+ if (examine_entry(tmp_sender_address, strlen_sender_address, current_settings->current_options->whitelist_sender[i], strlen(current_settings->current_options->whitelist_sender[i]), '@', "@.", '@', "@"))
{
if (target_action != NULL)
*target_action = FILTER_DECISION_DO_NOT_FILTER;
if (target_rejection != NULL)
*target_rejection = NULL;
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_SENDER_WHITELIST, current_settings->sender_address, current_settings->current_options->whitelist_sender[i]);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_SENDER_WHITELIST, tmp_sender_address, current_settings->current_options->whitelist_sender[i]);
return_value = FILTER_DECISION_DO_NOT_FILTER;
break;
}
@@ -1763,14 +1826,14 @@
if ((return_value == FILTER_DECISION_UNDECIDED) &&
(current_settings->current_options->whitelist_sender_file != NULL))
for (i = 0; current_settings->current_options->whitelist_sender_file[i] != NULL; i++)
- if ((search_return = search_file(current_settings, current_settings->current_options->whitelist_sender_file[i], current_settings->sender_address, strlen_sender_address, '@', "@.", '@', "@")) > 0)
+ if ((search_return = search_file(current_settings, current_settings->current_options->whitelist_sender_file[i], tmp_sender_address, strlen_sender_address, '@', "@.", '@', "@")) > 0)
{
if (target_action != NULL)
*target_action = FILTER_DECISION_DO_NOT_FILTER;
if (target_rejection != NULL)
*target_rejection = NULL;
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_SENDER_WHITELIST_FILE, current_settings->sender_address, current_settings->current_options->whitelist_sender_file[i], search_return);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_SENDER_WHITELIST_FILE, tmp_sender_address, current_settings->current_options->whitelist_sender_file[i], search_return);
return_value = FILTER_DECISION_DO_NOT_FILTER;
break;
}
@@ -1826,7 +1889,10 @@
for (i = 0; current_settings->current_options->rhswl_fqdn_file[i] != NULL; i++)
if (read_file(current_settings, current_settings->current_options->rhswl_fqdn_file[i], &name_array, num_names, 1, -1) != -1)
- for (; name_array[num_names] != NULL; num_names++);
+ {
+ if (name_array != NULL)
+ for (; name_array[num_names] != NULL; num_names++);
+ }
else
{
return_value = FILTER_DECISION_ERROR;
@@ -1866,6 +1932,7 @@
int return_value;
int i;
int search_return;
+ char tmp_sender_address[MAX_ADDRESS + 1];
int strlen_sender_address;
return_value = FILTER_DECISION_UNDECIDED;
@@ -1876,19 +1943,20 @@
!(*return_action_locked)) &&
((current_settings->current_options->blacklist_sender != NULL) ||
(current_settings->current_options->blacklist_sender_file != NULL)) &&
- ((strlen_sender_address = strlen(current_settings->sender_address)) > 0))
+ (reassemble_address(current_settings->sender_username, current_settings->sender_domain, NULL, tmp_sender_address, MAX_ADDRESS, &strlen_sender_address) != NULL) &&
+ (strlen_sender_address > 0))
{
- SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_SENDER_BLACKLIST, current_settings->sender_address);
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_SENDER_BLACKLIST, tmp_sender_address);
if (current_settings->current_options->blacklist_sender != NULL)
for (i = 0; current_settings->current_options->blacklist_sender[i] != NULL; i++)
- if (examine_entry(current_settings->sender_address, strlen_sender_address, current_settings->current_options->blacklist_sender[i], strlen(current_settings->current_options->blacklist_sender[i]), '@', "@.", '@', "@."))
+ if (examine_entry(tmp_sender_address, strlen_sender_address, current_settings->current_options->blacklist_sender[i], strlen(current_settings->current_options->blacklist_sender[i]), '@', "@.", '@', "@."))
{
if (target_action != NULL)
*target_action = FILTER_DECISION_DO_FILTER;
set_rejection(current_settings, REJECTION_SENDER_BLACKLISTED, target_rejection, target_rejection_buf, target_message_buf, size_target_message_buf);
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_SENDER_BLACKLIST, current_settings->sender_address, current_settings->current_options->blacklist_sender[i]);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_SENDER_BLACKLIST, tmp_sender_address, current_settings->current_options->blacklist_sender[i]);
return_value = FILTER_DECISION_DO_FILTER;
break;
}
@@ -1896,13 +1964,13 @@
if ((return_value == FILTER_DECISION_UNDECIDED) &&
(current_settings->current_options->blacklist_sender_file != NULL))
for (i = 0; current_settings->current_options->blacklist_sender_file[i] != NULL; i++)
- if ((search_return = search_file(current_settings, current_settings->current_options->blacklist_sender_file[i], current_settings->sender_address, strlen_sender_address, '@', "@.", '@', "@")) > 0)
+ if ((search_return = search_file(current_settings, current_settings->current_options->blacklist_sender_file[i], tmp_sender_address, strlen_sender_address, '@', "@.", '@', "@")) > 0)
{
if (target_action != NULL)
*target_action = FILTER_DECISION_DO_FILTER;
set_rejection(current_settings, REJECTION_SENDER_BLACKLISTED, target_rejection, target_rejection_buf, target_message_buf, size_target_message_buf);
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_SENDER_BLACKLIST_FILE, current_settings->sender_address, current_settings->current_options->blacklist_sender_file[i], search_return);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_SENDER_BLACKLIST_FILE, tmp_sender_address, current_settings->current_options->blacklist_sender_file[i], search_return);
return_value = FILTER_DECISION_DO_FILTER;
break;
}
@@ -1959,7 +2027,10 @@
for (i = 0; current_settings->current_options->rhsbl_fqdn_file[i] != NULL; i++)
if (read_file(current_settings, current_settings->current_options->rhsbl_fqdn_file[i], &name_array, num_names, 1, -1) != -1)
- for (; name_array[num_names] != NULL; num_names++);
+ {
+ if (name_array != NULL)
+ for (; name_array[num_names] != NULL; num_names++);
+ }
else
{
return_value = FILTER_DECISION_ERROR;
@@ -2098,6 +2169,7 @@
int return_value;
int i;
int search_return;
+ char tmp_recipient_address[MAX_ADDRESS + 1];
int strlen_recipient_address;
return_value = FILTER_DECISION_UNDECIDED;
@@ -2108,20 +2180,21 @@
!(*return_action_locked)) &&
((current_settings->current_options->whitelist_recipient != NULL) ||
(current_settings->current_options->whitelist_recipient_file != NULL)) &&
- ((strlen_recipient_address = strlen(current_settings->recipient_address)) > 0))
+ (reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, NULL, tmp_recipient_address, MAX_ADDRESS, &strlen_recipient_address) != NULL) &&
+ (strlen_recipient_address > 0))
{
- SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_RECIPIENT_WHITELIST, current_settings->recipient_address);
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_RECIPIENT_WHITELIST, tmp_recipient_address);
if (current_settings->current_options->whitelist_recipient != NULL)
for (i = 0; current_settings->current_options->whitelist_recipient[i] != NULL; i++)
- if (examine_entry(current_settings->recipient_address, strlen_recipient_address, current_settings->current_options->whitelist_recipient[i], strlen(current_settings->current_options->whitelist_recipient[i]), '@', "@.", '@', "@"))
+ if (examine_entry(tmp_recipient_address, strlen_recipient_address, current_settings->current_options->whitelist_recipient[i], strlen(current_settings->current_options->whitelist_recipient[i]), '@', "@.", '@', "@"))
{
if (target_action != NULL)
*target_action = FILTER_DECISION_TRANSIENT_DO_NOT_FILTER;
if (target_rejection != NULL)
*target_rejection = NULL;
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_WHITELIST, current_settings->recipient_address, current_settings->current_options->whitelist_recipient[i]);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_WHITELIST, tmp_recipient_address, current_settings->current_options->whitelist_recipient[i]);
return_value = FILTER_DECISION_TRANSIENT_DO_NOT_FILTER;
break;
}
@@ -2129,14 +2202,14 @@
if ((return_value == FILTER_DECISION_UNDECIDED) &&
(current_settings->current_options->whitelist_recipient_file != NULL))
for (i = 0; current_settings->current_options->whitelist_recipient_file[i] != NULL; i++)
- if ((search_return = search_file(current_settings, current_settings->current_options->whitelist_recipient_file[i], current_settings->recipient_address, strlen_recipient_address, '@', "@.", '@', "@")) > 0)
+ if ((search_return = search_file(current_settings, current_settings->current_options->whitelist_recipient_file[i], tmp_recipient_address, strlen_recipient_address, '@', "@.", '@', "@")) > 0)
{
if (target_action != NULL)
*target_action = FILTER_DECISION_TRANSIENT_DO_NOT_FILTER;
if (target_rejection != NULL)
*target_rejection = NULL;
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_WHITELIST_FILE, current_settings->recipient_address, current_settings->current_options->whitelist_recipient_file[i], search_return);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_WHITELIST_FILE, tmp_recipient_address, current_settings->current_options->whitelist_recipient_file[i], search_return);
return_value = FILTER_DECISION_TRANSIENT_DO_NOT_FILTER;
break;
}
@@ -2148,24 +2221,24 @@
int filter_recipient_local(struct filter_settings *current_settings, int *target_action, int *return_action_locked, struct rejection_data **target_rejection, struct rejection_data *target_rejection_buf, char *target_message_buf, int size_target_message_buf)
{
int return_value;
+ char tmp_address[MAX_ADDRESS + 1];
return_value = FILTER_DECISION_UNDECIDED;
- SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_RECIPIENT_LOCAL, current_settings->recipient_address);
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_RECIPIENT_LOCAL, reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, NULL, tmp_address, MAX_ADDRESS, NULL));
if (((target_action == NULL) ||
((*target_action) < FILTER_DECISION_TRANSIENT_DO_FILTER) ||
((*target_rejection) == NULL)) &&
((return_action_locked == NULL) ||
!(*return_action_locked)) &&
- ((current_settings->recipient_domain == NULL) ||
- (current_settings->recipient_domain[0] == '\0')))
+ (current_settings->recipient_domain[0] == '\0'))
{
if (target_action != NULL)
*target_action = FILTER_DECISION_TRANSIENT_DO_FILTER;
set_rejection(current_settings, REJECTION_RCPT_TO_LOCAL, target_rejection, target_rejection_buf, target_message_buf, size_target_message_buf);
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_LOCAL, current_settings->recipient_address);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_LOCAL, reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, NULL, tmp_address, MAX_ADDRESS, NULL));
return_value = FILTER_DECISION_TRANSIENT_DO_FILTER;
}
@@ -2176,11 +2249,13 @@
{
int return_value;
int prevent_relay;
+ char tmp_address[MAX_ADDRESS + 1];
return_value = FILTER_DECISION_UNDECIDED;
prevent_relay = 0;
+ tmp_address[0] = '\0';
- SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_RELAY, current_settings->current_options->relay_level, current_settings->recipient_address, current_settings->server_ip, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, current_settings->local_recipient ? "true" : "false", current_settings->allow_relay ? "true" : "false");
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_RELAY, current_settings->current_options->relay_level, reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, NULL, tmp_address, MAX_ADDRESS, NULL), current_settings->server_ip, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, current_settings->local_recipient ? "true" : "false", current_settings->allow_relay ? "true" : "false");
if (((*target_rejection) == NULL) &&
((return_action_locked == NULL) ||
@@ -2262,6 +2337,7 @@
int return_value;
int i;
int search_return;
+ char tmp_address[MAX_ADDRESS + 1];
int strlen_recipient_address;
return_value = FILTER_DECISION_UNDECIDED;
@@ -2273,19 +2349,20 @@
!(*return_action_locked)) &&
((current_settings->current_options->blacklist_recipient != NULL) ||
(current_settings->current_options->blacklist_recipient_file != NULL)) &&
- ((strlen_recipient_address = strlen(current_settings->recipient_address)) > 0))
+ (reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, NULL, tmp_address, MAX_ADDRESS, &strlen_recipient_address) != NULL) &&
+ (strlen_recipient_address > 0))
{
- SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_RECIPIENT_BLACKLIST, current_settings->recipient_address);
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_RECIPIENT_BLACKLIST, tmp_address);
if (current_settings->current_options->blacklist_recipient != NULL)
for (i = 0; current_settings->current_options->blacklist_recipient[i] != NULL; i++)
- if (examine_entry(current_settings->recipient_address, strlen_recipient_address, current_settings->current_options->blacklist_recipient[i], strlen(current_settings->current_options->blacklist_recipient[i]), '@', "@.", '@', "@"))
+ if (examine_entry(tmp_address, strlen_recipient_address, current_settings->current_options->blacklist_recipient[i], strlen(current_settings->current_options->blacklist_recipient[i]), '@', "@.", '@', "@"))
{
if (target_action != NULL)
*target_action = FILTER_DECISION_TRANSIENT_DO_FILTER;
set_rejection(current_settings, REJECTION_RECIPIENT_BLACKLISTED, target_rejection, target_rejection_buf, target_message_buf, size_target_message_buf);
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_BLACKLIST, current_settings->recipient_address, current_settings->current_options->blacklist_recipient[i]);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_BLACKLIST, tmp_address, current_settings->current_options->blacklist_recipient[i]);
return_value = FILTER_DECISION_TRANSIENT_DO_FILTER;
break;
}
@@ -2293,13 +2370,13 @@
if ((return_value == FILTER_DECISION_UNDECIDED) &&
(current_settings->current_options->blacklist_recipient_file != NULL))
for (i = 0; current_settings->current_options->blacklist_recipient_file[i] != NULL; i++)
- if ((search_return = search_file(current_settings, current_settings->current_options->blacklist_recipient_file[i], current_settings->recipient_address, strlen_recipient_address, '@', "@.", '@', "@")) > 0)
+ if ((search_return = search_file(current_settings, current_settings->current_options->blacklist_recipient_file[i], tmp_address, strlen_recipient_address, '@', "@.", '@', "@")) > 0)
{
if (target_action != NULL)
*target_action = FILTER_DECISION_TRANSIENT_DO_FILTER;
set_rejection(current_settings, REJECTION_RECIPIENT_BLACKLISTED, target_rejection, target_rejection_buf, target_message_buf, size_target_message_buf);
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_BLACKLIST_FILE, current_settings->recipient_address, current_settings->current_options->blacklist_recipient_file[i], search_return);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_RECIPIENT_BLACKLIST_FILE, tmp_address, current_settings->current_options->blacklist_recipient_file[i], search_return);
return_value = FILTER_DECISION_TRANSIENT_DO_FILTER;
break;
}
@@ -2321,11 +2398,14 @@
char graylist_path[MAX_PATH + 1];
char log_entry[MAX_BUF + 1];
int strlen_log_entry;
- char tmp_recipient_domain[MAX_BUF + 1];
- char tmp_recipient_username[MAX_BUF + 1];
- char tmp_sender_address[MAX_BUF + 1];
char tmp_path[MAX_PATH + 1];
- int strlen_recipient_domain;
+ char tmp_address[MAX_ADDRESS + 1];
+ char tmp_sender_address[MAX_ADDRESS + 1];
+ char tmp_recipient_address[MAX_ADDRESS + 1];
+ char canonicalized_sender_username[MAX_ADDRESS + 1];
+ char canonicalized_sender_domain[MAX_ADDRESS + 1];
+ char canonicalized_recipient_username[MAX_ADDRESS + 1];
+ char canonicalized_recipient_domain[MAX_ADDRESS + 1];
return_value = FILTER_DECISION_UNDECIDED;
@@ -2336,10 +2416,16 @@
!(*return_action_locked)) &&
(current_settings->current_options->graylist_level != GRAYLIST_LEVEL_NONE) &&
(current_settings->current_options->graylist_dir != NULL) &&
- (current_settings->recipient_address[0] != '\0') &&
- ((strlen_recipient_domain = strlen(current_settings->recipient_domain)) > 0))
- {
- SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_GRAYLIST, current_settings->recipient_address, (current_settings->sender_address[0] != '\0') ? current_settings->sender_address : LOG_MISSING_DATA);
+ (reassemble_address(current_settings->sender_username, current_settings->sender_domain, NULL, tmp_sender_address, MAX_ADDRESS, NULL) != NULL) &&
+ (reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, NULL, tmp_recipient_address, MAX_ADDRESS, NULL) != NULL) &&
+ (tmp_recipient_address[0] != '\0'))
+ {
+ canonicalize_path(canonicalized_sender_username, MAX_ADDRESS, current_settings->sender_username, strlen(current_settings->sender_username));
+ canonicalize_path(canonicalized_sender_domain, MAX_ADDRESS, current_settings->sender_domain, strlen(current_settings->sender_domain));
+ canonicalize_path(canonicalized_recipient_username, MAX_ADDRESS, current_settings->recipient_username, strlen(current_settings->recipient_username));
+ canonicalize_path(canonicalized_recipient_domain, MAX_ADDRESS, current_settings->recipient_domain, strlen(current_settings->recipient_domain));
+
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_GRAYLIST, (tmp_recipient_address[0] != '\0') ? tmp_recipient_address : LOG_MISSING_DATA, (tmp_sender_address[0] != '\0') ? tmp_sender_address : LOG_MISSING_DATA);
found_match = 0;
graylist_index = -1;
@@ -2397,7 +2483,7 @@
!found_match))
{
for (graylist_index = 0; current_settings->current_options->graylist_dir[graylist_index] != NULL; graylist_index++)
- if ((snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], canonicalize_path(tmp_recipient_domain, MAX_PATH, current_settings->recipient_domain, strlen_recipient_domain)) < MAX_PATH) &&
+ if ((snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain) < MAX_PATH) &&
(stat(graylist_path, &tmp_stat) == 0) &&
S_ISDIR(tmp_stat.st_mode))
{
@@ -2411,7 +2497,7 @@
current_settings->local_recipient)
{
for (graylist_index = 0; current_settings->current_options->graylist_dir[graylist_index] != NULL; graylist_index++)
- if ((snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], canonicalize_path(tmp_recipient_domain, MAX_PATH, current_settings->recipient_domain, strlen_recipient_domain)) < MAX_PATH) &&
+ if ((snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain) < MAX_PATH) &&
(mkdir(graylist_path, MKDIR_MODE) == 0))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_GRAYLIST_DOMAIN_CREATE, graylist_path);
@@ -2425,7 +2511,7 @@
/* Construct the path to the recipient's graylist folder and check if it exists */
if (continue_processing &&
- (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], tmp_recipient_domain, canonicalize_path(tmp_recipient_username, MAX_PATH, current_settings->recipient_address, (current_settings->recipient_domain - current_settings->recipient_address) - 1)) < MAX_PATH) &&
+ (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain, canonicalized_recipient_username) < MAX_PATH) &&
(stat(graylist_path, &tmp_stat) != 0))
{
if (errno == ENOENT)
@@ -2451,9 +2537,10 @@
* named "_none/_none".
*/
if (continue_processing &&
- (current_settings->sender_address[0] == '\0') &&
- (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR SENDER_DOMAIN_NONE_TEMP, current_settings->current_options->graylist_dir[graylist_index], tmp_recipient_domain, tmp_recipient_username) < MAX_PATH) &&
- (snprintf(tmp_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR SENDER_DOMAIN_NONE, current_settings->current_options->graylist_dir[graylist_index], tmp_recipient_domain, tmp_recipient_username) < MAX_PATH) &&
+ (current_settings->sender_username[0] == '\0') &&
+ (current_settings->sender_domain[0] == '\0') &&
+ (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR SENDER_DOMAIN_NONE_TEMP, current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain, canonicalized_recipient_username) < MAX_PATH) &&
+ (snprintf(tmp_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR SENDER_DOMAIN_NONE, current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain, canonicalized_recipient_username) < MAX_PATH) &&
(stat(tmp_path, &tmp_stat) == 0) &&
S_ISREG(tmp_stat.st_mode))
{
@@ -2465,7 +2552,7 @@
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_GRAYLIST_SENDER_CREATE, tmp_path);
- if ((snprintf(tmp_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR SENDER_DOMAIN_NONE DIR_DELIMITER_STR SENDER_ADDRESS_NONE, current_settings->current_options->graylist_dir[graylist_index], tmp_recipient_domain, tmp_recipient_username) < MAX_PATH) &&
+ if ((snprintf(tmp_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR SENDER_DOMAIN_NONE DIR_DELIMITER_STR SENDER_ADDRESS_NONE, current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain, canonicalized_recipient_username) < MAX_PATH) &&
(rename(graylist_path, tmp_path) == 0))
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_GRAYLIST_MOVE, graylist_path, tmp_path);
else
@@ -2498,7 +2585,7 @@
}
/* Construct the path to the sender's domain's graylist folder and check if it exists */
else if (continue_processing &&
- (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], tmp_recipient_domain, canonicalize_path(tmp_recipient_username, MAX_PATH, current_settings->recipient_address, (current_settings->recipient_domain - current_settings->recipient_address) - 1), (current_settings->sender_domain != NULL) ? current_settings->sender_domain : SENDER_DOMAIN_NONE) < MAX_PATH) &&
+ (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain, canonicalized_recipient_username, (canonicalized_sender_domain[0] != '\0') ? canonicalized_sender_domain : SENDER_DOMAIN_NONE) < MAX_PATH) &&
(stat(graylist_path, &tmp_stat) != 0))
{
if (errno == ENOENT)
@@ -2520,9 +2607,10 @@
/* Construct the path to the sender->user file using the pre-4.0 logic and move it to the 4.0 path if it exists */
if (continue_processing &&
- (current_settings->sender_address[0] != '\0') &&
- (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], tmp_recipient_domain, tmp_recipient_username, (current_settings->sender_domain != NULL) ? current_settings->sender_domain : SENDER_DOMAIN_NONE, canonicalize_path(tmp_sender_address, MAX_PATH, current_settings->sender_address, (current_settings->sender_domain != NULL) ? ((current_settings->sender_domain - current_settings->sender_address) - 1) : strlen(current_settings->sender_address))) < MAX_PATH) &&
- (snprintf(tmp_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], tmp_recipient_domain, tmp_recipient_username, canonicalize_path(tmp_sender_address, MAX_PATH, current_settings->sender_address, strlen(current_settings->sender_address))) < MAX_PATH) &&
+ (current_settings->sender_username[0] != '\0') &&
+ (current_settings->sender_domain[0] != '\0') &&
+ (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain, canonicalized_recipient_username, (canonicalized_sender_domain[0] != '\0') ? canonicalized_sender_domain : SENDER_DOMAIN_NONE, canonicalized_sender_username) < MAX_PATH) &&
+ (snprintf(tmp_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain, canonicalized_recipient_username, canonicalize_path(tmp_address, MAX_ADDRESS, tmp_sender_address, -1)) < MAX_PATH) &&
(stat(tmp_path, &tmp_stat) == 0) &&
S_ISREG(tmp_stat.st_mode))
{
@@ -2542,7 +2630,7 @@
/* Construct the path to the sender->user file and check if it exists */
if (continue_processing &&
- (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], tmp_recipient_domain, tmp_recipient_username, (current_settings->sender_domain != NULL) ? current_settings->sender_domain : SENDER_DOMAIN_NONE, ((current_settings->sender_address[0] != '\0') && (current_settings->sender_address[0] != '@')) ? canonicalize_path(tmp_sender_address, MAX_PATH, current_settings->sender_address, (current_settings->sender_domain != NULL) ? ((current_settings->sender_domain - current_settings->sender_address) - 1) : strlen(current_settings->sender_address)) : SENDER_ADDRESS_NONE) < MAX_PATH) &&
+ (snprintf(graylist_path, MAX_PATH, "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s" DIR_DELIMITER_STR "%s", current_settings->current_options->graylist_dir[graylist_index], canonicalized_recipient_domain, canonicalized_recipient_username, (canonicalized_sender_domain[0] != '\0') ? canonicalized_sender_domain : SENDER_DOMAIN_NONE, (canonicalized_sender_username[0] != '\0') ? canonicalized_sender_username : SENDER_ADDRESS_NONE) < MAX_PATH) &&
(stat(graylist_path, &tmp_stat) == 0))
/* Check that the file is a "regular" file and the age matches the command line options */
if ((S_ISREG(tmp_stat.st_mode)) &&
@@ -2577,7 +2665,7 @@
else
{
/* The file's age is outside the bounds of the command line options. */
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_GRAYLIST, (current_settings->sender_address[0] != '\0') ? current_settings->sender_address : SENDER_ADDRESS_NONE, current_settings->recipient_address, graylist_path);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_GRAYLIST, tmp_sender_address, tmp_recipient_address, graylist_path);
return_value = FILTER_DECISION_TRANSIENT_DO_FILTER;
/* The file was too old -- truncate it. */
@@ -2616,7 +2704,7 @@
*target_action = FILTER_DECISION_TRANSIENT_DO_FILTER;
set_rejection(current_settings, REJECTION_GRAYLISTED, target_rejection, target_rejection_buf, target_message_buf, size_target_message_buf);
- SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_GRAYLIST, (current_settings->sender_address[0] != '\0') ? current_settings->sender_address : SENDER_ADDRESS_NONE, current_settings->recipient_address, graylist_path);
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_GRAYLIST, tmp_sender_address, tmp_recipient_address, graylist_path);
return_value = FILTER_DECISION_TRANSIENT_DO_FILTER;
}
else if (continue_processing)
@@ -2624,6 +2712,47 @@
}
return(return_value);
+ }
+
+/*
+ * Return value:
+ * FILTER_DECISION value
+ */
+int filter_identical_from_to(struct filter_settings *current_settings, int *target_action, int *return_action_locked, struct rejection_data **target_rejection, struct rejection_data *target_rejection_buf, char *target_message_buf, int size_target_message_buf)
+ {
+ int return_value;
+ char tmp_sender_address[MAX_ADDRESS + 1];
+ char tmp_recipient_address[MAX_ADDRESS + 1];
+ int strlen_sender_address;
+ int strlen_recipient_address;
+
+ return_value = FILTER_DECISION_UNDECIDED;
+
+ /* Check if the sender and recipient addresses are the same. */
+ if (((target_action == NULL) ||
+ ((*target_action) < FILTER_DECISION_DO_FILTER)) &&
+ ((return_action_locked == NULL) ||
+ !(*return_action_locked)) &&
+ current_settings->current_options->check_identical_from_to &&
+ (reassemble_address(current_settings->sender_username, current_settings->sender_domain, NULL, tmp_sender_address, MAX_ADDRESS, &strlen_sender_address) != NULL) &&
+ (strlen_sender_address > 0) &&
+ (reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, NULL, tmp_recipient_address, MAX_ADDRESS, &strlen_recipient_address) != NULL) &&
+ (strlen_recipient_address > 0))
+ {
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FILTER_IDENTICAL_FROM_TO, tmp_sender_address, tmp_recipient_address);
+
+ if (strncmp(tmp_sender_address, tmp_recipient_address, MAXVAL(strlen_sender_address, strlen_recipient_address)) == 0)
+ {
+ if (target_action != NULL)
+ *target_action = FILTER_DECISION_TRANSIENT_DO_FILTER;
+ set_rejection(current_settings, REJECTION_IDENTICAL_FROM_TO, target_rejection, target_rejection_buf, target_message_buf, size_target_message_buf);
+
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_FILTER_IDENTICAL_FROM_TO, tmp_sender_address, tmp_recipient_address);
+ return_value = FILTER_DECISION_TRANSIENT_DO_FILTER;
+ }
+ }
+
+ return(return_value);
}
/*
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/filter.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -50,6 +50,7 @@
int filter_recipient_max(struct filter_settings *current_settings, int *target_action, int *return_action_locked, struct rejection_data **target_rejection, struct rejection_data *target_rejection_buf, char *target_message_buf, int size_target_message_buf);
int filter_recipient_blacklist(struct filter_settings *current_settings, int *target_action, int *return_action_locked, struct rejection_data **target_rejection, struct rejection_data *target_rejection_buf, char *target_message_buf, int size_target_message_buf);
int filter_recipient_graylist(struct filter_settings *current_settings, int *target_action, int *return_action_locked, struct rejection_data **target_rejection, struct rejection_data *target_rejection_buf, char *target_message_buf, int size_target_message_buf);
+int filter_identical_from_to(struct filter_settings *current_settings, int *target_action, int *return_action_locked, struct rejection_data **target_rejection, struct rejection_data *target_rejection_buf, char *target_message_buf, int size_target_message_buf);
void set_rejection(struct filter_settings *current_settings, int rejection_index, struct rejection_data **target_rejection, struct rejection_data *target_rejection_buf, char *target_message_buf, int size_target_message_buf);
#endif /* FILTER_H */
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/log.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -95,7 +95,8 @@
if ((target_fd >= 0) &&
(data_length > 0))
{
- if ((action == LOG_ACTION_CHILD_FROM) || (action == LOG_ACTION_FILTER_FROM))
+ if ((action == LOG_ACTION_CHILD_FROM) ||
+ (action == LOG_ACTION_FILTER_FROM))
{
if ((return_value = NETWORK_WRITE(current_settings, target_fd, data, data_length)) == -1)
SPAMDYKE_LOG_VERBOSE(current_settings, LOG_VERBOSE_WRITE "%s", data_length, target_fd, strerror(errno));
@@ -500,7 +501,7 @@
{
va_start(tmp_va, format);
- if ((strlen_data = vsnprintf(tmp_data, MAX_BUF, format, tmp_va)) > 0)
+ if ((strlen_data = vsnprintf(tmp_data, MAX_BUF - 1, format, tmp_va)) > 0)
{
if (tmp_data[strlen_data - 1] != '\n')
{
@@ -524,6 +525,8 @@
va_end(tmp_va);
}
+
+ fflush(NULL);
}
else if (syslog_initialized)
{
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/log.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/md5.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/md5.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/search_fs.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -31,6 +31,8 @@
#include "search_fs.h"
/*
+ * strlen_target_path may be -1 if target_path is nul-terminated.
+ *
* Return value:
* destination_buf
*/
@@ -45,7 +47,7 @@
(maxlen_destination_buf > 0))
{
if (target_path != NULL)
- for (i = 0; ((i < maxlen_destination_buf) && (i < strlen_target_path)); i++)
+ for (i = 0; ((i < maxlen_destination_buf) && (((strlen_target_path >= 0) && (i < strlen_target_path)) || ((strlen_target_path == -1) && (target_path[i] != '\0')))); i++)
destination_buf[i] = (strchr(filename_alphabet, target_path[i]) != NULL) ? tolower((int)target_path[i]) : REPLACEMENT_FILENAME;
destination_buf[i] = '\0';
@@ -78,7 +80,7 @@
if (stat(filename, &tmp_stat) == 0)
{
strlen_filename = MINVAL(size_return_filename, strlen(filename));
- strncpy(return_filename, filename, strlen_filename);
+ memcpy(return_filename, filename, sizeof(char) * strlen_filename);
return_filename[strlen_filename] = '\0';
return_value = 1;
@@ -112,7 +114,7 @@
if (strlen_filename > size_return_filename)
strlen_filename = size_return_filename;
- strncpy(return_filename, new_filename, strlen_filename);
+ memcpy(return_filename, new_filename, sizeof(char) * strlen_filename);
return_filename[strlen_filename] = '\0';
return_value = 1;
@@ -162,12 +164,14 @@
int check_start;
int check_end;
char *tmp_string;
+ char old_end_char;
char *tmp_entry;
return_value = 0;
check_start = 0;
check_end = 0;
+ old_end_char = target_entry[strlen_target_entry];
if ((end_wildcard != '\0') &&
(target_entry[strlen_target_entry - 1] == end_wildcard))
{
@@ -204,6 +208,8 @@
else
tmp_string = find_case_insensitive_needle(tmp_string + 1, tmp_entry);
+ target_entry[strlen_target_entry] = old_end_char;
+
return(return_value);
}
@@ -247,16 +253,11 @@
{
if ((fscanf(tmp_file, "%" STRINGIFY(MAX_FILE_BUF) "[^\r\n]", tmp_buf) == 1) &&
(tmp_buf[0] != COMMENT_DELIMITER) &&
- ((strlen_buf = strlen(tmp_buf)) > 0))
+ ((strlen_buf = strlen(tmp_buf)) > 0) &&
+ examine_entry(lower_target_string, strlen_lower_target_string, tmp_buf, strlen_buf, lower_start_wildcard, start_wildcard_matches, lower_end_wildcard, end_wildcard_matches))
{
- for (i = 0; i < strlen_buf; i++)
- tmp_buf[i] = tolower((int)tmp_buf[i]);
-
- if (examine_entry(lower_target_string, strlen_lower_target_string, tmp_buf, strlen_buf, lower_start_wildcard, start_wildcard_matches, lower_end_wildcard, end_wildcard_matches))
- {
- return_value = line_num + 1;
- break;
- }
+ return_value = line_num + 1;
+ break;
}
fscanf(tmp_file, "%*1[\r\n]");
@@ -503,6 +504,7 @@
* NOT FOUND: 0
* FOUND: matching line number
*/
+//FIXME: make this actually search the file for the best match possible according to the tcprules docs, not just the first match.
int search_tcprules_file(struct filter_settings *current_settings, char *destination, int size_destination, char *search_filename, char *target_ip, char *target_name, int strlen_target_name)
{
int return_value;
@@ -821,18 +823,19 @@
/*
* start_line and end_line are 1-based.
* if end_line is -1, return_content will be realloc()ed as lines are read.
- * if end_line is not -1 OR start_index is not 0, return_content must have at least ((end_line - start_line) + start_index + 1) entries preallocated.
+ * if end_line is not -1, return_content must have at least ((end_line - start_line) + start_index + 1) entries preallocated.
* individual entries will always be allocated.
*
* Return value:
* ERROR: -1
- * SUCCESS: number of lines read, including skipped lines (1-based)
+ * SUCCESS: number of lines read, excluding skipped lines (1-based)
*/
int read_file(struct filter_settings *current_settings, char *target_filename, char ***return_content, int start_index, int start_line, int end_line)
{
int return_value;
int i;
int line_num;
+ int usable_line_num;
int strlen_line;
int zero_start;
FILE *tmp_file;
@@ -842,6 +845,7 @@
return_value = 0;
line_num = 0;
+ usable_line_num = 0;
if ((target_filename != NULL) &&
(target_filename[0] != '\0') &&
@@ -888,7 +892,7 @@
if ((tmp_char = (char *)malloc(sizeof(char) * (strlen_line + 1))) != NULL)
{
(*return_content)[line_num - zero_start] = tmp_char;
- strncpy((*return_content)[line_num - zero_start], file_buf, strlen_line);
+ memcpy((*return_content)[line_num - zero_start], file_buf, sizeof(char) * strlen_line);
(*return_content)[line_num - zero_start][strlen_line] = '\0';
}
else
@@ -897,6 +901,8 @@
return_value = -1;
break;
}
+
+ usable_line_num++;
}
fscanf(tmp_file, "%*1[\r\n]");
@@ -909,7 +915,7 @@
fclose(tmp_file);
if (return_value == 0)
- return_value = line_num + 1;
+ return_value = usable_line_num + 1;
else
{
if ((*return_content) != NULL)
@@ -962,11 +968,50 @@
tmp_ptr = tmp_array;
if ((return_content != NULL) &&
- ((return_value = read_file(current_settings, target_filename, (char ***)&tmp_ptr, 0, 1, 1)) != -1))
+ (read_file(current_settings, target_filename, (char ***)&tmp_ptr, 0, 1, 1) != -1))
{
*return_content = tmp_array[0];
- return_value = strlen(tmp_array[0]);
+ return_value = (tmp_array[0] != NULL) ? strlen(tmp_array[0]) : 0;
}
return(return_value);
}
+
+/*
+ * Expects:
+ * return_address is a preallocated buffer
+ * max_return_address is the size of return_address, >= 0
+ *
+ * Return value:
+ * return_address, filled with the reassembled address OR missing_data if the address is empty
+ */
+char *reassemble_address(char *target_username, char *target_domain, char *missing_data, char *return_address, int max_return_address, int *strlen_return_address)
+ {
+ int tmp_strlen;
+
+ tmp_strlen = 0;
+
+ if ((return_address != NULL) &&
+ (max_return_address >= 0))
+ {
+ if ((target_username != NULL) &&
+ (target_username[0] != '\0'))
+ if ((target_domain != NULL) &&
+ (target_domain[0] != '\0'))
+ tmp_strlen = snprintf(return_address, max_return_address, "%s@%s", target_username, target_domain);
+ else
+ tmp_strlen = snprintf(return_address, max_return_address, "%s", target_username);
+ else if ((target_domain != NULL) &&
+ (target_domain[0] != '\0'))
+ tmp_strlen = snprintf(return_address, max_return_address, "@%s", target_domain);
+ else if (missing_data != NULL)
+ tmp_strlen = snprintf(return_address, max_return_address, "%s", missing_data);
+ else
+ return_address[0] = '\0';
+ }
+
+ if (strlen_return_address != NULL)
+ *strlen_return_address = tmp_strlen;
+
+ return(return_address);
+ }
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/search_fs.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -30,5 +30,6 @@
int read_file(struct filter_settings *current_settings, char *target_filename, char ***return_content, int start_index, int start_line, int end_line);
int read_file_first_line(struct filter_settings *current_settings, char *target_filename, char **return_content);
int load_resolver_file(struct filter_settings *current_settings, char *target_filename, int *return_default_port);
+char *reassemble_address(char *target_username, char *target_domain, char *missing_data, char *return_address, int max_return_address, int *strlen_return_address);
#endif /* SEARCH_FS_H */
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/spamdyke.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -28,6 +28,8 @@
#include <arpa/inet.h>
#include <stdlib.h>
#include <signal.h>
+#include <grp.h>
+#include <pwd.h>
#include "config.h"
@@ -64,170 +66,766 @@
/*
* Expects:
* strlen_haystack == strlen(haystack)
- * return_address is a preallocated buffer
- * max_address_len is the size of the return_address buffer
- * strlen_username an int buffer if the length of the username is desired or NULL if not
+ * pos <= strlen(haystack) - 1
*
* Return value:
- * ERROR: 0
- * SUCCESS: total length of the returned address
+ * ERROR: not possible
+ * SUCCESS: the position of the first character beyond the foldable whitespace that begins at pos
*/
-int find_address(struct filter_settings *current_settings, char *haystack, int strlen_haystack, char *return_address, int max_address_len, int *strlen_username)
+int skip_fws(char *haystack, int strlen_haystack, int pos)
{
int return_value;
- int i;
- int haystack_start;
- int haystack_end;
- int domain_start;
- int domain_end;
- int address_start;
- int address_end;
- int batv_address_start;
- return_value = 0;
+ return_value = pos;
+ while ((return_value < strlen_haystack) &&
+ ((haystack[return_value] == ' ') ||
+ (haystack[return_value] == '\t') ||
+ (haystack[return_value] == '\r') ||
+ (haystack[return_value] == '\n')))
+ return_value++;
+
+ return(return_value);
+ }
+
+/*
+ * Expects:
+ * strlen_haystack == strlen(haystack)
+ * pos <= strlen(haystack) - 1
+ *
+ * Return value:
+ * ERROR: not possible
+ * SUCCESS: the position of the first character beyond the comment/foldable whitespace that begins at pos
+ */
+int skip_cfws(char *haystack, int strlen_haystack, int pos)
+ {
+ int return_value;
+ int new_pos;
+ int comment_start;
+
+ return_value = pos;
+
+ while (return_value < strlen_haystack)
+ if (((return_value = skip_fws(haystack, strlen_haystack, return_value)) < strlen_haystack) &&
+ (haystack[return_value] == '('))
+ {
+ comment_start = return_value;
+
+ while (return_value < strlen_haystack)
+ {
+ new_pos = return_value;
+
+ if ((new_pos = skip_fws(haystack, strlen_haystack, new_pos)) < strlen_haystack)
+ {
+ while (new_pos < strlen_haystack)
+ if ((((int)haystack[new_pos] >= 1) &&
+ ((int)haystack[new_pos] <= 8)) ||
+ ((int)haystack[new_pos] == 11) ||
+ ((int)haystack[new_pos] == 12) ||
+ (((int)haystack[new_pos] >= 14) &&
+ ((int)haystack[new_pos] <= 31)) ||
+ (((int)haystack[new_pos] >= 33) &&
+ ((int)haystack[new_pos] <= 39)) ||
+ (((int)haystack[new_pos] >= 42) &&
+ ((int)haystack[new_pos] <= 91)) ||
+ (((int)haystack[new_pos] >= 93) &&
+ ((int)haystack[new_pos] <= 127)))
+ new_pos++;
+ else
+ break;
+ }
+
+ if (new_pos != return_value)
+ return_value = new_pos;
+ else
+ break;
+ }
+
+ return_value = skip_fws(haystack, strlen_haystack, return_value);
+
+ if (haystack[return_value] == ')')
+ return_value++;
+ else
+ {
+ return_value = comment_start;
+ break;
+ }
+ }
+ else
+ break;
- if ((return_address != NULL) &&
- (max_address_len > 0))
+ return(return_value);
+ }
+
+/*
+ * Expects:
+ * haystack points to a buffer that contains the start of the address
+ * strlen_haystack is the number of characters within haystack to search, may be less than the actual length
+ * return_username is a buffer into which the address may be copied, up to max_return_username characters
+ * return_strlen_username will be set to the total characters copied into return_username, unless it is NULL.
+ *
+ * RETURNS:
+ * -1 if error
+ * otherwise the number of characters used in haystack -- domain parsing should start at return + 1
+ */
+int find_username(struct filter_settings *current_settings, char *haystack, int search_start, int search_end, char *return_username, int max_return_username, int *return_strlen_username)
+ {
+ int return_value;
+ int i;
+ int j;
+ int pos;
+ int saved_pos;
+ int strlen_username;
+ int final_strlen_username;
+ char tmp_username[MAX_BUF + 1];
+ int quoted_string;
+
+ return_value = -1;
+ pos = search_start;
+ strlen_username = 0;
+ final_strlen_username = 0;
+ tmp_username[0] = '\0';
+ quoted_string = 0;
+
+ if ((haystack != NULL) &&
+ (search_end > 0) &&
+ (return_username != NULL) &&
+ (max_return_username > 0))
{
- if ((haystack != NULL) &&
- (strlen_haystack > 0))
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_ADDRESS_USERNAME, search_start, search_end, haystack);
+
+ /*
+ * If the address is quoted, it may contain "foldable whitespace".
+ * FWS and CFWS makes parsing unnecessarily complicated. Why would anyone
+ * ever want to put a comment in the middle of an address anyway? Who in
+ * their right mind would design the protocol to support this?
+ */
+ if (haystack[pos] == '"')
{
- for (haystack_start = 0; (haystack_start < strlen_haystack) && (haystack[haystack_start] != ':'); haystack_start++);
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_QUOTE_OPEN, pos, haystack);
- if (haystack_start < strlen_haystack)
- haystack_start++;
+ pos++;
+ while (pos < search_end)
+ {
+ saved_pos = pos;
- for (; (haystack_start < strlen_haystack) && isspace((int)haystack[haystack_start]); haystack_start++);
+ pos = skip_fws(haystack, search_end, pos);
+
+ while ((pos < search_end) &&
+ (strlen_username < MAX_BUF))
+ if ((((int)haystack[pos] >= 1) &&
+ ((int)haystack[pos] <= 8)) ||
+ ((int)haystack[pos] == 11) ||
+ ((int)haystack[pos] == 12) ||
+ (((int)haystack[pos] >= 14) &&
+ ((int)haystack[pos] <= 31)))
+ {
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_ADDRESS_CONTROL_CHAR, pos, (int)haystack[pos]);
+
+ tmp_username[strlen_username] = haystack[pos];
+ tmp_username[strlen_username + 1] = '\0';
+ strlen_username++;
+ pos++;
+ }
+ else if (((int)haystack[pos] == 33) ||
+ (((int)haystack[pos] >= 35) &&
+ ((int)haystack[pos] <= 91)) ||
+ (((int)haystack[pos] >= 93) &&
+ ((int)haystack[pos] <= 127)))
+ {
+ tmp_username[strlen_username] = haystack[pos];
+ tmp_username[strlen_username + 1] = '\0';
+ strlen_username++;
+ pos++;
+ }
+ else if (((int)haystack[pos] == '\\') &&
+ (pos < (search_end - 1)))
+ {
+ tmp_username[strlen_username] = haystack[pos + 1];
+ tmp_username[strlen_username + 1] = '\0';
+ strlen_username++;
+ pos += 2;
+ }
+ else
+ break;
- if ((haystack_start < strlen_haystack) &&
- (haystack[haystack_start] == '<'))
+ if (saved_pos == pos)
+ break;
+ }
+
+ pos = skip_fws(haystack, search_end, pos);
+
+ if (haystack[pos] == '"')
{
- haystack_start++;
- for (haystack_end = haystack_start; (haystack_end < strlen_haystack) && (haystack[haystack_end] != '>'); haystack_end++);
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_QUOTE_CLOSE, pos, haystack);
+
+ pos++;
+ quoted_string = 1;
}
else
- for (haystack_end = haystack_start; (haystack_end < strlen_haystack) && !isspace((int)haystack[haystack_end]); haystack_end++);
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_NO_QUOTE_CLOSE, search_start, haystack);
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_WHOLE, haystack_end - haystack_start, haystack_end - haystack_start, haystack + haystack_start);
+ tmp_username[0] = '\0';
+ strlen_username = 0;
+ pos = search_start;
+ }
+ }
- address_start = haystack_start;
- address_end = -1;
- batv_address_start = -1;
- domain_start = -1;
- domain_end = -1;
+ /*
+ * If the address isn't quoted, assume everything before the @ sign is the
+ * username.
+ */
+ if (!quoted_string)
+ {
+ while ((pos < search_end) &&
+ (strlen_username < MAX_BUF))
+ if (((haystack[pos] >= 'A') &&
+ (haystack[pos] <= 'Z')) ||
+ ((haystack[pos] >= 'a') &&
+ (haystack[pos] <= 'z')) ||
+ ((haystack[pos] >= '0') &&
+ (haystack[pos] <= '9')) ||
+ (haystack[pos] == '.') ||
+ (haystack[pos] == '!') ||
+ (haystack[pos] == '#') ||
+ (haystack[pos] == '$') ||
+ (haystack[pos] == '%') ||
+ (haystack[pos] == '&') ||
+ (haystack[pos] == '\'') ||
+ (haystack[pos] == '*') ||
+ (haystack[pos] == '+') ||
+ (haystack[pos] == '-') ||
+ (haystack[pos] == '/') ||
+ (haystack[pos] == '=') ||
+ (haystack[pos] == '?') ||
+ (haystack[pos] == '^') ||
+ (haystack[pos] == '_') ||
+ (haystack[pos] == '`') ||
+ (haystack[pos] == '{') ||
+ (haystack[pos] == '}') ||
+ (haystack[pos] == '|') ||
+ (haystack[pos] == '~'))
+ {
+ tmp_username[strlen_username] = haystack[pos];
+ tmp_username[strlen_username + 1] = '\0';
+ strlen_username++;
+ pos++;
+ }
+ else if ((haystack[pos] == '"') ||
+ (haystack[pos] == ',') ||
+ (haystack[pos] == ':') ||
+ (haystack[pos] == ';') ||
+ (haystack[pos] == '[') ||
+ (haystack[pos] == ']') ||
+ (haystack[pos] == '\\'))
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_ILLEGAL_CHAR, pos, haystack);
+
+ tmp_username[strlen_username] = haystack[pos];
+ tmp_username[strlen_username + 1] = '\0';
+ strlen_username++;
+ pos++;
+ }
+ else
+ break;
- for (i = haystack_start; i < haystack_end; i++)
- if (!isalnum((int)haystack[i]))
- {
- switch (haystack[i])
+ if ((strlen_username > 0) &&
+ ((tmp_username[0] == '.') ||
+ (tmp_username[strlen_username - 1] == '.')))
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_ILLEGAL_DOT, tmp_username);
+ }
+
+ /*
+ * Deal with BATV addresses.
+ */
+ if (strlen_username > 0)
+ {
+ if (strncmp(tmp_username, BATV_PREFIX, STRLEN(BATV_PREFIX)) == 0)
+ {
+ for (i = (strlen_username - 1); i >= 0; i--)
+ if (tmp_username[i] == '=')
{
- /* spamdyke ignores these characters in a username or domain */
- case '.':
- case '-':
- case '_':
- break;
+ i++;
- /* spamdyke ignores these characters in a username */
- case '&':
- case ':':
- case '#':
- case '[':
- case ']':
- case '"':
- case '\\':
- if ((domain_start != -1) &&
- (domain_end == -1))
- domain_end = i;
+ for (j = i; (j < strlen_username) && ((j - i) < max_return_username); j++)
+ if (tmp_username[j] != '/')
+ {
+ return_username[j - i] = tmp_username[j];
+ final_strlen_username++;
+ }
+ else
+ break;
- break;
+ return_username[return_value] = '\0';
+ if (return_strlen_username != NULL)
+ *return_strlen_username = final_strlen_username;
- /*
- * BATV addresses look like this:
- * prvs=USER/xxxx@DOMAIN.COM
- */
- case '=':
- if ((domain_start != -1) &&
- (domain_end == -1))
- domain_end = i;
+ break;
+ }
+ }
+ else
+ {
+ final_strlen_username = MINVAL(strlen_username, max_return_username);
+ if (return_strlen_username != NULL)
+ *return_strlen_username = final_strlen_username;
- if (batv_address_start == -1)
- batv_address_start = i + 1;
+ memcpy(return_username, tmp_username, sizeof(char) * final_strlen_username);
+ return_username[final_strlen_username] = '\0';
+ }
- break;
- case '/':
- if ((domain_start != -1) &&
- (domain_end == -1))
- domain_end = i;
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_USERNAME, return_username);
+ return_value = pos - search_start;
+ }
+ else
+ {
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_ADDRESS_EMPTY_USERNAME, haystack);
- if (batv_address_start != -1)
- {
- address_start = batv_address_start;
- address_end = i;
+ if (return_strlen_username != NULL)
+ *return_strlen_username = 0;
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_USERNAME, address_end - address_start, address_end - address_start, haystack + address_start);
- }
+ return_username[0] = '\0';
+ return_value = 0;
+ }
+ }
- break;
+ return(return_value);
+ }
- /* @ ends the username */
- case '@':
- if ((domain_start != -1) &&
- (domain_end == -1))
- domain_end = i;
+/*
+ * Expects:
+ * haystack points to a buffer that contains the start of the address
+ * strlen_haystack is the number of characters within haystack to search, may be less than the actual length
+ * return_domain is a buffer into which the domain may be copied, up to max_return_domain characters
+ * return_strlen_domain will be set to the total characters copied into return_domain, unless it is NULL.
+ *
+ * RETURNS:
+ * -1 if error
+ * otherwise the number of characters used in haystack
+ */
+int find_domain(struct filter_settings *current_settings, char *haystack, int haystack_start, int search_end, char *return_domain, int max_return_domain, int *return_strlen_domain, char *return_username, int max_return_username, int *return_strlen_username)
+ {
+ int return_value;
+ int i;
+ int pos;
+ char tmp_domain[MAX_BUF + 1];
+ int strlen_domain;
+ int search_start;
+ int bracketed_domain;
+ int final_strlen_domain;
+
+ return_value = -1;
+ pos = haystack_start;
+ tmp_domain[0] = '\0';
+ strlen_domain = 0;
+ final_strlen_domain = 0;
+ bracketed_domain = 0;
+
+ if ((haystack != NULL) &&
+ (search_end > haystack_start) &&
+ (return_domain != NULL) &&
+ (max_return_domain > 0))
+ {
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_ADDRESS_DOMAIN, haystack_start, search_end, haystack);
+
+ while ((pos <= search_end) &&
+ (haystack[pos] != '@'))
+ pos++;
- domain_start = i + 1;
+ pos++;
- if (address_end == -1)
- {
- address_end = i;
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_USERNAME, address_end - address_start, address_end - address_start, haystack + address_start);
- }
+ search_start = pos;
- break;
+ /*
+ * Check if the domain name is bracketed. This is done mostly to use IP
+ * addresses in email addresses (rare).
+ */
+ if (haystack[pos] == '[')
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_BRACKET_OPEN, pos, haystack);
- /* commas and exclamation points end the username */
- case ',':
- /* Commas indicate relay paths, which spamdyke ignores. */
- case '!':
- /* Exclamation points indicate bang paths, which spamdyke ignores. */
- default:
- if ((domain_start != -1) &&
- (domain_end == -1))
- domain_end = i;
+ pos = skip_fws(haystack, search_end, pos);
- if (address_end == -1)
- {
- address_end = i;
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_USERNAME, address_end - address_start, address_end - address_start, haystack + address_start);
- }
+ while ((pos <= search_end) &&
+ (strlen_domain < MAX_BUF))
+ {
+ if ((((int)haystack[pos] >= 1) &&
+ ((int)haystack[pos] <= 9)) ||
+ ((int)haystack[pos] == 11) ||
+ ((int)haystack[pos] == 12) ||
+ (((int)haystack[pos] >= 14) &&
+ ((int)haystack[pos] <= 31)))
+ {
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_ADDRESS_CONTROL_CHAR, pos, (int)haystack[pos]);
+
+ tmp_domain[strlen_domain] = haystack[pos];
+ tmp_domain[strlen_domain + 1] = '\0';
+ strlen_domain++;
+ }
+ else if ((((int)haystack[pos] >= 33) &&
+ ((int)haystack[pos] <= 90)) ||
+ (((int)haystack[pos] >= 94) &&
+ ((int)haystack[pos] <= 126)))
+ {
+ tmp_domain[strlen_domain] = haystack[pos];
+ tmp_domain[strlen_domain + 1] = '\0';
+ strlen_domain++;
+ }
+ else if (((int)haystack[pos] == '\\') &&
+ (pos <= (search_end - 1)))
+ {
+ tmp_domain[strlen_domain] = haystack[pos + 1];
+ tmp_domain[strlen_domain + 1] = '\0';
+ strlen_domain++;
+ pos += 2;
+ }
+ else
+ break;
+ }
+
+ pos = skip_fws(haystack, search_end, pos);
+
+ if (haystack[pos] == ']')
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_BRACKET_CLOSE, pos, haystack);
+
+ pos++;
+ bracketed_domain = 1;
+ }
+ else
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_NO_BRACKET_CLOSE, search_start, haystack);
+
+ tmp_domain[0] = '\0';
+ strlen_domain = 0;
+ pos = search_start;
+ }
+ }
+
+ if (!bracketed_domain)
+ {
+ while ((pos <= search_end) &&
+ (strlen_domain < MAX_BUF))
+ if (((haystack[pos] >= 'A') &&
+ (haystack[pos] <= 'Z')) ||
+ ((haystack[pos] >= 'a') &&
+ (haystack[pos] <= 'z')) ||
+ ((haystack[pos] >= '0') &&
+ (haystack[pos] <= '9')) ||
+ (haystack[pos] == '.') ||
+ (haystack[pos] == '!') ||
+ (haystack[pos] == '#') ||
+ (haystack[pos] == '$') ||
+ (haystack[pos] == '%') ||
+ (haystack[pos] == '&') ||
+ (haystack[pos] == '\'') ||
+ (haystack[pos] == '*') ||
+ (haystack[pos] == '+') ||
+ (haystack[pos] == '-') ||
+ (haystack[pos] == '/') ||
+ (haystack[pos] == '=') ||
+ (haystack[pos] == '?') ||
+ (haystack[pos] == '^') ||
+ (haystack[pos] == '_') ||
+ (haystack[pos] == '`') ||
+ (haystack[pos] == '{') ||
+ (haystack[pos] == '}') ||
+ (haystack[pos] == '|') ||
+ (haystack[pos] == '~'))
+ {
+ tmp_domain[strlen_domain] = haystack[pos];
+ tmp_domain[strlen_domain + 1] = '\0';
+ strlen_domain++;
+ pos++;
+ }
+ else if (haystack[pos] == ':')
+ {
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_ADDRESS_ROUTING, pos, haystack);
+ pos++;
+ pos += find_username(current_settings, haystack, pos, search_end, return_username, max_return_username, return_strlen_username);
+ pos += find_domain(current_settings, haystack, pos, search_end, tmp_domain, MAX_BUF, &strlen_domain, return_username, max_return_username, return_strlen_username);
+
+ break;
+ }
+ else if ((haystack[pos] == '"') ||
+ (haystack[pos] == ',') ||
+ (haystack[pos] == ';') ||
+ (haystack[pos] == '[') ||
+ (haystack[pos] == ']') ||
+ (haystack[pos] == '\\'))
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_ILLEGAL_CHAR, pos, haystack);
+ pos++;
+ }
+ else
+ break;
+
+ if ((strlen_domain > 0) &&
+ (tmp_domain[0] == '.'))
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_ILLEGAL_DOT_START, tmp_domain);
+
+ for (i = 0; i < strlen_domain; i++)
+ if (tmp_domain[i] != '.')
+ break;
+ i++;
+
+ memmove(tmp_domain, tmp_domain + i, strlen_domain - i);
+ strlen_domain -= i;
+ tmp_domain[strlen_domain] = '\0';
+ }
+
+ if ((strlen_domain > 0) &&
+ (tmp_domain[strlen_domain - 1] == '.'))
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_ILLEGAL_DOT_END, tmp_domain);
+
+ while ((strlen_domain > 0) &&
+ (tmp_domain[strlen_domain - 1] == '.'))
+ strlen_domain--;
+
+ tmp_domain[strlen_domain] = '\0';
+ }
+ }
+
+ final_strlen_domain = MINVAL(strlen_domain, max_return_domain);
+ if (return_strlen_domain != NULL)
+ *return_strlen_domain = final_strlen_domain;
+
+ memcpy(return_domain, tmp_domain, sizeof(char) * final_strlen_domain);
+ return_domain[final_strlen_domain] = '\0';
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_DOMAIN, return_domain);
+
+ return_value = pos - haystack_start;
+ }
+
+ return(return_value);
+ }
+
+/*
+ * See RFC 2822 for all the painful details of parsing addresses.
+ * Also see http://tools.ietf.org/html/draft-levine-smtp-batv-01 for details on
+ * BATV. Example BATV addresses:
+ * prvs=xxxxxx=USER@DOMAIN.COM
+ * prvs=USER/xxxxxx@DOMAIN.COM
+ *
+ * Expects:
+ * strlen_haystack == strlen(haystack)
+ * return_username is a preallocated buffer - must not be NULL
+ * max_return_username is the size of the return_username buffer - must be greater than 0
+ * return_domain is a preallocated buffer - must not be NULL
+ * max_return_domain is the size of the return_domain buffer - must be greater than 0
+ * return_strlen_domain may be NULL
+ *
+ * Return value:
+ * ERROR: 0
+ * SUCCESS: length of the returned username
+ */
+int find_address(struct filter_settings *current_settings, char *haystack, int strlen_haystack, char *return_username, int max_return_username, char *return_domain, int max_return_domain, int *return_strlen_domain)
+ {
+ int return_value;
+ int tmp_strlen;
+ int pos;
+ int search_end;
+ char tmp_username[MAX_BUF + 1];
+ int strlen_username;
+ char tmp_domain[MAX_BUF + 1];
+ int strlen_domain;
+ int tmp_len;
+
+ return_value = 0;
+ tmp_username[0] = '\0';
+ strlen_username = 0;
+ tmp_domain[0] = '\0';
+ strlen_domain = 0;
+ search_end = strlen_haystack;
+
+ if ((return_username != NULL) &&
+ (max_return_username > 0) &&
+ (return_domain != NULL) &&
+ (max_return_domain > 0))
+ {
+ if ((haystack != NULL) &&
+ (strlen_haystack > 0))
+ {
+ /*
+ * Identify where the address starts and ends. This excludes "RCPT:", any
+ * leading or trailing whitespace and any angle brackets, if present.
+ *
+ * The address starts at haystack[pos] and ends at haystack[search_end].
+ */
+ for (pos = 0; pos < strlen_haystack; pos++)
+ if (haystack[pos] == ':')
+ {
+ pos++;
+
+ while (pos < strlen_haystack)
+ if (haystack[pos] == ' ')
+ pos++;
+ else if (haystack[pos] == '<')
+ {
+ while (search_end >= pos)
+ if (haystack[search_end] == '>')
+ {
+ pos++;
+ break;
+ }
+ else
+ search_end--;
+
+ if (search_end < pos)
+ search_end = strlen_haystack;
break;
- }
+ }
+ else
+ break;
+
+ break;
}
- if (address_end == -1)
+ /*
+ * Look for the first legal character at the start of the address.
+ */
+ while (pos < search_end)
{
- address_end = haystack_end;
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_USERNAME, address_end - address_start, address_end - address_start, haystack + address_start);
+ if (((haystack[pos] >= 'A') &&
+ (haystack[pos] <= 'Z')) ||
+ ((haystack[pos] >= 'a') &&
+ (haystack[pos] <= 'z')) ||
+ ((haystack[pos] >= '0') &&
+ (haystack[pos] <= '9')) ||
+ (haystack[pos] == '.') ||
+ (haystack[pos] == '!') ||
+ (haystack[pos] == '#') ||
+ (haystack[pos] == '$') ||
+ (haystack[pos] == '%') ||
+ (haystack[pos] == '&') ||
+ (haystack[pos] == '\'') ||
+ (haystack[pos] == '*') ||
+ (haystack[pos] == '+') ||
+ (haystack[pos] == '-') ||
+ (haystack[pos] == '/') ||
+ (haystack[pos] == '=') ||
+ (haystack[pos] == '?') ||
+ (haystack[pos] == '^') ||
+ (haystack[pos] == '_') ||
+ (haystack[pos] == '`') ||
+ (haystack[pos] == '{') ||
+ (haystack[pos] == '}') ||
+ (haystack[pos] == '|') ||
+ (haystack[pos] == '~') ||
+ (haystack[pos] == '"') ||
+ (haystack[pos] == '@'))
+ break;
+ else if ((haystack[pos] == ',') ||
+ (haystack[pos] == ':') ||
+ (haystack[pos] == ';') ||
+ (haystack[pos] == '[') ||
+ (haystack[pos] == ']') ||
+ (haystack[pos] == '\\'))
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_ILLEGAL_CHAR, pos, haystack);
+ break;
+ }
+
+ pos++;
}
- if (domain_end == -1)
- domain_end = haystack_end;
+ /*
+ * Look for the first legal character at the end of the address.
+ */
+ while (search_end > pos)
+ {
+ if (((haystack[search_end] >= 'A') &&
+ (haystack[search_end] <= 'Z')) ||
+ ((haystack[search_end] >= 'a') &&
+ (haystack[search_end] <= 'z')) ||
+ ((haystack[search_end] >= '0') &&
+ (haystack[search_end] <= '9')) ||
+ (haystack[search_end] == '.') ||
+ (haystack[search_end] == '!') ||
+ (haystack[search_end] == '#') ||
+ (haystack[search_end] == '$') ||
+ (haystack[search_end] == '%') ||
+ (haystack[search_end] == '&') ||
+ (haystack[search_end] == '\'') ||
+ (haystack[search_end] == '*') ||
+ (haystack[search_end] == '+') ||
+ (haystack[search_end] == '-') ||
+ (haystack[search_end] == '/') ||
+ (haystack[search_end] == '=') ||
+ (haystack[search_end] == '?') ||
+ (haystack[search_end] == '^') ||
+ (haystack[search_end] == '_') ||
+ (haystack[search_end] == '`') ||
+ (haystack[search_end] == '{') ||
+ (haystack[search_end] == '}') ||
+ (haystack[search_end] == '|') ||
+ (haystack[search_end] == '~') ||
+ (haystack[search_end] == '"') ||
+ (haystack[search_end] == '@'))
+ break;
+ else if ((haystack[search_end] == ',') ||
+ (haystack[search_end] == ':') ||
+ (haystack[search_end] == ';') ||
+ (haystack[search_end] == '[') ||
+ (haystack[search_end] == ']') ||
+ (haystack[search_end] == '\\'))
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_ILLEGAL_CHAR, search_end, haystack);
+ }
- if ((domain_start == -1) ||
- (domain_start == domain_end))
- return_value = snprintf(return_address, max_address_len, "%.*s", address_end - address_start, haystack + address_start);
+ search_end--;
+ }
+
+ if ((tmp_len = find_username(current_settings, haystack, pos, search_end, tmp_username, MAX_BUF, &strlen_username)) != -1)
+ pos += tmp_len;
+ if ((tmp_len = find_domain(current_settings, haystack, pos, search_end, tmp_domain, MAX_BUF, &strlen_domain, tmp_username, MAX_BUF, &strlen_username)) != -1)
+ pos += tmp_len;
+
+ if (strlen_username > 0)
+ {
+ tmp_strlen = MINVAL(strlen_username, max_return_username);
+ memcpy(return_username, tmp_username, sizeof(char) * tmp_strlen);
+ return_username[tmp_strlen] = '\0';
+ return_value = strlen_username;
+
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FIND_USERNAME, return_username);
+ }
else
{
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ADDRESS_FOUND_DOMAIN, domain_end - domain_start, domain_end - domain_start, haystack + domain_start);
- return_value = snprintf(return_address, max_address_len, "%.*s@%.*s", address_end - address_start, haystack + address_start, domain_end - domain_start, haystack + domain_start);
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_ADDRESS_EMPTY_USERNAME, haystack);
+ return_username[0] = '\0';
}
- if (strlen_username != NULL)
- *strlen_username = address_end - address_start;
+ if (strlen_domain > 0)
+ {
+ tmp_strlen = MINVAL(strlen_domain, max_return_domain);
+ memcpy(return_domain, tmp_domain, sizeof(char) * tmp_strlen);
+ return_domain[tmp_strlen] = '\0';
+
+ if (return_strlen_domain != NULL)
+ *return_strlen_domain = tmp_strlen;
+
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_FIND_DOMAIN, return_domain);
+ }
+ else
+ {
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_ADDRESS_EMPTY_DOMAIN, haystack);
+ return_domain[0] = '\0';
+
+ if (return_strlen_domain != NULL)
+ *return_strlen_domain = 0;
+ }
}
else
- return_address[0] = '\0';
+ {
+ return_username[0] = '\0';
+ return_domain[0] = '\0';
+
+ if (return_strlen_domain != NULL)
+ *return_strlen_domain = 0;
+ }
}
return(return_value);
@@ -287,9 +885,8 @@
int return_value;
int i;
int j;
- char target_address[MAX_BUF + 1];
- int strlen_target_address;
- int strlen_username;
+ int strlen_target_username;
+ int strlen_target_domain;
char decoded_content[MAX_BUF + 1];
char *content_ptr;
int strlen_content;
@@ -298,6 +895,8 @@
char *tmp_hostname;
char *tmp_char;
int tmp_strlen;
+ char tmp_sender_address[MAX_ADDRESS + 1];
+ char tmp_recipient_address[MAX_ADDRESS + 1];
return_value = FILTER_FLAG_PASS;
@@ -388,7 +987,7 @@
break;
case SMTP_AUTH_LOGIN:
- strncpy(current_settings->smtp_auth_response, input_line, MINVAL(MAX_BUF, strlen_input_line));
+ memcpy(current_settings->smtp_auth_response, input_line, sizeof(char) * MINVAL(MAX_BUF, strlen_input_line));
current_settings->smtp_auth_response[MINVAL(MAX_BUF, strlen_input_line)] = '\0';
if ((current_settings->smtp_auth_origin == SMTP_AUTH_ORIGIN_SPAMDYKE) ||
@@ -582,24 +1181,24 @@
current_settings->current_options->filter_grace = FILTER_GRACE_EXPIRED;
return_value = FILTER_FLAG_INTERCEPT | FILTER_FLAG_CHILD_QUIT;
}
- else if (current_settings->current_options->filter_action <= FILTER_DECISION_DO_FILTER)
+ else
{
if (((current_settings->current_options->smtp_auth_level & SMTP_AUTH_LEVEL_MASK) >= SMTP_AUTH_LEVEL_VALUE_ALWAYS) &&
(current_settings->current_options->smtp_auth_command != NULL))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_SMTP_AUTH_REPLACE, NULL);
- return_value = FILTER_FLAG_PASS | FILTER_FLAG_AUTH_ADD | FILTER_FLAG_AUTH_REMOVE;
+ return_value |= FILTER_FLAG_AUTH_ADD | FILTER_FLAG_AUTH_REMOVE;
}
else if (((current_settings->current_options->smtp_auth_level & SMTP_AUTH_LEVEL_MASK) >= SMTP_AUTH_LEVEL_VALUE_ON_DEMAND) &&
(current_settings->current_options->smtp_auth_command != NULL))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_SMTP_AUTH_ADD, NULL);
- return_value = FILTER_FLAG_PASS | FILTER_FLAG_AUTH_ADD;
+ return_value |= FILTER_FLAG_AUTH_ADD;
}
else if ((current_settings->current_options->smtp_auth_level & SMTP_AUTH_LEVEL_MASK) == SMTP_AUTH_LEVEL_VALUE_NONE)
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_SMTP_AUTH_REMOVE, NULL);
- return_value = FILTER_FLAG_PASS | FILTER_FLAG_AUTH_REMOVE;
+ return_value |= FILTER_FLAG_AUTH_REMOVE;
}
#ifdef HAVE_LIBSSL
@@ -615,38 +1214,26 @@
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_ADD, NULL);
return_value |= FILTER_FLAG_TLS_ADD;
}
- }
- else if ((current_settings->tls_state == TLS_STATE_ACTIVE_SPAMDYKE) ||
- (current_settings->current_options->tls_level == TLS_LEVEL_NONE))
- {
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_REMOVE, NULL);
- return_value = FILTER_FLAG_PASS | FILTER_FLAG_TLS_REMOVE;
- }
- else if (current_settings->current_options->tls_certificate_file != NULL)
- {
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_ADD, NULL);
- return_value = FILTER_FLAG_PASS | FILTER_FLAG_TLS_ADD;
- }
+ else if (current_settings->current_options->tls_level == TLS_LEVEL_PROTOCOL_SPAMDYKE)
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_REMOVE, NULL);
+ return_value |= FILTER_FLAG_TLS_REMOVE;
+ }
#else /* HAVE_LIBSSL */
- if (current_settings->current_options->tls_level == TLS_LEVEL_NONE)
+ if ((current_settings->current_options->tls_level == TLS_LEVEL_NONE) ||
+ (current_settings->current_options->tls_level == TLS_LEVEL_PROTOCOL_SPAMDYKE))
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_REMOVE, NULL);
return_value = FILTER_FLAG_PASS | FILTER_FLAG_TLS_REMOVE;
}
- }
- else if (current_settings->current_options->tls_level == TLS_LEVEL_NONE)
- {
- SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_REMOVE, NULL);
- return_value = FILTER_FLAG_PASS | FILTER_FLAG_TLS_REMOVE;
- }
#endif /* HAVE_LIBSSL */
+ }
}
- else if ((current_settings->current_options->filter_action <= FILTER_DECISION_DO_FILTER) &&
- ((current_settings->current_options->smtp_auth_level & SMTP_AUTH_LEVEL_MASK) >= SMTP_AUTH_LEVEL_VALUE_OBSERVE) &&
+ else if (((current_settings->current_options->smtp_auth_level & SMTP_AUTH_LEVEL_MASK) >= SMTP_AUTH_LEVEL_VALUE_OBSERVE) &&
(strlen_input_line >= STRLEN(SMTP_AUTH)) &&
(strncasecmp(SMTP_AUTH, input_line, STRLEN(SMTP_AUTH)) == 0))
{
@@ -742,7 +1329,7 @@
if ((i < strlen_input_line) &&
isalnum((int)input_line[i]))
{
- strncpy(current_settings->smtp_auth_response, input_line + i, MINVAL(MAX_BUF, strlen_input_line - i));
+ memcpy(current_settings->smtp_auth_response, input_line + i, sizeof(char) * MINVAL(MAX_BUF, strlen_input_line - i));
current_settings->smtp_auth_response[MINVAL(MAX_BUF, strlen_input_line - i)] = '\0';
strlen_content = snprintf(current_settings->smtp_auth_challenge, MAX_BUF, "%s%s%s", REJECT_SEVERITY_AUTH_CHALLENGE, SMTP_AUTH_LOGIN_CHALLENGE_2, REJECT_CRLF);
@@ -773,13 +1360,13 @@
tmp_strlen = strlen(tmp_hostname);
if ((tmp_char = realloc(current_settings->current_options->local_server_name, sizeof(char) * (tmp_strlen + 1))) != NULL)
{
- memcpy(tmp_char, tmp_hostname, tmp_strlen);
+ memcpy(tmp_char, tmp_hostname, sizeof(char) * tmp_strlen);
tmp_char[tmp_strlen] = '\0';
current_settings->current_options->local_server_name = tmp_char;
}
else
{
- SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, tmp_strlen + 1);
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_MALLOC, sizeof(char) * (tmp_strlen + 1));
current_settings->current_options->filter_action = FILTER_DECISION_ERROR;
return_value = FILTER_FLAG_QUIT;
}
@@ -790,10 +1377,11 @@
if (current_settings->current_options->filter_action != FILTER_DECISION_ERROR)
{
strlen_content = snprintf(decoded_content, MAX_BUF, "<%ld.%ld@%s>", random(), (long)time(NULL), (current_settings->current_options->local_server_name != NULL) ? current_settings->current_options->local_server_name : MISSING_LOCAL_SERVER_NAME);
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_AUTH_CRAMMD5_CHALLENGE, decoded_content);
snprintf(current_settings->smtp_auth_challenge, MAX_BUF - STRLEN(REJECT_CRLF), "%s ", SMTP_AUTH_CHALLENGE);
strlen_content = base64_encode((unsigned char *)(current_settings->smtp_auth_challenge + STRLEN(SMTP_AUTH_CHALLENGE) + 1), MAX_BUF - (STRLEN(SMTP_AUTH_CHALLENGE) + STRLEN(REJECT_CRLF) + 1), (unsigned char *)decoded_content, strlen_content) + STRLEN(SMTP_AUTH_CHALLENGE) + 1;
- strncpy(current_settings->smtp_auth_challenge + strlen_content, REJECT_CRLF, STRLEN(REJECT_CRLF));
+ memcpy(current_settings->smtp_auth_challenge + strlen_content, REJECT_CRLF, sizeof(char) * STRLEN(REJECT_CRLF));
current_settings->smtp_auth_challenge[strlen_content + STRLEN(REJECT_CRLF)] = '\0';
output_writeln(current_settings, LOG_ACTION_FILTER_FROM, outbound_fd, current_settings->smtp_auth_challenge, strlen_content + STRLEN(REJECT_CRLF));
@@ -846,7 +1434,7 @@
if ((i < strlen_input_line) &&
isalnum((int)input_line[i]))
{
- strncpy(current_settings->smtp_auth_response, input_line + i, MINVAL(MAX_BUF, strlen_input_line - i));
+ memcpy(current_settings->smtp_auth_response, input_line + i, sizeof(char) * MINVAL(MAX_BUF, strlen_input_line - i));
current_settings->smtp_auth_response[MINVAL(MAX_BUF, strlen_input_line - i)] = '\0';
current_settings->smtp_auth_state = SMTP_AUTH_STATE_RESPONSE_1_SEEN;
}
@@ -892,8 +1480,17 @@
return_value = FILTER_FLAG_INTERCEPT;
}
else
+
#endif /* HAVE_LIBSSL */
+ if (current_settings->current_options->tls_level == TLS_LEVEL_PROTOCOL_SPAMDYKE)
+ {
+ set_rejection(current_settings, FAILURE_TLS, ¤t_settings->current_options->transient_rejection, ¤t_settings->current_options->transient_rejection_buf, current_settings->current_options->transient_reject_message_buf, MAX_BUF);
+ output_write_rejection(current_settings, current_settings->current_options->transient_rejection, outbound_fd, REJECT_SEVERITY_PERMANENT);
+ current_settings->current_options->transient_rejection = NULL;
+ return_value = FILTER_FLAG_INTERCEPT;
+ }
+ else
return_value = FILTER_FLAG_PASS | FILTER_FLAG_TLS_CAPTURE;
else
{
@@ -906,21 +1503,18 @@
else if ((strlen_input_line >= STRLEN(SMTP_MAIL_FROM)) &&
(strncasecmp(SMTP_MAIL_FROM, input_line, STRLEN(SMTP_MAIL_FROM)) == 0))
{
- if (((strlen_target_address = find_address(current_settings, input_line, strlen_input_line, target_address, MAX_BUF, &strlen_username)) > 0) &&
- (strlen_target_address < MAX_ADDRESS))
+ if ((strlen_target_username = find_address(current_settings, input_line, strlen_input_line, current_settings->sender_username, MAX_ADDRESS, current_settings->sender_domain, MAX_ADDRESS, &strlen_target_domain)) > 0)
{
- for (i = 0; i < strlen_target_address; i++)
- current_settings->sender_address[i] = tolower((int)target_address[i]);
- current_settings->sender_address[strlen_target_address] = '\0';
-
- current_settings->sender_domain = current_settings->sender_address + strlen_username + 1;
- if (current_settings->sender_domain[0] == '\0')
- current_settings->sender_domain = NULL;
+ for (i = 0; i < strlen_target_username; i++)
+ current_settings->sender_username[i] = tolower((int)current_settings->sender_username[i]);
+
+ for (i = 0; i < strlen_target_domain; i++)
+ current_settings->sender_domain[i] = tolower((int)current_settings->sender_domain[i]);
if (!current_settings->local_sender &&
(current_settings->current_options->local_domains != NULL))
for (i = 0; current_settings->current_options->local_domains[i] != NULL; i++)
- if (examine_entry(current_settings->sender_domain, (strlen_target_address - strlen_username) - 1, current_settings->current_options->local_domains[i], strlen(current_settings->current_options->local_domains[i]), '.', ".", '\0', NULL) > 0)
+ if (examine_entry(current_settings->sender_domain, strlen_target_domain, current_settings->current_options->local_domains[i], strlen(current_settings->current_options->local_domains[i]), '.', ".", '\0', NULL) > 0)
{
current_settings->local_sender = 1;
break;
@@ -929,7 +1523,7 @@
if (!current_settings->local_sender &&
(current_settings->current_options->local_domains_file != NULL))
for (i = 0; current_settings->current_options->local_domains_file[i] != NULL; i++)
- if (search_file(current_settings, current_settings->current_options->local_domains_file[i], current_settings->sender_domain, (strlen_target_address - strlen_username) - 1, '.', ".", '\0', NULL) > 0)
+ if (search_file(current_settings, current_settings->current_options->local_domains_file[i], current_settings->sender_domain, strlen_target_domain, '.', ".", '\0', NULL) > 0)
{
current_settings->local_sender = 1;
break;
@@ -958,15 +1552,13 @@
else if ((strlen_input_line >= STRLEN(SMTP_RCPT_TO)) &&
(strncasecmp(SMTP_RCPT_TO, input_line, STRLEN(SMTP_RCPT_TO)) == 0))
{
- if ((strlen_target_address = find_address(current_settings, input_line, strlen_input_line, target_address, MAX_BUF, &strlen_username)) > 0)
+ if ((strlen_target_username = find_address(current_settings, input_line, strlen_input_line, current_settings->recipient_username, MAX_ADDRESS, current_settings->recipient_domain, MAX_ADDRESS, &strlen_target_domain)) > 0)
{
- for (i = 0; i < strlen_target_address; i++)
- current_settings->recipient_address[i] = tolower((int)target_address[i]);
- current_settings->recipient_address[strlen_target_address] = '\0';
-
- current_settings->recipient_domain = current_settings->recipient_address + strlen_username + 1;
- if (current_settings->recipient_domain[0] == '\0')
- current_settings->recipient_domain = NULL;
+ for (i = 0; i < strlen_target_username; i++)
+ current_settings->recipient_username[i] = tolower((int)current_settings->recipient_username[i]);
+
+ for (i = 0; i < strlen_target_domain; i++)
+ current_settings->recipient_domain[i] = tolower((int)current_settings->recipient_domain[i]);
if ((current_settings->current_options->local_domains != NULL) ||
(current_settings->current_options->local_domains_file != NULL))
@@ -975,7 +1567,7 @@
if (!current_settings->local_recipient &&
(current_settings->current_options->local_domains != NULL))
for (i = 0; current_settings->current_options->local_domains[i] != NULL; i++)
- if (examine_entry(current_settings->recipient_domain, (strlen_target_address - strlen_username) - 1, current_settings->current_options->local_domains[i], strlen(current_settings->current_options->local_domains[i]), '.', ".", '\0', NULL) > 0)
+ if (examine_entry(current_settings->recipient_domain, strlen_target_domain, current_settings->current_options->local_domains[i], strlen(current_settings->current_options->local_domains[i]), '.', ".", '\0', NULL) > 0)
{
current_settings->local_recipient = 1;
break;
@@ -985,14 +1577,12 @@
(current_settings->current_options->local_domains_file != NULL))
{
for (i = 0; current_settings->current_options->local_domains_file[i] != NULL; i++)
- if (search_file(current_settings, current_settings->current_options->local_domains_file[i], current_settings->recipient_domain, (strlen_target_address - strlen_username) - 1, '.', ".", '\0', NULL) > 0)
+ if (search_file(current_settings, current_settings->current_options->local_domains_file[i], current_settings->recipient_domain, strlen_target_domain, '.', ".", '\0', NULL) > 0)
{
current_settings->local_recipient = 1;
break;
}
}
- else
- current_settings->local_recipient = 1;
}
else
current_settings->local_recipient = 1;
@@ -1003,7 +1593,7 @@
((current_settings->current_options->filter_action = copy_base_options(current_settings, current_settings->current_options->filter_action)) != FILTER_DECISION_ERROR))
{
for (i = 0; current_settings->current_options->configuration_dir[i] != NULL; i++)
- if ((current_settings->current_options->filter_action = process_config_dir(current_settings, current_settings->current_options->configuration_dir[i], current_settings->server_ip, current_settings->server_name, current_settings->sender_address, current_settings->sender_domain, current_settings->recipient_address, current_settings->recipient_domain, current_settings->current_options->filter_action, NULL)) == FILTER_DECISION_ERROR)
+ if ((current_settings->current_options->filter_action = process_config_dir(current_settings, current_settings->current_options->configuration_dir[i], current_settings->server_ip, current_settings->server_name, current_settings->sender_username, current_settings->sender_domain, current_settings->recipient_username, current_settings->recipient_domain, current_settings->current_options->filter_action, NULL)) == FILTER_DECISION_ERROR)
break;
if (current_settings->current_options->filter_action != FILTER_DECISION_ERROR)
@@ -1065,6 +1655,7 @@
filter_recipient_local(current_settings, ¤t_settings->current_options->filter_action, ¤t_settings->current_options->filter_action_locked, ¤t_settings->current_options->transient_rejection, ¤t_settings->current_options->transient_rejection_buf, current_settings->current_options->transient_reject_message_buf, MAX_BUF);
filter_recipient_max(current_settings, ¤t_settings->current_options->filter_action, ¤t_settings->current_options->filter_action_locked, ¤t_settings->current_options->transient_rejection, ¤t_settings->current_options->transient_rejection_buf, current_settings->current_options->transient_reject_message_buf, MAX_BUF);
filter_recipient_blacklist(current_settings, ¤t_settings->current_options->filter_action, ¤t_settings->current_options->filter_action_locked, ¤t_settings->current_options->transient_rejection, ¤t_settings->current_options->transient_rejection_buf, current_settings->current_options->transient_reject_message_buf, MAX_BUF);
+ filter_identical_from_to(current_settings, ¤t_settings->current_options->filter_action, ¤t_settings->current_options->filter_action_locked, ¤t_settings->current_options->transient_rejection, ¤t_settings->current_options->transient_rejection_buf, current_settings->current_options->transient_reject_message_buf, MAX_BUF);
filter_recipient_graylist(current_settings, ¤t_settings->current_options->filter_action, ¤t_settings->current_options->filter_action_locked, ¤t_settings->current_options->transient_rejection, ¤t_settings->current_options->transient_rejection_buf, current_settings->current_options->transient_reject_message_buf, MAX_BUF);
if (current_settings->current_options->filter_action == FILTER_DECISION_TRANSIENT_DO_FILTER)
@@ -1085,7 +1676,7 @@
return_value = FILTER_FLAG_PASS | FILTER_FLAG_RCPT_CAPTURE;
else
{
- SPAMDYKE_LOG_INFO(current_settings, "%s from: %s to: %s origin_ip: %s origin_rdns: %s auth: %s", (current_settings->current_options->transient_rejection != NULL) ? current_settings->current_options->transient_rejection->short_reject_message : ((current_settings->current_options->rejection != NULL) ? current_settings->current_options->rejection->short_reject_message : SHORT_SUCCESS), (current_settings->sender_address[0] != '\0') ? current_settings->sender_address : LOG_MISSING_DATA, (current_settings->recipient_address[0] != '\0') ? current_settings->recipient_address : LOG_MISSING_DATA, (current_settings->server_ip != NULL) ? current_settings->server_ip : LOG_MISSING_DATA, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, (current_settings->smtp_auth_username[0] != '\0') ? current_settings->smtp_auth_username : LOG_MISSING_DATA);
+ SPAMDYKE_LOG_INFO(current_settings, "%s from: %s to: %s origin_ip: %s origin_rdns: %s auth: %s encryption: %s", (current_settings->current_options->transient_rejection != NULL) ? current_settings->current_options->transient_rejection->short_reject_message : ((current_settings->current_options->rejection != NULL) ? current_settings->current_options->rejection->short_reject_message : SHORT_SUCCESS), reassemble_address(current_settings->sender_username, current_settings->sender_domain, LOG_MISSING_DATA, tmp_sender_address, MAX_ADDRESS, NULL), reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, LOG_MISSING_DATA, tmp_recipient_address, MAX_ADDRESS, NULL), (current_settings->server_ip != NULL) ? current_settings->server_ip : LOG_MISSING_DATA, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, (current_settings->smtp_auth_username[0] != '\0') ? current_settings->smtp_auth_username : LOG_MISSING_DATA, tls_state_desc(current_settings));
current_settings->current_options->transient_rejection = NULL;
}
}
@@ -1129,8 +1720,10 @@
{
current_settings->num_rcpt_to = 0;
current_settings->local_sender = 1;
- current_settings->sender_address[0] = '\0';
- current_settings->recipient_address[0] = '\0';
+ current_settings->sender_username[0] = '\0';
+ current_settings->sender_domain[0] = '\0';
+ current_settings->recipient_username[0] = '\0';
+ current_settings->recipient_domain[0] = '\0';
}
else
{
@@ -1174,8 +1767,6 @@
int more_stdinput;
int more_childinput;
int discard_childinput;
- long connection_start;
- long command_start;
long current_time;
int filter_return;
int network_ready;
@@ -1194,6 +1785,8 @@
int timeout_printed;
int wait_status;
int child_stopped;
+ char tmp_sender_address[MAX_ADDRESS + 1];
+ char tmp_recipient_address[MAX_ADDRESS + 1];
strlen_buf_input = 0;
usable_buf_input = 0;
@@ -1211,8 +1804,8 @@
more_childinput = ((*inbound_fd >= 0) && (*outbound_fd >= 0)) ? 1 : 0;
discard_childinput = !more_childinput;
- connection_start = time(NULL);
- command_start = time(NULL);
+ current_settings->connection_start = time(NULL);
+ current_settings->command_start = time(NULL);
#ifdef HAVE_LIBSSL
if ((current_settings->current_options->tls_certificate_file != NULL) &&
@@ -1276,9 +1869,9 @@
if (!timeout_printed &&
((!child_response_needed &&
(current_settings->current_options->timeout_connection > 0) &&
- ((current_time - connection_start) > current_settings->current_options->timeout_connection)) ||
+ ((current_time - current_settings->connection_start) > current_settings->current_options->timeout_connection)) ||
((current_settings->current_options->timeout_command > 0) &&
- ((current_time - command_start) > current_settings->current_options->timeout_command))))
+ ((current_time - current_settings->command_start) > current_settings->current_options->timeout_command))))
{
if (*outbound_fd >= 0)
{
@@ -1288,6 +1881,9 @@
*outbound_fd = -1;
}
+ current_settings->current_options->timeout_connection = 0;
+ current_settings->current_options->timeout_command = 0;
+
set_rejection(current_settings, REJECTION_TIMEOUT, ¤t_settings->current_options->rejection, ¤t_settings->current_options->rejection_buf, current_settings->current_options->reject_message_buf, MAX_BUF);
output_write_rejection(current_settings, current_settings->current_options->rejection, STDOUT_FD, NULL);
@@ -1295,7 +1891,7 @@
discard_childinput = 1;
child_response_needed = 0;
- SPAMDYKE_LOG_INFO(current_settings, "%s from: %s to: %s origin_ip: %s origin_rdns: %s auth: %s reason: %s", current_settings->current_options->rejection->short_reject_message, (current_settings->sender_address[0] != '\0') ? current_settings->sender_address : LOG_MISSING_DATA, (current_settings->recipient_address[0] != '\0') ? current_settings->recipient_address : LOG_MISSING_DATA, current_settings->server_ip, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, (current_settings->smtp_auth_username[0] != '\0') ? current_settings->smtp_auth_username : LOG_MISSING_DATA, (current_settings->current_options->rejection != NULL) ? current_settings->current_options->rejection->short_reject_message : LOG_MISSING_DATA);
+ SPAMDYKE_LOG_INFO(current_settings, "%s from: %s to: %s origin_ip: %s origin_rdns: %s auth: %s encryption: %s reason: %s", current_settings->current_options->rejection->short_reject_message, reassemble_address(current_settings->sender_username, current_settings->sender_domain, LOG_MISSING_DATA, tmp_sender_address, MAX_ADDRESS, NULL), reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, LOG_MISSING_DATA, tmp_recipient_address, MAX_ADDRESS, NULL), current_settings->server_ip, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, (current_settings->smtp_auth_username[0] != '\0') ? current_settings->smtp_auth_username : LOG_MISSING_DATA, tls_state_desc(current_settings), (current_settings->current_options->rejection != NULL) ? current_settings->current_options->rejection->short_reject_message : LOG_MISSING_DATA);
timeout_printed = 1;
}
@@ -1307,10 +1903,10 @@
(current_settings->current_options->timeout_command > 0))
{
if (current_settings->current_options->timeout_command > 0)
- listen_timeout.tv_sec = MAXVAL(0, current_settings->current_options->timeout_command - (current_time - command_start));
+ listen_timeout.tv_sec = MAXVAL(0, current_settings->current_options->timeout_command - (current_time - current_settings->command_start));
if (current_settings->current_options->timeout_connection > 0)
- listen_timeout.tv_sec = MAXVAL(0, MINVAL(listen_timeout.tv_sec, current_settings->current_options->timeout_connection - (current_time - connection_start)));
+ listen_timeout.tv_sec = MAXVAL(0, MINVAL(listen_timeout.tv_sec, current_settings->current_options->timeout_connection - (current_time - current_settings->connection_start)));
if (listen_timeout.tv_sec > MAX_SELECT_SECS_TIMEOUT)
{
@@ -1414,7 +2010,7 @@
{
next_terminator++;
child_response_needed = 0;
- command_start = time(NULL);
+ current_settings->command_start = time(NULL);
strlen_buf_trim = next_terminator - start_buf_childinput;
while ((strlen_buf_trim > 0) &&
@@ -1450,7 +2046,7 @@
output_writeln(current_settings, LOG_ACTION_CHILD_FROM, STDOUT_FD, start_buf_childinput, next_terminator - start_buf_childinput);
filter_return ^= FILTER_FLAG_RCPT_CAPTURE;
- SPAMDYKE_LOG_INFO(current_settings, "%s from: %s to: %s origin_ip: %s origin_rdns: %s auth: %s", (current_settings->current_options->transient_rejection != NULL) ? current_settings->current_options->transient_rejection->short_reject_message : ((current_settings->current_options->rejection != NULL) ? current_settings->current_options->rejection->short_reject_message : SHORT_SUCCESS), (current_settings->sender_address[0] != '\0') ? current_settings->sender_address : LOG_MISSING_DATA, (current_settings->recipient_address[0] != '\0') ? current_settings->recipient_address : LOG_MISSING_DATA, (current_settings->server_ip != NULL) ? current_settings->server_ip : LOG_MISSING_DATA, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, (current_settings->smtp_auth_username[0] != '\0') ? current_settings->smtp_auth_username : LOG_MISSING_DATA);
+ SPAMDYKE_LOG_INFO(current_settings, "%s from: %s to: %s origin_ip: %s origin_rdns: %s auth: %s encryption: %s", (current_settings->current_options->transient_rejection != NULL) ? current_settings->current_options->transient_rejection->short_reject_message : ((current_settings->current_options->rejection != NULL) ? current_settings->current_options->rejection->short_reject_message : SHORT_SUCCESS), reassemble_address(current_settings->sender_username, current_settings->sender_domain, LOG_MISSING_DATA, tmp_sender_address, MAX_ADDRESS, NULL), reassemble_address(current_settings->recipient_username, current_settings->recipient_domain, LOG_MISSING_DATA, tmp_recipient_address, MAX_ADDRESS, NULL), (current_settings->server_ip != NULL) ? current_settings->server_ip : LOG_MISSING_DATA, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, (current_settings->smtp_auth_username[0] != '\0') ? current_settings->smtp_auth_username : LOG_MISSING_DATA, tls_state_desc(current_settings));
current_settings->current_options->transient_rejection = NULL;
}
else if ((((filter_return & FILTER_FLAG_AUTH_ADD) == FILTER_FLAG_AUTH_ADD) ||
@@ -1629,7 +2225,7 @@
(strlen_buf_trim >= STRLEN(SMTP_AUTH_CHALLENGE)) &&
(strncasecmp(start_buf_childinput, SMTP_AUTH_CHALLENGE, STRLEN(SMTP_AUTH_CHALLENGE)) == 0))
{
- strncpy(current_settings->smtp_auth_challenge, start_buf_childinput, MINVAL(MAX_BUF, strlen_buf_trim));
+ memcpy(current_settings->smtp_auth_challenge, start_buf_childinput, sizeof(char) * MINVAL(MAX_BUF, strlen_buf_trim));
current_settings->smtp_auth_challenge[MINVAL(MAX_BUF, strlen_buf_trim)] = '\0';
current_settings->smtp_auth_state = SMTP_AUTH_STATE_CHALLENGE_1_SENT;
output_writeln(current_settings, LOG_ACTION_CHILD_FROM, STDOUT_FD, start_buf_childinput, next_terminator - start_buf_childinput);
@@ -1672,7 +2268,7 @@
(strncasecmp(start_buf_childinput, SMTP_AUTH_SUCCESS, STRLEN(SMTP_AUTH_SUCCESS)) == 0))
{
tmp_strlen = strlen(current_settings->smtp_auth_response);
- strncpy(current_settings->smtp_auth_username, current_settings->smtp_auth_response, MINVAL(tmp_strlen, MAX_BUF));
+ memcpy(current_settings->smtp_auth_username, current_settings->smtp_auth_response, sizeof(char) * MINVAL(tmp_strlen, MAX_BUF));
current_settings->smtp_auth_username[MINVAL(tmp_strlen, MAX_BUF)] = '\0';
current_settings->smtp_auth_state = SMTP_AUTH_STATE_AUTHENTICATED;
@@ -1712,7 +2308,7 @@
line_terminator = '\0';
buf_childinput[strlen_buf_childinput] = '\0';
- SPAMDYKE_LOG_INFO(current_settings, "%s from: %s to: %s origin_ip: %s origin_rdns: %s auth: %s", SHORT_TLS_PASSTHROUGH, LOG_MISSING_DATA, LOG_MISSING_DATA, (current_settings->server_ip != NULL) ? current_settings->server_ip : LOG_MISSING_DATA, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, (current_settings->smtp_auth_username[0] != '\0') ? current_settings->smtp_auth_username : LOG_MISSING_DATA);
+ SPAMDYKE_LOG_INFO(current_settings, "%s from: %s to: %s origin_ip: %s origin_rdns: %s auth: %s encryption: %s", SHORT_TLS_PASSTHROUGH, LOG_MISSING_DATA, LOG_MISSING_DATA, (current_settings->server_ip != NULL) ? current_settings->server_ip : LOG_MISSING_DATA, (current_settings->strlen_server_name > 0) ? current_settings->server_name : LOG_MISSING_DATA, (current_settings->smtp_auth_username[0] != '\0') ? current_settings->smtp_auth_username : LOG_MISSING_DATA, tls_state_desc(current_settings));
}
else
{
@@ -1815,7 +2411,7 @@
start_buf_input = buf_input;
}
- command_start = time(NULL);
+ current_settings->command_start = time(NULL);
}
else if (!NETWORK_CAN_READ(current_settings))
{
@@ -1887,6 +2483,21 @@
discard_childinput = 1;
child_response_needed = 0;
+ if ((current_settings->current_options->rejection != NULL) &&
+ (*outbound_fd >= 0))
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_CHILD_OUT_CLOSE, *outbound_fd);
+
+ close(*outbound_fd);
+ *outbound_fd = -1;
+
+ if (current_settings->current_options->timeout_command == 0)
+ {
+ current_settings->current_options->timeout_command = TIMEOUT_IDLE_AFTER_QUIT_SECS;
+ SPAMDYKE_LOG_DEBUG(current_settings, LOG_DEBUG_IDLE_RESET, current_settings->current_options->timeout_command);
+ }
+ }
+
break;
case FILTER_FLAG_INTERCEPT:
child_response_needed = 0;
@@ -2040,6 +2651,7 @@
int return_value;
int i;
int j;
+ int k;
char command_text[MAX_BUF + 1];
char *current_ptr;
char *value_start_ptr;
@@ -2066,6 +2678,18 @@
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ENVIRONMENT_RELAY_FOUND, current_settings->current_environment[j]);
current_settings->allow_relay = 1;
+
+ tmp_delimiter = current_settings->current_environment[j][STRLEN(ENVIRONMENT_ALLOW_RELAY) + 1];
+ if (tmp_delimiter != '\0')
+ {
+ for (k = 0; (current_settings->current_environment[j][STRLEN(ENVIRONMENT_ALLOW_RELAY) + 1 + k] != '\0') && (current_settings->current_environment[j][STRLEN(ENVIRONMENT_ALLOW_RELAY) + 1 + k] != tmp_delimiter); k++)
+ current_settings->additional_domain_text[k] = tolower((int)current_settings->current_environment[j][STRLEN(ENVIRONMENT_ALLOW_RELAY) + 1 + k]);
+
+ current_settings->additional_domain_text[k] = '\0';
+ }
+ else
+ current_settings->additional_domain_text[0] = '\0';
+
break;
}
}
@@ -2137,11 +2761,22 @@
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ENVIRONMENT_RELAY_ALLOWED, current_settings->current_options->access_list_file[i]);
current_settings->allow_relay = 1;
+
+ tmp_delimiter = current_ptr[STRLEN(ENVIRONMENT_ALLOW_RELAY) + 1];
+ if (tmp_delimiter != '\0')
+ {
+ for (k = 0; (current_ptr[STRLEN(ENVIRONMENT_ALLOW_RELAY) + 1 + k] != '\0') && (current_ptr[STRLEN(ENVIRONMENT_ALLOW_RELAY) + 1 + k] != tmp_delimiter); k++)
+ current_settings->additional_domain_text[k] = tolower((int)current_ptr[STRLEN(ENVIRONMENT_ALLOW_RELAY) + 1 + k]);
+
+ current_settings->additional_domain_text[k] = '\0';
+ }
+ else
+ current_settings->additional_domain_text[0] = '\0';
}
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ENVIRONMENT_ADD, current_settings->current_options->access_list_file[i], (value_start_ptr - current_ptr) - 1, current_ptr, value_end_ptr - value_start_ptr, value_start_ptr);
- strncpy(destination_envp[j], current_ptr, (value_start_ptr - current_ptr) - 1);
- strncpy(destination_envp[j] + ((value_start_ptr - current_ptr) - 1), value_start_ptr, value_end_ptr - value_start_ptr);
+ memcpy(destination_envp[j], current_ptr, sizeof(char) * ((value_start_ptr - current_ptr) - 1));
+ memcpy(destination_envp[j] + ((value_start_ptr - current_ptr) - 1), value_start_ptr, sizeof(char) * (value_end_ptr - value_start_ptr));
destination_envp[j][(value_end_ptr - current_ptr) - 1] = '\0';
current_ptr = value_end_ptr + 2;
}
@@ -2179,7 +2814,7 @@
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ENVIRONMENT_RELAY_ADD, ENVIRONMENT_ALLOW_RELAY);
destination_envp[len_envp - 1] = tmp_ptr;
- strncpy(destination_envp[len_envp - 1], ENVIRONMENT_ALLOW_RELAY, STRLEN(ENVIRONMENT_ALLOW_RELAY));
+ memcpy(destination_envp[len_envp - 1], ENVIRONMENT_ALLOW_RELAY, sizeof(char) * STRLEN(ENVIRONMENT_ALLOW_RELAY));
destination_envp[len_envp - 1][STRLEN(ENVIRONMENT_ALLOW_RELAY)] = ENVIRONMENT_DELIMITER;
destination_envp[len_envp - 1][STRLEN(ENVIRONMENT_ALLOW_RELAY) + 1] = '\0';
}
@@ -2225,6 +2860,9 @@
int ip_ints[4];
int remote_ip_index;
+ srandom(time(NULL) * getpid());
+ signal(SIGPIPE, SIG_IGN);
+
environment_updated = 0;
if (current_settings->current_options->filter_action != FILTER_DECISION_ERROR)
@@ -2406,7 +3044,7 @@
{
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_ENVIRONMENT_LOCAL_PORT_SET, ENVIRONMENT_LOCAL_PORT_SMTP);
destination_envp[i] = tmp_ptr;
- strncpy(destination_envp[i], ENVIRONMENT_LOCAL_PORT_SMTP, STRLEN(ENVIRONMENT_LOCAL_PORT_SMTP));
+ memcpy(destination_envp[i], ENVIRONMENT_LOCAL_PORT_SMTP, sizeof(char) * STRLEN(ENVIRONMENT_LOCAL_PORT_SMTP));
destination_envp[i][STRLEN(ENVIRONMENT_LOCAL_PORT_SMTP)] = '\0';
environment_updated = 1;
}
@@ -2556,8 +3194,5 @@
int main(int argc, char *argv[], char *envp[])
{
- srandom(time(NULL) * getpid());
- signal(SIGPIPE, SIG_IGN);
-
return(prepare_settings(argc, argv, envp, &do_spamdyke));
}
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/spamdyke.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -99,6 +99,8 @@
#define DEFAULT_TIMEOUT_NIHDNS_TOTAL_SECS 30
#define DEFAULT_NIHDNS_ATTEMPTS_PRIMARY 1
#define DEFAULT_NIHDNS_ATTEMPTS_TOTAL 3
+#define DEFAULT_CONTROL_HOSTNAME "/var/qmail/control/me"
+#define DEFAULT_TLS_CIPHER_LIST "DEFAULT"
#define TIMEOUT_CHECKPASSWORD_SECS 30
#define TIMEOUT_TLS_SHUTDOWN_SECS 5
#define TIMEOUT_COMMAND_SECS 30
@@ -195,7 +197,8 @@
#define MAX_NIHDNS_SERVERS 16
#define MAX_DNS_QUERIES 16
-#define MAX_DNS_PACKET_BYTES 512
+#define MAX_DNS_PACKET_BYTES_UDP 512
+#define MAX_DNS_PACKET_BYTES_TCP 65536
#define MAX_DNS_PACKETS 6
#define MAX_DNS_PACKETS_PREFERRED 1
@@ -203,14 +206,14 @@
#define MINVAL(a,b) ({ typeof (a) _a = (a); typeof (b) _b = (b); _a < _b ? _a : _b; })
#define MAXVAL(a,b) ({ typeof (a) _a = (a); typeof (b) _b = (b); _a > _b ? _a : _b; })
+#define BATV_PREFIX "prvs="
+
#define MD5_IPAD_BYTE 0x36
#define MD5_OPAD_BYTE 0x5C
-#define PROTOCOL_NAME_UDP "udp"
-
#define USAGE_LINE_WRAP 80
#define USAGE_LINE_INDENT " "
-#define USAGE_MESSAGE_HEADER "spamdyke " VERSION_STRING " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\nhttp://www.spamdyke.org/\n\n"
+#define USAGE_MESSAGE_HEADER "spamdyke " VERSION_STRING " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\nhttp://www.spamdyke.org/\n\n"
#define USAGE_MESSAGE_USAGE "USAGE: spamdyke [ OPTIONS ] [ -- ] qmail_smtpd_command [ qmail_smtpd_arguments ]\n"
#define USAGE_MESSAGE_INTEGER_RANGE "%s must be between (or equal to) %d and %d.\n"
#define USAGE_MESSAGE_NAME_VALUES "%s"
@@ -306,7 +309,14 @@
#define TLS_LEVEL_NONE 1
#define TLS_LEVEL_PROTOCOL 2
-#define TLS_LEVEL_SMTPS 3
+#define TLS_LEVEL_PROTOCOL_SPAMDYKE 3
+#define TLS_LEVEL_SMTPS 4
+
+#define TLS_DESC_UNKNOWN "(unknown)"
+#define TLS_DESC_INACTIVE "(none)"
+#define TLS_DESC_PASSTHROUGH "TLS_PASSTHROUGH"
+#define TLS_DESC_SPAMDYKE_PROTOCOL "TLS"
+#define TLS_DESC_SPAMDYKE_SMTPS "SSL"
#define LOCALHOST_IP "127.0.0.1"
#define LOCALHOST_OCTETS { 127, 0, 0, 1 }
@@ -535,7 +545,11 @@
#define ERROR_UNCONDITIONAL "Refused. Mail is not being accepted."
#define REJECTION_DATA_UNCONDITIONAL { REJECTION_UNCONDITIONAL, REJECT_SEVERITY_PERMANENT, ERROR_UNCONDITIONAL, STRLEN(ERROR_UNCONDITIONAL), "DENIED_REJECT_ALL", 1 }
-#define FAILURE_TLS 24
+#define REJECTION_IDENTICAL_FROM_TO 24
+#define ERROR_IDENTICAL_FROM_TO "Refused. Identical sender and recipient addresses are not allowed."
+#define REJECTION_DATA_IDENTICAL_FROM_TO { REJECTION_IDENTICAL_FROM_TO, REJECT_SEVERITY_PERMANENT, ERROR_IDENTICAL_FROM_TO, STRLEN(ERROR_IDENTICAL_FROM_TO), "DENIED_IDENTICAL_SENDER_RECIPIENT", 1 }
+
+#define FAILURE_TLS 25
#define ERROR_FAILURE_TLS "Failed to negotiate TLS connection."
#define FAILURE_DATA_TLS { FAILURE_TLS, REJECT_SEVERITY_TLS_FAILURE, ERROR_FAILURE_TLS, STRLEN(ERROR_FAILURE_TLS), "FAILED_TLS", 0 }
@@ -564,6 +578,7 @@
REJECTION_DATA_ZERO_RECIPIENTS, \
REJECTION_DATA_AUTH_REQUIRED, \
REJECTION_DATA_UNCONDITIONAL, \
+ REJECTION_DATA_IDENTICAL_FROM_TO, \
FAILURE_DATA_TLS \
}
@@ -601,6 +616,13 @@
#define NIHDNS_LEVEL_NORMAL 2
#define NIHDNS_LEVEL_AGGRESSIVE 3
+/*
+ * The values in NIHDNS_TYPE_ARRAY must correspond to the values in
+ * CONFIG_DNS_TYPE_ARRAY. The maximum index must not exceed
+ * NUM_NIHDNS_TYPE.
+ */
+#define NUM_NIHDNS_TYPE 8
+
#define NIHDNS_TYPE_A 1
#define NIHDNS_TYPE_CNAME 5
#define NIHDNS_TYPE_MX 15
@@ -609,6 +631,25 @@
#define NIHDNS_TYPE_SOA 6
#define NIHDNS_TYPE_TXT 16
#define NIHDNS_TYPE_ANY 255
+#define NIHDNS_TYPE_ARRAY (int []){ NIHDNS_TYPE_A, NIHDNS_TYPE_CNAME, NIHDNS_TYPE_MX, NIHDNS_TYPE_NS, NIHDNS_TYPE_PTR, NIHDNS_TYPE_SOA, NIHDNS_TYPE_TXT, NIHDNS_TYPE_ANY, 0 }
+
+#define CONFIG_DNS_TYPE_A 0x01
+#define CONFIG_DNS_TYPE_CNAME 0x02
+#define CONFIG_DNS_TYPE_MX 0x04
+#define CONFIG_DNS_TYPE_NS 0x08
+#define CONFIG_DNS_TYPE_PTR 0x10
+#define CONFIG_DNS_TYPE_SOA 0x20
+#define CONFIG_DNS_TYPE_TXT 0x40
+#define CONFIG_DNS_TYPE_ANY 0x80
+#define CONFIG_DNS_TYPE_ARRAY (int []){ CONFIG_DNS_TYPE_A, CONFIG_DNS_TYPE_CNAME, CONFIG_DNS_TYPE_MX, CONFIG_DNS_TYPE_NS, CONFIG_DNS_TYPE_PTR, CONFIG_DNS_TYPE_SOA, CONFIG_DNS_TYPE_TXT, CONFIG_DNS_TYPE_ANY, 0x00 }
+
+#define NIHDNS_TCP_NONE 1
+#define NIHDNS_TCP_NORMAL 2
+
+#define NIHDNS_SPOOF_ACCEPT_ALL 1
+#define NIHDNS_SPOOF_ACCEPT_SAME_IP 2
+#define NIHDNS_SPOOF_ACCEPT_SAME_PORT 3
+#define NIHDNS_SPOOF_REJECT 4
#define NIHDNS_GETINT16(buffer) (uint16_t)((buffer[0] << 8) | buffer[1])
#define NIHDNS_GETINT32(buffer) (uint32_t)((buffer[0] << 24) | (buffer[1] << 16) | (buffer[2] << 8) | buffer[3])
@@ -666,9 +707,9 @@
#define SYSLOG_IDENTIFIER "spamdyke"
#define LOG_MISSING_DATA "(unknown)"
-#define LOG_MSG_TLS_NO_ERROR "Operation failed but no error was reported by the SSL/TLS library."
+#define LOG_MSG_TLS_NO_ERROR "Operation failed but no error was reported by the SSL/TLS library"
#define LOG_MSG_TLS_ZERO_RETURN "The connection was unexpectedly ended/closed"
-#define LOG_MSG_TLS_RECALL "The SSL/TLS library wants a function to be called again to complete. This shouldn't happen"
+#define LOG_MSG_TLS_RECALL "The SSL/TLS library wants a function to be called again to complete after it's been recalled repeatedly. This shouldn't happen."
#define LOG_MSG_TLS_SYSCALL "The operation failed due to an I/O error"
#define LOG_MSG_TLS_LIBRARY "A protocol or library failure occurred"
#define LOG_MSG_TLS_EOF_FOUND "Unexpected EOF found"
@@ -682,18 +723,19 @@
#define LOG_ERROR_OPEN "ERROR: unable to open file "
#define LOG_ERROR_OPEN_KEYWORDS "ERROR: unable to open keywords file "
#define LOG_ERROR_OPEN_SEARCH "ERROR: unable to open file for searching "
-#define LOG_ERROR_GETPROTOBYNAME "ERROR: unable to find protocol number with getprotobyname()\n"
-#define LOG_ERROR_SOCKET "ERROR: unable to create socket: %s"
+#define LOG_ERROR_SOCKET_UDP "ERROR: unable to create UDP socket: %s"
+#define LOG_ERROR_SOCKET_TCP "ERROR: unable to create TCP socket: %s"
#define LOG_ERROR_BIND "ERROR: unable to bind socket: %s"
#define LOG_ERROR_SETSOCKOPT "ERROR: unable to set socket option: %s"
#define LOG_ERROR_SENDTO_INCOMPLETE "ERROR: unable to send complete data packet, tried to send %d bytes, actually sent %d bytes"
-#define LOG_ERROR_SENDTO "ERROR: unable to send data packet: %s"
+#define LOG_ERROR_SENDTO "ERROR: unable to send data packet, tried to send %d bytes: %s"
#define LOG_ERROR_STAT "ERROR: unable to stat() path "
#define LOG_ERROR_MKDIR "ERROR: unable to create directory "
#define LOG_ERROR_OPEN_LOG "ERROR: unable to open traffic log file "
#define LOG_ERROR_MOVE "ERROR: unable to move file "
#define LOG_ERROR_UNLINK "ERROR: unable to remove file "
#define LOG_ERROR_MALLOC "ERROR: out of memory - unable to allocate %lu bytes"
+#define LOG_ERROR_TLS_CIPHER_LIST "ERROR: unable to set SSL/TLS cipher list: "
#define LOG_ERROR_TLS_INIT "ERROR: unable to initialize SSL/TLS library"
#define LOG_ERROR_TLS_CERTIFICATE "ERROR: unable to load SSL/TLS certificate from file: "
#define LOG_ERROR_TLS_PRIVATEKEY "ERROR: unable to load or decrypt SSL/TLS private key from file: "
@@ -720,11 +762,20 @@
#define LOG_ERROR_SHORT_OPTION_CONFLICT "ERROR: short option %c is used by at least two options: %s and %s"
#define LOG_ERROR_SMTPS_SUPPORT "ERROR: unable to start SMTPS because TLS support is not available or an SSL/TLS certificate is not available; closing connection"
#define LOG_ERROR_LATE_EARLYTALKER "ERROR: earlytalker filter cannot be activated after the start of the connection -- ignoring configuration option"
+#define LOG_ERROR_NONBLOCK_INPUT "ERROR: unable to set input socket to nonblocking: "
+#define LOG_ERROR_NONBLOCK_OUTPUT "ERROR: unable to set output socket to nonblocking: "
+#define LOG_ERROR_STATUS_INPUT "ERROR: unable to get input socket nonblocking status: "
+#define LOG_ERROR_STATUS_OUTPUT "ERROR: unable to get output socket nonblocking status: "
+#define LOG_ERROR_NONBLOCK_DNS_UDP "ERROR: unable to set DNS UDP socket to nonblocking: "
+#define LOG_ERROR_NONBLOCK_DNS_TCP "ERROR: unable to set DNS TCP socket to nonblocking: "
+#define LOG_ERROR_UDP_SPOOF "ERROR: UDP packet received from an unexpected server, could be a DNS spoofing attempt: IP %s, port %d"
#define LOG_VERBOSE_WRITE "ERROR: unable to write %d bytes to file descriptor %d: "
#define LOG_VERBOSE_DNS_COMPRESSION "ERROR: compressed DNS packet could not be decoded for %s; this could indicate a problem with the nameserver."
#define LOG_VERBOSE_DNS_RESPONSE "ERROR: bad or invalid dns response to %s; this could indicate a problem with the name server."
-#define LOG_VERBOSE_DNS_UNKNOWN_TYPE "ERROR: dns response for %s: expected type %s but received type %s"
+#define LOG_VERBOSE_DNS_UNKNOWN_TYPE "ERROR: DNS response for %s: expected type %s but received type %s"
+#define LOG_VERBOSE_DNS_OVERSIZE "ERROR: TCP DNS response for %s is %d total bytes, larger the maximum possible (%d bytes); something is very wrong here"
+#define LOG_VERBOSE_DNS_CONNECT "ERROR: unable to connect to DNS server %s:%d using TCP: "
#define LOG_VERBOSE_AUTH_FAILURE "ERROR: authentication failure (bad username/password, vchkpw uses this to indicate SMTP access is not allowed): "
#define LOG_VERBOSE_AUTH_MISUSE "ERROR: authentication misuse (no input given or no additional command path given, e.g. /bin/true): "
#define LOG_VERBOSE_AUTH_ERROR "ERROR: authentication error (likely due to missing/unexecutable commands): "
@@ -787,9 +838,12 @@
#define LOG_VERBOSE_FILTER_GRAYLIST "FILTER_GRAYLISTED sender: %s recipient: %s path: %s"
#define LOG_VERBOSE_FILTER_ALLOW_ALL "FILTER_ALLOW_ALL"
#define LOG_VERBOSE_FILTER_REJECT_ALL "FILTER_REJECT_ALL"
-#define LOG_VERBOSE_FILTER_OTHER_REJECTION "FILTER_OTHER: response: \"%.*s\""
+#define LOG_VERBOSE_FILTER_OTHER_REJECTION "FILTER_OTHER response: \"%.*s\""
#define LOG_VERBOSE_REMOTEIP_LOCALHOST "ERROR: remote IP address missing, found text: \"%s\", using IP address %s"
#define LOG_VERBOSE_REMOTEIP_TEXT "ERROR: remote IP address missing, found text: \"%s\", searching DNS for IP address"
+#define LOG_VERBOSE_FILTER_IDENTICAL_FROM_TO "FILTER_IDENTICAL_SENDER_RECIPIENT sender: %s recipient: %s"
+#define LOG_VERBOSE_MX_IP "ERROR: found IP address in MX record where only are legal: %s domain: %s"
+#define LOG_VERBOSE_DNS_OVERSIZE_QUERY "ERROR: unable to create DNS query packet in %d bytes, name: %s type %s"
#define LOG_DEBUG_AUTH_SUCCESS "DEBUG(%s()@%s:%d): authentication successful: "
#define LOG_DEBUG_EXEC "DEBUG(%s()@%s:%d): executing command: %s"
@@ -832,11 +886,20 @@
#define LOG_DEBUG_REMOTEIP_DNS_FOUND "DEBUG(%s()@%s:%d): found remote IP address using DNS: %s"
#define LOG_DEBUG_REMOTEIP_DNS_NOT_FOUND "DEBUG(%s()@%s:%d): no remote IP address found using DNS, using default: %s"
#define LOG_DEBUG_REMOTEIP_ENV_UPDATED "DEBUG(%s()@%s:%d): updated environment with remote IP address: %s"
+#define LOG_DEBUG_FILTER_IDENTICAL_FROM_TO "DEBUG(%s()@%s:%d): comparing addresses; sender: %s recipient: %s"
+#define LOG_DEBUG_ADDRESS_CONTROL_CHAR "DEBUG(%s()@%s:%d): found unprintable control character in address at position %d, ASCII code %d"
+#define LOG_DEBUG_ADDRESS_EMPTY_USERNAME "DEBUG(%s()@%s:%d): unable to parse username from address: %s"
+#define LOG_DEBUG_ADDRESS_EMPTY_DOMAIN "DEBUG(%s()@%s:%d): unable to parse domain from address: %s"
+#define LOG_DEBUG_FIND_USERNAME "DEBUG(%s()@%s:%d): found username: %s"
+#define LOG_DEBUG_FIND_DOMAIN "DEBUG(%s()@%s:%d): found domain: %s"
+#define LOG_DEBUG_ADDRESS_ROUTING "DEBUG(%s()@%s:%d): reparsing address from routing symbol at position %d: %s"
+#define LOG_DEBUG_ADDRESS_USERNAME "DEBUG(%s()@%s:%d): searching for username between positions %d and %d: %s"
+#define LOG_DEBUG_ADDRESS_DOMAIN "DEBUG(%s()@%s:%d): searching for domain between positions %d and %d: %s"
#define LOG_DEBUGX_EXEC "EXCESSIVE(%s()@%s:%d): preparing to start child process: %s"
#define LOG_DEBUGX_DNS_QUERY "EXCESSIVE(%s()@%s:%d): sending %d byte query (ID %d/%d) for %s(%s) to DNS server %s:%d (attempt %d)"
#define LOG_DEBUGX_DNS_RECEIVED "EXCESSIVE(%s()@%s:%d): received DNS packet: %d bytes, ID %d/%d"
-#define LOG_DEBUGX_DNS_RECEIVED_TYPE "EXCESSIVE(%s()@%s:%d): received DNS response: %s"
+#define LOG_DEBUGX_DNS_RECEIVED_TYPE "EXCESSIVE(%s()@%s:%d): received DNS response: %s, expected %s"
#define LOG_DEBUGX_DNS_TXT "EXCESSIVE(%s()@%s:%d): found TXT record for %s: %.*s"
#define LOG_DEBUGX_DNS_A "EXCESSIVE(%s()@%s:%d): found A record for %s: %d.%d.%d.%d"
#define LOG_DEBUGX_DNS_CNAME "EXCESSIVE(%s()@%s:%d): found CNAME record for %s: %s"
@@ -902,9 +965,32 @@
#define LOG_DEBUGX_TLS_PRIVATEKEY_SEPARATE "EXCESSIVE(%s()@%s:%d): loaded TLS private key from separate file: %s"
#define LOG_DEBUGX_TLS_PRIVATEKEY_CERTIFICATE "EXCESSIVE(%s()@%s:%d): loaded TLS private key from certificate file: %s"
#define LOG_DEBUGX_TLS_CERT_CHECK "EXCESSIVE(%s()@%s:%d): verified TLS certificate and private key"
+#define LOG_DEBUGX_TLS_CIPHER_LIST "EXCESSIVE(%s()@%s:%d): set TLS cipher list: %s"
#define LOG_DEBUGX_ENVIRONMENT_FOUND "EXCESSIVE(%s()@%s:%d): found environment variable %.*s: %s"
#define LOG_DEBUGX_PATH_DEFAULT "EXCESSIVE(%s()@%s:%d): no PATH found in environment, using default PATH: %s"
#define LOG_DEBUGX_PATH_SEARCH "EXCESSIVE(%s()@%s:%d): searching along PATH: %s"
+#define LOG_DEBUGX_ADDRESS_FOUND_QUOTE_OPEN "EXCESSIVE(%s()@%s:%d): found opening quote in address at position %d: %s"
+#define LOG_DEBUGX_ADDRESS_FOUND_QUOTE_CLOSE "EXCESSIVE(%s()@%s:%d): found closing quote in address at position %d: %s"
+#define LOG_DEBUGX_ADDRESS_NO_QUOTE_CLOSE "EXCESSIVE(%s()@%s:%d): no closing quote found in address, assuming no quoted-string and resuming at position %d: %s"
+#define LOG_DEBUGX_ADDRESS_ILLEGAL_CHAR "EXCESSIVE(%s()@%s:%d): removing illegal character in address at position %d: %s"
+#define LOG_DEBUGX_ADDRESS_ILLEGAL_DOT_START "EXCESSIVE(%s()@%s:%d): removing illegal dot at start of domain: %s"
+#define LOG_DEBUGX_ADDRESS_ILLEGAL_DOT_END "EXCESSIVE(%s()@%s:%d): removing illegal dot at end of domain: %s"
+#define LOG_DEBUGX_ADDRESS_ILLEGAL_DOT "EXCESSIVE(%s()@%s:%d): ignoring illegal dot at start or end of username: %s"
+#define LOG_DEBUGX_ADDRESS_FOUND_BRACKET_OPEN "EXCESSIVE(%s()@%s:%d): found opening bracket in domain at position %d: %s"
+#define LOG_DEBUGX_ADDRESS_FOUND_BRACKET_CLOSE "EXCESSIVE(%s()@%s:%d): found closing bracket in domain at position %d: %s"
+#define LOG_DEBUGX_ADDRESS_NO_BRACKET_CLOSE "EXCESSIVE(%s()@%s:%d): no closing bracket found in domain, assuming no domain-literal and resuming at position %d: %s"
+#define LOG_DEBUGX_ADDRESS_USERNAME "EXCESSIVE(%s()@%s:%d): found username in address: %s"
+#define LOG_DEBUGX_ADDRESS_DOMAIN "EXCESSIVE(%s()@%s:%d): found domain in address: %s"
+#define LOG_DEBUGX_TLS_DELAY "EXCESSIVE(%s()@%s:%d): TLS operation did not complete, already waited %d seconds"
+#define LOG_DEBUGX_DNS_NUM_QUESTIONS_ANSWERS "EXCESSIVE(%s()@%s:%d): DNS packet contains %d questions, %d answers"
+#define LOG_DEBUGX_DNS_TRUNCATED "EXCESSIVE(%s()@%s:%d): DNS packet ID %d/%d truncated flag is set"
+#define LOG_DEBUGX_DNS_QUERY_TCP "EXCESSIVE(%s()@%s:%d): sending %d byte query (ID %d/%d) for %s(%s) via TCP"
+#define LOG_DEBUGX_DNS_CONNECT "EXCESSIVE(%s()@%s:%d): connecting to DNS server %s:%d via TCP"
+#define LOG_DEBUGX_DNS_COUNTS "EXCESSIVE(%s()@%s:%d): DNS packet ID %d/%d contains %d questions, %d answers"
+#define LOG_DEBUGX_DNS_RECEIVED_TCP "EXCESSIVE(%s()@%s:%d): received %d bytes via TCP, %d bytes so far in this response, expecting %d total"
+#define LOG_DEBUGX_DNS_EMPTY_DATA "EXCESSIVE(%s()@%s:%d): DNS data contains 0 bytes, ignoring response"
+#define LOG_DEBUGX_AUTH_CRAMMD5_CHALLENGE "EXCESSIVE(%s()@%s:%d): created CRAM-MD5 challenge text: %s"
+#define LOG_DEBUGX_SOCKET_NONBLOCK "EXCESSIVE(%s()@%s:%d): setting socket to nonblocking mode: %d"
#define ERROR_CONFIG_NO_COMMAND "ERROR: Missing qmail-smtpd command"
#define ERROR_CONFIG_UNKNOWN_OPTION "ERROR: Unknown or incomplete option: %s"
@@ -915,6 +1001,7 @@
#define ERROR_CONFIG_BAD_LENGTH "ERROR: Value for option %s is %d characters, length limit is %d characters"
#define ERROR_CONFIG_ILLEGAL_OPTION_CMDLINE "ERROR: Option not allowed on command line: %s"
#define ERROR_CONFIG_ILLEGAL_OPTION_FILE "ERROR: Option not allowed in configuration file, found in file %s on line %d: %s"
+#define ERROR_CONFIG_SYNTAX_OPTION_FILE "ERROR: Bad syntax in configuration file %s on line %d: %.*s"
#define LOG_ACTION_LOG_IP -8
#define LOG_ACTION_LOG_RDNS -7
@@ -1133,23 +1220,51 @@
#define CONFIG_TEST_ERROR_RELAY_NORMAL_MISSING_ACCESS "ERROR(%s): The \"relay-level\" option is \"normal\" but no access files were given with \"access-file\". The \"relay-level\" option will be ignored."
#define CONFIG_TYPE_NONE -3
+/* Used for options that trigger an action rather than setting a variable */
#define CONFIG_TYPE_ACTION_ONCE -2
#define CONFIG_TYPE_ACTION_MULTIPLE -1
+/* True/false option */
#define CONFIG_TYPE_BOOLEAN 0
+/* Numeric option */
#define CONFIG_TYPE_INTEGER 1
+/* Text values */
#define CONFIG_TYPE_STRING_SINGLETON 2
#define CONFIG_TYPE_STRING_ARRAY 3
+/* A single filename, can only be set once */
#define CONFIG_TYPE_FILE_SINGLETON 4
+/* A single filename that has an alternate directory option */
#define CONFIG_TYPE_FILE_NOT_DIR_SINGLETON 5
+/* Multiple filenames, stored in an array */
#define CONFIG_TYPE_FILE_ARRAY 6
+/* Multiple filenames that have an alternate directory option */
#define CONFIG_TYPE_FILE_NOT_DIR_ARRAY 7
+/* A single directory, can only be set once */
#define CONFIG_TYPE_DIR_SINGLETON 8
+/* Multiple directories, stored in an array */
#define CONFIG_TYPE_DIR_ARRAY 9
+/* A single command path with arguments, can only be set once */
#define CONFIG_TYPE_COMMAND_SINGLETON 10
+/* Multiple command paths with arguments, stored in an array */
#define CONFIG_TYPE_COMMAND_ARRAY 11
+/*
+ * A text value that is matched against an array of values and stored as an
+ * integer
+ */
#define CONFIG_TYPE_NAME_ONCE 12
+/*
+ * Multiple text values that are matched against an array of values to find
+ * an integer value, then bitwise-ORed together
+ */
#define CONFIG_TYPE_NAME_MULTIPLE 13
+/*
+ * A single string value that usually has an alternate file or directory option,
+ * can only be set once
+ */
#define CONFIG_TYPE_OPTION_SINGLETON 14
+/*
+ * A string value that usually has an alternate file or directory, stored in an
+ * array
+ */
#define CONFIG_TYPE_OPTION_ARRAY 15
#define CONFIG_ACCESS_NONE 0
@@ -1302,16 +1417,24 @@
int check_rdns_exist;
int check_rdns_resolve;
int check_sender_mx;
+ int check_identical_from_to;
int timeout_connection;
int timeout_command;
int nihdns_level;
+ int nihdns_tcp;
+ int nihdns_spoof;
char **nihdns_primary_server_list;
char **nihdns_secondary_server_list;
int nihdns_attempts_primary;
int nihdns_attempts_total;
int nihdns_timeout_total_secs;
+ char **nihdns_resolv_conf;
+ int nihdns_query_type_a;
+ int nihdns_query_type_mx;
+ int nihdns_query_type_ptr;
+ int nihdns_query_type_rbl;
int tls_level;
char *tls_certificate_file;
@@ -1319,6 +1442,7 @@
int strlen_tls_privatekey_password;
char *tls_privatekey_password;
char *tls_privatekey_password_file;
+ char *tls_cipher_list;
char *test_smtp_auth_username;
char *test_smtp_auth_password;
@@ -1369,6 +1493,7 @@
int (*additional_actions)(struct filter_settings *, int);
char *help_argument;
char *help_text;
+ int value_set;
};
struct filter_settings
@@ -1399,15 +1524,16 @@
int ip_in_server_name;
int allow_relay;
+ char additional_domain_text[MAX_BUF + 1];
int inside_data;
int num_rcpt_to;
int local_sender;
int local_recipient;
- char sender_address[MAX_ADDRESS + 1];
- char *sender_domain;
- char recipient_address[MAX_ADDRESS + 1];
- char *recipient_domain;
+ char sender_username[MAX_ADDRESS + 1];
+ char sender_domain[MAX_ADDRESS + 1];
+ char recipient_username[MAX_ADDRESS + 1];
+ char recipient_domain[MAX_ADDRESS + 1];
char configuration_path[MAX_PATH + 1];
char **child_argv;
@@ -1419,6 +1545,9 @@
char smtp_auth_response[MAX_BUF + 1];
char smtp_auth_username[MAX_BUF + 1];
+ time_t connection_start;
+ time_t command_start;
+
int tls_state;
#ifdef HAVE_LIBSSL
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/tls.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -16,6 +16,7 @@
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "spamdyke.h"
+#include "tls.h"
#ifdef HAVE_LIBSSL
@@ -26,6 +27,8 @@
#include <unistd.h>
#include <syslog.h>
#include <string.h>
+#include <fcntl.h>
+#include <sys/select.h>
#include "config.h"
@@ -48,7 +51,6 @@
#include "log.h"
#include "search_fs.h"
-#include "tls.h"
/*
* Return value:
@@ -78,14 +80,14 @@
case SSL_ERROR_NONE:
/* No error occurred. */
strlen_error_text = MINVAL(STRLEN(LOG_MSG_TLS_NO_ERROR), MAX_BUF);
- strncpy(error_text, LOG_MSG_TLS_NO_ERROR, strlen_error_text);
+ memcpy(error_text, LOG_MSG_TLS_NO_ERROR, sizeof(char) * strlen_error_text);
error_text[strlen_error_text] = '\0';
break;
case SSL_ERROR_ZERO_RETURN:
/* SSL connection closed */
strlen_error_text = MINVAL(STRLEN(LOG_MSG_TLS_ZERO_RETURN), MAX_BUF);
- strncpy(error_text, LOG_MSG_TLS_ZERO_RETURN, strlen_error_text);
+ memcpy(error_text, LOG_MSG_TLS_ZERO_RETURN, sizeof(char) * strlen_error_text);
error_text[strlen_error_text] = '\0';
break;
@@ -104,14 +106,14 @@
case SSL_ERROR_WANT_X509_LOOKUP:
/* callback function wants another callback. Call the SSL function again. */
strlen_error_text = MINVAL(STRLEN(LOG_MSG_TLS_RECALL), MAX_BUF);
- strncpy(error_text, LOG_MSG_TLS_RECALL, strlen_error_text);
+ memcpy(error_text, LOG_MSG_TLS_RECALL, sizeof(char) * strlen_error_text);
error_text[strlen_error_text] = '\0';
break;
case SSL_ERROR_SYSCALL:
/* check the SSL error queue. If return_code == 0, EOF found. If return_code == -1, check errno. */
strlen_error_text = MINVAL(STRLEN(LOG_MSG_TLS_SYSCALL), MAX_BUF);
- strncpy(error_text, LOG_MSG_TLS_SYSCALL, strlen_error_text);
+ memcpy(error_text, LOG_MSG_TLS_SYSCALL, sizeof(char) * strlen_error_text);
error_text[strlen_error_text] = '\0';
if (return_code == 0)
@@ -123,13 +125,13 @@
case SSL_ERROR_SSL:
/* Library failure, check the SSL error queue. */
strlen_error_text = MINVAL(STRLEN(LOG_MSG_TLS_LIBRARY), MAX_BUF);
- strncpy(error_text, LOG_MSG_TLS_LIBRARY, strlen_error_text);
+ memcpy(error_text, LOG_MSG_TLS_LIBRARY, sizeof(char) * strlen_error_text);
error_text[strlen_error_text] = '\0';
break;
default:
strlen_error_text = MINVAL(STRLEN(LOG_MISSING_DATA), MAX_BUF);
- strncpy(error_text, LOG_MISSING_DATA, strlen_error_text);
+ memcpy(error_text, LOG_MISSING_DATA, sizeof(char) * strlen_error_text);
error_text[strlen_error_text] = '\0';
break;
@@ -217,7 +219,7 @@
error_occurred = 1;
}
}
-
+
if (!error_occurred &&
(current_settings->current_options->tls_privatekey_file != NULL))
{
@@ -240,7 +242,7 @@
error_occurred = 1;
}
}
-
+
if (SSL_CTX_check_private_key(*target_tls_context))
SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_CERT_CHECK, NULL);
else
@@ -249,6 +251,14 @@
error_occurred = 1;
}
+ if ((tls_return = SSL_CTX_set_cipher_list(*target_tls_context, current_settings->current_options->tls_cipher_list)) == 1)
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_CIPHER_LIST, current_settings->current_options->tls_cipher_list);
+ else
+ {
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_TLS_CIPHER_LIST "%s: %s", current_settings->current_options->tls_cipher_list, tls_error(current_settings, tls_return));
+ error_occurred = 1;
+ }
+
if (!error_occurred &&
((*target_tls_session = SSL_new(*target_tls_context)) != NULL))
return_value = 1;
@@ -286,22 +296,92 @@
{
int return_value;
int tls_return;
+ int continue_looping;
+ struct timeval tmp_timeval;
+ int socket_state;
return_value = 0;
if ((current_settings->tls_session != NULL) &&
SSL_set_rfd(current_settings->tls_session, read_fd) &&
SSL_set_wfd(current_settings->tls_session, write_fd))
- if ((tls_return = SSL_accept(current_settings->tls_session)) == 1)
+ {
+ /*
+ * Set input and output sockets to non-blocking
+ * to prevent hangs inside OpenSSL.
+ */
+ if ((socket_state = fcntl(read_fd, F_GETFL, 0)) != -1)
{
- SSL_set_mode(current_settings->tls_session, SSL_MODE_ENABLE_PARTIAL_WRITE);
- SSL_set_mode(current_settings->tls_session, SSL_MODE_AUTO_RETRY);
- current_settings->tls_state = TLS_STATE_ACTIVE_SPAMDYKE;
+ if ((socket_state & O_NONBLOCK) != O_NONBLOCK)
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_SOCKET_NONBLOCK, read_fd);
+ if (fcntl(read_fd, F_SETFL, socket_state | O_NONBLOCK) == -1)
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_NONBLOCK_INPUT "%s", strerror(errno));
+ }
+ }
+ else
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_STATUS_INPUT "%s", strerror(errno));
- return_value = 1;
+ if ((socket_state = fcntl(write_fd, F_GETFL, 0)) != -1)
+ {
+ if ((socket_state & O_NONBLOCK) != O_NONBLOCK)
+ {
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_SOCKET_NONBLOCK, write_fd);
+ if (fcntl(write_fd, F_SETFL, socket_state | O_NONBLOCK) == -1)
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_NONBLOCK_OUTPUT "%s", strerror(errno));
+ }
}
else
+ SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_STATUS_OUTPUT "%s", strerror(errno));
+
+ continue_looping = 1;
+ tls_return = 1;
+
+ while (continue_looping &&
+ ((current_settings->current_options->timeout_command == 0) ||
+ ((time(NULL) - current_settings->command_start) < current_settings->current_options->timeout_command)) &&
+ ((current_settings->current_options->timeout_connection == 0) ||
+ ((time(NULL) - current_settings->connection_start) < current_settings->current_options->timeout_connection)))
+ if ((tls_return = SSL_accept(current_settings->tls_session)) == 1)
+ {
+ SSL_set_mode(current_settings->tls_session, SSL_MODE_ENABLE_PARTIAL_WRITE);
+ SSL_set_mode(current_settings->tls_session, SSL_MODE_AUTO_RETRY);
+ current_settings->tls_state = TLS_STATE_ACTIVE_SPAMDYKE;
+
+ return_value = 1;
+ break;
+ }
+ else
+ switch (SSL_get_error(current_settings->tls_session, tls_return))
+ {
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_WRITE:
+
+#ifdef SSL_ERROR_WANT_ACCEPT
+
+ case SSL_ERROR_WANT_ACCEPT:
+
+#endif /* SSL_ERROR_WANT_ACCEPT */
+
+ case SSL_ERROR_WANT_CONNECT:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_DELAY, time(NULL) - current_settings->command_start);
+
+ tmp_timeval.tv_sec = MIN_SELECT_SECS_TIMEOUT;
+ tmp_timeval.tv_usec = MIN_SELECT_USECS_TIMEOUT;
+ select(0, NULL, NULL, NULL, &tmp_timeval);
+ break;
+ default:
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_ERROR_TLS_ACCEPT ": %s", tls_error(current_settings, tls_return));
+ continue_looping = 0;
+
+ break;
+ }
+
+ if (continue_looping &&
+ (return_value == 0))
SPAMDYKE_LOG_VERBOSE(current_settings, LOG_ERROR_TLS_ACCEPT ": %s", tls_error(current_settings, tls_return));
+ }
else
SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_TLS_INIT);
@@ -316,29 +396,51 @@
int tls_end_inner(struct filter_settings *current_settings, int read_fd, SSL_CTX **target_tls_context, SSL **target_tls_session)
{
int return_value;
- fd_set read_fds;
- struct timeval tmp_timeout;
+ struct timeval tmp_timeval;
+ int continue_looping;
+ int tls_return;
return_value = 0;
if (current_settings->tls_state == TLS_STATE_ACTIVE_SPAMDYKE)
{
- if (((SSL_get_shutdown(*target_tls_session) & SSL_RECEIVED_SHUTDOWN) == 0) &&
- !SSL_shutdown(*target_tls_session))
- {
- /* The socket is going to be closed, so proper SSL shutdown isn't a big
- deal. We'll give it a chance to happen though. */
- FD_ZERO(&read_fds);
- FD_SET(read_fd, &read_fds);
+ /* The socket is going to be closed, so proper SSL shutdown isn't a big
+ deal. We'll give it a chance to happen though. */
+ continue_looping = 1;
+
+ while (continue_looping &&
+ ((time(NULL) - current_settings->command_start) < TIMEOUT_TLS_SHUTDOWN_SECS) &&
+ ((current_settings->current_options->timeout_command == 0) ||
+ ((time(NULL) - current_settings->command_start) < current_settings->current_options->timeout_command)) &&
+ ((current_settings->current_options->timeout_connection == 0) ||
+ ((time(NULL) - current_settings->connection_start) < current_settings->current_options->timeout_connection)))
+ if ((tls_return = SSL_shutdown(*target_tls_session)) == 1)
+ break;
+ else
+ switch (SSL_get_error(current_settings->tls_session, tls_return))
+ {
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_WRITE:
- tmp_timeout.tv_sec = TIMEOUT_TLS_SHUTDOWN_SECS;
- tmp_timeout.tv_usec = 0;
+#ifdef SSL_ERROR_WANT_ACCEPT
- select(read_fd + 1, &read_fds, NULL, NULL, &tmp_timeout);
+ case SSL_ERROR_WANT_ACCEPT:
- if ((SSL_get_shutdown(*target_tls_session) & SSL_RECEIVED_SHUTDOWN) == 0)
- SSL_shutdown(*target_tls_session);
- }
+#endif /* SSL_ERROR_WANT_ACCEPT */
+
+ case SSL_ERROR_WANT_CONNECT:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_DELAY, time(NULL) - current_settings->command_start);
+
+ tmp_timeval.tv_sec = MIN_SELECT_SECS_TIMEOUT;
+ tmp_timeval.tv_usec = MIN_SELECT_USECS_TIMEOUT;
+ select(0, NULL, NULL, NULL, &tmp_timeval);
+ break;
+ default:
+ /* Didn't work. Oh well. */
+ continue_looping = 0;
+ break;
+ }
current_settings->tls_state = TLS_STATE_INACTIVE;
return_value = 1;
@@ -411,10 +513,49 @@
ssize_t tls_read(struct filter_settings *current_settings, int target_fd, void *target_buf, size_t num_bytes)
{
ssize_t return_value;
+ int continue_looping;
+ struct timeval tmp_timeval;
if (current_settings->tls_state == TLS_STATE_ACTIVE_SPAMDYKE)
{
- if ((return_value = SSL_read(current_settings->tls_session, target_buf, num_bytes)) < 0)
+ continue_looping = 1;
+ return_value = 0;
+
+ while (continue_looping &&
+ ((current_settings->current_options->timeout_command == 0) ||
+ ((time(NULL) - current_settings->command_start) < current_settings->current_options->timeout_command)) &&
+ ((current_settings->current_options->timeout_connection == 0) ||
+ ((time(NULL) - current_settings->connection_start) < current_settings->current_options->timeout_connection)))
+ if ((return_value = SSL_read(current_settings->tls_session, target_buf, num_bytes)) > 0)
+ break;
+ else
+ switch (SSL_get_error(current_settings->tls_session, return_value))
+ {
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_WRITE:
+
+#ifdef SSL_ERROR_WANT_ACCEPT
+
+ case SSL_ERROR_WANT_ACCEPT:
+
+#endif /* SSL_ERROR_WANT_ACCEPT */
+
+ case SSL_ERROR_WANT_CONNECT:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_DELAY, time(NULL) - current_settings->command_start);
+
+ tmp_timeval.tv_sec = MIN_SELECT_SECS_TIMEOUT;
+ tmp_timeval.tv_usec = MIN_SELECT_USECS_TIMEOUT;
+ select(0, NULL, NULL, NULL, &tmp_timeval);
+ break;
+ default:
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_ERROR_TLS_READ ": %s", tls_error(current_settings, return_value));
+ continue_looping = 0;
+ break;
+ }
+
+ if (continue_looping &&
+ (return_value <= 0))
SPAMDYKE_LOG_VERBOSE(current_settings, LOG_ERROR_TLS_READ ": %s", tls_error(current_settings, return_value));
}
else
@@ -430,10 +571,49 @@
ssize_t tls_write(struct filter_settings *current_settings, int target_fd, void *target_buf, size_t num_bytes)
{
ssize_t return_value;
+ int continue_looping;
+ struct timeval tmp_timeval;
if (current_settings->tls_state == TLS_STATE_ACTIVE_SPAMDYKE)
{
- if ((return_value = SSL_write(current_settings->tls_session, target_buf, num_bytes)) < 0)
+ continue_looping = 1;
+ return_value = 0;
+
+ while (continue_looping &&
+ ((current_settings->current_options->timeout_command == 0) ||
+ ((time(NULL) - current_settings->command_start) < current_settings->current_options->timeout_command)) &&
+ ((current_settings->current_options->timeout_connection == 0) ||
+ ((time(NULL) - current_settings->connection_start) < current_settings->current_options->timeout_connection)))
+ if ((return_value = SSL_write(current_settings->tls_session, target_buf, num_bytes)) > 0)
+ break;
+ else
+ switch (SSL_get_error(current_settings->tls_session, return_value))
+ {
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_WRITE:
+
+#ifdef SSL_ERROR_WANT_ACCEPT
+
+ case SSL_ERROR_WANT_ACCEPT:
+
+#endif /* SSL_ERROR_WANT_ACCEPT */
+
+ case SSL_ERROR_WANT_CONNECT:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ SPAMDYKE_LOG_EXCESSIVE(current_settings, LOG_DEBUGX_TLS_DELAY, time(NULL) - current_settings->command_start);
+
+ tmp_timeval.tv_sec = MIN_SELECT_SECS_TIMEOUT;
+ tmp_timeval.tv_usec = MIN_SELECT_USECS_TIMEOUT;
+ select(0, NULL, NULL, NULL, &tmp_timeval);
+ break;
+ default:
+ SPAMDYKE_LOG_VERBOSE(current_settings, LOG_ERROR_TLS_WRITE ": %s", tls_error(current_settings, return_value));
+ continue_looping = 0;
+ break;
+ }
+
+ if (continue_looping &&
+ (return_value <= 0))
SPAMDYKE_LOG_VERBOSE(current_settings, LOG_ERROR_TLS_WRITE ": %s", tls_error(current_settings, return_value));
}
else
@@ -443,3 +623,35 @@
}
#endif /* HAVE_LIBSSL */
+
+char *tls_state_desc(struct filter_settings *current_settings)
+ {
+ char *return_value;
+
+ return_value = TLS_DESC_UNKNOWN;
+
+ switch (current_settings->tls_state)
+ {
+ case TLS_STATE_ACTIVE_SPAMDYKE:
+ switch (current_settings->current_options->tls_level)
+ {
+ case TLS_LEVEL_PROTOCOL:
+ case TLS_LEVEL_PROTOCOL_SPAMDYKE:
+ return_value = TLS_DESC_SPAMDYKE_PROTOCOL;
+ break;
+ case TLS_LEVEL_SMTPS:
+ return_value = TLS_DESC_SPAMDYKE_SMTPS;
+ break;
+ }
+
+ break;
+ case TLS_STATE_ACTIVE_PASSTHROUGH:
+ return_value = TLS_DESC_PASSTHROUGH;
+ break;
+ case TLS_STATE_INACTIVE:
+ return_value = TLS_DESC_INACTIVE;
+ break;
+ }
+
+ return(return_value);
+ }
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/tls.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -41,4 +41,6 @@
#endif /* HAVE_LIBSSL */
+char *tls_state_desc(struct filter_settings *current_settings);
+
#endif /* TLS_H */
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/usage.c
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/spamdyke/usage.h
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/addsecs/addsecs.c
^
|
| @@ -1,6 +1,6 @@
/*
addsecs -- a simple program for printing the date as of X seconds ago
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/cputime/cputime.c
^
|
| @@ -1,6 +1,6 @@
/*
cputime -- a program for tracking and printing the CPU usage of a process
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/dnsdummy
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/dnsdummy/Makefile
^
|
| @@ -0,0 +1,7 @@
+CFLAGS := -Wall -g
+
+dnsdummy: dnsdummy.c Makefile
+ gcc $(CFLAGS) -o dnsdummy dnsdummy.c
+
+clean:
+ rm -rf *.o dnsdummy dnsdummy.dSYM
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/dnsdummy/dnsdummy.c
^
|
| @@ -0,0 +1,890 @@
+#include <stdio.h>
+#include <string.h>
+#include <netdb.h>
+#include <sys/socket.h>
+#include <time.h>
+#include <sys/select.h>
+#include <unistd.h>
+#include <getopt.h>
+#include <stdlib.h>
+#include <arpa/inet.h>
+#include <ctype.h>
+#include <netinet/in.h>
+#include <errno.h>
+
+#define _STRINGIFY(X) #X
+#define STRINGIFY(X) _STRINGIFY(X)
+#define MAXVAL(a,b) ({ typeof (a) _a = (a); typeof (b) _b = (b); _a > _b ? _a : _b; })
+#define MINVAL(a,b) ({ typeof (a) _a = (a); typeof (b) _b = (b); _a < _b ? _a : _b; })
+
+#define MAX_BUF 1023
+#define MAX_BIND_ATTEMPTS 32
+#define DEFAULT_TIMEOUT_SECS 120
+
+#define DNS_A 1
+#define DNS_MX 15
+#define DNS_NS 2
+#define DNS_CNAME 5
+#define DNS_PTR 12
+#define DNS_TXT 16
+
+/*
+ * NOTE: This code performs almost zero buffer length checking. Crafting a
+ * query or an input file to cause a buffer overflow would be extremely trivial.
+ *
+ * In other words, if you use this program for any production purpose, you're
+ * asking for trouble and you will very likely get it.
+ */
+
+void usage()
+ {
+ fprintf(stderr, "USAGE: dnsdummy [ -v[v[v]] ] [ -p PORT ] [ -t TIMEOUT_SECS ] [ -n ] -f FILE\n"
+ "\n"
+ "dnsdummy functions is an extremely limited DNS server that responds to UDP\n"
+ "queries only. Normally, it will run in the background and automatically exit\n"
+ "after a set time.\n"
+ "\n"
+ "dnsdummy will always print its port number on stdout as it starts up.\n"
+ "\n"
+ "WARNING: dnsdummy is meant only for testing DNS client code. It is NOT to be\n"
+ "used in production settings, PERIOD. In addition to being extremely\n"
+ "inefficient, it also performs almost no buffer length checking. Crafting either\n"
+ "a config file or a query to trigger a buffer overflow is TRIVIAL.\n"
+ "If you choose to use dnsdummy for anything \"real\", you will be asking for\n"
+ "(and will certainly receive) more trouble than you can handle.\n"
+ "\n"
+ "-v\n"
+ " Print some debugging messages. If given multiple times, more debugging output\n"
+ " will be produced.\n"
+ "\n"
+ "-p PORT\n"
+ " Listen for incoming connections on PORT. Default: select a port randomly.\n"
+ "\n"
+ "-n\n"
+ " Do not fork into the background and do not automatically exit, even if -t is\n"
+ " given.\n"
+ "\n"
+ "-t TIMEOUT_SECS\n"
+ " Exit after TIMEOUT_SECS seconds. Default: " STRINGIFY(DEFAULT_TIMEOUT_SECS) "\n"
+ "\n"
+ "-f FILE\n"
+ " Read responses from FILE. The file format is very simple.\n"
+ " Blank lines are ignored. Lines beginning with # are ignored as comments.\n"
+ " Otherwise, each line should contain:\n"
+ " QUERY TYPE FLAG ANSWER\n"
+ " Where QUERY is the name queried by the remote client, TYPE is the type\n"
+ " of query and ANSWER is the response dnsdummy should send. FLAG determines\n"
+ " extra behavior dnsdummy should use when responding:\n"
+ " NORMAL: send a normal response using the same protocol as the request\n"
+ " TRUNCATE: set the truncation flag when responding via UDP; the client\n"
+ " should retry the request via TCP\n"
+ " IGNORE: send no response at all (as opposed to NXDOMAIN); the ANSWER\n"
+ " field may be left blank\n"
+ " SPOOF: reply to UDP requests from a different port than the request\n"
+ " The fields should be separated by whitespace (tabs/spaces). Trailing periods\n"
+ " should not be used; all names are assumed to reference the root scope.\n"
+ " \"A\" records must always contain IP addresses.\n"
+ " Examples:\n"
+ " mail.foo.com A NORMAL 11.22.33.44\n"
+ " www.foo.com CNAME TRUNCATE foo.com\n"
+ " foo.com NS NORMAL ns.foo.com\n"
+ " foo.com TXT SPOOF Some text response.\n"
+ " foo.com MX IGNORE\n"
+ " 44.33.22.11.foo.com PTR NORMAL www.foo.com\n"
+ " If a match is not found, dnsdummy will respond with NXDOMAIN.\n"
+ );
+ /********************************************************************************/
+
+ exit(0);
+
+ return;
+ }
+
+char *type_name(int target_type)
+ {
+ char *return_value;
+
+ return_value = NULL;
+
+ switch (target_type)
+ {
+ case DNS_A:
+ return_value = "A";
+ break;
+ case DNS_MX:
+ return_value = "MX";
+ break;
+ case DNS_NS:
+ return_value = "NS";
+ break;
+ case DNS_CNAME:
+ return_value = "CNAME";
+ break;
+ case DNS_PTR:
+ return_value = "PTR";
+ break;
+ case DNS_TXT:
+ return_value = "TXT";
+ break;
+ }
+
+ return(return_value);
+ }
+
+/*
+ * RETURNS:
+ * -1: error occurred
+ * 0: No match found (NXDOMAIN)
+ * 1: Send no response
+ * 2: Found match
+ * 3: Found match + truncation flag
+ * 4: Found match + spoof flag
+ */
+int search_file(char *return_answer, int strlen_return_answer, char *target_file, char *target_name, int target_type, int verbose)
+ {
+ int return_value;
+ int i;
+ char input_line[MAX_BUF + 1];
+ char tmp_name[MAX_BUF + 1];
+ char query_name[MAX_BUF + 1];
+ char query_type[MAX_BUF + 1];
+ char flag[MAX_BUF + 1];
+ char answer_name[MAX_BUF + 1];
+ FILE *input_file;
+ int line_num;
+ int strlen_line;
+
+ return_value = 0;
+ input_file = NULL;
+ line_num = 0;
+
+ if ((input_file = fopen(target_file, "r")) != NULL)
+ {
+ for (i = 0; (i < MAX_BUF) && (target_name[i] != '\0') && !isspace(target_name[i]); i++)
+ tmp_name[i] = tolower(target_name[i]);
+ tmp_name[i] = '\0';
+
+ if (verbose)
+ fprintf(stderr, "dnsdummy: searching %s for name: %s (%s)\n", target_file, tmp_name, type_name(target_type));
+
+ while (!feof(input_file) &&
+ (line_num < 65536))
+ {
+ if ((fscanf(input_file, "%" STRINGIFY(MAX_BUF) "[^\r\n]", input_line) == 1) &&
+ (input_line[0] != '#') &&
+ ((strlen_line = strlen(input_line)) > 0))
+ {
+ answer_name[0] = '\0';
+ if (sscanf(input_line, "%" STRINGIFY(MAX_BUF) "[^\r\n\t ]%*[\r\n\t ]%" STRINGIFY(MAX_BUF) "[^\r\n\t ]%*[\r\n\t ]%" STRINGIFY(MAX_BUF) "[^\r\n\t ]%*[\r\n\t ]%" STRINGIFY(MAX_BUF) "[^\r\n]", query_name, query_type, flag, answer_name) >= 3)
+ {
+ for (i = 0; query_name[i] != '\0'; i++)
+ query_name[i] = tolower(query_name[i]);
+ for (i = 0; query_type[i] != '\0'; i++)
+ query_type[i] = tolower(query_type[i]);
+ for (i = 0; flag[i] != '\0'; i++)
+ flag[i] = tolower(flag[i]);
+
+ if (verbose >= 2)
+ fprintf(stderr, "dnsdummy: read config line: query_name = %s, query_type = %s, flag = %s, answer = %s\n", query_name, query_type, flag, answer_name);
+
+ if (!strcmp(tmp_name, query_name) &&
+ (((target_type == DNS_A) &&
+ !strcmp("a", query_type)) ||
+ ((target_type == DNS_NS) &&
+ !strcmp("ns", query_type)) ||
+ ((target_type == DNS_CNAME) &&
+ !strcmp("cname", query_type)) ||
+ ((target_type == DNS_PTR) &&
+ !strcmp("ptr", query_type)) ||
+ ((target_type == DNS_MX) &&
+ !strcmp("mx", query_type)) ||
+ ((target_type == DNS_TXT) &&
+ !strcmp("txt", query_type))))
+ {
+ if (strcmp(flag, "ignore") != 0)
+ {
+ if (answer_name[0] != '\0')
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: matched %s on line %d, returning: %s\n", tmp_name, line_num + 1, answer_name);
+
+ memcpy(return_answer, answer_name, MINVAL(255, MINVAL(strlen_return_answer, strlen(answer_name))));
+ return_answer[MINVAL(255, MINVAL(strlen_return_answer, strlen(answer_name)))] = '\0';
+
+ if (!strcmp(flag, "normal"))
+ return_value = 2;
+ else if (!strcmp(flag, "truncate"))
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: truncation flag found\n");
+
+ return_value = 3;
+ }
+ else if (!strcmp(flag, "spoof"))
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: spoof flag found\n");
+
+ return_value = 4;
+ }
+ else if (verbose)
+ fprintf(stderr, "dnsdummy: malformed configuration file on line %d: unknown flag %s\n", line_num + 1, flag);
+ }
+ else if (verbose)
+ fprintf(stderr, "dnsdummy: malformed configuration file on line %d: no answer supplied but flag is not \"ignore\"\n", line_num + 1);
+ }
+ else
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: matched %s on line %d, ignoring query\n", tmp_name, line_num + 1);
+
+ return_value = 1;
+ }
+
+ break;
+ }
+ }
+ else
+ fprintf(stderr, "ERROR: unparsable DNS record in %s at line %d: bad format\n", target_file, line_num + 1);
+ }
+
+ fscanf(input_file, "%*1[\r\n]");
+ line_num++;
+ }
+
+ if ((return_value == 0) &&
+ verbose)
+ fprintf(stderr, "dnsdummy: no match found\n");
+
+ fclose(input_file);
+ }
+ else
+ {
+ fprintf(stderr, "ERROR: unable to open file %s: %s\n", target_file, strerror(errno));
+ return_value = -1;
+ }
+
+ return(return_value);
+ }
+
+/* FIXME: This doesn't handle pointers */
+int decode(char *return_name, int strlen_return_name, unsigned char *name_start, unsigned char *query_end, int verbose)
+ {
+ int return_value;
+ int i;
+ unsigned char *cur_ptr;
+
+ return_value = 0;
+ cur_ptr = name_start;
+
+ if ((cur_ptr = name_start) != NULL)
+ while (((int)cur_ptr[0] != 0) &&
+ (cur_ptr < query_end) &&
+ (return_value < strlen_return_name))
+ {
+ for (i = 0; i < (int)cur_ptr[0]; i++)
+ return_name[return_value++] = cur_ptr[i + 1];
+
+ cur_ptr += (int)cur_ptr[0] + 1;
+
+ if ((int)cur_ptr[0] != 0)
+ return_name[return_value++] = '.';
+ else
+ return_name[return_value++] = '\0';
+ }
+
+ return_value++;
+
+ if (verbose >= 2)
+ fprintf(stderr, "dnsdummy: decoded %s (%d bytes)\n", return_name, return_value);
+
+ return(return_value);
+ }
+
+/*
+ * RETURN VALUE:
+ * number of characters encoded into return_name
+ */
+int encode(unsigned char *return_name, int strlen_return_name, char *target_name)
+ {
+ int i;
+ int strlen_cur;
+ int strlen_name;
+
+ strlen_name = 0;
+
+ if ((return_name != NULL) &&
+ (target_name != NULL) &&
+ (strlen_return_name > 2))
+ {
+ strlen_name = MINVAL(strlen_return_name - 2, strlen(target_name));
+ memcpy(return_name + 1, target_name, strlen_name);
+ return_name[0] = '.';
+ return_name[strlen_name + 1] = '\0';
+
+ strlen_cur = 0;
+ for (i = strlen_name; i >= 0; i--)
+ if (return_name[i] == '.')
+ {
+ return_name[i] = strlen_cur;
+ strlen_cur = 0;
+ }
+ else
+ strlen_cur++;
+
+ strlen_name += 2;
+ }
+
+ return(strlen_name);
+ }
+
+int main(int argc, char *argv[])
+ {
+ char answer_template[] = { /* ID */ 0x00, 0x00,
+ /* QR, OPCODE, AA, TC, RD, RA, RCODE */ 0x84, 0x00,
+ /* QDCOUNT */ 0x00, 0x00,
+ /* ANCOUNT */ 0x00, 0x00,
+ /* NSCOUNT */ 0x00, 0x00,
+ /* ARCOUNT */ 0x00, 0x00 };
+ int i;
+ int udp_socket;
+ int tcp_socket;
+ int accept_socket;
+ int target_socket;
+ struct sockaddr_in tmp_sockaddr;
+ time_t start_time;
+ int max_secs;
+ int query_len;
+ unsigned char query[MAX_BUF + 1];
+ int tcp_query_len;
+ unsigned char tcp_query[MAX_BUF + 1];
+ int answer_len;
+ int answer_start;
+ unsigned char answer[MAX_BUF + 1];
+ char query_name[MAX_BUF + 1];
+ char answer_name[MAX_BUF + 1];
+ int listen_port;
+ fd_set read_fds;
+ struct timeval tmp_timeval;
+ char opt;
+ int tmp_int;
+ int target_port;
+ int bind_attempts;
+ int tmp_ptr;
+ long tmp_count;
+ long tmp_num;
+ int type_num;
+ struct sockaddr_in sender_address;
+ int sender_address_len;
+ int name_len;
+ int num_answers;
+ char *config_file;
+ int verbose;
+ int ip_ints[4];
+ int search_result;
+ int do_fork;
+ int select_value;
+
+ max_secs = DEFAULT_TIMEOUT_SECS;
+ target_port = 0;
+ verbose = 0;
+ config_file = NULL;
+ do_fork = 1;
+
+ while ((opt = getopt(argc, argv, "f:np:t:v")) != -1)
+ {
+ switch (opt)
+ {
+ case 'f':
+ config_file = optarg;
+ break;
+ case 'n':
+ do_fork = 0;
+ break;
+ case 'p':
+ if ((sscanf(optarg, "%d", &tmp_int) == 1) &&
+ (tmp_int > 0) &&
+ (tmp_int < 65536))
+ target_port = tmp_int;
+ else
+ usage();
+
+ break;
+ case 't':
+ if ((sscanf(optarg, "%d", &tmp_int) == 1) &&
+ (tmp_int > 0))
+ max_secs = tmp_int;
+
+ break;
+ case 'v':
+ verbose++;
+ break;
+ }
+ }
+
+ if (config_file == NULL)
+ usage();
+
+ srandom(time(NULL));
+
+ tmp_sockaddr.sin_family = AF_INET;
+ tmp_sockaddr.sin_addr.s_addr = htonl(INADDR_ANY);
+ bzero(&tmp_sockaddr.sin_zero, 8);
+
+ bind_attempts = 0;
+
+ while (bind_attempts < MAX_BIND_ATTEMPTS)
+ {
+ listen_port = (target_port > 0) ? target_port : ((random() % (65535 - 1024)) + 1024);
+ tmp_sockaddr.sin_port = htons(listen_port);
+
+ udp_socket = -1;
+ tcp_socket = -1;
+ accept_socket = -1;
+
+ if ((udp_socket = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) != -1)
+ if ((tcp_socket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1)
+ if ((bind(udp_socket, (struct sockaddr *)&tmp_sockaddr, sizeof(struct sockaddr)) == 0) &&
+ (bind(tcp_socket, (struct sockaddr *)&tmp_sockaddr, sizeof(struct sockaddr)) == 0) &&
+ (listen(tcp_socket, 10) == 0))
+ {
+ fprintf(stdout, "%d\n", listen_port);
+ fflush(NULL);
+
+ if (!do_fork ||
+ (fork() == 0))
+ {
+ if (do_fork)
+ fclose(stdout);
+
+ start_time = time(NULL);
+
+ FD_ZERO(&read_fds);
+ FD_SET(udp_socket, &read_fds);
+ FD_SET(tcp_socket, &read_fds);
+ select_value = MAXVAL(udp_socket, tcp_socket) + 1;
+
+ tmp_timeval.tv_sec = max_secs - (time(NULL) - start_time);
+ tmp_timeval.tv_usec = 0;
+
+ query_len = 0;
+ tcp_query_len = 0;
+ accept_socket = -1;
+
+ while (!do_fork ||
+ (tmp_timeval.tv_sec > 0))
+ {
+ if (select(select_value, &read_fds, NULL, NULL, (do_fork) ? &tmp_timeval : NULL) > 0)
+ {
+ sender_address_len = sizeof(struct sockaddr_in);
+
+ if (FD_ISSET(udp_socket, &read_fds))
+ {
+ if ((query_len = recvfrom(udp_socket, query, MAX_BUF, 0, (struct sockaddr *)&sender_address, (socklen_t *)&sender_address_len)) >= 12)
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: received %d bytes via UDP, ID: %d/%d\n", query_len, query[0], query[1]);
+ }
+ else
+ {
+ fprintf(stderr, "DNSDUMMY ERROR: received malformed UDP query packet: %d bytes, minimum 12\n", query_len);
+ query_len = 0;
+ }
+ }
+ else if (FD_ISSET(tcp_socket, &read_fds))
+ {
+ if ((accept_socket = accept(tcp_socket, (struct sockaddr *)&sender_address, (socklen_t *)&sender_address_len)) != -1)
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: accepted TCP connection on socket %d\n", accept_socket);
+ }
+ else
+ fprintf(stderr, "DNSDUMMY ERROR: unable to accept incoming TCP connection: %s\n", strerror(errno));
+ }
+ else if ((accept_socket != -1) &&
+ FD_ISSET(accept_socket, &read_fds))
+ {
+ if ((query_len = recv(accept_socket, tcp_query + tcp_query_len, MAX_BUF - tcp_query_len, 0)) > 0)
+ {
+ if (verbose >= 2)
+ fprintf(stderr, "dnsdummy: read %d bytes from TCP socket\n", query_len);
+
+ if ((tcp_query_len += query_len) > 2)
+ {
+ ((char *)&tmp_count)[0] = tcp_query[0];
+ ((char *)&tmp_count)[1] = tcp_query[1];
+
+ if (ntohs(tmp_count) == (tcp_query_len - 2))
+ {
+ memcpy(query, tcp_query + 2, tcp_query_len - 2);
+ query_len = tcp_query_len;
+ }
+ else
+ query_len = 0;
+ }
+ else
+ query_len = 0;
+ }
+ else
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: closed TCP socket\n");
+
+ close(accept_socket);
+ accept_socket = -1;
+ query_len = 0;
+ }
+ }
+ else
+ query_len = 0;
+
+ if (query_len > 0)
+ {
+ if (verbose >= 3)
+ for (i = 0; i < query_len; i++)
+ fprintf(stderr, "dnsdummy: query byte %d:\t%d\t%c\n", i, query[i], query[i]);
+
+ answer_len = sizeof(answer_template);
+ memcpy(answer, answer_template, answer_len);
+
+ answer[0] = query[0];
+ answer[1] = query[1];
+
+ /* Copy the number of questions into the response */
+ answer[4] = query[4];
+ answer[5] = query[5];
+
+ num_answers = 0;
+
+ /* Decode the number of questions */
+ ((char *)&tmp_count)[0] = query[4];
+ ((char *)&tmp_count)[1] = query[5];
+
+ /* Set the pointer to the end of the header */
+ tmp_ptr = 12;
+
+ /*
+ * Question structure:
+ * text of unknown length
+ * type (16 bits)
+ * class (16 bits)
+ */
+ for (i = 0; i < ntohs(tmp_count); i++)
+ {
+ name_len = decode(query_name, MAX_BUF, query + tmp_ptr, query + query_len, verbose);
+
+ /* Copy the question into the answer */
+ if ((answer_len + name_len + 4) < MAX_BUF)
+ {
+ memcpy(answer + answer_len, query + tmp_ptr, name_len + 4);
+ answer_len += name_len + 4;
+ }
+ else
+ {
+ fprintf(stderr, "DNSDUMMY ERROR: questions are too long to copy: %d bytes\n", answer_len + name_len + 4);
+ break;
+ }
+
+ tmp_ptr += name_len + 4;
+ }
+
+ /* Reset the pointer to the end of the header */
+ tmp_ptr = 12;
+
+ /*
+ * Examine the questions:
+ * text of unknown length
+ * type (16 bits)
+ * class (16 bits)
+ */
+ for (i = 0; i < ntohs(tmp_count); i++)
+ {
+ name_len = decode(query_name, MAX_BUF, query + tmp_ptr, query + query_len, verbose);
+
+ if ((answer_len + name_len + 4) >= MAX_BUF)
+ {
+ fprintf(stderr, "DNSDUMMY ERROR: questions are too long to copy: %d bytes\n", answer_len + name_len + 4);
+ break;
+ }
+
+ /* Decode the type */
+ ((char *)&tmp_num)[0] = query[tmp_ptr + name_len];
+ ((char *)&tmp_num)[1] = query[tmp_ptr + name_len + 1];
+ type_num = ntohs(tmp_num);
+
+ if (((search_result = search_file(answer_name, MAX_BUF, config_file, query_name, type_num, verbose)) == 2) ||
+ ((search_result == 3) &&
+ (tcp_query_len > 0)) ||
+ (search_result == 4))
+ {
+ answer_start = answer_len;
+
+ /* Copy the name into the answer */
+ if ((answer_len + name_len) < MAX_BUF)
+ {
+ memcpy(answer + answer_len, query + tmp_ptr, name_len);
+ answer_len += name_len;
+ }
+ else
+ {
+ fprintf(stderr, "DNSDUMMY ERROR: name is too long to copy: %d bytes\n", answer_len + name_len + 4);
+ break;
+ }
+
+ /* Copy the type */
+ answer[answer_len++] = query[tmp_ptr + name_len];
+ answer[answer_len++] = query[tmp_ptr + name_len + 1];
+ /* Copy the class */
+ answer[answer_len++] = query[tmp_ptr + name_len + 2];
+ answer[answer_len++] = query[tmp_ptr + name_len + 3];
+ /* Set the TTL to 0 */
+ answer[answer_len++] = 0;
+ answer[answer_len++] = 0;
+ answer[answer_len++] = 0;
+ answer[answer_len++] = 0;
+
+ if (type_num == DNS_A)
+ {
+ /* Set the answer length */
+ tmp_num = htons(4);
+ answer[answer_len++] = ((char *)&tmp_num)[0];
+ answer[answer_len++] = ((char *)&tmp_num)[1];
+
+ if (sscanf(answer_name, "%d.%d.%d.%d", &ip_ints[0], &ip_ints[1], &ip_ints[2], &ip_ints[3]) == 4)
+ {
+ /* Set the IP address */
+ answer[answer_len++] = ip_ints[0];
+ answer[answer_len++] = ip_ints[1];
+ answer[answer_len++] = ip_ints[2];
+ answer[answer_len++] = ip_ints[3];
+ }
+
+ if ((tcp_query_len > 0) ||
+ (answer_len <= 512))
+ num_answers++;
+ else
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: answer is too long for UDP, setting truncation bit: %d bytes\n", answer_len);
+
+ answer_len = answer_start;
+ answer[2] |= 0x02;
+ }
+ }
+ else if ((type_num == DNS_MX) ||
+ (type_num == DNS_NS) ||
+ (type_num == DNS_CNAME) ||
+ (type_num == DNS_PTR))
+ {
+ if (type_num == DNS_MX)
+ tmp_int = 2;
+ else
+ tmp_int = 0;
+
+ if (verbose >= 4)
+ fprintf(stderr, "dnsdummy: encoding answer starting at byte %d: %s\n", answer_len + 2, answer_name);
+
+ tmp_int += encode(answer + answer_len + tmp_int + 2, MAX_BUF - (answer_len + tmp_int + 2), answer_name);
+
+ /* Set the answer length */
+ tmp_num = htons(tmp_int);
+ answer[answer_len++] = ((char *)&tmp_num)[0];
+ answer[answer_len++] = ((char *)&tmp_num)[1];
+
+ if (type_num == DNS_MX)
+ {
+ /* Set the preference */
+ tmp_num = htons(10);
+ answer[answer_len++] = ((char *)&tmp_num)[0];
+ answer[answer_len++] = ((char *)&tmp_num)[1];
+ }
+
+ answer_len += tmp_int;
+
+ if ((tcp_query_len > 0) ||
+ (answer_len <= 512))
+ num_answers++;
+ else
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: answer is too long for UDP, setting truncation bit: %d bytes\n", answer_len);
+
+ answer_len = answer_start;
+ answer[2] |= 0x02;
+ }
+ }
+ else if (type_num == DNS_TXT)
+ {
+ /* Set the answer length */
+ tmp_num = htons(strlen(answer_name) + 1);
+ answer[answer_len++] = ((char *)&tmp_num)[0];
+ answer[answer_len++] = ((char *)&tmp_num)[1];
+ answer[answer_len++] = (char)strlen(answer_name);
+
+ memcpy(answer + answer_len, answer_name, strlen(answer_name));
+ answer_len += strlen(answer_name);
+
+ if ((tcp_query_len > 0) ||
+ (answer_len <= 512))
+ num_answers++;
+ else
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: answer is too long for UDP, setting truncation bit: %d bytes\n", answer_len);
+
+ answer_len = answer_start;
+ answer[2] |= 0x02;
+ }
+ }
+ }
+ else if ((search_result == 3) &&
+ (tcp_query_len == 0))
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: setting truncation bit\n");
+
+ answer[2] |= 0x02;
+ }
+ else if (search_result == 0)
+ if ((type_num == DNS_A) ||
+ (type_num == DNS_MX) ||
+ (type_num == DNS_NS) ||
+ (type_num == DNS_CNAME) ||
+ (type_num == DNS_PTR) ||
+ (type_num == DNS_TXT))
+ answer[3] = 3;
+ else
+ answer[3] = 4;
+ else if (verbose)
+ fprintf(stderr, "dnsdummy: ignoring query for DNS type %s\n", type_name(type_num));
+
+ tmp_ptr += name_len + 4;
+ }
+
+ if (((answer[2] & 0x02) == 0x02) ||
+ (answer[3] != 0) ||
+ (num_answers > 0))
+ {
+ /* Set the number of answers */
+ tmp_num = htons(num_answers);
+ answer[6] = ((char *)&tmp_num)[0];
+ answer[7] = ((char *)&tmp_num)[1];
+
+ if (tcp_query_len > 0)
+ {
+ memmove(answer + 2, answer, answer_len);
+ tmp_num = htons(answer_len);
+ answer[0] = ((char *)&tmp_num)[0];
+ answer[1] = ((char *)&tmp_num)[1];
+
+ if (send(accept_socket, answer, answer_len + 2, 0) > 0)
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: sent %d bytes to sender via TCP\n", answer_len + 2);
+ if (verbose >= 3)
+ for (i = 0; i < (answer_len + 2); i++)
+ fprintf(stderr, "dnsdummy: answer byte %d:\t%d\t%c\n", i, answer[i], answer[i]);
+ }
+ else
+ fprintf(stderr, "DNSDUMMY ERROR: unable to send %d bytes to sender via TCP: %s\n", answer_len, strerror(errno));
+
+ close(accept_socket);
+ accept_socket = -1;
+ tcp_query_len = 0;
+ }
+ else
+ {
+ if (answer_len > 512)
+ {
+ fprintf(stderr, "DNSDUMMY ERROR: answer is too long for UDP: %d bytes\n", answer_len);
+ answer_len = 512;
+ answer[2] |= 0x02;
+ }
+ else if (search_result == 3)
+ answer[2] = 0x02;
+
+ if (search_result == 4)
+ {
+ if ((target_socket = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
+ {
+ fprintf(stderr, "DNSDUMMY ERROR: unable to create new socket for spoofed response: %s\n", strerror(errno));
+ target_socket = udp_socket;
+ }
+ }
+ else
+ target_socket = udp_socket;
+
+ if (sendto(target_socket, answer, answer_len, 0, (struct sockaddr *)&sender_address, sender_address_len) > 0)
+ {
+ if (verbose)
+ fprintf(stderr, "dnsdummy: sent %d bytes to sender via UDP\n", answer_len);
+ if (verbose >= 3)
+ for (i = 0; i < answer_len; i++)
+ fprintf(stderr, "dnsdummy: answer byte %d:\t%d\t%c\n", i, answer[i], answer[i]);
+ }
+ else
+ fprintf(stderr, "DNSDUMMY ERROR: unable to send %d bytes to sender via UDP: %s\n", answer_len, strerror(errno));
+
+ if (target_socket != udp_socket)
+ close(target_socket);
+ }
+ }
+
+ query_len = 0;
+ }
+ }
+
+ FD_ZERO(&read_fds);
+ FD_SET(udp_socket, &read_fds);
+ if (accept_socket == -1)
+ {
+ FD_SET(tcp_socket, &read_fds);
+ select_value = MAXVAL(udp_socket, tcp_socket) + 1;
+ }
+ else
+ {
+ FD_SET(accept_socket, &read_fds);
+ select_value = MAXVAL(udp_socket, accept_socket) + 1;
+ }
+
+ tmp_timeval.tv_sec = max_secs - (time(NULL) - start_time);
+ tmp_timeval.tv_usec = 0;
+ }
+
+ if (verbose >= 2)
+ fprintf(stderr, "dnsdummy: child exiting\n");
+ }
+ else if (verbose >= 2)
+ fprintf(stderr, "dnsdummy: parent exiting\n");
+
+ break;
+ }
+ else if ((target_port == 0) &&
+ (errno == EADDRINUSE))
+ bind_attempts++;
+ else
+ {
+ fprintf(stderr, "DNSDUMMY ERROR: unable to bind socket: %s\n", strerror(errno));
+ break;
+ }
+ else
+ {
+ fprintf(stderr, "DNSDUMMY ERROR: unable to create TCP socket: %s\n", strerror(errno));
+ break;
+ }
+ else
+ {
+ fprintf(stderr, "DNSDUMMY ERROR: unable to create UDP socket: %s\n", strerror(errno));
+ break;
+ }
+
+ if (udp_socket != -1)
+ close(udp_socket);
+ if (tcp_socket != -1)
+ close(tcp_socket);
+ if (accept_socket != -1)
+ close(accept_socket);
+ }
+
+ return(0);
+ }
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/exitvalue/exitvalue.c
^
|
| @@ -1,6 +1,6 @@
/*
exitvalue - a program for generating exit codes.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/run
^
|
| @@ -2,7 +2,7 @@
##
# tests/run -- a script for testing spamdyke
-# Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+# Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
@@ -39,6 +39,7 @@
SMTPAUTH_LOGIN_PATH="`pwd`/smtpauth/smtpauth_login"
SMTPAUTH_PLAIN_PATH="`pwd`/smtpauth/smtpauth_plain"
SMTPAUTH_CRAMMD5_PATH="`pwd`/smtpauth/smtpauth_crammd5"
+DNSDUMMY_PATH="`pwd`/dnsdummy/dnsdummy"
DNSA_PATH="`pwd`/../utils/dnsa"
DNSPTR_PATH="`pwd`/../utils/dnsptr"
DOMAIN2PATH_PATH="`pwd`/../utils/domain2path"
@@ -96,6 +97,10 @@
make clean
popd
+ pushd dnsdummy
+ make clean
+ popd
+
pushd ../utils
make clean
popd
@@ -229,6 +234,11 @@
make
popd
+ pushd dnsdummy
+ make clean
+ make
+ popd
+
if [ -d ${TMPDIR} ]
then
find ${TMPDIR} -print0 2> /dev/null | xargs -0 chmod 777
@@ -274,6 +284,12 @@
echo "ERROR: cputime cannot be found or built at ${CPUTIME_PATH}"
continue_processing=false
fi
+
+ if [ ! -x ${DNSDUMMY_PATH} ]
+ then
+ echo "ERROR: dnsdummy cannot be found or built at ${DNSDUMMY_PATH}"
+ continue_processing=false
+ fi
fi
if [ "${continue_processing}" != "false" ]
@@ -471,9 +487,17 @@
then
output=`grep DENIED_IP_IN_RDNS /var/log/maillog | tail -1 | awk '{ print $14 }'`
fi
- echo "export TESTSD_IP_IN_RDNS_KEYWORD=`echo "${output}" | sed -e 's/[0-9\\.-]/ /g' | awk '{ print $1 }'`"
+ for phrase in `echo "${output}" | sed -e 's/[\\.-]/ /g'`
+ do
+ subphrase=`echo ${phrase} | sed -e 's/[0-9]//g'`
+ if [ "${subphrase}" == "${phrase}" ]
+ then
+ echo "export TESTSD_IP_IN_RDNS_KEYWORD=${phrase}"
+ break
+ fi
+ done
echo "export TESTSD_IP_IN_RDNS_PATTERN_IP=`grep DENIED_IP_IN_RDNS /var/log/maillog | awk '{ print $12 }' | tail -1`"
- echo "export TESTSD_IP_IN_RDNS_PATTERN=\"`echo "${output}" | sed -e 's/[0-9\\.-]/ /g' | awk '{ print $1 }'` .`echo "${output}" | ${DOMAINSPLIT_PATH}`\""
+ echo "export TESTSD_IP_IN_RDNS_PATTERN=\"${phrase} .`echo "${output}" | ${DOMAINSPLIT_PATH}`\""
echo "export TESTSD_RDNS_IP=`grep ALLOWED /var/log/maillog | awk '{ print $12 }' | tail -1`"
fi
fi
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/sendrecv/sendrecv.c
^
|
| @@ -1,6 +1,6 @@
/*
sendrecv -- a simple program for piping data to and from spamdyke
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -34,6 +34,9 @@
#include "md5.h"
#define STRLEN(X) (sizeof(X) - 1)
+#define _STRINGIFY(X) #X
+#define STRINGIFY(X) _STRINGIFY(X)
+
#define DEFAULT_TIMEOUT_SECS 10
#define DEFAULT_WRITE_DELAY_SECS 2
@@ -79,7 +82,57 @@
void usage()
{
- printf("USAGE: sendrecv [ -s ] [ -b DATA_BURST_BYTES ] [ -B POST_DATA_BURST_BYTES ] [ -c UNCORRUPTED_BYTES_TO_SEND ] [ -d INITIAL_DELAY ] [ -M MAX_DATA_BYTES_TO_SEND ] [ -t TIMEOUT_SECS ] [ -r DESIRED_RESPONSE ] [ -u USERNAME -p PASSWORD ] [ -w WRITE_DELAY_SECS ] [ -W BURST_WRITE_DELAY_SECS ] [ -- ] COMMANDLINE [ ARG1 ARG2 ... ]\n");
+ printf(
+ "USAGE: sendrecv [ -s ] [ -S ] [ -b DATA_BURST_BYTES ] [ -B POST_DATA_BURST_BYTES ] [ -c UNCORRUPTED_BYTES_TO_SEND ] [ -d INITIAL_DELAY ] [ -M MAX_DATA_BYTES_TO_SEND ] [ -t TIMEOUT_SECS ] [ -r DESIRED_RESPONSE ] [ -u USERNAME -p PASSWORD ] [ -w WRITE_DELAY_SECS ] [ -W BURST_WRITE_DELAY_SECS ] [ -- ] COMMANDLINE [ ARG1 ARG2 ... ]\n"
+ "\n"
+ "-s\n"
+ " Start SSL at the beginning of the session (SMTPS).\n"
+ "\n"
+ "-S\n"
+ " Do not start a TLS session, even if the input includes the STARTTLS command.\n"
+ "\n"
+ "-b DATA_BURST_BYTES\n"
+ " After the DATA command but before the end of the message data, send message\n"
+ " data in bursts of DATA_BURST_BYTES bytes instead of one line at a time.\n"
+ "\n"
+ "-B POST_DATA_BURST_BYTES\n"
+ " After the end of the message data, send all remaining commands in bursts of\n"
+ " POST_DATA_BURST_BYTES bytes instead of one line at a time.\n"
+ "\n"
+ "-c UNCORRUPTED_BYTES_TO_SEND\n"
+ " After a TLS/SSL session has been established and UNCORRUPTED_BYTES_TO_SEND\n"
+ " bytes have been sent, send a batch of garbage data to deliberately corrupt\n"
+ " the TLS/SSL stream. Has no effect if TLS/SSL is not in use.\n"
+ "\n"
+ "-d INITIAL_DELAY\n"
+ " Wait INITIAL_DELAY seconds before sending any data to the child process.\n"
+ " If missing, sendrecv will wait for a greeting banner. Set INITIAL_DELAY to 0\n"
+ " to send data before the child process sends a greeting banner.\n"
+ "\n"
+ "-M MAX_DATA_BYTES_TO_SEND\n"
+ " Exit after sending MAX_DATA_BYTES_TO_SEND bytes to the child process, total.\n"
+ "\n"
+ "-t TIMEOUT_SECS\n"
+ " Kill the child process if it sends no data for TIMEOUT_SECS seconds (or more).\n"
+ " Defaults to " STRINGIFY(DEFAULT_TIMEOUT_SECS) ".\n"
+ "\n"
+ "-r DESIRED_RESPONSE\n"
+ " Exit if the child process sends a line that starts with DESIRED_RESPONSE.\n"
+ "\n"
+ "-u USERNAME\n"
+ " When using CRAM_MD5 authentication, use USERNAME as the username.\n"
+ "\n"
+ "-p PASSWORD\n"
+ " When using CRAM_MD5 authentication, use PASSWORD as the password.\n"
+ "\n"
+ "-w WRITE_DELAY_SECS\n"
+ " Send data to the child process no more often than every WRITE_DELAY_SECS\n"
+ " seconds, to simulate a slow link. Defaults to " STRINGIFY(DEFAULT_WRITE_DELAY_SECS) ".\n"
+ "\n"
+ "-W BURST_WRITE_DELAY_SECS\n"
+ " When bursting data to the child process, send a burst no more often than\n"
+ " BURST_WRITE_DELAY_SECS seconds, to simulate a slow link.\n"
+ );
exit(0);
@@ -260,12 +313,14 @@
int max_data_bytes;
int total_data_bytes;
int tmp_bytes;
+ int start_tls;
opterr = 0;
return_value = 0;
timeout_secs = DEFAULT_TIMEOUT_SECS;
write_delay_secs = DEFAULT_WRITE_DELAY_SECS;
+ strlen_insert_buf = 0;
strlen_desired_response = 0;
desired_response = NULL;
username = NULL;
@@ -282,9 +337,10 @@
burst_delay_secs = 0;
max_data_bytes = 0;
total_data_bytes = 0;
+ start_tls = 1;
start_smtps = 0;
- while ((opt = getopt(argc, argv, "b:B:c:d:M:p:r:st:u:w:W:")) != -1)
+ while ((opt = getopt(argc, argv, "b:B:c:d:M:p:r:sSt:u:w:W:")) != -1)
{
switch (opt)
{
@@ -323,6 +379,9 @@
case 's':
start_smtps = 1;
break;
+ case 'S':
+ start_tls = 0;
+ break;
case 't':
if ((sscanf(optarg, "%d", &tmp_int) == 1) &&
(tmp_int >= 0))
@@ -793,7 +852,8 @@
}
else if (inside_data)
last_child_read_time = current_time;
- else if (((next_terminator - stdin_ptr) >= (STRLEN(SMTP_STARTTLS) + 1)) &&
+ else if (start_tls &&
+ ((next_terminator - stdin_ptr) >= (STRLEN(SMTP_STARTTLS) + 1)) &&
(strncasecmp(stdin_ptr, SMTP_STARTTLS, STRLEN(SMTP_STARTTLS)) == 0) &&
((stdin_ptr[STRLEN(SMTP_STARTTLS)] == LINE_TERMINATOR_CR) ||
(stdin_ptr[STRLEN(SMTP_STARTTLS)] == LINE_TERMINATOR)))
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/smtpauth/smtpauth_crammd5.c
^
|
| @@ -1,7 +1,7 @@
/*
smtpauth_crammd5 - a program for generated encoded usernames and passwords
for the CRAM-MD5 algorithm of the SMTP AUTH protocol.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/smtpauth/smtpauth_login.c
^
|
| @@ -1,7 +1,7 @@
/*
smtpauth_login - a program for generated encoded usernames and passwords
for the LOGIN algorithm of the SMTP AUTH protocol.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/smtpauth/smtpauth_plain.c
^
|
| @@ -1,7 +1,7 @@
/*
smtpauth_plain - a program for generated encoded usernames and passwords
for the PLAIN algorithm of the SMTP AUTH protocol.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/smtpdummy/smtpdummy.c
^
|
| @@ -1,6 +1,6 @@
/*
smtpdummy -- a simple program for simulating a slow SMTP server
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -43,6 +43,7 @@
#define RESPONSE_MAIL "250 MAIL received\r\n"
#define COMMAND_RCPT "RCPT"
#define RESPONSE_RCPT "250 RCPT received\r\n"
+#define RESPONSE_RCPT_REJECT "421 RCPT rejected\r\n"
#define COMMAND_DATA "DATA"
#define RESPONSE_DATA "354 DATA received\r\n"
#define COMMAND_DATA_END "."
@@ -82,6 +83,7 @@
struct timeval tmp_timeval;
fd_set read_fdset;
int ehlo_auth;
+ int reject_all;
return_value = 0;
idle_timeout_secs = 0;
@@ -94,8 +96,9 @@
output_filename = NULL;
output_file = NULL;
ehlo_auth = 0;
+ reject_all = 0;
- while ((opt = getopt(argc, argv, "ad:e:h:m:o:q:r:T:")) != -1)
+ while ((opt = getopt(argc, argv, "ad:e:h:m:o:q:r:RT:")) != -1)
{
switch (opt)
{
@@ -147,6 +150,9 @@
idle_timeout_secs = tmp_int;
break;
+ case 'R':
+ reject_all = 1;
+ break;
default:
usage();
break;
@@ -240,7 +246,11 @@
(strncasecmp(start_buf, COMMAND_RCPT, STRLEN(COMMAND_RCPT)) == 0))
{
sleep(delay_rcpt);
- write(STDOUT_FD, RESPONSE_RCPT, STRLEN(RESPONSE_RCPT));
+
+ if (reject_all)
+ write(STDOUT_FD, RESPONSE_RCPT_REJECT, STRLEN(RESPONSE_RCPT_REJECT));
+ else
+ write(STDOUT_FD, RESPONSE_RCPT, STRLEN(RESPONSE_RCPT));
}
else if (((strlen_trim == STRLEN(COMMAND_DATA)) ||
((strlen_trim > STRLEN(COMMAND_DATA)) &&
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-auth_bypass_014-rbl/run.sh
^
|
| @@ -3,13 +3,17 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrbl TXT NORMAL Test DNSRBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
AUTH_USERNAME=`${SMTPAUTH_LOGIN_PATH} $2 $3 | tail -3 | head -1 | awk '{ print $2 }'`
AUTH_PASSWORD=`${SMTPAUTH_LOGIN_PATH} $2 $3 | tail -1 | awk '{ print $2 }'`
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/AUTH_USERNAME/${AUTH_USERNAME}/g" -e "s/AUTH_PASSWORD/${AUTH_PASSWORD}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -x txt.test-dnsrbl.spamdyke.org --smtp-auth-command \"${AUTH_CMDLINE}\" ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -x txt.test-dnsrbl.spamdyke.org --smtp-auth-command "${AUTH_CMDLINE}" ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x txt.dnsrbl --smtp-auth-command \"${AUTH_CMDLINE}\" ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x txt.dnsrbl --smtp-auth-command "${AUTH_CMDLINE}" ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_026-check_dnsrbl/run.sh
^
|
| @@ -3,14 +3,18 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrbl TXT NORMAL Test DNSRBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
-echo "dns-blacklist-entry=txt.test-dnsrbl.spamdyke.org" > ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo "dns-blacklist-entry=txt.dnsrbl" > ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test DNSRBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_027-check_dns_whitelist/run.sh
^
|
| @@ -3,15 +3,19 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrwl TXT NORMAL Test DNSRBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
echo "reject-empty-rdns=yes" > ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
-echo "dns-whitelist-entry=txt.test-dnsrbl.spamdyke.org" >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo "dns-whitelist-entry=txt.dnsrwl" >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_028-check_rhsbl/run.sh
^
|
| @@ -1,16 +1,21 @@
# This test looks for a rejection because the incoming rDNS name is on a
# RHSBL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSBL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
-echo "rhs-blacklist-entry=txt.test-rhsbl.spamdyke.org" > ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo "rhs-blacklist-entry=txt.rhsbl" > ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test RHSBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_029-check_rhs_whitelist/run.sh
^
|
| @@ -1,17 +1,22 @@
# This test looks for a rejection because the incoming rDNS name is listed in a
# RHSWL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSWL match." >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
echo "greeting-delay-secs=10" > ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
-echo "rhs-whitelist-entry=txt.test-rhsbl.spamdyke.org" >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo "rhs-whitelist-entry=txt.rhsbl" >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_056-dns_level/run.sh
^
|
| @@ -9,10 +9,10 @@
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
echo dns-timeout-secs=10 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
-echo dns-server-ip-primary=`${DNSA_PATH} ns.silence.org`:52 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
-echo dns-server-ip-primary=`${DNSA_PATH} ns.silence.org`:50 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
-echo dns-server-ip=`${DNSA_PATH} ns.silence.org`:51 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
-echo dns-server-ip=`${DNSA_PATH} ns.silence.org`:49 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo dns-server-ip-primary=127.0.0.1:52 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo dns-server-ip-primary=127.0.0.1:50 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo dns-server-ip=127.0.0.1:51 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo dns-server-ip=127.0.0.1:49 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
echo dns-level=none >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_057-dns_max_retries_total_dns_max_retries_primary/run.sh
^
|
| @@ -9,8 +9,8 @@
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
echo dns-timeout-secs=10 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
-echo dns-server-ip-primary=`${DNSA_PATH} ns.silence.org`:52 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
-echo dns-server-ip=`${DNSA_PATH} ns.silence.org`:51 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo dns-server-ip-primary=127.0.0.1:52 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo dns-server-ip=127.0.0.1:51 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
echo dns-max-retries-primary=3 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
echo dns-max-retries-total=6 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_072-rejection_text_dns_blacklist/run.sh
^
|
| @@ -3,20 +3,24 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.a.dnsrbl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
echo rejection-text-dns-blacklist=Foo Bar Baz >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
-echo dns-blacklist-entry=a.test-dnsrbl.spamdyke.org >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo dns-blacklist-entry=a.dnsrbl >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Foo Bar Baz" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- output=`grep "554 Refused. Your IP address is listed in the RBL at a.test-dnsrbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "554 Refused. Your IP address is listed in the RBL at a.dnsrbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_086-rejection_text_rhs_blacklist/run.sh
^
|
| @@ -3,20 +3,24 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "example.com.a.rhsbl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
-mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/org
-echo rejection-text-rhs-blacklist=Foo Bar Baz >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/org/silence
-echo rhs-blacklist-entry=a.test-rhsbl.spamdyke.org >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/org/silence
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo rejection-text-rhs-blacklist=Foo Bar Baz >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo rhs-blacklist-entry=a.rhsbl >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Foo Bar Baz" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- output=`grep "554 Refused. Your domain name is listed in the RHSBL at a.test-rhsbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "554 Refused. Your domain name is listed in the RHSBL at a.rhsbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_092-rhs_blacklist_file/run.sh
^
|
| @@ -1,18 +1,23 @@
# This test looks for a rejection because the incoming rDNS name is on a
# RHSBL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSBL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo txt.test-rhsbl.spamdyke.org > ${TMPDIR}/${TEST_NUM}-rhsbl.txt
+echo txt.rhsbl > ${TMPDIR}/${TEST_NUM}-rhsbl.txt
mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
echo rhs-blacklist-file=${TMPDIR}/${TEST_NUM}-rhsbl.txt >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test RHSBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_093-rhs_whitelist_file/run.sh
^
|
| @@ -1,19 +1,24 @@
# This test looks for a rejection because the incoming rDNS name is listed in a
# RHSWL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSWL match." >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo txt.test-rhsbl.spamdyke.org > ${TMPDIR}/${TEST_NUM}-rhswl.txt
+echo txt.rhsbl > ${TMPDIR}/${TEST_NUM}-rhswl.txt
mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
echo rhs-whitelist-file=${TMPDIR}/${TEST_NUM}-rhswl.txt >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
echo greeting-delay-secs=10 >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_098-dns_blacklist_entry/run.sh
^
|
| @@ -3,14 +3,18 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrbl TXT NORMAL Test DNSRBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
-echo dns-blacklist-entry=txt.test-dnsrbl.spamdyke.org >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo dns-blacklist-entry=txt.dnsrbl >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test DNSRBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_106-unset_string_array_single_value_mismatch/run.sh
^
|
| @@ -2,9 +2,6 @@
# doesn't match, so nothing should happen.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
-export BAD_NAMESERVER_IP=127.0.0.12
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_109-clear_string_array_not_set/run.sh
^
|
| @@ -2,8 +2,6 @@
# Nothing should happen.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_110-clear_string_array_single_value/run.sh
^
|
| @@ -2,8 +2,6 @@
# should be removed.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_111-clear_string_array_multiple_values/run.sh
^
|
| @@ -2,10 +2,6 @@
# should be removed.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP_1=127.0.0.125
-export PRIMARY_NAMESERVER_IP_2=127.0.0.126
-export PRIMARY_NAMESERVER_IP_3=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_117-reject_identical_sender_recipient
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_117-reject_identical_sender_recipient/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<FROM_ADDRESS>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_117-reject_identical_sender_recipient/run.sh
^
|
| @@ -0,0 +1,23 @@
+# This test looks for a rejection when the sender's domain has no MX record.
+
+export TCPREMOTEIP=0.0.0.0
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.example.com
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo "reject-identical-sender-recipient=yes" > ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Identical sender and recipient addresses are not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_118-reject_identical_sender_recipient_no_value
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_118-reject_identical_sender_recipient_no_value/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<FROM_ADDRESS>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_118-reject_identical_sender_recipient_no_value/run.sh
^
|
| @@ -0,0 +1,24 @@
+# This test looks for a rejection when the sender and recipient addresses are
+# the same. The config directive is given without a value.
+
+export TCPREMOTEIP=0.0.0.0
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.example.com
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo "reject-identical-sender-recipient" > ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Identical sender and recipient addresses are not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_119-rejection_text_identical_sender_recipient
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_119-rejection_text_identical_sender_recipient/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<FROM_ADDRESS>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_119-rejection_text_identical_sender_recipient/run.sh
^
|
| @@ -0,0 +1,34 @@
+# This test looks for a rejection when the sender and recipient addresses are
+# the same.
+
+export TCPREMOTEIP=0.0.0.0
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.example.com
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo rejection-text-identical-sender-recipient=Foo Bar Baz >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+echo reject-identical-sender-recipient >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Foo Bar Baz" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "554 Refused. Identical sender and recipient addresses are not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_120-dns_resolv_conf
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_120-dns_resolv_conf/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_120-dns_resolv_conf/run.sh
^
|
| @@ -0,0 +1,36 @@
+# This test attempts to pass a new resolv.conf to spamdyke in a
+# config dir and checks to make sure it was rejected.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+export TCPREMOTEIP=11.22.33.44
+export NAMESERVER_IP=127.0.0.128
+
+echo ${NAMESERVER_IP} > ${TMPDIR}/${TEST_NUM}-resolv.conf
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo dns-resolv-conf=${TMPDIR}/${TEST_NUM}-resolv.conf >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Option not allowed in configuration file, found in file ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example on line 1: dns-resolv-conf" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_121-dns_tcp
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_121-dns_tcp/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_121-dns_tcp/run.sh
^
|
| @@ -0,0 +1,37 @@
+# This test attempts to set dns-tcp in a
+# config dir and checks to make sure it was rejected.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR TRUNCATE foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo dns-tcp=none >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr -lexcessive ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr -lexcessive ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Option not allowed in configuration file, found in file ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example on line 1: dns-tcp" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "connecting to DNS server ${NAMESERVER_IP} via TCP" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_122-dns_spoof
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_122-dns_spoof/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_122-dns_spoof/run.sh
^
|
| @@ -0,0 +1,37 @@
+# This test attempts to set dns-spoof in a
+# config dir and checks to make sure it was rejected.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR SPOOF foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo dns-spoof=reject >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --reject-empty-rdns --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --reject-empty-rdns --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Option not allowed in configuration file, found in file ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example on line 1: dns-spoof" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_123-tls_cipher_list
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_123-tls_cipher_list/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_123-tls_cipher_list/run.sh
^
|
| @@ -0,0 +1,22 @@
+# This test checks to make sure tls-cipher-list is rejected in a configuration
+# directory.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo tls-cipher-list=foobar >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Option not allowed in configuration file, found in file ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example on line 1: tls-cipher-list" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_124-dns_query_type_a
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_124-dns_query_type_a/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_124-dns_query_type_a/run.sh
^
|
| @@ -0,0 +1,22 @@
+# This test checks to make sure dns-query-type-a is rejected in a configuration
+# directory.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo dns-query-type-a=a >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Option not allowed in configuration file, found in file ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example on line 1: dns-query-type-a" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_125-dns_query_type_mx
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_125-dns_query_type_mx/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_125-dns_query_type_mx/run.sh
^
|
| @@ -0,0 +1,22 @@
+# This test checks to make sure dns-query-type-mx is rejected in a configuration
+# directory.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo dns-query-type-mx=a >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Option not allowed in configuration file, found in file ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example on line 1: dns-query-type-mx" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_126-dns_query_type_ptr
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_126-dns_query_type_ptr/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_126-dns_query_type_ptr/run.sh
^
|
| @@ -0,0 +1,22 @@
+# This test checks to make sure dns-query-type-ptr is rejected in a configuration
+# directory.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo dns-query-type-ptr=cname >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Option not allowed in configuration file, found in file ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example on line 1: dns-query-type-ptr" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_127-dns_query_type_rbl
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_127-dns_query_type_rbl/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_dir_127-dns_query_type_rbl/run.sh
^
|
| @@ -0,0 +1,22 @@
+# This test checks to make sure dns-query-type-rbl is rejected in a configuration
+# directory.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com
+echo dns-query-type-rbl=a >> ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Option not allowed in configuration file, found in file ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/example on line 1: dns-query-type-rbl" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_026-check_dnsrbl/run.sh
^
|
| @@ -3,13 +3,17 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrbl TXT NORMAL Test DNSRBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo "dns-blacklist-entry=txt.test-dnsrbl.spamdyke.org" > ${TMPDIR}/${TEST_NUM}-config.txt
+echo "dns-blacklist-entry=txt.dnsrbl" > ${TMPDIR}/${TEST_NUM}-config.txt
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test DNSRBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_027-check_dns_whitelist/run.sh
^
|
| @@ -3,14 +3,18 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrwl TXT NORMAL Test DNSRWL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
echo "reject-empty-rdns=yes" > ${TMPDIR}/${TEST_NUM}-config.txt
-echo "dns-whitelist-entry=txt.test-dnsrbl.spamdyke.org" >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo "dns-whitelist-entry=txt.dnsrwl" >> ${TMPDIR}/${TEST_NUM}-config.txt
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_028-check_rhsbl/run.sh
^
|
| @@ -1,15 +1,20 @@
# This test looks for a rejection because the incoming rDNS name is on a
# RHSBL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSBL match." >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo "rhs-blacklist-entry=txt.test-rhsbl.spamdyke.org" > ${TMPDIR}/${TEST_NUM}-config.txt
+echo "rhs-blacklist-entry=txt.rhsbl" > ${TMPDIR}/${TEST_NUM}-config.txt
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test RHSBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_029-check_rhs_whitelist/run.sh
^
|
| @@ -1,16 +1,21 @@
# This test looks for a rejection because the incoming rDNS name is listed in a
# RHSWL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSWL match." >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
echo "greeting-delay-secs=10" > ${TMPDIR}/${TEST_NUM}-config.txt
-echo "rhs-whitelist-entry=txt.test-rhsbl.spamdyke.org" >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo "rhs-whitelist-entry=txt.rhsbl" >> ${TMPDIR}/${TEST_NUM}-config.txt
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_056-dns_level/run.sh
^
|
| @@ -6,10 +6,10 @@
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.txt
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.txt
echo dns-timeout-secs=10 >> ${TMPDIR}/${TEST_NUM}-config.txt
-echo dns-server-ip-primary=`${DNSA_PATH} ns.silence.org`:52 >> ${TMPDIR}/${TEST_NUM}-config.txt
-echo dns-server-ip-primary=`${DNSA_PATH} ns.silence.org`:50 >> ${TMPDIR}/${TEST_NUM}-config.txt
-echo dns-server-ip=`${DNSA_PATH} ns.silence.org`:51 >> ${TMPDIR}/${TEST_NUM}-config.txt
-echo dns-server-ip=`${DNSA_PATH} ns.silence.org`:49 >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo dns-server-ip-primary=127.0.0.1:52 >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo dns-server-ip-primary=127.0.0.1:50 >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo dns-server-ip=127.0.0.1:51 >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo dns-server-ip=127.0.0.1:49 >> ${TMPDIR}/${TEST_NUM}-config.txt
echo dns-level=none >> ${TMPDIR}/${TEST_NUM}-config.txt
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_057-dns_max_retries_total_dns_max_retries_primary/run.sh
^
|
| @@ -3,8 +3,10 @@
export TCPREMOTEIP=11.22.33.44
-NAMESERVER_PRIMARY_IP=`${DNSA_PATH} ns.silence.org`:52
-NAMESERVER_SECONDARY_IP=`${DNSA_PATH} ns.silence.org`:51
+echo "44.33.22.11.in-addr.arpa PTR IGNORE" > ${TMPDIR}/${TEST_NUM}-dns_conf.txt
+
+NAMESERVER_PRIMARY_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 60 -f ${TMPDIR}/${TEST_NUM}-dns_conf.txt`
+NAMESERVER_SECONDARY_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 60 -f ${TMPDIR}/${TEST_NUM}-dns_conf.txt`
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.txt
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.txt
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_072-rejection_text_dns_blacklist/run.sh
^
|
| @@ -3,19 +3,23 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.a.dnsrbl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
echo rejection-text-dns-blacklist=Foo Bar Baz >> ${TMPDIR}/${TEST_NUM}-config.txt
-echo dns-blacklist-entry=a.test-dnsrbl.spamdyke.org >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo dns-blacklist-entry=a.dnsrbl >> ${TMPDIR}/${TEST_NUM}-config.txt
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Foo Bar Baz" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- output=`grep "554 Refused. Your IP address is listed in the RBL at a.test-dnsrbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "554 Refused. Your IP address is listed in the RBL at a.dnsrbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_086-rejection_text_rhs_blacklist/run.sh
^
|
| @@ -3,19 +3,23 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "example.com.a.rhsbl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
echo rejection-text-rhs-blacklist=Foo Bar Baz >> ${TMPDIR}/${TEST_NUM}-config.txt
-echo rhs-blacklist-entry=a.test-rhsbl.spamdyke.org >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo rhs-blacklist-entry=a.rhsbl >> ${TMPDIR}/${TEST_NUM}-config.txt
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Foo Bar Baz" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- output=`grep "554 Refused. Your domain name is listed in the RHSBL at a.test-rhsbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "554 Refused. Your domain name is listed in the RHSBL at a.rhsbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_092-rhs_blacklist_file/run.sh
^
|
| @@ -1,17 +1,22 @@
# This test looks for a rejection because the incoming rDNS name is on a
# RHSBL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSBL match." >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo txt.test-rhsbl.spamdyke.org > ${TMPDIR}/${TEST_NUM}-rhsbl.txt
+echo txt.rhsbl > ${TMPDIR}/${TEST_NUM}-rhsbl.txt
echo rhs-blacklist-file=${TMPDIR}/${TEST_NUM}-rhsbl.txt >> ${TMPDIR}/${TEST_NUM}-config.txt
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test RHSBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_093-rhs_whitelist_file/run.sh
^
|
| @@ -1,18 +1,23 @@
# This test looks for a rejection because the incoming rDNS name is listed in a
# RHSWL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSWL match." >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo txt.test-rhsbl.spamdyke.org > ${TMPDIR}/${TEST_NUM}-rhswl.txt
+echo txt.rhsbl > ${TMPDIR}/${TEST_NUM}-rhswl.txt
echo rhs-whitelist-file=${TMPDIR}/${TEST_NUM}-rhswl.txt >> ${TMPDIR}/${TEST_NUM}-config.txt
echo greeting-delay-secs=10 >> ${TMPDIR}/${TEST_NUM}-config.txt
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_098-dns_blacklist_entry/run.sh
^
|
| @@ -3,13 +3,17 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrbl TXT NORMAL Test DNSRBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo dns-blacklist-entry=txt.test-dnsrbl.spamdyke.org >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo dns-blacklist-entry=txt.dnsrbl >> ${TMPDIR}/${TEST_NUM}-config.txt
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test DNSRBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_104-unset_string_array_not_set/run.sh
^
|
| @@ -2,8 +2,8 @@
# Nothing should happen.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
+export PRIMARY_NAMESERVER_IP=127.0.0.1:1
+export SECONDARY_NAMESERVER_IP=127.0.0.1:2
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.txt
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.txt
@@ -14,10 +14,10 @@
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
-output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
total_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
if [ "${secondary_count}" == "${total_count}" ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_105-unset_string_array_single_value_match/run.sh
^
|
| @@ -2,8 +2,8 @@
# should be removed.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
+export PRIMARY_NAMESERVER_IP=127.0.0.1:1
+export SECONDARY_NAMESERVER_IP=127.0.0.1:2
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.txt
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.txt
@@ -15,10 +15,10 @@
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
-output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
total_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
if [ "${secondary_count}" == "${total_count}" ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_106-unset_string_array_single_value_mismatch/run.sh
^
|
| @@ -2,9 +2,9 @@
# doesn't match, so nothing should happen.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
-export BAD_NAMESERVER_IP=127.0.0.12
+export PRIMARY_NAMESERVER_IP=127.0.0.1:1
+export SECONDARY_NAMESERVER_IP=127.0.0.1:2
+export BAD_NAMESERVER_IP=127.0.0.1:3
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.txt
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.txt
@@ -17,11 +17,11 @@
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
-output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- primary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
- secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ primary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
total_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
if [ "$[${primary_count}+${secondary_count}]" == "${total_count}" ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_108-unset_string_array_multiple_values_mismatch/run.sh
^
|
| @@ -2,9 +2,9 @@
# should be removed.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP_1=127.0.0.125
-export PRIMARY_NAMESERVER_IP_2=127.0.0.126
-export PRIMARY_NAMESERVER_IP_3=127.0.0.127
+export PRIMARY_NAMESERVER_IP_1=127.0.0.1:53
+export PRIMARY_NAMESERVER_IP_2=127.0.0.1:54
+export PRIMARY_NAMESERVER_IP_3=127.0.0.1:55
export BAD_NAMESERVER_IP=127.0.0.12
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.txt
@@ -18,12 +18,12 @@
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
-output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_1}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_1} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- primary_count_1=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_1}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
- primary_count_2=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_2}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
- primary_count_3=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_3}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ primary_count_1=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_1}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ primary_count_2=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_2}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ primary_count_3=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_3}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
total_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
if [ "$[${primary_count_1}+${primary_count_2}+${primary_count_3}]" == "${total_count}" ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_109-clear_string_array_not_set/run.sh
^
|
| @@ -2,8 +2,8 @@
# Nothing should happen.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
+export PRIMARY_NAMESERVER_IP=127.0.0.1:1
+export SECONDARY_NAMESERVER_IP=127.0.0.1:2
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.txt
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.txt
@@ -14,10 +14,10 @@
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
-output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
total_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
if [ "${secondary_count}" == "${total_count}" ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_110-clear_string_array_single_value/run.sh
^
|
| @@ -2,8 +2,8 @@
# should be removed.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
+export PRIMARY_NAMESERVER_IP=127.0.0.1:1
+export SECONDARY_NAMESERVER_IP=127.0.0.1:2
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.txt
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.txt
@@ -15,10 +15,10 @@
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
-output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
total_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
if [ "${secondary_count}" == "${total_count}" ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_111-clear_string_array_multiple_values/run.sh
^
|
| @@ -2,10 +2,10 @@
# should be removed.
export TCPREMOTEIP=11.22.33.44
-export PRIMARY_NAMESERVER_IP_1=127.0.0.125
-export PRIMARY_NAMESERVER_IP_2=127.0.0.126
-export PRIMARY_NAMESERVER_IP_3=127.0.0.127
-export SECONDARY_NAMESERVER_IP=127.0.0.128
+export PRIMARY_NAMESERVER_IP_1=127.0.0.1:1
+export PRIMARY_NAMESERVER_IP_2=127.0.0.1:2
+export PRIMARY_NAMESERVER_IP_3=127.0.0.1:3
+export SECONDARY_NAMESERVER_IP=127.0.0.1:4
echo log-level=excessive >> ${TMPDIR}/${TEST_NUM}-config.txt
echo log-target=stderr >> ${TMPDIR}/${TEST_NUM}-config.txt
@@ -19,19 +19,19 @@
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
-output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_1}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_1} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ -z "${output}" ]
then
- output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_2}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_2} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ -z "${output}" ]
then
- output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_3}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${PRIMARY_NAMESERVER_IP_3} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ -z "${output}" ]
then
- secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}:53" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
+ secondary_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${SECONDARY_NAMESERVER_IP}" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
total_count=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server" ${TMPDIR}/${TEST_NUM}-output.txt | wc -l | awk '{ print $1 }'`
if [ "${secondary_count}" == "${total_count}" ]
then
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_118-reject_identical_sender_recipient
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_118-reject_identical_sender_recipient/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<TARGET_EMAIL>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_118-reject_identical_sender_recipient/run.sh
^
|
| @@ -0,0 +1,23 @@
+# This test looks for a rejection when the sender and recipient addresses are
+# the same.
+
+export TCPREMOTEIP=0.0.0.0
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.example.com
+
+echo "reject-identical-sender-recipient=yes" > ${TMPDIR}/${TEST_NUM}-config.txt
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Identical sender and recipient addresses are not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_119-reject_identical_sender_recipient_no_value
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_119-reject_identical_sender_recipient_no_value/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<TARGET_EMAIL>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_119-reject_identical_sender_recipient_no_value/run.sh
^
|
| @@ -0,0 +1,23 @@
+# This test looks for a rejection when the sender and recipient addresses are
+# the same. The config directive is given without a value.
+
+export TCPREMOTEIP=0.0.0.0
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.example.com
+
+echo "reject-identical-sender-recipient" > ${TMPDIR}/${TEST_NUM}-config.txt
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Identical sender and recipient addresses are not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_120-rejection_text_identical_sender_recipient
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_120-rejection_text_identical_sender_recipient/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<TARGET_EMAIL>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_120-rejection_text_identical_sender_recipient/run.sh
^
|
| @@ -0,0 +1,33 @@
+# This test looks for a rejection when the sender and recipient addresses are
+# the same.
+
+export TCPREMOTEIP=0.0.0.0
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.example.com
+
+echo rejection-text-identical-sender-recipient=Foo Bar Baz >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo reject-identical-sender-recipient >> ${TMPDIR}/${TEST_NUM}-config.txt
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Foo Bar Baz" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "554 Refused. Identical sender and recipient addresses are not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_121-dns_resolv_conf
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_121-dns_resolv_conf/input.txt
^
|
| @@ -0,0 +1 @@
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_121-dns_resolv_conf/run.sh
^
|
| @@ -0,0 +1,23 @@
+# This test passes a new resolv.conf to spamdyke and checks to see if it
+# was used.
+
+export TCPREMOTEIP=11.22.33.44
+export NAMESERVER_IP=127.0.0.1
+
+echo "nameserver ${NAMESERVER_IP}" > ${TMPDIR}/${TEST_NUM}-resolv.conf
+echo dns-resolv-conf=${TMPDIR}/${TEST_NUM}-resolv.conf > ${TMPDIR}/${TEST_NUM}-config.txt
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_122-dns_tcp
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_122-dns_tcp/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_122-dns_tcp/run.sh
^
|
| @@ -0,0 +1,27 @@
+# This test sets dns-tcp to none and checks to make sure no TCP
+# queries were performed.
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "44.33.22.11.in-addr.arpa PTR TRUNCATE foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+echo dns-tcp=none > ${TMPDIR}/${TEST_NUM}-config.txt
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_123-dns_spoof
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_123-dns_spoof/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_123-dns_spoof/run.sh
^
|
| @@ -0,0 +1,27 @@
+# This test sets dns-spoof to reject and checks to make sure no spoofed
+# packets were accepted
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "44.33.22.11.in-addr.arpa PTR SPOOF foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 60 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+echo dns-spoof=reject > ${TMPDIR}/${TEST_NUM}-config.txt
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 60 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 60 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_124-tls_cipher_list
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_124-tls_cipher_list/input.txt
^
|
| @@ -0,0 +1 @@
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_124-tls_cipher_list/run.sh
^
|
| @@ -0,0 +1,29 @@
+# This test starts an SMTPS session after specifying some ciphers.
+
+echo tls-level=smtps >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo tls-certificate-file=${CERTDIR}/combined_no_passphrase/server.pem >> ${TMPDIR}/${TEST_NUM}-config.txt
+echo tls-cipher-list=ALL:-LOW:-MEDIUM >> ${TMPDIR}/${TEST_NUM}-config-txt
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -s -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -s -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep -E "^221 " ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "(SSL session started.)" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_125-dns_query_type_a
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_125-dns_query_type_a/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_125-dns_query_type_a/run.sh
^
|
| @@ -0,0 +1,29 @@
+# This test does not allow spamdyke to query for CNAME records when trying to
+# find IP addresses, so trying to resolve the rDNS name should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "foo.example.com CNAME NORMAL bar.example.com" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "bar.example.com A NORMAL 11.22.33.44" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "dns-query-type-a=a" > ${TMPDIR}/${TEST_NUM}-config.txt
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt -R ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt -R ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. Your reverse DNS entry does not resolve." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_126-dns_query_type_mx
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_126-dns_query_type_mx/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_126-dns_query_type_mx/run.sh
^
|
| @@ -0,0 +1,28 @@
+# This test does not allow spamdyke to query for CNAME or MX records when trying
+# to find an MX, so attempting to find a mail exchanger should fail and a
+# rejection should be given.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "example.com MX NORMAL 11.22.33.44" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "dns-query-type-mx=a" > ${TMPDIR}/${TEST_NUM}-config.txt
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt --local-domains-entry foo.com --reject-missing-sender-mx ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt --local-domains-entry foo.com --reject-missing-sender-mx ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. The domain of your sender address has no mail exchanger (MX)." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_127-dns_query_type_ptr
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_127-dns_query_type_ptr/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_127-dns_query_type_ptr/run.sh
^
|
| @@ -0,0 +1,27 @@
+# This test does not allow spamdyke to query for PTR records when trying to
+# reverse IP addresses, so trying to find the rDNS name should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "dns-query-type-ptr=cname" > ${TMPDIR}/${TEST_NUM}-config.txt
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt -r ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -f ${TMPDIR}/${TEST_NUM}-config.txt -r ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_128-dns_query_type_rbl
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_128-dns_query_type_rbl/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_file_128-dns_query_type_rbl/run.sh
^
|
| @@ -0,0 +1,27 @@
+# This test does not allow spamdyke to query for CNAME or TXT records when trying
+# to lookup a DNS RBL, so trying to find the whitelist entry should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.test.rwl TXT NORMAL Some text." > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "dns-query-type-rbl=a" > ${TMPDIR}/${TEST_NUM}-config.txt
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-whitelist-entry test.rwl --ip-blacklist-entry 0.0.0.0/0 -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-whitelist-entry test.rwl --ip-blacklist-entry 0.0.0.0/0 -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Your IP address is blacklisted." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_test_007-executable_file_secondary_group_success/run.sh
^
|
| @@ -4,7 +4,7 @@
if [ "${UID}" == "0" ]
then
touch ${TMPDIR}/${TEST_NUM}-hostname
- chgrp `groups $4 | awk '{ print $2 }'` ${TMPDIR}/${TEST_NUM}-hostname
+ chgrp `groups $4 | sed -e "s/^[^:]*: *//" | awk '{ print $2 }'` ${TMPDIR}/${TEST_NUM}-hostname
chmod 010 ${TMPDIR}/${TEST_NUM}-hostname
pushd ..
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-config_test_053-unpatched_vpopmail_unresponsive_hostname/run.sh
^
|
| @@ -6,8 +6,8 @@
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 90 -r 221 -u $2 -p $3 -- ${SPAMDYKE_PATH} -ldebug --log-target stderr --hostname-command \"${SLEEP_PATH} 300\" --smtp-auth-level always-encrypted --smtp-auth-command \"${AUTH_CMDLINE}\" ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
-${SENDRECV_PATH} -t 90 -r 221 -u $2 -p $3 -- ${SPAMDYKE_PATH} -ldebug --log-target stderr --hostname-command "${SLEEP_PATH} 300" --smtp-auth-level always-encrypted --smtp-auth-command "${AUTH_CMDLINE}" ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+echo "${SENDRECV_PATH} -t 90 -r 221 -u $2 -p $3 -- ${SPAMDYKE_PATH} -ldebug --log-target stderr --hostname-command \"${SLEEP_PATH} 300\" --hostname-file ${TMPDIR}/nonexistant --smtp-auth-level always-encrypted --smtp-auth-command \"${AUTH_CMDLINE}\" ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 90 -r 221 -u $2 -p $3 -- ${SPAMDYKE_PATH} -ldebug --log-target stderr --hostname-command "${SLEEP_PATH} 300" --hostname-file ${TMPDIR}/nonexistant --smtp-auth-level always-encrypted --smtp-auth-command "${AUTH_CMDLINE}" ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
output=`grep "ERROR: command aborted abnormally: " ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_test_140-tls_cipher_list_failure
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-config_test_140-tls_cipher_list_failure/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test looks for an error message from the config-test when it finds a
+# TLS cipher list with no valid ciphers.
+
+echo "${SPAMDYKE_PATH} -ldebug --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem --tls-cipher-list foobar --config-test ${QMAIL_CMDLINE} > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SPAMDYKE_PATH} -ldebug --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem --tls-cipher-list foobar --config-test ${QMAIL_CMDLINE} > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "unable to set SSL/TLS cipher list: foobar" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "ERROR: Tests complete. Errors detected." ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_001-parse_resolvconf_nameserver_success/run.sh
^
|
| @@ -3,7 +3,7 @@
# nameserver.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=127.0.0.128
+export NAMESERVER_IP=127.0.0.1
if [ -f /etc/resolv.conf ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_003-parse_resolvconf_duplicate_nameservers/run.sh
^
|
| @@ -4,7 +4,7 @@
# should discard the duplicates and only query it once.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=127.0.0.128
+export NAMESERVER_IP=127.0.0.1
if [ -f /etc/resolv.conf ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_009-parse_resolvconf_timeout_secs/run.sh
^
|
| @@ -3,7 +3,7 @@
# the nameserver, using only the given number of seconds.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=`${DNSA_PATH} ns.silence.org`:52
+export NAMESERVER_IP=127.0.0.1:52
export TIMEOUT=18
if [ -f /etc/resolv.conf ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_010-parse_resolvconf_total_timeout/run.sh
^
|
| @@ -4,7 +4,7 @@
# honor.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=`${DNSA_PATH} ns.silence.org`:52
+export NAMESERVER_IP=127.0.0.1:52
export TIMEOUT=18
if [ -f /etc/resolv.conf ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_011-parse_resolvconf_invalid_total_timeout/run.sh
^
|
| @@ -4,7 +4,7 @@
# ignore. It should use the default (30 seconds).
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=`${DNSA_PATH} ns.silence.org`:52
+export NAMESERVER_IP=127.0.0.1:52
export TIMEOUT=30
if [ -f /etc/resolv.conf ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_012-parse_resolvconf_environment_timeout/run.sh
^
|
| @@ -4,7 +4,7 @@
# environment variable.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=`${DNSA_PATH} ns.silence.org`:52
+export NAMESERVER_IP=127.0.0.1:52
export TIMEOUT=18
export RES_OPTIONS="timeout:6"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_013-parse_resolvconf_invalid_environment_timeout/run.sh
^
|
| @@ -5,7 +5,7 @@
# /etc/resolv.conf
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=`${DNSA_PATH} ns.silence.org`:52
+export NAMESERVER_IP=127.0.0.1:52
export TIMEOUT=18
export RES_OPTIONS="timeout:foo"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_014-parse_resolvconf_invalid_environment_timeout_default/run.sh
^
|
| @@ -5,7 +5,7 @@
# /etc/resolv.conf, so the default (30 seconds) should be used instead.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=`${DNSA_PATH} ns.silence.org`:52
+export NAMESERVER_IP=127.0.0.1:52
export TIMEOUT=30
export RES_OPTIONS="timeout:foo"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_015-primary_nameserver/run.sh
^
|
| @@ -2,13 +2,13 @@
# was used.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=127.0.0.128
+export NAMESERVER_IP=127.0.0.1:1
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-server-ip-primary ${NAMESERVER_IP} ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-server-ip-primary ${NAMESERVER_IP} ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
-output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${NAMESERVER_IP} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_016-parse_resolvconf_invalid_primary_nameserver/run.sh
^
|
| @@ -4,7 +4,7 @@
# /etc/resolv.conf.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=127.0.0.128
+export NAMESERVER_IP=127.0.0.1
if [ -f /etc/resolv.conf ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_019-secondary_nameserver/run.sh
^
|
| @@ -2,13 +2,13 @@
# was used.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=127.0.0.128
+export NAMESERVER_IP=127.0.0.1:1
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-server-ip ${NAMESERVER_IP} ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-server-ip ${NAMESERVER_IP} ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
-output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${NAMESERVER_IP} (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_020-parse_resolvconf_invalid_secondary_nameserver/run.sh
^
|
| @@ -4,7 +4,7 @@
# /etc/resolv.conf.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=127.0.0.128
+export NAMESERVER_IP=127.0.0.1
if [ -f /etc/resolv.conf ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_023-primary_nameserver_secondary_nameserver/run.sh
^
|
| @@ -2,8 +2,8 @@
# spamdyke and checks to see if it was used.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP_PRIMARY=`${DNSA_PATH} ns.silence.org`:52
-export NAMESERVER_IP_SECONDARY=`${DNSA_PATH} ns.silence.org`:51
+export NAMESERVER_IP_PRIMARY=127.0.0.1:52
+export NAMESERVER_IP_SECONDARY=127.0.0.1:51
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY} --dns-server-ip ${NAMESERVER_IP_SECONDARY} ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_024-primary_nameserver_invalid_secondary_nameserver/run.sh
^
|
| @@ -2,7 +2,7 @@
# IP to spamdyke and checks to see if the secondary nameserver was ignored.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP_PRIMARY=`${DNSA_PATH} ns.silence.org`:52
+export NAMESERVER_IP_PRIMARY=127.0.0.1:52
export NAMESERVER_IP_SECONDARY=foo
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_025-invalid_primary_nameserver_secondary_nameserver/run.sh
^
|
| @@ -3,7 +3,7 @@
export TCPREMOTEIP=11.22.33.44
export NAMESERVER_IP_PRIMARY=foo
-export NAMESERVER_IP_SECONDARY=`${DNSA_PATH} ns.silence.org`:52
+export NAMESERVER_IP_SECONDARY=127.0.0.1:52
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY} --dns-server-ip ${NAMESERVER_IP_SECONDARY} ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_026-parse_resolvconf_invalid_primary_invalid_secondary/run.sh
^
|
| @@ -4,7 +4,7 @@
# /etc/resolv.conf.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP=127.0.0.128
+export NAMESERVER_IP=127.0.0.1
if [ -f /etc/resolv.conf ]
then
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_028-too_many_primary_secondary/run.sh
^
|
| @@ -2,42 +2,42 @@
# the first 16 and ignore the rest.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_IP_PRIMARY_A=`${DNSA_PATH} ns.silence.org`:5454
-export NAMESERVER_IP_PRIMARY_B=`${DNSA_PATH} ns.silence.org`:5455
-export NAMESERVER_IP_PRIMARY_C=`${DNSA_PATH} ns.silence.org`:5456
-export NAMESERVER_IP_PRIMARY_D=`${DNSA_PATH} ns.silence.org`:5457
-export NAMESERVER_IP_PRIMARY_E=`${DNSA_PATH} ns.silence.org`:5458
-export NAMESERVER_IP_PRIMARY_F=`${DNSA_PATH} ns.silence.org`:5459
-export NAMESERVER_IP_PRIMARY_G=`${DNSA_PATH} ns.silence.org`:5460
-export NAMESERVER_IP_PRIMARY_H=`${DNSA_PATH} ns.silence.org`:5461
-export NAMESERVER_IP_PRIMARY_I=`${DNSA_PATH} ns.silence.org`:5462
-export NAMESERVER_IP_PRIMARY_J=`${DNSA_PATH} ns.silence.org`:5463
-export NAMESERVER_IP_PRIMARY_K=`${DNSA_PATH} ns.silence.org`:5464
-export NAMESERVER_IP_PRIMARY_L=`${DNSA_PATH} ns.silence.org`:5465
-export NAMESERVER_IP_PRIMARY_M=`${DNSA_PATH} ns.silence.org`:5466
-export NAMESERVER_IP_PRIMARY_N=`${DNSA_PATH} ns.silence.org`:5467
-export NAMESERVER_IP_PRIMARY_O=`${DNSA_PATH} ns.silence.org`:5468
-export NAMESERVER_IP_PRIMARY_P=`${DNSA_PATH} ns.silence.org`:5469
-export NAMESERVER_IP_PRIMARY_Q=`${DNSA_PATH} ns.silence.org`:5470
-export NAMESERVER_IP_PRIMARY_R=`${DNSA_PATH} ns.silence.org`:5471
-export NAMESERVER_IP_SECONDARY_A=`${DNSA_PATH} ns.silence.org`:5472
-export NAMESERVER_IP_SECONDARY_B=`${DNSA_PATH} ns.silence.org`:5473
-export NAMESERVER_IP_SECONDARY_C=`${DNSA_PATH} ns.silence.org`:5474
-export NAMESERVER_IP_SECONDARY_D=`${DNSA_PATH} ns.silence.org`:5475
-export NAMESERVER_IP_SECONDARY_E=`${DNSA_PATH} ns.silence.org`:5476
-export NAMESERVER_IP_SECONDARY_F=`${DNSA_PATH} ns.silence.org`:5477
-export NAMESERVER_IP_SECONDARY_G=`${DNSA_PATH} ns.silence.org`:5478
-export NAMESERVER_IP_SECONDARY_H=`${DNSA_PATH} ns.silence.org`:5479
-export NAMESERVER_IP_SECONDARY_I=`${DNSA_PATH} ns.silence.org`:5480
-export NAMESERVER_IP_SECONDARY_J=`${DNSA_PATH} ns.silence.org`:5481
-export NAMESERVER_IP_SECONDARY_K=`${DNSA_PATH} ns.silence.org`:5482
-export NAMESERVER_IP_SECONDARY_L=`${DNSA_PATH} ns.silence.org`:5483
-export NAMESERVER_IP_SECONDARY_M=`${DNSA_PATH} ns.silence.org`:5484
-export NAMESERVER_IP_SECONDARY_N=`${DNSA_PATH} ns.silence.org`:5485
-export NAMESERVER_IP_SECONDARY_O=`${DNSA_PATH} ns.silence.org`:5486
-export NAMESERVER_IP_SECONDARY_P=`${DNSA_PATH} ns.silence.org`:5487
-export NAMESERVER_IP_SECONDARY_Q=`${DNSA_PATH} ns.silence.org`:5488
-export NAMESERVER_IP_SECONDARY_R=`${DNSA_PATH} ns.silence.org`:5489
+export NAMESERVER_IP_PRIMARY_A=127.0.0.1:5454
+export NAMESERVER_IP_PRIMARY_B=127.0.0.1:5455
+export NAMESERVER_IP_PRIMARY_C=127.0.0.1:5456
+export NAMESERVER_IP_PRIMARY_D=127.0.0.1:5457
+export NAMESERVER_IP_PRIMARY_E=127.0.0.1:5458
+export NAMESERVER_IP_PRIMARY_F=127.0.0.1:5459
+export NAMESERVER_IP_PRIMARY_G=127.0.0.1:5460
+export NAMESERVER_IP_PRIMARY_H=127.0.0.1:5461
+export NAMESERVER_IP_PRIMARY_I=127.0.0.1:5462
+export NAMESERVER_IP_PRIMARY_J=127.0.0.1:5463
+export NAMESERVER_IP_PRIMARY_K=127.0.0.1:5464
+export NAMESERVER_IP_PRIMARY_L=127.0.0.1:5465
+export NAMESERVER_IP_PRIMARY_M=127.0.0.1:5466
+export NAMESERVER_IP_PRIMARY_N=127.0.0.1:5467
+export NAMESERVER_IP_PRIMARY_O=127.0.0.1:5468
+export NAMESERVER_IP_PRIMARY_P=127.0.0.1:5469
+export NAMESERVER_IP_PRIMARY_Q=127.0.0.1:5470
+export NAMESERVER_IP_PRIMARY_R=127.0.0.1:5471
+export NAMESERVER_IP_SECONDARY_A=127.0.0.1:5472
+export NAMESERVER_IP_SECONDARY_B=127.0.0.1:5473
+export NAMESERVER_IP_SECONDARY_C=127.0.0.1:5474
+export NAMESERVER_IP_SECONDARY_D=127.0.0.1:5475
+export NAMESERVER_IP_SECONDARY_E=127.0.0.1:5476
+export NAMESERVER_IP_SECONDARY_F=127.0.0.1:5477
+export NAMESERVER_IP_SECONDARY_G=127.0.0.1:5478
+export NAMESERVER_IP_SECONDARY_H=127.0.0.1:5479
+export NAMESERVER_IP_SECONDARY_I=127.0.0.1:5480
+export NAMESERVER_IP_SECONDARY_J=127.0.0.1:5481
+export NAMESERVER_IP_SECONDARY_K=127.0.0.1:5482
+export NAMESERVER_IP_SECONDARY_L=127.0.0.1:5483
+export NAMESERVER_IP_SECONDARY_M=127.0.0.1:5484
+export NAMESERVER_IP_SECONDARY_N=127.0.0.1:5485
+export NAMESERVER_IP_SECONDARY_O=127.0.0.1:5486
+export NAMESERVER_IP_SECONDARY_P=127.0.0.1:5487
+export NAMESERVER_IP_SECONDARY_Q=127.0.0.1:5488
+export NAMESERVER_IP_SECONDARY_R=127.0.0.1:5489
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 60 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_A} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_B} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_C} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_D} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_E} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_F} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_G} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_H} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_I} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_J} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_K} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_L} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_M} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_N} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_O} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_P} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_Q} --dns-server-ip-primary ${NAMESERVER_IP_PRIMARY_R} --dns-server-ip ${NAMESERVER_IP_SECONDARY_A} --dns-server-ip ${NAMESERVER_IP_SECONDARY_B} --dns-server-ip ${NAMESERVER_IP_SECONDARY_C} --dns-server-ip ${NAMESERVER_IP_SECONDARY_D} --dns-server-ip ${NAMESERVER_IP_SECONDARY_E} --dns-server-ip ${NAMESERVER_IP_SECONDARY_F} --dns-server-ip ${NAMESERVER_IP_SECONDARY_G} --dns-server-ip ${NAMESERVER_IP_SECONDARY_H} --dns-server-ip ${NAMESERVER_IP_SECONDARY_I} --dns-server-ip ${NAMESERVER_IP_SECONDARY_J} --dns-server-ip ${NAMESERVER_IP_SECONDARY_K} --dns-server-ip ${NAMESERVER_IP_SECONDARY_L} --dns-server-ip ${NAMESERVER_IP_SECONDARY_M} --dns-server-ip ${NAMESERVER_IP_SECONDARY_N} --dns-server-ip ${NAMESERVER_IP_SECONDARY_O} --dns-server-ip ${NAMESERVER_IP_SECONDARY_P} --dns-server-ip ${NAMESERVER_IP_SECONDARY_Q} --dns-server-ip ${NAMESERVER_IP_SECONDARY_R} ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_029-default_retries/run.sh
^
|
| @@ -2,8 +2,8 @@
# to both.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_PRIMARY_IP=`${DNSA_PATH} ns.silence.org`:52
-export NAMESERVER_SECONDARY_IP=`${DNSA_PATH} ns.silence.org`:51
+export NAMESERVER_PRIMARY_IP=127.0.0.1:52
+export NAMESERVER_SECONDARY_IP=127.0.0.1:51
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP} --dns-server-ip ${NAMESERVER_SECONDARY_IP} ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_030-max_retries_total/run.sh
^
|
| @@ -2,8 +2,8 @@
# to both.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_PRIMARY_IP=`${DNSA_PATH} ns.silence.org`:52
-export NAMESERVER_SECONDARY_IP=`${DNSA_PATH} ns.silence.org`:51
+export NAMESERVER_PRIMARY_IP=127.0.0.1:52
+export NAMESERVER_SECONDARY_IP=127.0.0.1:51
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP} --dns-server-ip ${NAMESERVER_SECONDARY_IP} --dns-max-retries-total 2 ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_031-max_retries_primary/run.sh
^
|
| @@ -2,8 +2,8 @@
# to both.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_PRIMARY_IP=`${DNSA_PATH} ns.silence.org`:52
-export NAMESERVER_SECONDARY_IP=`${DNSA_PATH} ns.silence.org`:51
+export NAMESERVER_PRIMARY_IP=127.0.0.1:52
+export NAMESERVER_SECONDARY_IP=127.0.0.1:51
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP} --dns-server-ip ${NAMESERVER_SECONDARY_IP} --dns-max-retries-primary 2 ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_032-max_retries_total_max_retries_primary/run.sh
^
|
| @@ -2,8 +2,8 @@
# to both.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_PRIMARY_IP=`${DNSA_PATH} ns.silence.org`:52
-export NAMESERVER_SECONDARY_IP=`${DNSA_PATH} ns.silence.org`:51
+export NAMESERVER_PRIMARY_IP=127.0.0.1:52
+export NAMESERVER_SECONDARY_IP=127.0.0.1:51
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP} --dns-server-ip ${NAMESERVER_SECONDARY_IP} --dns-max-retries-primary 3 --dns-max-retries-total 6 ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_033-max_retries_primary_greater_than_max_retries_total/run.sh
^
|
| @@ -3,8 +3,8 @@
# dns-max-retries-total.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_PRIMARY_IP=`${DNSA_PATH} ns.silence.org`:52
-export NAMESERVER_SECONDARY_IP=`${DNSA_PATH} ns.silence.org`:51
+export NAMESERVER_PRIMARY_IP=127.0.0.1:52
+export NAMESERVER_SECONDARY_IP=127.0.0.1:51
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP} --dns-server-ip ${NAMESERVER_SECONDARY_IP} --dns-max-retries-total 3 --dns-max-retries-primary 10 ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_034-level_aggressive/run.sh
^
|
| @@ -3,10 +3,10 @@
# then all servers queried simultaneously.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_PRIMARY_IP_1=`${DNSA_PATH} ns.silence.org`:52
-export NAMESERVER_PRIMARY_IP_2=`${DNSA_PATH} ns.silence.org`:50
-export NAMESERVER_SECONDARY_IP_1=`${DNSA_PATH} ns.silence.org`:51
-export NAMESERVER_SECONDARY_IP_2=`${DNSA_PATH} ns.silence.org`:49
+export NAMESERVER_PRIMARY_IP_1=127.0.0.1:52
+export NAMESERVER_PRIMARY_IP_2=127.0.0.1:50
+export NAMESERVER_SECONDARY_IP_1=127.0.0.1:51
+export NAMESERVER_SECONDARY_IP_2=127.0.0.1:49
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP_1} --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP_2} --dns-server-ip ${NAMESERVER_SECONDARY_IP_1} --dns-server-ip ${NAMESERVER_SECONDARY_IP_2} --dns-level aggressive ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_035-level_normal/run.sh
^
|
| @@ -3,10 +3,10 @@
# reached, then all servers are queried simultaneously.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_PRIMARY_IP_1=`${DNSA_PATH} ns.silence.org`:52
-export NAMESERVER_PRIMARY_IP_2=`${DNSA_PATH} ns.silence.org`:50
-export NAMESERVER_SECONDARY_IP_1=`${DNSA_PATH} ns.silence.org`:51
-export NAMESERVER_SECONDARY_IP_2=`${DNSA_PATH} ns.silence.org`:49
+export NAMESERVER_PRIMARY_IP_1=127.0.0.1:52
+export NAMESERVER_PRIMARY_IP_2=127.0.0.1:50
+export NAMESERVER_SECONDARY_IP_1=127.0.0.1:51
+export NAMESERVER_SECONDARY_IP_2=127.0.0.1:49
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP_1} --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP_2} --dns-server-ip ${NAMESERVER_SECONDARY_IP_1} --dns-server-ip ${NAMESERVER_SECONDARY_IP_2} --dns-level normal ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-dns_036-level_none/run.sh
^
|
| @@ -2,10 +2,10 @@
# No queries should be performed at all.
export TCPREMOTEIP=11.22.33.44
-export NAMESERVER_PRIMARY_IP_1=`${DNSA_PATH} ns.silence.org`:52
-export NAMESERVER_PRIMARY_IP_2=`${DNSA_PATH} ns.silence.org`:50
-export NAMESERVER_SECONDARY_IP_1=`${DNSA_PATH} ns.silence.org`:51
-export NAMESERVER_SECONDARY_IP_2=`${DNSA_PATH} ns.silence.org`:49
+export NAMESERVER_PRIMARY_IP_1=127.0.0.1:52
+export NAMESERVER_PRIMARY_IP_2=127.0.0.1:50
+export NAMESERVER_SECONDARY_IP_1=127.0.0.1:51
+export NAMESERVER_SECONDARY_IP_2=127.0.0.1:49
cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-timeout-secs 10 --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP_1} --dns-server-ip-primary ${NAMESERVER_PRIMARY_IP_2} --dns-server-ip ${NAMESERVER_SECONDARY_IP_1} --dns-server-ip ${NAMESERVER_SECONDARY_IP_2} --dns-level none ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_037-dns_resolv_conf
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_037-dns_resolv_conf/input.txt
^
|
| @@ -0,0 +1 @@
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_037-dns_resolv_conf/run.sh
^
|
| @@ -0,0 +1,22 @@
+# This test passes a new resolv.conf to spamdyke and checks to see if it
+# was used.
+
+export TCPREMOTEIP=11.22.33.44
+export NAMESERVER_IP=127.0.0.1
+
+echo "nameserver ${NAMESERVER_IP}" > ${TMPDIR}/${TEST_NUM}-resolv.conf
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-resolv-conf ${TMPDIR}/${TEST_NUM}-resolv.conf ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -lexcessive --log-target stderr --dns-resolv-conf ${TMPDIR}/${TEST_NUM}-resolv.conf ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "for 44.33.22.11.in-addr.arpa(PTR) to DNS server ${NAMESERVER_IP}:53 (attempt 1)" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_038-dns_tcp_none
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_038-dns_tcp_none/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_038-dns_tcp_none/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test sets dns-tcp to none and checks to make sure no TCP
+# queries were performed.
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "44.33.22.11.in-addr.arpa PTR TRUNCATE foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-tcp none --dns-server-ip ${NAMESERVER_IP} --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-tcp none --dns-server-ip ${NAMESERVER_IP} --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_039-dns_tcp_normal
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_039-dns_tcp_normal/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_039-dns_tcp_normal/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test sets dns-tcp to normal and checks to make sure TCP
+# queries were performed.
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "44.33.22.11.in-addr.arpa PTR TRUNCATE foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-tcp normal ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-tcp normal ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_040-dns_spoof_accept_all
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_040-dns_spoof_accept_all/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_040-dns_spoof_accept_all/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test sets dns-spoof to accept-all and checks to make sure spoofed
+# packets were accepted
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "44.33.22.11.in-addr.arpa PTR SPOOF foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-spoof accept-all ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-spoof accept-all ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_041-dns_spoof_accept_same_ip
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_041-dns_spoof_accept_same_ip/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_041-dns_spoof_accept_same_ip/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test sets dns-spoof to accept-same-ip and checks to make sure spoofed
+# packets were accepted
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "44.33.22.11.in-addr.arpa PTR SPOOF foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-spoof accept-same-ip ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-spoof accept-same-ip ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_042-dns_spoof_reject
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_042-dns_spoof_reject/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_042-dns_spoof_reject/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test sets dns-spoof to reject and checks to make sure no spoofed
+# packets were accepted
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "44.33.22.11.in-addr.arpa PTR SPOOF foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 120 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 120 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-spoof reject ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 120 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-spoof reject ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_043-dns_spoof_accept_same_port
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_043-dns_spoof_accept_same_port/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_043-dns_spoof_accept_same_port/run.sh
^
|
| @@ -0,0 +1,26 @@
+# This test sets dns-spoof to accept-same-port and checks to make sure no spoofed
+# packets were accepted. FIXME: This test should be rewritten to find a way to
+# send spoofed packets from another IP with the same port number.
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "44.33.22.11.in-addr.arpa PTR SPOOF foo.bar" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 120 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+cat input.txt | sed -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" -e "s/TARGET_EMAIL/$1/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 120 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-spoof accept-same-port ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 120 -r 221 -- ${SPAMDYKE_PATH} --reject-empty-rdns --dns-server-ip ${NAMESERVER_IP} --log-target stderr --dns-spoof accept-same-port ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_044-query_type_a_a
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_044-query_type_a_a/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_044-query_type_a_a/run.sh
^
|
| @@ -0,0 +1,27 @@
+# This test does not allow spamdyke to query for CNAME records when trying to
+# find IP addresses, so trying to resolve the rDNS name should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "foo.example.com CNAME NORMAL bar.example.com" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "bar.example.com A NORMAL 11.22.33.44" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-a a -R ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-a a -R ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. Your reverse DNS entry does not resolve." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_045-query_type_a_cname
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_045-query_type_a_cname/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_045-query_type_a_cname/run.sh
^
|
| @@ -0,0 +1,27 @@
+# This test does not allow spamdyke to query for A records when trying to
+# find IP addresses, so trying to resolve the rDNS name should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "foo.example.com CNAME NORMAL bar.example.com" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "bar.example.com A NORMAL 11.22.33.44" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-a cname -R ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-a cname -R ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. Your reverse DNS entry does not resolve." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_046-query_type_mx_a
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_046-query_type_mx_a/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_046-query_type_mx_a/run.sh
^
|
| @@ -0,0 +1,26 @@
+# This test does not allow spamdyke to query for CNAME or MX records when trying
+# to find an MX, so attempting to find a mail exchanger should fail and a
+# rejection should be given.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "example.com MX NORMAL 11.22.33.44" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-mx a --local-domains-entry foo.com --reject-missing-sender-mx ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-mx a --local-domains-entry foo.com --reject-missing-sender-mx ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. The domain of your sender address has no mail exchanger (MX)." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_047-query_type_mx_cname
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_047-query_type_mx_cname/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_047-query_type_mx_cname/run.sh
^
|
| @@ -0,0 +1,27 @@
+# This test does not allow spamdyke to query for A or MX records when trying
+# to find an MX, so attempting to find a mail exchanger should fail and a
+# rejection should be given.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "example.com CNAME NORMAL mail.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "mail.example.com A NORMAL 11.22.33.44" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-mx cname --local-domains-entry foo.com --reject-missing-sender-mx ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-mx cname --local-domains-entry foo.com --reject-missing-sender-mx ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. The domain of your sender address has no mail exchanger (MX)." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_048-query_type_mx_mx
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_048-query_type_mx_mx/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_048-query_type_mx_mx/run.sh
^
|
| @@ -0,0 +1,26 @@
+# This test does not allow spamdyke to query for A or CNAME records when trying
+# to find an MX, so attempting to find a mail exchanger should fail and a
+# rejection should be given.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "example.com A NORMAL 11.22.33.44" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-mx mx --local-domains-entry foo.com --reject-missing-sender-mx ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-mx mx --local-domains-entry foo.com --reject-missing-sender-mx ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. The domain of your sender address has no mail exchanger (MX)." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_049-query_type_ptr_cname
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_049-query_type_ptr_cname/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_049-query_type_ptr_cname/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test does not allow spamdyke to query for PTR records when trying to
+# reverse IP addresses, so trying to find the rDNS name should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-ptr cname -r ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-ptr cname -r ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_050-query_type_ptr_ptr
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_050-query_type_ptr_ptr/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_050-query_type_ptr_ptr/run.sh
^
|
| @@ -0,0 +1,26 @@
+# This test does not allow spamdyke to query for CNAME records when trying to
+# reverse IP addresses, so trying to find the rDNS name should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa CNAME NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "foo.example.com PTR NORMAL bar.example.com" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-ptr ptr -r ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-query-type-ptr ptr -r ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. You have no reverse DNS entry." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_051-query_type_rbl_a
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_051-query_type_rbl_a/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_051-query_type_rbl_a/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test does not allow spamdyke to query for CNAME or TXT records when trying
+# to lookup a DNS RBL, so trying to find the whitelist entry should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.test.rwl TXT NORMAL Some text." > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-whitelist-entry test.rwl --ip-blacklist-entry 0.0.0.0/0 --dns-query-type-rbl a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-whitelist-entry test.rwl --ip-blacklist-entry 0.0.0.0/0 --dns-query-type-rbl a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Your IP address is blacklisted." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_052-query_type_rbl_cname
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_052-query_type_rbl_cname/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_052-query_type_rbl_cname/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test does not allow spamdyke to query for A or TXT records when trying
+# to lookup a DNS RBL, so trying to find the whitelist entry should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.test.rwl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-whitelist-entry test.rwl --ip-blacklist-entry 0.0.0.0/0 --dns-query-type-rbl cname ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-whitelist-entry test.rwl --ip-blacklist-entry 0.0.0.0/0 --dns-query-type-rbl cname ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Your IP address is blacklisted." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_053-query_type_rbl_txt
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_053-query_type_rbl_txt/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-dns_053-query_type_rbl_txt/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test does not allow spamdyke to query for A or CNAME records when trying
+# to lookup a DNS RBL, so trying to find the whitelist entry should fail.
+
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.test.rwl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-whitelist-entry test.rwl --ip-blacklist-entry 0.0.0.0/0 --dns-query-type-rbl txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-whitelist-entry test.rwl --ip-blacklist-entry 0.0.0.0/0 --dns-query-type-rbl txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Your IP address is blacklisted." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_032-encryption_tls
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_032-encryption_tls/input.txt
^
|
| @@ -0,0 +1,5 @@
+ehlo me
+starttls
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_032-encryption_tls/run.sh
^
|
| @@ -0,0 +1,21 @@
+# This test looks for a STARTTLS offer when qmail does support it, starts TLS
+# and checks for the correct "encryption:" value in the log message.
+
+mkdir -p ${TMPDIR}/${TEST_NUM}-logs
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -l --log-target stderr -L ${TMPDIR}/${TEST_NUM}-logs --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -l --log-target stderr -L ${TMPDIR}/${TEST_NUM}-logs --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "encryption: TLS" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_033-patched_encryption_passthrough
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_033-patched_encryption_passthrough/input.txt
^
|
| @@ -0,0 +1,5 @@
+ehlo me
+starttls
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_033-patched_encryption_passthrough/run.sh
^
|
| @@ -0,0 +1,27 @@
+# This test starts TLS with qmail, not spamdyke and checks for the correct
+# "encryption" value in the log message.
+
+if [ -f /var/qmail/control/servercert.pem ]
+then
+ mkdir -p ${TMPDIR}/${TEST_NUM}-logs
+
+ FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+ cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+ echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -l --log-target stderr -T 300 -L ${TMPDIR}/${TEST_NUM}-logs ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+ ${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -l --log-target stderr -T 300 -L ${TMPDIR}/${TEST_NUM}-logs ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+ output=`grep "encryption: TLS_PASSTHROUGH" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo /var/qmail/control/servercert.pem does not exist. Test failed.
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_034-encryption_ssl
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_034-encryption_ssl/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_034-encryption_ssl/run.sh
^
|
| @@ -0,0 +1,19 @@
+# This test starts an SMTPS session and checks for the correct
+# "encryption:" flag in the log message.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -s -- ${SPAMDYKE_PATH} -l --log-target stderr --tls-level smtps --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -s -- ${SPAMDYKE_PATH} -l --log-target stderr --tls-level smtps --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep -E "encryption: SSL" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_035-encryption_none
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_035-encryption_none/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-log_035-encryption_none/run.sh
^
|
| @@ -0,0 +1,19 @@
+# This test starts a normal mail delivery and looks for the correct
+# "encryption:" flag in the log message.
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -l --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -l --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "encryption: (none)" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-protocol_013-identical_sender_recipient
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-protocol_013-identical_sender_recipient/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<TARGET_EMAIL>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-protocol_013-identical_sender_recipient/run.sh
^
|
| @@ -0,0 +1,19 @@
+# This test looks for a rejection when the sender and recipient addresses are
+# the same.
+
+export TCPREMOTEIP=0.0.0.0
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --reject-identical-sender-recipient ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --reject-identical-sender-recipient ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Identical sender and recipient addresses are not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_001-dnsrbl_with_txt/run.sh
^
|
| @@ -3,11 +3,15 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrbl TXT NORMAL Test DNSRBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -x txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -x txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x txt.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x txt.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test DNSRBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_002-dnsrbl_without_txt/run.sh
^
|
| @@ -3,13 +3,17 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.a.dnsrbl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+export NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -x a.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -x a.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x a.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x a.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
-output=`grep "554 Refused. Your IP address is listed in the RBL at a.test-dnsrbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "554 Refused. Your IP address is listed in the RBL at a.dnsrbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_003-rhsbl_sender_with_txt/run.sh
^
|
| @@ -3,11 +3,15 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -X txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -X txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X txt.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X txt.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test RHSBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_004-rhsbl_sender_without_txt/run.sh
^
|
| @@ -3,13 +3,17 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "example.com.a.rhsbl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -X a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -X a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X a.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X a.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
-output=`grep "554 Refused. Your domain name is listed in the RHSBL at a.test-rhsbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "554 Refused. Your domain name is listed in the RHSBL at a.rhsbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_005-rhsbl_origin_with_txt/run.sh
^
|
| @@ -1,13 +1,18 @@
# This test looks for a rejection because the incoming rDNS name is on a
# RHSBL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSBL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.bar
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -X txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -X txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X txt.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X txt.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test RHSBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_006-rhsbl_origin_without_txt/run.sh
^
|
| @@ -1,15 +1,20 @@
# This test looks for a rejection because the incoming sender address is on a
# RHSBL that uses A records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.remote" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "foo.remote.rhsbl.a A NORMAL 127.0.0.1" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -X a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -X a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X rhsbl.a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X rhsbl.a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
-output=`grep "554 Refused. Your domain name is listed in the RHSBL at a.test-rhsbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+output=`grep "554 Refused. Your domain name is listed in the RHSBL at rhsbl.a" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_007-dnsrbl_chained_with_txt/run.sh
^
|
| @@ -4,11 +4,47 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.chained.txt CNAME NORMAL 1.44.33.22.11.chained.txt" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "1.44.33.22.11.chained.txt CNAME NORMAL 2.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "2.44.33.22.11.chained.txt CNAME NORMAL 3.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "3.44.33.22.11.chained.txt CNAME NORMAL 4.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "4.44.33.22.11.chained.txt CNAME NORMAL 5.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "5.44.33.22.11.chained.txt CNAME NORMAL 6.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "6.44.33.22.11.chained.txt CNAME NORMAL 7.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "7.44.33.22.11.chained.txt CNAME NORMAL 8.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "8.44.33.22.11.chained.txt CNAME NORMAL 9.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "9.44.33.22.11.chained.txt CNAME NORMAL 10.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "10.44.33.22.11.chained.txt CNAME NORMAL 11.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "11.44.33.22.11.chained.txt CNAME NORMAL 12.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "12.44.33.22.11.chained.txt CNAME NORMAL 13.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "13.44.33.22.11.chained.txt CNAME NORMAL 14.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "14.44.33.22.11.chained.txt CNAME NORMAL 15.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "15.44.33.22.11.chained.txt CNAME NORMAL 16.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "16.44.33.22.11.chained.txt CNAME NORMAL 17.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "17.44.33.22.11.chained.txt CNAME NORMAL 18.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "18.44.33.22.11.chained.txt CNAME NORMAL 19.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "19.44.33.22.11.chained.txt CNAME NORMAL 20.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "20.44.33.22.11.chained.txt CNAME NORMAL 21.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "21.44.33.22.11.chained.txt CNAME NORMAL 22.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "22.44.33.22.11.chained.txt CNAME NORMAL 23.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "23.44.33.22.11.chained.txt CNAME NORMAL 24.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "24.44.33.22.11.chained.txt CNAME NORMAL 25.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "25.44.33.22.11.chained.txt CNAME NORMAL 26.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "26.44.33.22.11.chained.txt CNAME NORMAL 27.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "27.44.33.22.11.chained.txt CNAME NORMAL 28.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "28.44.33.22.11.chained.txt CNAME NORMAL 29.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "29.44.33.22.11.chained.txt CNAME NORMAL 30.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "30.44.33.22.11.chained.txt CNAME NORMAL 31.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "31.44.33.22.11.chained.txt CNAME NORMAL 32.44.33.22.11.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "32.44.33.22.11.chained.txt TXT NORMAL Test RHSBL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 180 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -x chained-txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -x chained-txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x chained.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x chained.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_008-dnsrbl_chained_without_txt/run.sh
^
|
| @@ -4,11 +4,47 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.chained.a CNAME NORMAL 1.44.33.22.11.chained.a" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "1.44.33.22.11.chained.a CNAME NORMAL 2.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "2.44.33.22.11.chained.a CNAME NORMAL 3.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "3.44.33.22.11.chained.a CNAME NORMAL 4.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "4.44.33.22.11.chained.a CNAME NORMAL 5.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "5.44.33.22.11.chained.a CNAME NORMAL 6.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "6.44.33.22.11.chained.a CNAME NORMAL 7.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "7.44.33.22.11.chained.a CNAME NORMAL 8.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "8.44.33.22.11.chained.a CNAME NORMAL 9.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "9.44.33.22.11.chained.a CNAME NORMAL 10.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "10.44.33.22.11.chained.a CNAME NORMAL 11.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "11.44.33.22.11.chained.a CNAME NORMAL 12.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "12.44.33.22.11.chained.a CNAME NORMAL 13.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "13.44.33.22.11.chained.a CNAME NORMAL 14.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "14.44.33.22.11.chained.a CNAME NORMAL 15.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "15.44.33.22.11.chained.a CNAME NORMAL 16.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "16.44.33.22.11.chained.a CNAME NORMAL 17.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "17.44.33.22.11.chained.a CNAME NORMAL 18.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "18.44.33.22.11.chained.a CNAME NORMAL 19.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "19.44.33.22.11.chained.a CNAME NORMAL 20.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "20.44.33.22.11.chained.a CNAME NORMAL 21.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "21.44.33.22.11.chained.a CNAME NORMAL 22.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "22.44.33.22.11.chained.a CNAME NORMAL 23.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "23.44.33.22.11.chained.a CNAME NORMAL 24.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "24.44.33.22.11.chained.a CNAME NORMAL 25.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "25.44.33.22.11.chained.a CNAME NORMAL 26.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "26.44.33.22.11.chained.a CNAME NORMAL 27.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "27.44.33.22.11.chained.a CNAME NORMAL 28.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "28.44.33.22.11.chained.a CNAME NORMAL 29.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "29.44.33.22.11.chained.a CNAME NORMAL 30.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "30.44.33.22.11.chained.a CNAME NORMAL 31.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "31.44.33.22.11.chained.a CNAME NORMAL 32.44.33.22.11.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "32.44.33.22.11.chained.a TXT NORMAL Test RHSBL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 180 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -x chained-a.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -x chained-a.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x chained.a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x chained.a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_009-dnsrbl_circular/run.sh
^
|
| @@ -3,11 +3,16 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.circular.dnsrbl CNAME NORMAL 1.44.33.22.11.circular.dnsrbl" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "1.44.33.22.11.circular.dnsrbl CNAME NORMAL 44.33.22.11.circular.dnsrbl" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -x circular.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -x circular.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x circular.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -x circular.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_010-rhsbl_sender_chained_with_txt/run.sh
^
|
| @@ -4,11 +4,47 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "example.com.chained.txt CNAME NORMAL 1.example.com.chained.txt" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "1.example.com.chained.txt CNAME NORMAL 2.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "2.example.com.chained.txt CNAME NORMAL 3.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "3.example.com.chained.txt CNAME NORMAL 4.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "4.example.com.chained.txt CNAME NORMAL 5.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "5.example.com.chained.txt CNAME NORMAL 6.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "6.example.com.chained.txt CNAME NORMAL 7.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "7.example.com.chained.txt CNAME NORMAL 8.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "8.example.com.chained.txt CNAME NORMAL 9.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "9.example.com.chained.txt CNAME NORMAL 10.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "10.example.com.chained.txt CNAME NORMAL 11.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "11.example.com.chained.txt CNAME NORMAL 12.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "12.example.com.chained.txt CNAME NORMAL 13.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "13.example.com.chained.txt CNAME NORMAL 14.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "14.example.com.chained.txt CNAME NORMAL 15.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "15.example.com.chained.txt CNAME NORMAL 16.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "16.example.com.chained.txt CNAME NORMAL 17.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "17.example.com.chained.txt CNAME NORMAL 18.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "18.example.com.chained.txt CNAME NORMAL 19.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "19.example.com.chained.txt CNAME NORMAL 20.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "20.example.com.chained.txt CNAME NORMAL 21.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "21.example.com.chained.txt CNAME NORMAL 22.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "22.example.com.chained.txt CNAME NORMAL 23.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "23.example.com.chained.txt CNAME NORMAL 24.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "24.example.com.chained.txt CNAME NORMAL 25.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "25.example.com.chained.txt CNAME NORMAL 26.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "26.example.com.chained.txt CNAME NORMAL 27.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "27.example.com.chained.txt CNAME NORMAL 28.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "28.example.com.chained.txt CNAME NORMAL 29.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "29.example.com.chained.txt CNAME NORMAL 30.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "30.example.com.chained.txt CNAME NORMAL 31.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "31.example.com.chained.txt CNAME NORMAL 32.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "32.example.com.chained.txt TXT NORMAL Test RHSBL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 180 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -X chained-txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -X chained-txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X chained.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X chained.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_011-rhsbl_sender_chained_without_txt/run.sh
^
|
| @@ -4,11 +4,47 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "example.com.chained.a CNAME NORMAL 1.example.com.chained.a" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "1.example.com.chained.a CNAME NORMAL 2.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "2.example.com.chained.a CNAME NORMAL 3.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "3.example.com.chained.a CNAME NORMAL 4.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "4.example.com.chained.a CNAME NORMAL 5.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "5.example.com.chained.a CNAME NORMAL 6.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "6.example.com.chained.a CNAME NORMAL 7.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "7.example.com.chained.a CNAME NORMAL 8.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "8.example.com.chained.a CNAME NORMAL 9.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "9.example.com.chained.a CNAME NORMAL 10.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "10.example.com.chained.a CNAME NORMAL 11.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "11.example.com.chained.a CNAME NORMAL 12.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "12.example.com.chained.a CNAME NORMAL 13.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "13.example.com.chained.a CNAME NORMAL 14.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "14.example.com.chained.a CNAME NORMAL 15.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "15.example.com.chained.a CNAME NORMAL 16.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "16.example.com.chained.a CNAME NORMAL 17.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "17.example.com.chained.a CNAME NORMAL 18.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "18.example.com.chained.a CNAME NORMAL 19.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "19.example.com.chained.a CNAME NORMAL 20.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "20.example.com.chained.a CNAME NORMAL 21.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "21.example.com.chained.a CNAME NORMAL 22.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "22.example.com.chained.a CNAME NORMAL 23.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "23.example.com.chained.a CNAME NORMAL 24.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "24.example.com.chained.a CNAME NORMAL 25.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "25.example.com.chained.a CNAME NORMAL 26.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "26.example.com.chained.a CNAME NORMAL 27.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "27.example.com.chained.a CNAME NORMAL 28.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "28.example.com.chained.a CNAME NORMAL 29.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "29.example.com.chained.a CNAME NORMAL 30.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "30.example.com.chained.a CNAME NORMAL 31.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "31.example.com.chained.a CNAME NORMAL 32.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "32.example.com.chained.a A NORMAL 127.0.0.1" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 180 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -X chained-a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -X chained-a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X chained.a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X chained.a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_012-rhsbl_sender_circular/run.sh
^
|
| @@ -3,11 +3,16 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "example.com.circular CNAME NORMAL 1.example.com.circular" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "1.example.com.circular CNAME NORMAL example.com.circular" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -X circular.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -X circular.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X circular ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X circular ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_013-rhsbl_origin_chained_with_txt/run.sh
^
|
| @@ -2,13 +2,50 @@
# a RHSBL that uses TXT records but the records are chained with CNAMEs and
# exceed the lookup limit.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.chained.txt CNAME NORMAL 1.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "1.example.com.chained.txt CNAME NORMAL 2.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "2.example.com.chained.txt CNAME NORMAL 3.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "3.example.com.chained.txt CNAME NORMAL 4.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "4.example.com.chained.txt CNAME NORMAL 5.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "5.example.com.chained.txt CNAME NORMAL 6.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "6.example.com.chained.txt CNAME NORMAL 7.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "7.example.com.chained.txt CNAME NORMAL 8.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "8.example.com.chained.txt CNAME NORMAL 9.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "9.example.com.chained.txt CNAME NORMAL 10.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "10.example.com.chained.txt CNAME NORMAL 11.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "11.example.com.chained.txt CNAME NORMAL 12.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "12.example.com.chained.txt CNAME NORMAL 13.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "13.example.com.chained.txt CNAME NORMAL 14.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "14.example.com.chained.txt CNAME NORMAL 15.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "15.example.com.chained.txt CNAME NORMAL 16.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "16.example.com.chained.txt CNAME NORMAL 17.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "17.example.com.chained.txt CNAME NORMAL 18.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "18.example.com.chained.txt CNAME NORMAL 19.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "19.example.com.chained.txt CNAME NORMAL 20.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "20.example.com.chained.txt CNAME NORMAL 21.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "21.example.com.chained.txt CNAME NORMAL 22.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "22.example.com.chained.txt CNAME NORMAL 23.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "23.example.com.chained.txt CNAME NORMAL 24.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "24.example.com.chained.txt CNAME NORMAL 25.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "25.example.com.chained.txt CNAME NORMAL 26.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "26.example.com.chained.txt CNAME NORMAL 27.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "27.example.com.chained.txt CNAME NORMAL 28.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "28.example.com.chained.txt CNAME NORMAL 29.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "29.example.com.chained.txt CNAME NORMAL 30.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "30.example.com.chained.txt CNAME NORMAL 31.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "31.example.com.chained.txt CNAME NORMAL 32.example.com.chained.txt" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "32.example.com.chained.txt TXT NORMAL Test RHSBL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 180 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.bar
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -X chained-txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -X chained-txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X chained.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X chained.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_014-rhsbl_origin_chained_without_txt/run.sh
^
|
| @@ -2,13 +2,50 @@
# a RHSBL that uses A records but the records are chained with CNAMEs and
# exceed the lookup limit.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.chained.a CNAME NORMAL 1.example.com.chained.a" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "1.example.com.chained.a CNAME NORMAL 2.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "2.example.com.chained.a CNAME NORMAL 3.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "3.example.com.chained.a CNAME NORMAL 4.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "4.example.com.chained.a CNAME NORMAL 5.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "5.example.com.chained.a CNAME NORMAL 6.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "6.example.com.chained.a CNAME NORMAL 7.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "7.example.com.chained.a CNAME NORMAL 8.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "8.example.com.chained.a CNAME NORMAL 9.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "9.example.com.chained.a CNAME NORMAL 10.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "10.example.com.chained.a CNAME NORMAL 11.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "11.example.com.chained.a CNAME NORMAL 12.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "12.example.com.chained.a CNAME NORMAL 13.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "13.example.com.chained.a CNAME NORMAL 14.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "14.example.com.chained.a CNAME NORMAL 15.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "15.example.com.chained.a CNAME NORMAL 16.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "16.example.com.chained.a CNAME NORMAL 17.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "17.example.com.chained.a CNAME NORMAL 18.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "18.example.com.chained.a CNAME NORMAL 19.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "19.example.com.chained.a CNAME NORMAL 20.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "20.example.com.chained.a CNAME NORMAL 21.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "21.example.com.chained.a CNAME NORMAL 22.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "22.example.com.chained.a CNAME NORMAL 23.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "23.example.com.chained.a CNAME NORMAL 24.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "24.example.com.chained.a CNAME NORMAL 25.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "25.example.com.chained.a CNAME NORMAL 26.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "26.example.com.chained.a CNAME NORMAL 27.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "27.example.com.chained.a CNAME NORMAL 28.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "28.example.com.chained.a CNAME NORMAL 29.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "29.example.com.chained.a CNAME NORMAL 30.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "30.example.com.chained.a CNAME NORMAL 31.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "31.example.com.chained.a CNAME NORMAL 32.example.com.chained.a" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "32.example.com.chained.a A NORMAL 127.0.0.1" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 180 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.bar
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -X chained-a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} -X chained-a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X chained.a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 180 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X chained.a ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_015-rhsbl_origin_circular/run.sh
^
|
| @@ -1,13 +1,17 @@
# This test looks for a success message because the incoming rDNS address is on
# a RHSBL but the records are chained with CNAMEs and circular.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
+
+echo "44.33.22.11.in-addr.arpa PTR foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.circular.rhsbl CNAME 1.example.com.circular.rhsbl" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "1.example.com.circular.rhsbl CNAME example.com.circular.rhsbl" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -X circular.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -X circular.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X circular.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -X circular.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_016-dnsrbl_from_file/run.sh
^
|
| @@ -3,13 +3,17 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrbl TXT NORMAL Test DNSRBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo txt.test-dnsrbl.spamdyke.org > ${TMPDIR}/${TEST_NUM}-rbl.txt
+echo txt.dnsrbl > ${TMPDIR}/${TEST_NUM}-rbl.txt
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-blacklist-file ${TMPDIR}/${TEST_NUM}-rbl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-blacklist-file ${TMPDIR}/${TEST_NUM}-rbl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-blacklist-file ${TMPDIR}/${TEST_NUM}-rbl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --dns-blacklist-file ${TMPDIR}/${TEST_NUM}-rbl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test DNSRBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rbl_017-rhsbl_from_file/run.sh
^
|
| @@ -1,15 +1,20 @@
# This test looks for a rejection because the incoming rDNS name is on a
# RHSBL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSBL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
-echo txt.test-rhsbl.spamdyke.org > ${TMPDIR}/${TEST_NUM}-rhsbl.txt
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.bar
+
+echo txt.rhsbl > ${TMPDIR}/${TEST_NUM}-rhsbl.txt
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --rhs-blacklist-file ${TMPDIR}/${TEST_NUM}-rhsbl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --rhs-blacklist-file ${TMPDIR}/${TEST_NUM}-rhsbl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --rhs-blacklist-file ${TMPDIR}/${TEST_NUM}-rhsbl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --rhs-blacklist-file ${TMPDIR}/${TEST_NUM}-rhsbl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Test RHSBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-regression_010-dnsrbl_long_text/run.sh
^
|
| @@ -3,9 +3,13 @@
export TCPREMOTEIP=88.229.90.167
+echo "167.90.229.88.txt.dnsrbl TXT NORMAL Latest spam received via gollum.manitu.net at Wed, 02 Jan 2008 11:58:35 +0100, see http://www.dnsbl.manitu.net/lookup.php?value=88.229.90.167" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -lexcessive -x txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -lexcessive -x txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -lexcessive --dns-server-ip ${NAMESERVER_IP} -x txt.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} -lexcessive --dns-server-ip ${NAMESERVER_IP} -x txt.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Latest spam received via gollum.manitu.net" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-regression_026-rhsbl_filter_message_corruption/run.sh
^
|
| @@ -1,18 +1,23 @@
# This test looks for a rejection because the incoming rDNS name is on a
# RHSBL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhsbl TXT NORMAL Test RHSBL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.bar
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --log-target stderr -lverbose -X nonexistent-rhsbl-1.spamdyke.org -X nonexistent-rhsbl-2.spamdyke.org -X nonexistent-rhsbl-3.spamdyke.org -X txt.test-rhsbl.spamdyke.org -X nonexistent-rhsbl-4.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --log-target stderr -lverbose -X nonexistent-rhsbl-1.spamdyke.org -X nonexistent-rhsbl-2.spamdyke.org -X nonexistent-rhsbl-3.spamdyke.org -X txt.test-rhsbl.spamdyke.org -X nonexistent-rhsbl-4.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --log-target stderr -lverbose --dns-server-ip ${NAMESERVER_IP} -X nonexistent1.rhsbl -X nonexistent2.rhsbl -X nonexistent3.rhsbl -X txt.rhsbl -X nonexistent4.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --log-target stderr -lverbose --dns-server-ip ${NAMESERVER_IP} -X nonexistent1.rhsbl -X nonexistent2.rhsbl -X nonexistent3.rhsbl -X txt.rhsbl -X nonexistent4.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
output=`grep "554 Test RHSBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- output=`grep "FILTER_RHSBL_MATCH domain: ns.silence.org rhsbl: txt.test-rhsbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "FILTER_RHSBL_MATCH domain: foo.example.com rhsbl: txt.rhsbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-regression_032-load_file_segfault/run.sh
^
|
| @@ -5,7 +5,7 @@
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo txt.test-dnsrbl.spamdyke.org > ${TMPDIR}/${TEST_NUM}-rbl.txt
+echo txt.dnsrbl > ${TMPDIR}/${TEST_NUM}-rbl.txt
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-blacklist-entry a.example.com --dns-blacklist-entry b.example.com --dns-blacklist-entry c.example.com --dns-blacklist-entry d.example.com --dns-blacklist-entry e.example.com --dns-blacklist-entry f.example.com --dns-blacklist-entry g.example.com --dns-blacklist-entry h.example.com --dns-blacklist-entry i.example.com --dns-blacklist-entry j.example.com --dns-blacklist-file ${TMPDIR}/${TEST_NUM}-rbl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-regression_034-multiple_rbl_verbose_logging/run.sh
^
|
| @@ -5,16 +5,20 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrbl TXT NORMAL Test DNSRBL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --log-target stderr -lverbose -x txt.test-nonexistant-dnsrbl-1.spamdyke.org -x txt.test-nonexistant-dnsrbl-2.spamdyke.org -x txt.test-nonexistant-dnsrbl-3.spamdyke.org -x txt.test-nonexistant-dnsrbl-4.spamdyke.org -x txt.test-nonexistant-dnsrbl-5.spamdyke.org -x txt.test-nonexistant-dnsrbl-6.spamdyke.org -x txt.test-nonexistant-dnsrbl-7.spamdyke.org -x txt.test-nonexistant-dnsrbl-8.spamdyke.org -x txt.test-nonexistant-dnsrbl-9.spamdyke.org -x txt.test-nonexistant-dnsrbl-10.spamdyke.org -x txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --log-target stderr -lverbose -x txt.test-nonexistant-dnsrbl-1.spamdyke.org -x txt.test-nonexistant-dnsrbl-2.spamdyke.org -x txt.test-nonexistant-dnsrbl-3.spamdyke.org -x txt.test-nonexistant-dnsrbl-4.spamdyke.org -x txt.test-nonexistant-dnsrbl-5.spamdyke.org -x txt.test-nonexistant-dnsrbl-6.spamdyke.org -x txt.test-nonexistant-dnsrbl-7.spamdyke.org -x txt.test-nonexistant-dnsrbl-8.spamdyke.org -x txt.test-nonexistant-dnsrbl-9.spamdyke.org -x txt.test-nonexistant-dnsrbl-10.spamdyke.org -x txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --log-target stderr -lverbose --dns-server-ip ${NAMESERVER_IP} -x txt.nonexistant1.dnsrbl -x txt.nonexistant2.dnsrbl -x txt.nonexistant3.dnsrbl -x txt.nonexistant4.dnsrbl -x txt.nonexistant5.dnsrbl -x txt.nonexistant6.dnsrbl -x txt.nonexistant7.dnsrbl -x txt.nonexistant8.dnsrbl -x txt.nonexistant9.dnsrbl -x txt.nonexistant10.dnsrbl -x txt.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --log-target stderr -lverbose --dns-server-ip ${NAMESERVER_IP} -x txt.nonexistant1.dnsrbl -x txt.nonexistant2.dnsrbl -x txt.nonexistant3.dnsrbl -x txt.nonexistant4.dnsrbl -x txt.nonexistant5.dnsrbl -x txt.nonexistant6.dnsrbl -x txt.nonexistant7.dnsrbl -x txt.nonexistant8.dnsrbl -x txt.nonexistant9.dnsrbl -x txt.nonexistant10.dnsrbl -x txt.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
output=`grep "554 Test DNSRBL match" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- output=`grep "FILTER_RBL_MATCH ip: 11.22.33.44 rbl: txt.test-dnsrbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "FILTER_RBL_MATCH ip: 11.22.33.44 rbl: txt.dnsrbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_042-starttls_hang
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_042-starttls_hang/input.txt
^
|
| @@ -0,0 +1,2 @@
+ehlo me
+starttls
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_042-starttls_hang/run.sh
^
|
| @@ -0,0 +1,20 @@
+# This test starts TLS without sending any data to test if spamdyke will
+# timeout or wait forever for SSL data.
+
+export TCPREMOTEIP=0.0.0.0
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+
+echo "${SENDRECV_PATH} -t 30 -S -r 421 -- ${SPAMDYKE_PATH} --tls-level smtp --tls-certificate ../certificates/combined_no_passphrase/server.pem -T 10 ${SMTPDUMMY_PATH} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -S -r 421 -- ${SPAMDYKE_PATH} --tls-level smtp --tls-certificate ../certificates/combined_no_passphrase/server.pem -T 10 ${SMTPDUMMY_PATH} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "421 Timeout. Talk faster next time." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_043-config_file_syntax
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_043-config_file_syntax/config.txt
^
|
| @@ -0,0 +1 @@
+reject-missing-sender-mx yes
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_043-config_file_syntax/run.sh
^
|
| @@ -0,0 +1,18 @@
+# This test looks for an error when the configuration file has a syntax problem.
+
+export TCPREMOTEIP=${TESTSD_RDNS_IP}
+
+cp config.txt ${TMPDIR}/${TEST_NUM}-config.txt
+echo "${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt ${QMAIL_CMDLINE} > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Bad syntax in configuration file" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_044-symbol_address_start
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_044-symbol_address_start/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_044-symbol_address_start/run.sh
^
|
| @@ -0,0 +1,22 @@
+# This test starts to deliver a message using a sender address that starts
+# with a non-alphanumeric character and checks to see if spamdyke parses
+# it properly.
+
+export TCPREMOTEIP=0.0.0.0
+
+FROM_ADDRESS="|test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com"
+
+cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --log-target stderr -l ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --log-target stderr -l ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "from: ${FROM_ADDRESS}" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_045-mx_contains_valid_ip
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_045-mx_contains_valid_ip/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_045-mx_contains_valid_ip/run.sh
^
|
| @@ -0,0 +1,28 @@
+# This test looks for a rejection when the sender's domain has an MX record
+# that contains an IP address instead of a name. This is illegal but some
+# people do it.
+
+export TCPREMOTEIP=0.0.0.0
+
+echo "ip.mx MX NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@ip.mx
+
+touch ${TMPDIR}/${TEST_NUM}-local_domains.txt
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --reject-missing-sender-mx --local-domains-file ${TMPDIR}/${TEST_NUM}-local_domains.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --reject-missing-sender-mx --local-domains-file ${TMPDIR}/${TEST_NUM}-local_domains.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. The domain of your sender address has no mail exchanger (MX)." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_046-mx_contains_invalid_ip
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_046-mx_contains_invalid_ip/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_046-mx_contains_invalid_ip/run.sh
^
|
| @@ -0,0 +1,27 @@
+# This test looks for a rejection when the sender's domain has an MX record
+# that contains an invalid IP address (octets out of range).
+
+export TCPREMOTEIP=0.0.0.0
+
+echo "ip.mx MX NORMAL 666.777.888.999" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@ip.mx
+
+touch ${TMPDIR}/${TEST_NUM}-local_domains.txt
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --reject-missing-sender-mx --local-domains-file ${TMPDIR}/${TEST_NUM}-local_domains.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 421 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --reject-missing-sender-mx --local-domains-file ${TMPDIR}/${TEST_NUM}-local_domains.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "421 Refused. The domain of your sender address has no mail exchanger (MX)." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_047-config_test_setuid_executable
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_047-config_test_setuid_executable/run.sh
^
|
| @@ -0,0 +1,35 @@
+# This test looks for a success message from the config-test when it finds an
+# executable file with the setuid bit.
+
+if [ "${UID}" == "0" ]
+then
+ touch ${TMPDIR}/${TEST_NUM}-hostname
+ chmod 4750 ${TMPDIR}/${TEST_NUM}-hostname
+
+ pushd ..
+ su $4 ./subrun $1 $2 $3 $4 $5 test-${TEST_NUM}-*
+ popd
+
+ output=`grep "File is executable: ${TMPDIR}/${TEST_NUM}-hostname" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ output=`grep "SUCCESS: Tests complete. No errors detected." ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+ else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo "${SPAMDYKE_PATH} -ldebug --hostname-command ${TMPDIR}/${TEST_NUM}-hostname --config-test ${QMAIL_CMDLINE} > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+ ${SPAMDYKE_PATH} -ldebug --hostname-command ${TMPDIR}/${TEST_NUM}-hostname --config-test ${QMAIL_CMDLINE} > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_048-incorrect_message_bad_config_dir_option
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_048-incorrect_message_bad_config_dir_option/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TO_ADDRESS>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_048-incorrect_message_bad_config_dir_option/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test puts an unacceptable option in a configuration dir file and looks
+# for the correct error message.
+
+TO_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+FROM_ADDRESS=bar@foo.com
+
+touch ${TMPDIR}/${TEST_NUM}-keywords.txt
+mkdir -p ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/foo/_at_/
+echo "ip-in-rdns-blacklist-keyword-file=${TMPDIR}/${TEST_NUM}-keywords.txt" > ${TMPDIR}/${TEST_NUM}-config.d/_sender_/com/foo/_at_/bar
+
+cat input.txt | sed -e "s/TARGET_EMAIL/${TO_ADDRESS}/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --config-dir ${TMPDIR}/${TEST_NUM}-config.d --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "ERROR: Unknown configuration file option in file" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_049-whitelisted_ip_hides_auth
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_049-whitelisted_ip_hides_auth/input.txt
^
|
| @@ -0,0 +1,2 @@
+ehlo me
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_049-whitelisted_ip_hides_auth/run.sh
^
|
| @@ -0,0 +1,19 @@
+# This test whitelists the remote IP and checks for an AUTH banner.
+
+export TCPREMOTEIP=11.22.33.44
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --ip-whitelist-entry 11.22.33.44 --smtp-auth-level always --smtp-auth-command \"${AUTH_CMDLINE}\" --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --ip-whitelist-entry 11.22.33.44 --smtp-auth-level always --smtp-auth-command "${AUTH_CMDLINE}" --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "AUTH LOGIN PLAIN" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_050-dns_blacklist_empty_file
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_050-dns_blacklist_empty_file/input.txt
^
|
| @@ -0,0 +1 @@
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_050-dns_blacklist_empty_file/run.sh
^
|
| @@ -0,0 +1,20 @@
+# This test tries to use an empty DNS RBL file and looks for a segfault.
+
+export TCPREMOTEIP=11.22.33.44
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+touch ${TMPDIR}/${TEST_NUM}-dns_blacklist.txt
+
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-blacklist-file ${TMPDIR}/${TEST_NUM}-dns_blacklist.txt --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-blacklist-file ${TMPDIR}/${TEST_NUM}-dns_blacklist.txt --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "221" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_051-dns_whitelist_empty_file
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_051-dns_whitelist_empty_file/input.txt
^
|
| @@ -0,0 +1 @@
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_051-dns_whitelist_empty_file/run.sh
^
|
| @@ -0,0 +1,20 @@
+# This test tries to use an empty DNS RWL file and looks for a segfault.
+
+export TCPREMOTEIP=11.22.33.44
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+touch ${TMPDIR}/${TEST_NUM}-dns_whitelist.txt
+
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-whitelist-file ${TMPDIR}/${TEST_NUM}-dns_whitelist.txt --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-whitelist-file ${TMPDIR}/${TEST_NUM}-dns_whitelist.txt --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "221" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_052-rhs_blacklist_empty_file
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_052-rhs_blacklist_empty_file/input.txt
^
|
| @@ -0,0 +1 @@
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_052-rhs_blacklist_empty_file/run.sh
^
|
| @@ -0,0 +1,20 @@
+# This test tries to use an empty RHS RBL file and looks for a segfault.
+
+export TCPREMOTEIP=${TESTSD_RDNS_IP}
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+touch ${TMPDIR}/${TEST_NUM}-rhs_blacklist.txt
+
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --rhs-blacklist-file ${TMPDIR}/${TEST_NUM}-rhs_blacklist.txt --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --rhs-blacklist-file ${TMPDIR}/${TEST_NUM}-rhs_blacklist.txt --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "221" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_053-rhs_whitelist_empty_file
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_053-rhs_whitelist_empty_file/input.txt
^
|
| @@ -0,0 +1 @@
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_053-rhs_whitelist_empty_file/run.sh
^
|
| @@ -0,0 +1,20 @@
+# This test tries to use an empty RHS RWL file and looks for a segfault.
+
+export TCPREMOTEIP=${TESTSD_RDNS_IP}
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+touch ${TMPDIR}/${TEST_NUM}-rhs_whitelist.txt
+
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --rhs-whitelist-file ${TMPDIR}/${TEST_NUM}-rhs_whitelist.txt --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --rhs-whitelist-file ${TMPDIR}/${TEST_NUM}-rhs_whitelist.txt --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "221" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_054-hostname_empty_file
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_054-hostname_empty_file/input.txt
^
|
| @@ -0,0 +1,3 @@
+ehlo me
+auth cram-md5
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_054-hostname_empty_file/run.sh
^
|
| @@ -0,0 +1,20 @@
+# This test tries to use an empty hostname file and looks for a segfault.
+
+export TCPREMOTEIP=11.22.33.44
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+touch ${TMPDIR}/${TEST_NUM}-hostname.txt
+
+echo "${SENDRECV_PATH} -t 30 -r 221 -u $2 -p $3 -- ${SPAMDYKE_PATH} --hostname-file ${TMPDIR}/${TEST_NUM}-hostname.txt --smtp-auth-level always-encrypted --smtp-auth-command ${SMTPAUTH_CRAMMD5_PATH} --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -u $2 -p $3 -- ${SPAMDYKE_PATH} --hostname-file ${TMPDIR}/${TEST_NUM}-hostname.txt --smtp-auth-level always-encrypted --smtp-auth-command ${SMTPAUTH_CRAMMD5_PATH} --log-target stderr ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "221" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo Failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_055-local_domains_entry_open_relay
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_055-local_domains_entry_open_relay/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_055-local_domains_entry_open_relay/run.sh
^
|
| @@ -0,0 +1,23 @@
+# This test attempts to relay a message when using local-domains-entry but
+# not local-domains-file. spamdyke should not allow relaying.
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+echo "11.22.33.44:allow" > ${TMPDIR}/${TEST_NUM}-access.txt
+
+cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --local-domains-entry foo.spamdyke.org --access-file ${TMPDIR}/${TEST_NUM}-access.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --local-domains-entry foo.spamdyke.org --access-file ${TMPDIR}/${TEST_NUM}-access.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Sending to remote addresses (relaying) is not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_056-bad_address_open_relay
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_056-bad_address_open_relay/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_056-bad_address_open_relay/run.sh
^
|
| @@ -0,0 +1,23 @@
+# This test attempts to relay a message when using local-domains-entry but
+# not local-domains-file. spamdyke should not allow relaying.
+
+export TCPREMOTEIP=11.22.33.44
+
+FROM_ADDRESS=@example.com:victim@other.com
+
+echo "11.22.33.44:allow" > ${TMPDIR}/${TEST_NUM}-access.txt
+
+cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --local-domains-entry example.com --access-file ${TMPDIR}/${TEST_NUM}-access.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --local-domains-entry example.com --access-file ${TMPDIR}/${TEST_NUM}-access.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Refused. Sending to remote addresses (relaying) is not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_057-multiple_values_become_default
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_057-multiple_values_become_default/input.txt
^
|
| @@ -0,0 +1,10 @@
+helo me
+mail from:<FROM_ADDRESS>
+rcpt to:<TARGET_EMAIL>
+data
+To: <TARGET_EMAIL>
+Subject: Test-TEST_NUM
+
+FOO!
+.
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_057-multiple_values_become_default/run.sh
^
|
| @@ -0,0 +1,59 @@
+# This test sets the "log-target" option to nothing and checks to make sure it
+# stays that way without reverting to default.
+
+export TCPREMOTEIP=0.0.0.0
+
+echo "log-target=!!!" > ${TMPDIR}/${TEST_NUM}-config.txt
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+
+cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt -l ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -f ${TMPDIR}/${TEST_NUM}-config.txt -l ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "from: ${FROM_ADDRESS}" ${TMPDIR}/${TEST_NUM}-output.txt | grep ALLOWED`
+ if [ -z "${output}" ]
+ then
+ output=`grep "from: ${FROM_ADDRESS}" ${TMPDIR}/${TEST_NUM}-output.txt | grep -E "spamdyke\[[0-9]*\]: spamdyke\[[0-9]\]: ALLOWED"`
+ if [ -z "${output}" ]
+ then
+ echo Sleeping 5 seconds so syslogd can write the log entry.
+ sleep 5
+ output=`grep "from: ${FROM_ADDRESS}" /var/log/maillog | grep ALLOWED`
+ if [ -z "${output}" ]
+ then
+ output=`grep "from: ${FROM_ADDRESS}" /var/log/maillog | grep -E "spamdyke\[[0-9]*\]: spamdyke\[[0-9]\]: ALLOWED"`
+ if [ -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Logging failure. Check syslog.
+
+ outcome="failure"
+ fi
+ else
+ echo Logging failure. Check syslog.
+
+ outcome="failure"
+ fi
+ else
+ echo OUTPUT IN ${TMPDIR}/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+ else
+ echo OUTPUT IN ${TMPDIR}/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo Delivery failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_058-quit_timeout_after_filter
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_058-quit_timeout_after_filter/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<sender@example.com>
+rcpt to:<recipient@example.com>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-regression_058-quit_timeout_after_filter/run.sh
^
|
| @@ -0,0 +1,20 @@
+# This test triggers a post-RCPT filter, then quits and looks for a hang and
+# timeout message.
+
+export TCPREMOTEIP=${TESTSD_UNRESOLVABLE_RDNS_IP}
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+
+echo "${SENDRECV_PATH} -t 30 -- ${SPAMDYKE_PATH} -T 10 --log-target stderr -R --local-domains-entry foo.com --recipient-whitelist-entry user@foo.com ${SMTPDUMMY_PATH} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -- ${SPAMDYKE_PATH} -T 10 --log-target stderr -R --local-domains-entry foo.com --recipient-whitelist-entry user@foo.com ${SMTPDUMMY_PATH} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep "421 Timeout. Talk faster next time." ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ -z "${output}" ]
+then
+ outcome="success"
+else
+ echo OUTPUT IN tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rejection_text_002-dns_blacklist/run.sh
^
|
| @@ -3,16 +3,20 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.a.dnsrbl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --rejection-text-dns-blacklist \"Foo Bar Baz\" -x a.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --rejection-text-dns-blacklist "Foo Bar Baz" -x a.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --rejection-text-dns-blacklist \"Foo Bar Baz\" -x a.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --rejection-text-dns-blacklist "Foo Bar Baz" -x a.dnsrbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Foo Bar Baz" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- output=`grep "554 Refused. Your IP address is listed in the RBL at a.test-dnsrbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "554 Refused. Your IP address is listed in the RBL at a.dnsrbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-rejection_text_016-rhs_blacklist/run.sh
^
|
| @@ -3,16 +3,20 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "foo.bar.a.rhsbl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.bar
cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --rejection-text-rhs-blacklist \"Foo Bar Baz\" -X a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --rejection-text-rhs-blacklist "Foo Bar Baz" -X a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --rejection-text-rhs-blacklist \"Foo Bar Baz\" -X a.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} --rejection-text-rhs-blacklist "Foo Bar Baz" -X a.rhsbl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep "554 Foo Bar Baz" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
then
- output=`grep "554 Refused. Your domain name is listed in the RHSBL at a.test-rhsbl.spamdyke.org" ${TMPDIR}/${TEST_NUM}-output.txt`
+ output=`grep "554 Refused. Your domain name is listed in the RHSBL at a.rhsbl" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ -z "${output}" ]
then
outcome="success"
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-rejection_text_025-identical_sender_recipient
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-rejection_text_025-identical_sender_recipient/input.txt
^
|
| @@ -0,0 +1,4 @@
+helo me
+mail from:<TARGET_EMAIL>
+rcpt to:<TARGET_EMAIL>
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-rejection_text_025-identical_sender_recipient/run.sh
^
|
| @@ -0,0 +1,30 @@
+# This test looks for a rejection when the sender and recipient addresses are
+# the same.
+
+export TCPREMOTEIP=0.0.0.0
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.example.com
+
+cat input.txt | sed -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --rejection-text-identical-sender-recipient \"Foo Bar Baz\" --reject-identical-sender-recipient ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 554 -- ${SPAMDYKE_PATH} --rejection-text-identical-sender-recipient "Foo Bar Baz" --reject-identical-sender-recipient ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep "554 Foo Bar Baz" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "554 Refused. Identical sender and recipient addresses are not allowed." ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_023-patched_tls_level_smtp_no_passthrough
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_023-patched_tls_level_smtp_no_passthrough/input.txt
^
|
| @@ -0,0 +1,3 @@
+ehlo me
+starttls
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_023-patched_tls_level_smtp_no_passthrough/run.sh
^
|
| @@ -0,0 +1,34 @@
+# This test looks for a STARTTLS offer when qmail does support it, starts TLS
+# and checks that spamdyke is doing the TLS, not qmail.
+
+if [ -f /var/qmail/control/servercert.pem ]
+then
+ mkdir -p ${TMPDIR}/${TEST_NUM}-logs
+
+ cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+ echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -L ${TMPDIR}/${TEST_NUM}-logs --tls-level smtp-no-passthrough --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+ ${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -L ${TMPDIR}/${TEST_NUM}-logs --tls-level smtp-no-passthrough --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+ output=`grep "(TLS session started.)" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ output=`grep -E "^221" ${TMPDIR}/${TEST_NUM}-logs/*`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo /var/qmail/control/servercert.pem does not exist. Test failed.
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_024-patched_tls_level_smtp_no_passthrough_no_certificate
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_024-patched_tls_level_smtp_no_passthrough_no_certificate/input.txt
^
|
| @@ -0,0 +1,3 @@
+ehlo me
+starttls
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_024-patched_tls_level_smtp_no_passthrough_no_certificate/run.sh
^
|
| @@ -0,0 +1,34 @@
+# This test checks to make sure no STARTTLS offer is made even when qmail does
+# support it, then tries to start TLS and checks for a failure.
+
+if [ -f /var/qmail/control/servercert.pem ]
+then
+ mkdir -p ${TMPDIR}/${TEST_NUM}-logs
+
+ cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+ echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -L ${TMPDIR}/${TEST_NUM}-logs --tls-level smtp-no-passthrough ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+ ${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -L ${TMPDIR}/${TEST_NUM}-logs --tls-level smtp-no-passthrough ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+ output=`grep -E "250.STARTTLS" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ -z "${output}" ]
+ then
+ output=`grep "554 Failed to negotiate TLS connection." ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo /var/qmail/control/servercert.pem does not exist. Test failed.
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_025-valid_tls_cipher_list
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_025-valid_tls_cipher_list/input.txt
^
|
| @@ -0,0 +1,3 @@
+ehlo me
+starttls
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_025-valid_tls_cipher_list/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test starts TLS with a valid list of ciphers.
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --tls-cipher-list ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:+HIGH:-MEDIUM --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --tls-cipher-list ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:+HIGH:-MEDIUM --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep -E "250.STARTTLS" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "(TLS session started.)" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_026-typo_tls_cipher_list
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_026-typo_tls_cipher_list/input.txt
^
|
| @@ -0,0 +1,3 @@
+ehlo me
+starttls
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_026-typo_tls_cipher_list/run.sh
^
|
| @@ -0,0 +1,25 @@
+# This test starts TLS with a valid list of ciphers that contains some typos.
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --tls-cipher-list \"xALL:!xaNULL:!xADH:!xeNULL:!xLOW:!xEXP:!xSSLv2:HIGH:-MEDIUM\" --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --tls-cipher-list "xALL:!xaNULL:!xADH:!xeNULL:!xLOW:!xEXP:!xSSLv2:HIGH:-MEDIUM" --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+
+output=`grep -E "250.STARTTLS" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "(TLS session started.)" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_027-patched_invalid_tls_cipher_list
^
|
| +(directory)
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_027-patched_invalid_tls_cipher_list/input.txt
^
|
| @@ -0,0 +1,3 @@
+ehlo me
+starttls
+quit
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/tests/test-tls_027-patched_invalid_tls_cipher_list/run.sh
^
|
| @@ -0,0 +1,44 @@
+# This test starts TLS with a valid list of ciphers that is completely invalid.
+# spamdyke should pass TLS through to qmail.
+
+cp input.txt ${TMPDIR}/${TEST_NUM}-input.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --tls-cipher-list foobar --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem --log-target stderr -lexcessive ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --tls-cipher-list foobar --tls-certificate-file ${CERTDIR}/combined_no_passphrase/server.pem --log-target stderr -lexcessive ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt 2>&1
+
+output=`grep -E "250.STARTTLS" ${TMPDIR}/${TEST_NUM}-output.txt`
+if [ ! -z "${output}" ]
+then
+ output=`grep "TLS_ENCRYPTED from: (unknown) to: (unknown) origin_ip: 0.0.0.0 origin_rdns: (unknown) auth: (unknown) encryption: TLS_PASSTHROUGH" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ output=`grep "(TLS session started.)" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ output=`grep -E "^221" ${TMPDIR}/${TEST_NUM}-output.txt`
+ if [ ! -z "${output}" ]
+ then
+ outcome="success"
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+ else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+ fi
+else
+ echo Filter failure - tmp/${TEST_NUM}-output.txt:
+ cat ${TMPDIR}/${TEST_NUM}-output.txt
+
+ outcome="failure"
+fi
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-whitelist_ip_002-dns_with_txt/run.sh
^
|
| @@ -3,11 +3,15 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrwl TXT NORMAL Test DNSRWL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-whitelist-entry txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-whitelist-entry txt.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -r --dns-whitelist-entry txt.dnsrwl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -r --dns-whitelist-entry txt.dnsrwl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-whitelist_ip_003-dns_without_txt/run.sh
^
|
| @@ -3,11 +3,15 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.a.dnsrwl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-whitelist-entry a.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-whitelist-entry a.test-dnsrbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -r --dns-whitelist-entry a.dnsrwl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -r --dns-whitelist-entry a.dnsrwl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-whitelist_ip_004-dns_from_file/run.sh
^
|
| @@ -3,13 +3,17 @@
export TCPREMOTEIP=11.22.33.44
+echo "44.33.22.11.txt.dnsrwl TXT NORMAL Test DNSRWL match" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
-echo txt.test-dnsrbl.spamdyke.org > ${TMPDIR}/${TEST_NUM}-rwl.txt
+echo txt.dnsrwl > ${TMPDIR}/${TEST_NUM}-rwl.txt
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-whitelist-file ${TMPDIR}/${TEST_NUM}-rwl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-whitelist-file ${TMPDIR}/${TEST_NUM}-rwl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -r --dns-whitelist-file ${TMPDIR}/${TEST_NUM}-rwl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} --dns-server-ip ${NAMESERVER_IP} -r --dns-whitelist-file ${TMPDIR}/${TEST_NUM}-rwl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-whitelist_rdns_005-rhswl_with_txt/run.sh
^
|
| @@ -1,13 +1,18 @@
# This test looks for a rejection because the incoming rDNS name is listed in a
# RHSWL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhswl TXT NORMAL Test RHSWL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.bar
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --rhs-whitelist-entry txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --rhs-whitelist-entry txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-entry txt.rhswl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-entry txt.rhswl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-whitelist_rdns_006-rhswl_without_txt/run.sh
^
|
| @@ -1,13 +1,18 @@
# This test looks for a rejection because the incoming rDNS name is listed in a
-# RHSWL that does not use TXT records.
+# RHSWL that uses A records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.a.rhswl A NORMAL 127.0.0.1" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.bar
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --rhs-whitelist-entry a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --rhs-whitelist-entry a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-entry a.rhswl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-entry a.rhswl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-whitelist_rdns_007-rhswl_from_file/run.sh
^
|
| @@ -1,15 +1,20 @@
# This test looks for a rejection because the incoming rDNS name is listed in a
# RHSWL that uses TXT records.
-export TCPREMOTEIP=`${DNSA_PATH} ns.silence.org`
+export TCPREMOTEIP=11.22.33.44
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
+echo "44.33.22.11.in-addr.arpa PTR NORMAL foo.example.com" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+echo "example.com.txt.rhswl TXT NORMAL Test RHSWL match" >> ${TMPDIR}/${TEST_NUM}-dns_config.txt
-echo txt.test-rhsbl.spamdyke.org > ${TMPDIR}/${TEST_NUM}-rhswl.txt
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@foo.bar
+
+echo txt.rhswl > ${TMPDIR}/${TEST_NUM}-rhswl.txt
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --rhs-whitelist-file ${TMPDIR}/${TEST_NUM}-rhswl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --rhs-whitelist-file ${TMPDIR}/${TEST_NUM}-rhswl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-file ${TMPDIR}/${TEST_NUM}-rhswl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -d 0 -- ${SPAMDYKE_PATH} -e 10 --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-file ${TMPDIR}/${TEST_NUM}-rhswl.txt ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-whitelist_sender_003-rhswl_with_txt/run.sh
^
|
| @@ -3,11 +3,15 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "example.com.txt.rhswl TXT NORMAL Test RHSWL text" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --rhs-whitelist-entry txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --rhs-whitelist-entry txt.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-entry txt.rhswl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-entry txt.rhswl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/tests/test-whitelist_sender_004-rhswl_without_txt/run.sh
^
|
| @@ -3,11 +3,15 @@
export TCPREMOTEIP=0.0.0.0
-FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@silence.org
+echo "example.com.a.rhswl A NORMAL 127.0.0.1" > ${TMPDIR}/${TEST_NUM}-dns_config.txt
+
+NAMESERVER_IP=127.0.0.1:`${DNSDUMMY_PATH} -t 30 -f ${TMPDIR}/${TEST_NUM}-dns_config.txt`
+
+FROM_ADDRESS=test-${TEST_NUM}.${RANDOM}.${RANDOM}@example.com
cat input.txt | sed -e "s/TEST_NUM/${TEST_NUM}/g" -e "s/TARGET_EMAIL/$1/g" -e "s/FROM_ADDRESS/${FROM_ADDRESS}/g" > ${TMPDIR}/${TEST_NUM}-input.txt
-echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --rhs-whitelist-entry a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
-${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --rhs-whitelist-entry a.test-rhsbl.spamdyke.org ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
+echo "${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-entry a.rhswl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt"
+${SENDRECV_PATH} -t 30 -r 221 -- ${SPAMDYKE_PATH} -r --dns-server-ip ${NAMESERVER_IP} --rhs-whitelist-entry a.rhswl ${QMAIL_CMDLINE} < ${TMPDIR}/${TEST_NUM}-input.txt > ${TMPDIR}/${TEST_NUM}-output.txt
output=`grep -E "250 ok [0-9]* qp [0-9]*" ${TMPDIR}/${TEST_NUM}-output.txt`
if [ ! -z "${output}" ]
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/Makefile.in
^
|
| @@ -1,7 +1,7 @@
# @configure_input@
################################################################################
# spamdyke -- a filter for stopping spam at connection time.
-# Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+# Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
@@ -24,7 +24,7 @@
LDFLAGS := @LDFLAGS@
LIBS := @LIBS@
-all: domain2path domainsplit dnsany dnsany_libc dnsa dnstxt dnsptr dnsmx dnsns dnssoa dnscname
+all: domain2path domainsplit dnsany dnsany_libc dnsa dnstxt dnsptr dnsmx dnsns dnssoa dnscname timefilter
install: all
cp domain2path domainsplit @bindir@
@@ -62,8 +62,11 @@
dnscname: dnscname.c Makefile
$(CC) $(CFLAGS) -o dnscname dnscname.c $(LDFLAGS) $(LIBS)
+timefilter: timefilter.c Makefile
+ $(CC) $(CFLAGS) -o timefilter timefilter.c $(LDFLAGS) $(LIBS)
+
clean:
- rm -f domain2path domainsplit dnsany dnsany_libc dnsa dnstxt dnsptr dnsmx dnsns dnssoa dnscname
+ rm -rf *.dSYM domain2path domainsplit dnsany dnsany_libc dnsa dnstxt dnsptr dnsmx dnsns dnssoa dnscname timefilter
distclean: clean
rm -rf autom4te.cache config.h config.log config.status Makefile
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/config.h.in
^
|
| @@ -1,6 +1,6 @@
/*
spamdyke -- a filter for stopping spam at connection time.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/configure
^
|
| @@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for spamdyke 4.0.10.
+# Generated by GNU Autoconf 2.61 for spamdyke 4.2.0.
#
# Report bugs to <samc (at) silence (dot) org>.
#
@@ -574,8 +574,8 @@
# Identity of this package.
PACKAGE_NAME='spamdyke'
PACKAGE_TARNAME='-spamdyke-'
-PACKAGE_VERSION='4.0.10'
-PACKAGE_STRING='spamdyke 4.0.10'
+PACKAGE_VERSION='4.2.0'
+PACKAGE_STRING='spamdyke 4.2.0'
PACKAGE_BUGREPORT='samc (at) silence (dot) org'
ac_unique_file="dnsa.c"
@@ -1177,7 +1177,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures spamdyke 4.0.10 to adapt to many kinds of systems.
+\`configure' configures spamdyke 4.2.0 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1238,7 +1238,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of spamdyke 4.0.10:";;
+ short | recursive ) echo "Configuration of spamdyke 4.2.0:";;
esac
cat <<\_ACEOF
@@ -1321,7 +1321,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-spamdyke configure 4.0.10
+spamdyke configure 4.2.0
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1335,7 +1335,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by spamdyke $as_me 4.0.10, which was
+It was created by spamdyke $as_me 4.2.0, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -2879,7 +2879,7 @@
else
ac_cv_header_stdc=no
fi
-rm -f conftest*
+rm -f -r conftest*
fi
@@ -2900,7 +2900,7 @@
else
ac_cv_header_stdc=no
fi
-rm -f conftest*
+rm -f -r conftest*
fi
@@ -4361,7 +4361,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by spamdyke $as_me 4.0.10, which was
+This file was extended by spamdyke $as_me 4.2.0, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -4410,7 +4410,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-spamdyke config.status 4.0.10
+spamdyke config.status 4.2.0
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/configure.ac
^
|
| @@ -1,7 +1,7 @@
# Process this file with autoconf to produce a configure script.
################################################################################
# spamdyke -- a filter for stopping spam at connection time.
-# Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+# Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
@@ -17,7 +17,7 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
AC_PREREQ(2.59)
-AC_INIT([[spamdyke]], [[4.0.10]], [[samc (at) silence (dot) org]])
+AC_INIT([[spamdyke]], [[4.2.0]], [[samc (at) silence (dot) org]])
AC_CONFIG_SRCDIR([dnsa.c])
AC_CONFIG_HEADER([config.h])
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/dnsa.c
^
|
| @@ -1,6 +1,6 @@
/*
dnsa -- an example of making DNS A queries by sending UDP packets
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -421,7 +421,7 @@
void usage()
{
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: dnsa [ -v ] FQDN [ FQDN ... ]\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/dnsany.c
^
|
| @@ -1,6 +1,6 @@
/*
dnsany -- an example of making DNS queries by sending UDP packets
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -534,7 +534,7 @@
void usage()
{
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: dnsany [ -v ] FQDN [ FQDN ... ]\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/dnsany_libc.c
^
|
| @@ -1,6 +1,6 @@
/*
dnsany -- an example of making DNS queries using libc
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -362,7 +362,7 @@
void usage()
{
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: dnsany_libc [ -v ] FQDN [ FQDN ... ]\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/dnscname.c
^
|
| @@ -1,6 +1,6 @@
/*
dnsns -- an example of making DNS CNAME queries by sending UDP packets
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -400,7 +400,7 @@
void usage()
{
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: dnscname [ -v ] FQDN [ FQDN ... ]\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/dnsmx.c
^
|
| @@ -1,6 +1,6 @@
/*
dnsmx -- an example of making DNS MX queries by sending UDP packets
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -431,7 +431,7 @@
void usage()
{
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: dnsmx [ -v ] FQDN [ FQDN ... ]\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/dnsns.c
^
|
| @@ -1,6 +1,6 @@
/*
dnsns -- an example of making DNS NS queries by sending UDP packets
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -429,7 +429,7 @@
void usage()
{
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: dnsns [ -v ] FQDN [ FQDN ... ]\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/dnsptr.c
^
|
| @@ -1,6 +1,6 @@
/*
dnsptr -- an example of making DNS PTR queries by sending UDP packets
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -445,7 +445,7 @@
void usage()
{
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: dnsptr [ -v ] IP | FQDN [ IP ... ] [ FQDN ... ]\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/dnssoa.c
^
|
| @@ -1,6 +1,6 @@
/*
dnssoa -- an example of making DNS SOA queries by sending UDP packets
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -460,7 +460,7 @@
void usage()
{
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: dnssoa [ -v ] FQDN [ FQDN ... ]\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/dnstxt.c
^
|
| @@ -1,6 +1,6 @@
/*
dnstxt -- an example of making DNS TXT queries by sending UDP packets
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -433,7 +433,7 @@
void usage()
{
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: dnstxt [ -v ] FQDN [ FQDN ... ]\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/domain2path.c
^
|
| @@ -1,6 +1,6 @@
/*
domain2path -- a utility for translating domain names to file paths.
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -33,7 +33,7 @@
if ((argc == 1) ||
(strcmp(argv[1], "-h") == 0))
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: domain2path [ -d ] DOMAIN_NAME\n"
|
|
[-]
[+]
|
Changed |
spamdyke-4.2.0.tar.bz2/utils/domainsplit.c
^
|
| @@ -1,6 +1,6 @@
/*
domainsplit -- a utility to find the base domain name of an FQDN
- Copyright (C) 2008 Sam Clippinger (samc (at) silence (dot) org)
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
@@ -34,7 +34,7 @@
if ((argc == 2) &&
(strcmp(argv[1], "-h") == 0))
printf(
- PACKAGE_NAME " " PACKAGE_VERSION " (C)2008 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
"http://www.spamdyke.org/\n"
"\n"
"USAGE: domainsplit [FQDN [FQDN] ...]\n"
|
|
[-]
[+]
|
Added |
spamdyke-4.2.0.tar.bz2/utils/timefilter.c
^
|
| @@ -0,0 +1,181 @@
+/*
+ timefilter -- a utility for printing log messages from a given time range
+ Copyright (C) 2011 Sam Clippinger (samc (at) silence (dot) org)
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 2 as
+ published by the Free Software Foundation.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+*/
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <ctype.h>
+#include "config.h"
+
+char *month_list[] = { "jan", "feb", "mar", "apr", "may", "jun", "jul", "aug", "sep", "oct", "nov", "dec" };
+time_t now;
+struct tm *today;
+
+unsigned long long get_tai(char *target_string)
+ {
+ unsigned long long secs;
+ unsigned long long nanosecs;
+ unsigned long long u;
+ char month[3];
+ int i;
+ struct tm *tmp_tm;
+
+ secs = 0;
+ nanosecs = 0;
+
+ if (target_string[0] == '@')
+ {
+ for (target_string++; target_string[0] != '\0'; target_string++)
+ {
+ u = target_string[0] - '0';
+ if (u >= 10)
+ {
+ u = target_string[0] - 'a';
+ if (u >= 6)
+ break;
+ u += 10;
+ }
+
+ secs <<= 4;
+ secs += nanosecs >> 28;
+ nanosecs &= 0xfffffff;
+ nanosecs <<= 4;
+ nanosecs += u;
+ }
+
+ secs -= 4611686018427387914ULL;
+ }
+ else
+ {
+ tmp_tm = localtime(&now);
+
+ tmp_tm->tm_year = 0;
+
+ if ((sscanf(target_string, "%c%c%c %d %d:%d:%d", &month[0], &month[1], &month[2], &tmp_tm->tm_mday, &tmp_tm->tm_hour, &tmp_tm->tm_min, &tmp_tm->tm_sec) == 7) ||
+ (sscanf(target_string, "%*[^[]\[%d/%c%c%c/%d:%d:%d:%d", &tmp_tm->tm_mday, &month[0], &month[1], &month[2], &tmp_tm->tm_year, &tmp_tm->tm_hour, &tmp_tm->tm_min, &tmp_tm->tm_sec) == 8))
+ {
+ month[0] = tolower((int)month[0]);
+ month[1] = tolower((int)month[1]);
+ month[2] = tolower((int)month[2]);
+
+ for (i = 0; i < 12; i++)
+ if (strncmp(month, month_list[i], 3) == 0)
+ {
+ tmp_tm->tm_mon = i;
+ break;
+ }
+
+ if (tmp_tm->tm_year == 0)
+ {
+ if ((tmp_tm->tm_mon > today->tm_mon) ||
+ ((tmp_tm->tm_mon == today->tm_mon) &&
+ (tmp_tm->tm_mday > today->tm_mday)) ||
+ ((tmp_tm->tm_mon == today->tm_mon) &&
+ (tmp_tm->tm_mday == today->tm_mday) &&
+ (tmp_tm->tm_hour > today->tm_hour)) ||
+ ((tmp_tm->tm_mon == today->tm_mon) &&
+ (tmp_tm->tm_mday == today->tm_mday) &&
+ (tmp_tm->tm_hour == today->tm_hour) &&
+ (tmp_tm->tm_min > today->tm_min)) ||
+ ((tmp_tm->tm_mon == today->tm_mon) &&
+ (tmp_tm->tm_mday == today->tm_mday) &&
+ (tmp_tm->tm_hour == today->tm_hour) &&
+ (tmp_tm->tm_min == today->tm_min) &&
+ (tmp_tm->tm_sec > today->tm_sec)))
+ tmp_tm->tm_year = today->tm_year - 1;
+ else
+ tmp_tm->tm_year = today->tm_year;
+ }
+ else
+ tmp_tm->tm_year -= 1900;
+
+ tmp_tm->tm_isdst = -1;
+
+ secs = mktime(tmp_tm);
+ }
+ }
+
+ return(secs);
+ }
+
+void usage()
+ {
+ printf(
+ PACKAGE_NAME " " PACKAGE_VERSION " (C)2011 Sam Clippinger, " PACKAGE_BUGREPORT "\n"
+ "http://www.spamdyke.org/\n"
+ "\n"
+ "USAGE: timefilter START_SECS_AGO END_SECS_AGO\n"
+ "\n"
+ "Accepts input from stdin and prints only those lines that start with timestamps\n"
+ "within the given range. The range start is calculated by subtracting\n"
+ "START_SECS_AGO from the current system time. The range end is calculated by\n"
+ "subtracting END_SECS_AGO from the current system time. Obviously, if\n"
+ "END_SECS_AGO is greater than START_SECS_AGO, nothing will be printed.\n"
+ "\n"
+ "TAI64 timestamps, syslog-style timestamps and Apache-style timestamps are\n"
+ "accepted. TAI64 timestamps generally resemble this example:\n"
+ "\t@4000000048ffdbee2618dc6c\n"
+ "syslog-style timestamps generally resemble this example:\n"
+ "\tOct 22 21:17:11\n"
+ "Apache-style timestamps generally resemble this example:\n"
+ "\t0.0.0.0 - - [22/Oct/2008:21:03:50\n"
+ "timefilter only understands the abbreviations of English months, however, so\n"
+ "it may not work properly in other locales.\n"
+ "\n"
+ "Prefixing START_SECS_AGO and/or END_SECS_AGO with '+' will force timefilter to\n"
+ "adjust for daylight savings time if the log is kept in standard time (e.g.\n"
+ "Apache logs).\n"
+ );
+
+ return;
+ }
+
+int main(int argc, char *argv[])
+ {
+ char tmp_buf[65536];
+ unsigned long long start_time;
+ unsigned long long end_time;
+ unsigned long long tmp_time;
+
+ if (argc == 3)
+ {
+ now = time(NULL);
+ today = localtime(&now);
+
+ start_time = now - atoi(argv[1]);
+ end_time = now - atoi(argv[2]);
+ if (today->tm_isdst &&
+ ((argv[1][0] == '+') ||
+ (argv[2][0] == '+')))
+ {
+ now += 3600;
+ today = localtime(&now);
+ start_time += 3600;
+ end_time += 3600;
+ }
+
+ while (scanf("%65535[^\r\n]%*[\r\n]", tmp_buf) == 1)
+ if (((tmp_time = get_tai(tmp_buf)) >= start_time) &&
+ (tmp_time <= end_time))
+ printf("%s\n", tmp_buf);
+ }
+ else
+ usage();
+
+ return(0);
+ }
|
