diff -r --ignore-all-space patched-snapshot/src/global/mail_params.h snapshot-20011210/src/global/mail_params.h 1168,1172d1167 < #define REJECT_RHSBL "reject_rhsbl" < #define VAR_RHSBL_CODE "rhsbl_reject_code" < #define DEF_RHSBL_CODE 554 < extern int var_rhsbl_code; < 1176,1179d1170 < < #define VAR_RHSBL_DOMAINS "rhsbl_domains" < #define DEF_RHSBL_DOMAINS "" < extern char *var_rhsbl_domains; diff -r --ignore-all-space patched-snapshot/src/smtpd/smtpd.c snapshot-20011210/src/smtpd/smtpd.c 210,211d209 < /* .IP \fBrhsbl_domains\fR < /* List of DNS domains that publish blacklisted domain names 229,231d226 < /* .IP \fBrhsbl_reject_code\fR < /* Server response when a client violates the \fBrhsbl_domains\fR < /* restriction. 354d348 < int var_rhsbl_code; 357d350 < char *var_rhsbl_domains; 1609d1601 < VAR_RHSBL_CODE, DEF_RHSBL_CODE, &var_rhsbl_code, 0, 0, 1640d1631 < VAR_RHSBL_DOMAINS, DEF_RHSBL_DOMAINS, &var_rhsbl_domains, 0, 0, diff -r --ignore-all-space patched-snapshot/src/smtpd/smtpd_check.c snapshot-20011210/src/smtpd/smtpd_check.c 94,99d93 < /* .IP reject_rhsbl < /* Look up the reversed client network address in the real-time blackhole < /* DNS zones below the domains listed in the "rhsbl_domains" < /* configuration parameter. The \fIrhsbl_reject_code\fR < /* configuration parameter specifies the reject status code < /* (default: 554). 1851,1998d1844 < /* reject_rhsbl - reject if sender or recipient address in real-time blackhole list */ < #define REJECT_RHSBL_NAME "reject_rhsbl" < < static int reject_rhsbl_grow_checklist(VSTRING ***checklist, int *numchecklist, char *addr) < { < /* strip of @ sign, and load up every subdomain up to the tld < (cc tld's like .co.uk will get unnecessarily checked unless < there is a cctld map somwehere...)*/ < < int addrlen; < < if (addr) { < char *p = strchr(addr,'@'); < if (p) addr = ++p; < < while (addr && isalnum(*addr)) { /* dns doms can't start with _ or - */ < p = strchr(addr, '.'); /* dom must have at least one . */ < if (p) { < if (*checklist) < *checklist = (VSTRING **) myrealloc((void *)*checklist, < (++*numchecklist) * sizeof(VSTRING **)); < else < *checklist = (VSTRING **) mymalloc( < (++*numchecklist) * sizeof(VSTRING **)); < < addrlen = strlen(addr); /* remaining length */ < if (addr[addrlen-1] != '.') { < (*checklist)[*numchecklist-1] = vstring_alloc(addrlen+=1); < vstring_strncpy((*checklist)[*numchecklist-1], addr, addrlen); < vstring_strcat((*checklist)[*numchecklist-1], "."); < } else { < (*checklist)[*numchecklist-1] = vstring_alloc(addrlen); < vstring_strncpy((*checklist)[*numchecklist-1], addr, addrlen); < } < < if (msg_verbose) < msg_info("%s: %s", REJECT_RHSBL_NAME, addr); < < addr = p + 1; < } else < addr = NULL; < } < } < } < < static int reject_rhsbl(SMTPD_STATE *state, const char *reply_name) < { < /* NOTE TO SELF: stop relying on my ISP's busy, slow DNS server */ < < char *myname = REJECT_RHSBL_NAME; < VSTRING *query = vstring_alloc(100); < char *saved_domains = mystrdup(var_rhsbl_domains); < char *myreplyname = reply_name ? mystrdup(reply_name) : NULL; < char *bp; < char *rbl_domain; < char *rbl_reason; < char *rbl_fodder; < DNS_RR *txt_list; < int reverse_len; < int dns_status = DNS_FAIL; < int i; < int result; < VSTRING *why; < < int numchecklist=0; < VSTRING **checklist = NULL; < char *p; < < if (!myreplyname) { < if (msg_verbose) < msg_info("%s: no reply_name", myname); < return (SMTPD_CHECK_DUNNO); < } < < p = strchr(myreplyname, '['); < if (p) { < while (p > myreplyname && isspace(p[-1])) --p; < *p = '\0'; < } < < if (!*myreplyname || !strchr(myreplyname,'.')) { < if (msg_verbose) < msg_info("%s: can't use %s for rhsbl", myname, reply_name); < return (SMTPD_CHECK_DUNNO); < } < < /* may want to do this for > 1 name depending on the state/name/acl?, etc. */ < reject_rhsbl_grow_checklist(&checklist, &numchecklist, myreplyname); < < why = vstring_alloc(10); < for (i=0; i < numchecklist; ++i) { < /* < * Tack on each RBL domain name and query the DNS for an A record. If the < * record exists, the client address is blacklisted. < */ < int domlen = VSTRING_LEN(checklist[i]); < vstring_memcpy(query, STR(checklist[i]), domlen); < STR(query)[domlen] = '\0'; < bp = saved_domains; < < while ((rbl_domain = mystrtok(&bp, " \t\r\n,")) != 0) { < vstring_truncate(query, domlen); < vstring_strcat(query, rbl_domain); < dns_status = dns_lookup(STR(query), T_A, 0, (DNS_RR **) 0, < (VSTRING *) 0, why); < if (dns_status == DNS_OK) < break; < if (dns_status != DNS_NOTFOUND) < msg_warn("%s: RHSBL lookup error: %s", STR(query), STR(why)); < } < } < vstring_free(why); < < /* < * Report the result. < */ < if (dns_status == DNS_OK) { < if (dns_lookup(STR(query), T_TXT, 0, &txt_list, < (VSTRING *) 0, (VSTRING *) 0) == DNS_OK) { < rbl_fodder = ", reason: "; < rbl_reason = (char *) txt_list->data; < } else { < txt_list = 0; < rbl_fodder = rbl_reason = ""; < } < result = smtpd_check_reject(state, MAIL_ERROR_POLICY, < "%d Service unavailable; [%s] blocked using %s%s%s", < var_rhsbl_code, state->addr, rbl_domain, < rbl_fodder, rbl_reason); < if (txt_list) < dns_rr_free(txt_list); < } else < result = SMTPD_CHECK_DUNNO; < < /* < * Clean up. < */ < vstring_free(query); < myfree(saved_domains); < < for (i=0;i>> rhsbl_domains in.dnsbl.org < OK diff -r --ignore-all-space patched-snapshot/src/smtpd/smtpd_check.ref2 snapshot-20011210/src/smtpd/smtpd_check.ref2 14,15d13 < >>> rhsbl_domains in.dnsbl.org < OK