Index: whitelister-0.8/Makefile =================================================================== --- whitelister-0.8.orig/Makefile 2014-09-22 16:12:20.655776945 +0200 +++ whitelister-0.8/Makefile 2014-09-22 16:17:09.571315293 +0200 @@ -31,23 +31,22 @@ PKGS = -package syslog CFLAGS = -O2 -Wall -fPIC -CCLIB = -cclib -lspf +CCLIB = -cclib CCOPT = $(foreach opt,$(CFLAGS),-ccopt $(opt)) OCAMLC = ocamlfind ocamlc $(PKGS) $(CCOPT) $(CCLIB) -OCAMLOPT= ocamlfind ocamlopt $(PKGS) $(CCOPT) $(CCLIB) +OCAMLOPT= ocamlfind ocamlopt -linkpkg $(PKGS) $(CCOPT) $(CCLIB) OCAMLDEP= ocamlfind ocamldep $(PKGS) BIB = str.cmxa unix.cmxa syslog.cmxa -CMX = spf.cmx policy.cmx rules.cmx server.cmx whitelister.cmx -COB = spfstubs.o +CMX = policy.cmx rules.cmx server.cmx whitelister.cmx ############################################################## all: $(PROGRAM) -whitelister: $(COB) $(CMX) - $(OCAMLOPT) -o $@ $(BIB) $^ +whitelister: $(CMX) + ocamlfind ocamlopt $(PKGS) $(CCOPT) -o $@ $(BIB) $^ headers: Makefile *.ml *.mli headache -h tpl/header $^ @@ -75,7 +74,7 @@ $(OCAMLC) -c $< .ml.cmx: - $(OCAMLOPT) -c $< + $(OCAMLOPT) -a str.cmxa -c $< .mll.ml: $(OCAMLLEX) $< Index: whitelister-0.8/spf.ml =================================================================== --- whitelister-0.8.orig/spf.ml 2014-09-22 16:12:20.655776945 +0200 +++ /dev/null 1970-01-01 00:00:00.000000000 +0000 @@ -1,41 +0,0 @@ -(**************************************************************************) -(* *) -(* whitelister : a Whitelister Policy Daemon for Postfix *) -(* ~~~~~~~~~~~ *) -(* *) -(* Copyright (C) 2005 AAEGE.org *) -(* Author : Pierre Habouzit *) -(* ____________________________________________________________________ *) -(* *) -(* This program is free software; you can redistribute it and/or modify *) -(* it under the terms of the GNU General Public License as published by *) -(* the Free Software Foundation; either version 2 of the License, or *) -(* (at your option) any later version. *) -(* *) -(* This program is distributed in the hope that it will be useful, *) -(* but WITHOUT ANY WARRANTY; without even the implied warranty of *) -(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *) -(* GNU General Public License for more details. *) -(* *) -(* You should have received a copy of the GNU General Public License *) -(* along with this program; if not, write to the Free Software *) -(* Foundation, Inc., *) -(* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *) -(* *) -(**************************************************************************) - -exception Error -type spf_result = - SPF_pass | SPF_neutral | SPF_none | SPF_softerr | SPF_harderr - -external _spf_query : string -> string -> string -> int = "spf_query" - -let spf_query host ip helo = - match _spf_query host ip helo with - | 0 -> SPF_pass - | 1 -> SPF_neutral - | 2 -> SPF_none - | 3 -> SPF_softerr - | 4 -> SPF_harderr - | _ -> raise Error - Index: whitelister-0.8/spf.mli =================================================================== --- whitelister-0.8.orig/spf.mli 2014-09-22 16:12:20.655776945 +0200 +++ /dev/null 1970-01-01 00:00:00.000000000 +0000 @@ -1,33 +0,0 @@ -(**************************************************************************) -(* *) -(* whitelister : a Whitelister Policy Daemon for Postfix *) -(* ~~~~~~~~~~~ *) -(* *) -(* Copyright (C) 2005 AAEGE.org *) -(* Author : Pierre Habouzit *) -(* ____________________________________________________________________ *) -(* *) -(* This program is free software; you can redistribute it and/or modify *) -(* it under the terms of the GNU General Public License as published by *) -(* the Free Software Foundation; either version 2 of the License, or *) -(* (at your option) any later version. *) -(* *) -(* This program is distributed in the hope that it will be useful, *) -(* but WITHOUT ANY WARRANTY; without even the implied warranty of *) -(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *) -(* GNU General Public License for more details. *) -(* *) -(* You should have received a copy of the GNU General Public License *) -(* along with this program; if not, write to the Free Software *) -(* Foundation, Inc., *) -(* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *) -(* *) -(**************************************************************************) - -exception Error - -type spf_result = - SPF_pass | SPF_neutral | SPF_none | SPF_softerr | SPF_harderr - -val spf_query : string -> string -> string -> spf_result - Index: whitelister-0.8/policy.ml =================================================================== --- whitelister-0.8.orig/policy.ml 2014-09-22 16:12:20.655776945 +0200 +++ whitelister-0.8/policy.ml 2014-09-22 16:12:25.000000000 +0200 @@ -110,8 +110,3 @@ let log_format level answer pcy = Printf.sprintf "%s: %s: %s; %s" level (log_start pcy) answer (log_end pcy) - -let spf_explain pcy = - let sender = getu pcy "sender" in - let ip = getu pcy "client_address" in - Printf.sprintf " - Please see http://spf.pobox.com/why.html?sender=%s&ip=%s" sender ip Index: whitelister-0.8/policy.mli =================================================================== --- whitelister-0.8.orig/policy.mli 2014-09-22 16:12:20.655776945 +0200 +++ whitelister-0.8/policy.mli 2014-09-22 16:12:25.000000000 +0200 @@ -42,4 +42,3 @@ val sender_domain : t -> string val log_format : string -> string -> t -> string -val spf_explain : t -> string Index: whitelister-0.8/rules.ml =================================================================== --- whitelister-0.8.orig/rules.ml 2014-09-22 16:12:20.655776945 +0200 +++ whitelister-0.8/rules.ml 2014-09-22 16:12:25.000000000 +0200 @@ -85,25 +85,6 @@ ) | Policy.DSN -> () -open Spf - -type spf_mode = Spf_off | Spf_normal | Spf_strict | Spf_paranoid - -let check_spf mode dorej pcy = - if mode != Spf_off then - let fail s = - if dorej then raise (Reject (s ^ Policy.spf_explain pcy)) else raise (Dirty s) - in try - match spf_query (sender pcy) (client_address pcy) (helo_name pcy) with - | SPF_pass -> () - | SPF_softerr -> fail "SPF soft error" - | SPF_harderr -> fail "SPF hard error" - | SPF_none -> if mode != Spf_normal then raise (Dirty "no SPF record found") - | SPF_neutral -> if mode = Spf_paranoid then raise (Dirty "SPF neutral") - with - | Spf.Error -> raise (Dirty "SPF Internal error") - | Policy.DSN -> () - let check_dns_client dorej pcy = if dorej then if (client_name pcy) = "unknown" then raise (Dirty "no client_name (reject_unknown_client)") Index: whitelister-0.8/spfstubs.c =================================================================== --- whitelister-0.8.orig/spfstubs.c 2014-09-22 16:12:20.655776945 +0200 +++ /dev/null 1970-01-01 00:00:00.000000000 +0000 @@ -1,42 +0,0 @@ -#include -#include - -#include - -value spf_query(value from, value ip, value helo) -{ - int res; - peer_info_t* peer_info; - - CAMLparam3(from, ip, helo); - - peer_info = SPF_init("whitelister", String_val(ip), NULL, NULL, NULL, 0, 0); - SPF_smtp_helo(peer_info, String_val(helo)); - SPF_smtp_from(peer_info, String_val(from)); - res = peer_info->RES = SPF_policy_main(peer_info); - - SPF_close(peer_info); - - switch(res) - { - case SPF_PASS: - CAMLreturn(Val_int(0)); - - case SPF_NEUTRAL: - CAMLreturn(Val_int(1)); - - case SPF_NONE: - CAMLreturn(Val_int(2)); - - case SPF_S_FAIL: - CAMLreturn(Val_int(3)); - - case SPF_H_FAIL: - CAMLreturn(Val_int(4)); - - default: /* SPF_ERROR, SPF_UNKNOWN, SPF_UNMECH */ - CAMLreturn(Val_int(5)); - - } -} - Index: whitelister-0.8/whitelister.ml =================================================================== --- whitelister-0.8.orig/whitelister.ml 2014-09-22 16:12:20.655776945 +0200 +++ whitelister-0.8/whitelister.ml 2014-09-22 16:12:25.000000000 +0200 @@ -33,9 +33,6 @@ mutable group: string; mutable verb: int; - mutable spf: Rules.spf_mode; - mutable spfrej: bool; - mutable rbl: string list; mutable rhbl_client: string list; mutable rhbl_rcpt: string list; @@ -68,7 +65,6 @@ Rules.check_rhbl Rules.Sender cfg.rhbl_sender pcy; Rules.check_rhbl Rules.Rcpt cfg.rhbl_rcpt pcy; Rules.check_rhbl Rules.Client cfg.rhbl_client pcy; - Rules.check_spf cfg.spf cfg.spfrej pcy; Rules.check_dns_client cfg.dns_client pcy; Rules.check_dns_rev_client cfg.dns_rev_client pcy; if cfg.verb > 0 then log_event "Clean" "OK" pcy; @@ -97,9 +93,6 @@ group = "nogroup" ; verb = 0 ; - spf = Rules.Spf_off ; - spfrej = false; - rbl = [] ; rhbl_client = [] ; rhbl_rcpt = [] ; @@ -133,12 +126,6 @@ | ["verb"; "0"] -> cfg.verb <- 0 | ["verb"; "1"] -> cfg.verb <- 1 - | ["spf"; "0"] -> cfg.spf <- Rules.Spf_off - | ["spf"; "1"] -> cfg.spf <- Rules.Spf_normal - | ["spf"; "2"] -> cfg.spf <- Rules.Spf_strict - | ["spf"; "3"] -> cfg.spf <- Rules.Spf_paranoid - | ["spfrej"; b] -> cfg.spfrej <- to_bool "spfrej" b - | ["rbl"; h] -> cfg.rbl <- h::cfg.rbl | ["rhbl_client"; h] -> cfg.rhbl_client <- h::cfg.rhbl_client | ["rhbl_helo"; h] -> cfg.rhbl_helo <- h::cfg.rhbl_helo