271 lines
11 KiB
Diff
271 lines
11 KiB
Diff
Index: whitelister-0.8/Makefile
|
|
===================================================================
|
|
--- whitelister-0.8.orig/Makefile 2014-09-22 16:12:20.655776945 +0200
|
|
+++ whitelister-0.8/Makefile 2014-09-22 16:17:09.571315293 +0200
|
|
@@ -31,23 +31,22 @@
|
|
|
|
PKGS = -package syslog
|
|
CFLAGS = -O2 -Wall -fPIC
|
|
-CCLIB = -cclib -lspf
|
|
+CCLIB = -cclib
|
|
CCOPT = $(foreach opt,$(CFLAGS),-ccopt $(opt))
|
|
|
|
OCAMLC = ocamlfind ocamlc $(PKGS) $(CCOPT) $(CCLIB)
|
|
-OCAMLOPT= ocamlfind ocamlopt $(PKGS) $(CCOPT) $(CCLIB)
|
|
+OCAMLOPT= ocamlfind ocamlopt -linkpkg $(PKGS) $(CCOPT) $(CCLIB)
|
|
OCAMLDEP= ocamlfind ocamldep $(PKGS)
|
|
|
|
BIB = str.cmxa unix.cmxa syslog.cmxa
|
|
-CMX = spf.cmx policy.cmx rules.cmx server.cmx whitelister.cmx
|
|
-COB = spfstubs.o
|
|
+CMX = policy.cmx rules.cmx server.cmx whitelister.cmx
|
|
|
|
##############################################################
|
|
|
|
all: $(PROGRAM)
|
|
|
|
-whitelister: $(COB) $(CMX)
|
|
- $(OCAMLOPT) -o $@ $(BIB) $^
|
|
+whitelister: $(CMX)
|
|
+ ocamlfind ocamlopt $(PKGS) $(CCOPT) -o $@ $(BIB) $^
|
|
|
|
headers: Makefile *.ml *.mli
|
|
headache -h tpl/header $^
|
|
@@ -75,7 +74,7 @@
|
|
$(OCAMLC) -c $<
|
|
|
|
.ml.cmx:
|
|
- $(OCAMLOPT) -c $<
|
|
+ $(OCAMLOPT) -a str.cmxa -c $<
|
|
|
|
.mll.ml:
|
|
$(OCAMLLEX) $<
|
|
Index: whitelister-0.8/spf.ml
|
|
===================================================================
|
|
--- whitelister-0.8.orig/spf.ml 2014-09-22 16:12:20.655776945 +0200
|
|
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
|
|
@@ -1,41 +0,0 @@
|
|
-(**************************************************************************)
|
|
-(* *)
|
|
-(* whitelister : a Whitelister Policy Daemon for Postfix *)
|
|
-(* ~~~~~~~~~~~ *)
|
|
-(* *)
|
|
-(* Copyright (C) 2005 AAEGE.org *)
|
|
-(* Author : Pierre Habouzit <pierre.habouzit@m4x.org> *)
|
|
-(* ____________________________________________________________________ *)
|
|
-(* *)
|
|
-(* This program is free software; you can redistribute it and/or modify *)
|
|
-(* it under the terms of the GNU General Public License as published by *)
|
|
-(* the Free Software Foundation; either version 2 of the License, or *)
|
|
-(* (at your option) any later version. *)
|
|
-(* *)
|
|
-(* This program is distributed in the hope that it will be useful, *)
|
|
-(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
|
|
-(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
|
|
-(* GNU General Public License for more details. *)
|
|
-(* *)
|
|
-(* You should have received a copy of the GNU General Public License *)
|
|
-(* along with this program; if not, write to the Free Software *)
|
|
-(* Foundation, Inc., *)
|
|
-(* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *)
|
|
-(* *)
|
|
-(**************************************************************************)
|
|
-
|
|
-exception Error
|
|
-type spf_result =
|
|
- SPF_pass | SPF_neutral | SPF_none | SPF_softerr | SPF_harderr
|
|
-
|
|
-external _spf_query : string -> string -> string -> int = "spf_query"
|
|
-
|
|
-let spf_query host ip helo =
|
|
- match _spf_query host ip helo with
|
|
- | 0 -> SPF_pass
|
|
- | 1 -> SPF_neutral
|
|
- | 2 -> SPF_none
|
|
- | 3 -> SPF_softerr
|
|
- | 4 -> SPF_harderr
|
|
- | _ -> raise Error
|
|
-
|
|
Index: whitelister-0.8/spf.mli
|
|
===================================================================
|
|
--- whitelister-0.8.orig/spf.mli 2014-09-22 16:12:20.655776945 +0200
|
|
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
|
|
@@ -1,33 +0,0 @@
|
|
-(**************************************************************************)
|
|
-(* *)
|
|
-(* whitelister : a Whitelister Policy Daemon for Postfix *)
|
|
-(* ~~~~~~~~~~~ *)
|
|
-(* *)
|
|
-(* Copyright (C) 2005 AAEGE.org *)
|
|
-(* Author : Pierre Habouzit <pierre.habouzit@m4x.org> *)
|
|
-(* ____________________________________________________________________ *)
|
|
-(* *)
|
|
-(* This program is free software; you can redistribute it and/or modify *)
|
|
-(* it under the terms of the GNU General Public License as published by *)
|
|
-(* the Free Software Foundation; either version 2 of the License, or *)
|
|
-(* (at your option) any later version. *)
|
|
-(* *)
|
|
-(* This program is distributed in the hope that it will be useful, *)
|
|
-(* but WITHOUT ANY WARRANTY; without even the implied warranty of *)
|
|
-(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *)
|
|
-(* GNU General Public License for more details. *)
|
|
-(* *)
|
|
-(* You should have received a copy of the GNU General Public License *)
|
|
-(* along with this program; if not, write to the Free Software *)
|
|
-(* Foundation, Inc., *)
|
|
-(* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *)
|
|
-(* *)
|
|
-(**************************************************************************)
|
|
-
|
|
-exception Error
|
|
-
|
|
-type spf_result =
|
|
- SPF_pass | SPF_neutral | SPF_none | SPF_softerr | SPF_harderr
|
|
-
|
|
-val spf_query : string -> string -> string -> spf_result
|
|
-
|
|
Index: whitelister-0.8/policy.ml
|
|
===================================================================
|
|
--- whitelister-0.8.orig/policy.ml 2014-09-22 16:12:20.655776945 +0200
|
|
+++ whitelister-0.8/policy.ml 2014-09-22 16:12:25.000000000 +0200
|
|
@@ -110,8 +110,3 @@
|
|
let log_format level answer pcy =
|
|
Printf.sprintf "%s: %s: %s; %s"
|
|
level (log_start pcy) answer (log_end pcy)
|
|
-
|
|
-let spf_explain pcy =
|
|
- let sender = getu pcy "sender" in
|
|
- let ip = getu pcy "client_address" in
|
|
- Printf.sprintf " - Please see http://spf.pobox.com/why.html?sender=%s&ip=%s" sender ip
|
|
Index: whitelister-0.8/policy.mli
|
|
===================================================================
|
|
--- whitelister-0.8.orig/policy.mli 2014-09-22 16:12:20.655776945 +0200
|
|
+++ whitelister-0.8/policy.mli 2014-09-22 16:12:25.000000000 +0200
|
|
@@ -42,4 +42,3 @@
|
|
val sender_domain : t -> string
|
|
|
|
val log_format : string -> string -> t -> string
|
|
-val spf_explain : t -> string
|
|
Index: whitelister-0.8/rules.ml
|
|
===================================================================
|
|
--- whitelister-0.8.orig/rules.ml 2014-09-22 16:12:20.655776945 +0200
|
|
+++ whitelister-0.8/rules.ml 2014-09-22 16:12:25.000000000 +0200
|
|
@@ -85,25 +85,6 @@
|
|
)
|
|
| Policy.DSN -> ()
|
|
|
|
-open Spf
|
|
-
|
|
-type spf_mode = Spf_off | Spf_normal | Spf_strict | Spf_paranoid
|
|
-
|
|
-let check_spf mode dorej pcy =
|
|
- if mode != Spf_off then
|
|
- let fail s =
|
|
- if dorej then raise (Reject (s ^ Policy.spf_explain pcy)) else raise (Dirty s)
|
|
- in try
|
|
- match spf_query (sender pcy) (client_address pcy) (helo_name pcy) with
|
|
- | SPF_pass -> ()
|
|
- | SPF_softerr -> fail "SPF soft error"
|
|
- | SPF_harderr -> fail "SPF hard error"
|
|
- | SPF_none -> if mode != Spf_normal then raise (Dirty "no SPF record found")
|
|
- | SPF_neutral -> if mode = Spf_paranoid then raise (Dirty "SPF neutral")
|
|
- with
|
|
- | Spf.Error -> raise (Dirty "SPF Internal error")
|
|
- | Policy.DSN -> ()
|
|
-
|
|
let check_dns_client dorej pcy =
|
|
if dorej then
|
|
if (client_name pcy) = "unknown" then raise (Dirty "no client_name (reject_unknown_client)")
|
|
Index: whitelister-0.8/spfstubs.c
|
|
===================================================================
|
|
--- whitelister-0.8.orig/spfstubs.c 2014-09-22 16:12:20.655776945 +0200
|
|
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
|
|
@@ -1,42 +0,0 @@
|
|
-#include <caml/mlvalues.h>
|
|
-#include <caml/memory.h>
|
|
-
|
|
-#include <spf.h>
|
|
-
|
|
-value spf_query(value from, value ip, value helo)
|
|
-{
|
|
- int res;
|
|
- peer_info_t* peer_info;
|
|
-
|
|
- CAMLparam3(from, ip, helo);
|
|
-
|
|
- peer_info = SPF_init("whitelister", String_val(ip), NULL, NULL, NULL, 0, 0);
|
|
- SPF_smtp_helo(peer_info, String_val(helo));
|
|
- SPF_smtp_from(peer_info, String_val(from));
|
|
- res = peer_info->RES = SPF_policy_main(peer_info);
|
|
-
|
|
- SPF_close(peer_info);
|
|
-
|
|
- switch(res)
|
|
- {
|
|
- case SPF_PASS:
|
|
- CAMLreturn(Val_int(0));
|
|
-
|
|
- case SPF_NEUTRAL:
|
|
- CAMLreturn(Val_int(1));
|
|
-
|
|
- case SPF_NONE:
|
|
- CAMLreturn(Val_int(2));
|
|
-
|
|
- case SPF_S_FAIL:
|
|
- CAMLreturn(Val_int(3));
|
|
-
|
|
- case SPF_H_FAIL:
|
|
- CAMLreturn(Val_int(4));
|
|
-
|
|
- default: /* SPF_ERROR, SPF_UNKNOWN, SPF_UNMECH */
|
|
- CAMLreturn(Val_int(5));
|
|
-
|
|
- }
|
|
-}
|
|
-
|
|
Index: whitelister-0.8/whitelister.ml
|
|
===================================================================
|
|
--- whitelister-0.8.orig/whitelister.ml 2014-09-22 16:12:20.655776945 +0200
|
|
+++ whitelister-0.8/whitelister.ml 2014-09-22 16:12:25.000000000 +0200
|
|
@@ -33,9 +33,6 @@
|
|
mutable group: string;
|
|
mutable verb: int;
|
|
|
|
- mutable spf: Rules.spf_mode;
|
|
- mutable spfrej: bool;
|
|
-
|
|
mutable rbl: string list;
|
|
mutable rhbl_client: string list;
|
|
mutable rhbl_rcpt: string list;
|
|
@@ -68,7 +65,6 @@
|
|
Rules.check_rhbl Rules.Sender cfg.rhbl_sender pcy;
|
|
Rules.check_rhbl Rules.Rcpt cfg.rhbl_rcpt pcy;
|
|
Rules.check_rhbl Rules.Client cfg.rhbl_client pcy;
|
|
- Rules.check_spf cfg.spf cfg.spfrej pcy;
|
|
Rules.check_dns_client cfg.dns_client pcy;
|
|
Rules.check_dns_rev_client cfg.dns_rev_client pcy;
|
|
if cfg.verb > 0 then log_event "Clean" "OK" pcy;
|
|
@@ -97,9 +93,6 @@
|
|
group = "nogroup" ;
|
|
verb = 0 ;
|
|
|
|
- spf = Rules.Spf_off ;
|
|
- spfrej = false;
|
|
-
|
|
rbl = [] ;
|
|
rhbl_client = [] ;
|
|
rhbl_rcpt = [] ;
|
|
@@ -133,12 +126,6 @@
|
|
| ["verb"; "0"] -> cfg.verb <- 0
|
|
| ["verb"; "1"] -> cfg.verb <- 1
|
|
|
|
- | ["spf"; "0"] -> cfg.spf <- Rules.Spf_off
|
|
- | ["spf"; "1"] -> cfg.spf <- Rules.Spf_normal
|
|
- | ["spf"; "2"] -> cfg.spf <- Rules.Spf_strict
|
|
- | ["spf"; "3"] -> cfg.spf <- Rules.Spf_paranoid
|
|
- | ["spfrej"; b] -> cfg.spfrej <- to_bool "spfrej" b
|
|
-
|
|
| ["rbl"; h] -> cfg.rbl <- h::cfg.rbl
|
|
| ["rhbl_client"; h] -> cfg.rhbl_client <- h::cfg.rhbl_client
|
|
| ["rhbl_helo"; h] -> cfg.rhbl_helo <- h::cfg.rhbl_helo
|