From 6102d641c5e20c9ca53714afe7ba6d13e1b356e8 Mon Sep 17 00:00:00 2001
From: Stuart Gathman <stuart@gathman.org>
Date: Fri, 10 Mar 2006 20:52:49 +0000
Subject: [PATCH] Use re to recognize failure DSNs.

---
 NEWS   | 13 ++++++++++++-
 TODO   |  3 +++
 bms.py | 21 +++++++++++++++------
 3 files changed, 30 insertions(+), 7 deletions(-)

diff --git a/NEWS b/NEWS
index f0c7c0b..a994cbf 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,17 @@
 Here is a history of user visible changes to Python milter.
 
-0.8.6	
+0.8.6	Delay reject of unsigned RCPT for postmaster and abuse only
+	Fix dsn reporting of hard permerror
+	Resolve FIXME for wrap_close in miltermodule.c
+	Add Message-ID to DSNs
+	Use signed Message-ID in delayed reject to blacklist senders
+	Auto-train via blacklist and auto-whitelist
+	Don't check userlist for signed MFROM
+	Accept but skip DSPAM training for whitelisted senders without SPF PASS
+	Report GC stats 
+	Support CIDR matching for IP lists
+	Support pysrs sign feature
+	Support localpart specific SPF policy in access file
 0.8.5	Simple trusted_forwarder implementation.
 	Fix access_file neutral policy
 	Move Received-SPF header to beginning of headers
diff --git a/TODO b/TODO
index b38a7db..9be6a78 100644
--- a/TODO
+++ b/TODO
@@ -1,3 +1,6 @@
+Make all dictionaries work like honeypot.  Do not train as ham unless
+whitelisted.  Train on blacklisted messages, or spam feedback.
+
 Allow unsigned DSNs from selected domains (that don't accept signed MFROM,
 e.g. verizon.net).
 
diff --git a/bms.py b/bms.py
index 642a4d8..6414f71 100644
--- a/bms.py
+++ b/bms.py
@@ -1,6 +1,9 @@
 #!/usr/bin/env python
 # A simple milter that has grown quite a bit.
 # $Log$
+# Revision 1.57  2006/03/07 20:50:54  customdesigned
+# Use signed Message-ID in delayed reject to blacklist senders
+#
 # Revision 1.56  2006/02/24 02:12:54  customdesigned
 # Properly report hard PermError (lax mode fails also) by always setting
 # perm_error attribute with PermError exception.  Improve reporting of
@@ -222,6 +225,14 @@ try: import spf
 except: spf = None
 
 ip4re = re.compile(r'^[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*$')
+subjpats = (
+ r'^failure notice',
+ r'^returned mail',
+ r'^undeliverable',
+ r'^delivery\b.*\bfailure',
+ r'^delivery problem',
+)
+refaildsn = re.compile('|'.join(subjpats),re.IGNORECASE)
 import logging
 
 # Thanks to Chris Liechti for config parsing suggestions
@@ -1168,12 +1179,10 @@ class bmsMilter(Milter.Milter):
 
       # check for delayed bounce of CBV
       if self.is_bounce and srs:
-	for w in ("delivery failure", "failure notice",
-	  "returned mail", "undeliverable"):
-	  if lval.startswith(w):
-	    self.delayed_failure = val.strip()
-	    # if confirmed by finding our signed Message-ID, 
-	    # original sender (encoded in Message-ID) is blacklisted
+        if refaildsn.match(lval):
+	  self.delayed_failure = val.strip()
+	  # if confirmed by finding our signed Message-ID, 
+	  # original sender (encoded in Message-ID) is blacklisted
 
     # check for invalid message id
     if lname == 'message-id' and len(val) < 4:
-- 
GitLab