From cee38f814963abf1d6d52441396a4fb40d72b410 Mon Sep 17 00:00:00 2001 From: Stuart Gathman <stuart@gathman.org> Date: Wed, 21 Mar 2007 04:02:13 +0000 Subject: [PATCH] Properly log From: and Sender: --- TODO | 3 +++ bms.py | 9 +++++++-- neutral.txt | 6 ++++-- 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/TODO b/TODO index 981136c..3334197 100644 --- a/TODO +++ b/TODO @@ -1,3 +1,6 @@ +Add signature (x-sig=AB7485f=TS) to Received-SPF, so it can be used +to blacklist sources of delayed DSNs. + rcpt-addr may let us know when a recipient is unknown. That should count against reputation. diff --git a/bms.py b/bms.py index dcb28b9..03fe6b6 100644 --- a/bms.py +++ b/bms.py @@ -1,6 +1,9 @@ #!/usr/bin/env python # A simple milter that has grown quite a bit. # $Log$ +# Revision 1.97 2007/03/18 02:32:21 customdesigned +# Gossip configuration options: client or standalone with optional peers. +# # Revision 1.96 2007/03/17 21:22:48 customdesigned # New delayed DSN pattern. Retab (expandtab). # @@ -967,6 +970,8 @@ class bmsMilter(Milter.Milter): userl = user.lower() if users and not newaddr and not userl in users: self.log('REJECT: RCPT TO:',to) + if gossip and self.umis: + gossip_node.feedback(self.umis,1) return Milter.REJECT # FIXME: should dspam_exempt be case insensitive? if user in block_forward.get(domain,()): @@ -1154,11 +1159,11 @@ class bmsMilter(Milter.Milter): if hd == mf_domain or mf_domain.endswith('.'+hd): break else: for f in msg.get_all('from',[]): - self.log(f) + self.log('From:',f) sender = msg.get_all('sender') if sender: for f in sender: - self.log(f) + self.log('Sender:',f) else: self.log("NOTE: Supplying MFROM as Sender"); self.add_header('Sender',self.mailfrom) diff --git a/neutral.txt b/neutral.txt index d2aa904..dbc40cc 100644 --- a/neutral.txt +++ b/neutral.txt @@ -24,11 +24,13 @@ exists by sending you this DSN. We will remember this sender and not bother you again for a while. You can avoid this message entirely for legitimate mail by using an authorized SMTP server. Contact your mail administrator and ask how to configure your email client to use an -authorized server. +authorized server. If you never sent the above message, then your domain has been forged. Your mail admin needs to publish a strict SPF record so that I can reject -those forgeries instead of bugging you about them. +those forgeries instead of bugging you about them. + +See http://openspf.org for details. If you need further assistance, please do not hesitate to contact me. -- GitLab