Skip to content
Snippets Groups Projects
Commit e99117e8 authored by Stuart Gathman's avatar Stuart Gathman
Browse files

Organize config reader by section. Create defang section.

parent 0283c20e
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
TODO
+ 0
4
View file @ e99117e8
...@@ -3,8 +3,6 @@ Defer TEMPERROR in SPF evaluation - give precedence to security ...@@ -3,8 +3,6 @@ Defer TEMPERROR in SPF evaluation - give precedence to security
Option to add Received-SPF header, but never reject on SPF. Option to add Received-SPF header, but never reject on SPF.
Option to configure banned extension list for mime.py. Default to empty.
Create null config that does nothing - except maybe add Received-SPF Create null config that does nothing - except maybe add Received-SPF
headers. Many admins would like to turn features on one at a time. headers. Many admins would like to turn features on one at a time.
...@@ -25,8 +23,6 @@ or recipient prefix. ...@@ -25,8 +23,6 @@ or recipient prefix.
Can't output messages with malformed rfc822 attachments. Can't output messages with malformed rfc822 attachments.
Use python exceptions in SPF to cleanly handle unknown and error results.
Example malformed SPF: Example malformed SPF:
onvunvuvvx.usafisnews.org text "v=spf1 mx ptr ip4:207.44.199.970 -all" onvunvuvvx.usafisnews.org text "v=spf1 mx ptr ip4:207.44.199.970 -all"
......
bms.py
+ 39
23
View file @ e99117e8
#!/usr/bin/env python #!/usr/bin/env python
# A simple milter that has grown quite a bit. # A simple milter that has grown quite a bit.
# $Log$ # $Log$
# Revision 1.5 2005/06/02 15:00:17 customdesigned
# Configure banned extensions. Scan zipfile option with test case.
#
# Revision 1.4 2005/06/02 04:18:55 customdesigned # Revision 1.4 2005/06/02 04:18:55 customdesigned
# Update copyright notices after reading article on /. # Update copyright notices after reading article on /.
# #
...@@ -333,6 +336,7 @@ def read_config(list): ...@@ -333,6 +336,7 @@ def read_config(list):
'timeout': '600', 'timeout': '600',
'scan_html': 'no', 'scan_html': 'no',
'scan_rfc822': 'yes', 'scan_rfc822': 'yes',
'scan_zip': 'no',
'block_chinese': 'no', 'block_chinese': 'no',
'log_headers': 'no', 'log_headers': 'no',
'blind_wiretap': 'yes', 'blind_wiretap': 'yes',
...@@ -344,20 +348,42 @@ def read_config(list): ...@@ -344,20 +348,42 @@ def read_config(list):
'dspam_internal': 'yes' 'dspam_internal': 'yes'
}) })
cp.read(list) cp.read(list)
# milter section
tempfile.tempdir = cp.get('milter','tempdir') tempfile.tempdir = cp.get('milter','tempdir')
global socketname, scan_rfc822, scan_html, block_chinese, timeout, scan_zip global socketname, timeout, check_user, log_headers
global internal_connect, internal_domains, trusted_relay, hello_blacklist
socketname = cp.get('milter','socket') socketname = cp.get('milter','socket')
timeout = cp.getint('milter','timeout') timeout = cp.getint('milter','timeout')
scan_rfc822 = cp.getboolean('milter','scan_rfc822') check_user = cp.getaddrset(section,'check_user')
scan_zip = cp.getboolean('milter','scan_zip') log_headers = cp.getboolean('milter','log_headers')
scan_html = cp.getboolean('milter','scan_html') internal_connect = cp.getlist('milter','internal_connect')
block_chinese = cp.getboolean('milter','block_chinese') internal_domains = cp.getlist('milter','internal_domains')
trusted_relay = cp.getlist('milter','trusted_relay')
hello_blacklist = cp.getlist('milter','hello_blacklist')
global hide_path, block_forward, log_headers # defang section
global scan_rfc822, scan_html, block_chinese, scan_zip, block_forward
global banned_exts, porn_words, spam_words
if cp.has_section('defang'):
section = 'defang'
else: # use milter section if no defang section for compatibility
section = 'milter'
scan_rfc822 = cp.getboolean(section,'scan_rfc822')
scan_zip = cp.getboolean(section,'scan_zip')
scan_html = cp.getboolean(section,'scan_html')
block_chinese = cp.getboolean(section,'block_chinese')
block_forward = cp.getaddrset(section,'block_forward')
banned_exts = cp.getlist(section,'banned_exts')
porn_words = cp.getlist(section,'porn_words')
spam_words = cp.getlist(section,'spam_words')
# scrub section
global hide_path, reject_virus_from
hide_path = cp.getlist('scrub','hide_path') hide_path = cp.getlist('scrub','hide_path')
block_forward = cp.getaddrset('milter','block_forward') reject_virus_from = cp.getlist('scrub','reject_virus_from')
log_headers = cp.getboolean('milter','log_headers')
# wiretap section
global blind_wiretap, wiretap_users, wiretap_dest, discard_users global blind_wiretap, wiretap_users, wiretap_dest, discard_users
blind_wiretap = cp.getboolean('wiretap','blind') blind_wiretap = cp.getboolean('wiretap','blind')
wiretap_users = cp.getaddrset('wiretap','users') wiretap_users = cp.getaddrset('wiretap','users')
...@@ -365,19 +391,7 @@ def read_config(list): ...@@ -365,19 +391,7 @@ def read_config(list):
wiretap_dest = cp.getdefault('wiretap','dest') wiretap_dest = cp.getdefault('wiretap','dest')
if wiretap_dest: wiretap_dest = '<%s>' % wiretap_dest if wiretap_dest: wiretap_dest = '<%s>' % wiretap_dest
global check_user, reject_virus_from, internal_connect, internal_domains global smart_alias
check_user = cp.getaddrset('milter','check_user')
reject_virus_from = cp.getlist('scrub','reject_virus_from')
internal_connect = cp.getlist('milter','internal_connect')
internal_domains = cp.getlist('milter','internal_domains')
global porn_words, spam_words, smart_alias, trusted_relay, hello_blacklist
global banned_exts
trusted_relay = cp.getlist('milter','trusted_relay')
porn_words = cp.getlist('milter','porn_words')
spam_words = cp.getlist('milter','spam_words')
banned_exts = cp.getlist('milter','banned_exts')
hello_blacklist = cp.getlist('milter','hello_blacklist')
for sa in cp.getlist('wiretap','smart_alias'): for sa in cp.getlist('wiretap','smart_alias'):
sm = cp.getlist('wiretap',sa) sm = cp.getlist('wiretap',sa)
if len(sm) < 2: if len(sm) < 2:
...@@ -387,10 +401,9 @@ def read_config(list): ...@@ -387,10 +401,9 @@ def read_config(list):
key = (sm[0],sm[1]) key = (sm[0],sm[1])
smart_alias[key] = sm[2:] smart_alias[key] = sm[2:]
# dspam section
global dspam_dict, dspam_users, dspam_userdir, dspam_exempt, dspam_internal global dspam_dict, dspam_users, dspam_userdir, dspam_exempt, dspam_internal
global dspam_screener,dspam_whitelist,dspam_reject,dspam_sizelimit global dspam_screener,dspam_whitelist,dspam_reject,dspam_sizelimit
global spf_reject_neutral,spf_best_guess,SRS,spf_reject_noptr
global spf_accept_softfail
dspam_dict = cp.getdefault('dspam','dspam_dict') dspam_dict = cp.getdefault('dspam','dspam_dict')
dspam_exempt = cp.getaddrset('dspam','dspam_exempt') dspam_exempt = cp.getaddrset('dspam','dspam_exempt')
dspam_whitelist = cp.getaddrset('dspam','dspam_whitelist') dspam_whitelist = cp.getaddrset('dspam','dspam_whitelist')
...@@ -402,6 +415,9 @@ def read_config(list): ...@@ -402,6 +415,9 @@ def read_config(list):
if cp.has_option('dspam','dspam_sizelimit'): if cp.has_option('dspam','dspam_sizelimit'):
dspam_sizelimit = cp.getint('dspam','dspam_sizelimit') dspam_sizelimit = cp.getint('dspam','dspam_sizelimit')
# spf section
global spf_reject_neutral,spf_best_guess,SRS,spf_reject_noptr
global spf_accept_softfail
if spf: if spf:
spf.DELEGATE = cp.getdefault('spf','delegate') spf.DELEGATE = cp.getdefault('spf','delegate')
spf_reject_neutral = cp.getlist('spf','reject_neutral') spf_reject_neutral = cp.getlist('spf','reject_neutral')
......
milter.cfg
+ 4
3
View file @ e99117e8
...@@ -24,8 +24,11 @@ log_headers = 0 ...@@ -24,8 +24,11 @@ log_headers = 0
# will save some DNS lookups when rejecting certain viruses. # will save some DNS lookups when rejecting certain viruses.
;hello_blacklist = mycorp.com, 66.12.34.56 ;hello_blacklist = mycorp.com, 66.12.34.56
# Reject mail for domains mentioned unless user is mentioned here also
;check_user = joe@mycorp.com, mary@mycorp.com, file:bigcorp.com
# features intended to filter or block incoming mail # features intended to filter or block incoming mail
;[defang] [defang]
# do virus scanning on attached messages also # do virus scanning on attached messages also
scan_rfc822 = 1 scan_rfc822 = 1
# do virus scanning on attached zipfiles also # do virus scanning on attached zipfiles also
...@@ -36,8 +39,6 @@ scan_html = 0 ...@@ -36,8 +39,6 @@ scan_html = 0
block_chinese = 1 block_chinese = 1
# list users who hate forwarded mail # list users who hate forwarded mail
;block_forward = egghead@mycorp.com, busybee@mycorp.com ;block_forward = egghead@mycorp.com, busybee@mycorp.com
# Reject mail for domains mentioned unless user is mentioned here also
;check_user = joe@mycorp.com, mary@mycorp.com, file:bigcorp.com
# reject mail with these case insensitive strings in the subject # reject mail with these case insensitive strings in the subject
porn_words = penis, breast, pussy, horse cock, porn, xenical, diet pill, d1ck, porn_words = penis, breast, pussy, horse cock, porn, xenical, diet pill, d1ck,
vi*gra, vi-a-gra, viag, tits, p0rn, hunza, horny, sexy, c0ck, xanaax, vi*gra, vi-a-gra, viag, tits, p0rn, hunza, horny, sexy, c0ck, xanaax,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment