Skip to content
Snippets Groups Projects
Commit f1f082fe authored by Stuart Gathman's avatar Stuart Gathman
Browse files

Consider SMTP AUTH connections internal.

parent b0286bff
No related branches found
No related tags found
No related merge requests found
#!/usr/bin/env python
# A simple milter that has grown quite a bit.
# $Log$
# Revision 1.21 2005/08/04 21:21:31 customdesigned
# Treat fail like softfail for selected (braindead) domains.
# Treat mail according to extended processing results, but
# report any PermError that would officially result via DSN.
#
# Revision 1.20 2005/08/02 18:04:35 customdesigned
# Keep screened honeypot mail, but optionally discard honeypot only mail.
#
......@@ -659,6 +664,19 @@ class bmsMilter(Milter.Milter):
self.cbv_needed = None
t = parse_addr(f.lower())
self.canon_from = '@'.join(t)
# Check SMTP AUTH, also available:
# auth_author (ESMTP AUTH= param)
# auth_ssf (connection security, 0 = unencrypted)
# auth_type (authentication method, CRAM-MD5, DIGEST-MD5, PLAIN, etc)
self.user = self.getsymval('{auth_authen}')
if self.user:
# any successful authentication is considered INTERNAL
self.internal_connection = True
self.log("SMTP AUTH:",self.user,
self.getsymval('{auth_type}'),'ssf =',self.getsymval('{auth_ssf}'),
"INTERNAL")
self.fp.write('From %s %s\n' % (self.canon_from,time.ctime()))
if len(t) == 2:
user,domain = t
......@@ -1125,6 +1143,9 @@ class bmsMilter(Milter.Milter):
self.log("Large message:",len(txt))
return False
screener = dspam_screener[self.id % len(dspam_screener)]
# FIXME: if screener is 'honeypot', classify with no quarantine.
# If spam, send DSN and reject if not accepted. Otherwise, use
# force_result to quarantine.
if not ds.check_spam(screener,txt,self.recipients,
classify=True,quarantine=not self.reject_spam):
self.fp = None
......
......@@ -168,7 +168,8 @@ rm -rf $RPM_BUILD_ROOT
%changelog
* Fri Jul 15 2005 Stuart Gathman <stuart@bmsi.com> 0.8.3-1
- Keep screened honeypot mail, but optionally discard honeypot only mail.
- spf_accept_fail option for braindead SPF senders
- spf_accept_fail option for braindead SPF senders (treats fail like softfail)
- Consider SMTP AUTH connections internal.
* Fri Jul 15 2005 Stuart Gathman <stuart@bmsi.com> 0.8.2-4
- Limit each CNAME chain independently like PTR and MX
* Fri Jul 15 2005 Stuart Gathman <stuart@bmsi.com> 0.8.2-3
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment