Qsmtp  0.30dev
Typedefs | Functions | Variables
antispam.c File Reference

several helper functions for spam filters More...

#include <qsmtpd/antispam.h>
#include <control.h>
#include <fmt.h>
#include <libowfatconn.h>
#include <log.h>
#include <match.h>
#include <mmap.h>
#include <netio.h>
#include <qsmtpd/qsmtpd.h>
#include <tls.h>
#include <arpa/inet.h>
#include <errno.h>
#include <fcntl.h>
#include <netinet/in.h>
#include <openssl/ssl.h>
#include <poll.h>
#include <string.h>
#include <sys/file.h>
#include <sys/mman.h>
#include <sys/stat.h>
#include <syslog.h>
#include <unistd.h>

Typedefs

typedef int(* ip_matchnet) (const struct in6_addr *ip, const void *ipbuf, const unsigned char netmask)
 

Functions

static void nibbletohex (char *dest, const char n)
 
void dotip6 (char *buffer)
 
static int reverseip4 (char *buf)
 
int check_rbl (char *const *rbls, char **txt)
 
void tarpit (void)
 
static int check_ipbl_file (const size_t iplen, const off_t flen, const unsigned char *buf, ip_matchnet matchfunc)
 
static int check_ip4 (const unsigned char *buf, const off_t len)
 
static int check_ip6 (const unsigned char *buf, const unsigned int len)
 
int domainmatch (const char *fqdn, const size_t len, const char **list)
 
int lookupipbl (int fd)
 

Variables

static unsigned int tarpitcount = 0
 

Detailed Description

several helper functions for spam filters

Function Documentation

static int check_ip4 ( const unsigned char *  buf,
const off_t  len 
)
static

check an IPv4 mapped IPv6 address against a local blocklist

Parameters
bufbuffer of local blocklist, each entry is 5 bytes long
lenlength of the buffer
Returns
  • 1 if match
  • 0 if no match
  • -1 if data malformed
IP entries in the buffer must be network byte order
static int check_ip6 ( const unsigned char *  buf,
const unsigned int  len 
)
static

check an IPv6 address against a local blocklist

Parameters
bufbuffer of local blocklist, each entry is 9 bytes long
lenlength of the buffer
Returns
1 if match, 0 if not, -1 if data malformed
int check_rbl ( char *const *  rbls,
char **  txt 
)

do a rbl lookup for remoteip

Parameters
rblsa NULL terminated array of rbls
txtpointer to "char *" where the TXT record of the listing will be stored if existent
Returns
index of first match
Return values
-1if not listed or error (if not listed errno is set to 0)

If no match was found but temporary DNS errors were encountered errno is set to EAGAIN.

If txt is NULL no TXT record lookup will be performed.

int domainmatch ( const char *  fqdn,
const size_t  len,
const char **  list 
)

check if a given host name matches against domain list

Parameters
fqdnhostname to check
lenlength of fqdn
listlist of domains and hosts to check against, NULL terminated
Returns
1 on match, 0 otherwise

-if list is NULL terminated and every list[x] and fqdn are 0-terminated there can't be any errors

void dotip6 ( char *  buffer)

print IPv6 address of remote host in dotted form in buffer

Parameters
bufferbuffer to store result
int lookupipbl ( int  fd)

check if the remote host is listed in local IP map file given by fd

Parameters
fdfile descriptor to file
Return values
<0on error
>0on match
0no match

fd will always be closed.

static void nibbletohex ( char *  dest,
const char  n 
)
inlinestatic

take a nibble and output it as hex to a buffer, followed by '.'

Parameters
destpointer where the output should go to
nthe input value. Must really be a nibble, anything else makes strange output
static int reverseip4 ( char *  buf)
static

print client IPv4 address in reverse order into a given buffer

Parameters
bufbuffer to write in (must have at least INET_ADDRSTRLEN (16) bytes)
Returns
length of string in buffer
void tarpit ( void  )

delay the next reply to the client

This should be used in all places where the client seems to be a spammer. This will delay him so he can't send so much spams.

tarpit does not sleep if there is input pending. If the client is using pipelining or (more likely) a worm or spambot ignoring our replies we kick him earlier and save some traffic.