|
Qsmtp
0.30dev
|
several helper functions for spam filters More...
#include <qsmtpd/antispam.h>#include <control.h>#include <fmt.h>#include <libowfatconn.h>#include <log.h>#include <match.h>#include <mmap.h>#include <netio.h>#include <qsmtpd/qsmtpd.h>#include <tls.h>#include <arpa/inet.h>#include <errno.h>#include <fcntl.h>#include <netinet/in.h>#include <openssl/ssl.h>#include <poll.h>#include <string.h>#include <sys/file.h>#include <sys/mman.h>#include <sys/stat.h>#include <syslog.h>#include <unistd.h>Typedefs | |
| typedef int(* | ip_matchnet) (const struct in6_addr *ip, const void *ipbuf, const unsigned char netmask) |
Functions | |
| static void | nibbletohex (char *dest, const char n) |
| void | dotip6 (char *buffer) |
| static int | reverseip4 (char *buf) |
| int | check_rbl (char *const *rbls, char **txt) |
| void | tarpit (void) |
| static int | check_ipbl_file (const size_t iplen, const off_t flen, const unsigned char *buf, ip_matchnet matchfunc) |
| static int | check_ip4 (const unsigned char *buf, const off_t len) |
| static int | check_ip6 (const unsigned char *buf, const unsigned int len) |
| int | domainmatch (const char *fqdn, const size_t len, const char **list) |
| int | lookupipbl (int fd) |
Variables | |
| static unsigned int | tarpitcount = 0 |
several helper functions for spam filters
|
static |
check an IPv4 mapped IPv6 address against a local blocklist
| buf | buffer of local blocklist, each entry is 5 bytes long |
| len | length of the buffer |
1 if match 0 if no match -1 if data malformed
|
static |
check an IPv6 address against a local blocklist
| buf | buffer of local blocklist, each entry is 9 bytes long |
| len | length of the buffer |
| int check_rbl | ( | char *const * | rbls, |
| char ** | txt | ||
| ) |
do a rbl lookup for remoteip
| rbls | a NULL terminated array of rbls |
| txt | pointer to "char *" where the TXT record of the listing will be stored if existent |
| -1 | if not listed or error (if not listed errno is set to 0) |
If no match was found but temporary DNS errors were encountered errno is set to EAGAIN.
If txt is NULL no TXT record lookup will be performed.
| int domainmatch | ( | const char * | fqdn, |
| const size_t | len, | ||
| const char ** | list | ||
| ) |
check if a given host name matches against domain list
| fqdn | hostname to check |
| len | length of fqdn |
| list | list of domains and hosts to check against, NULL terminated |
-if list is NULL terminated and every list[x] and fqdn are 0-terminated there can't be any errors
| void dotip6 | ( | char * | buffer | ) |
print IPv6 address of remote host in dotted form in buffer
| buffer | buffer to store result |
| int lookupipbl | ( | int | fd | ) |
check if the remote host is listed in local IP map file given by fd
| fd | file descriptor to file |
| <0 | on error |
| >0 | on match |
| 0 | no match |
fd will always be closed.
|
inlinestatic |
take a nibble and output it as hex to a buffer, followed by '.'
| dest | pointer where the output should go to |
| n | the input value. Must really be a nibble, anything else makes strange output |
|
static |
print client IPv4 address in reverse order into a given buffer
| buf | buffer to write in (must have at least INET_ADDRSTRLEN (16) bytes) |
| void tarpit | ( | void | ) |
delay the next reply to the client
This should be used in all places where the client seems to be a spammer. This will delay him so he can't send so much spams.
tarpit does not sleep if there is input pending. If the client is using pipelining or (more likely) a worm or spambot ignoring our replies we kick him earlier and save some traffic.
1.8.10