From: Andrew Lewis <nerf@judo.za.org>
Date: Fri, 13 Feb 2015 09:23:06 +0000 (+0200)
Subject: rbl.lua: Try harder to avoid invalid DNS lookups
X-Git-Tag: 0.8.2~48^2~10
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=71188489ee3df086efb55aaa03faccde0769d47d;p=rspamd.git

rbl.lua: Try harder to avoid invalid DNS lookups

Conflicts:
	src/plugins/lua/rbl.lua
---

diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua
index f89055f26..bb0732820 100644
--- a/src/plugins/lua/rbl.lua
+++ b/src/plugins/lua/rbl.lua
@@ -2,6 +2,19 @@ local rbls = {}
 
 local rspamd_logger = require "rspamd_logger"
 
+local function validate_dns(lstr, rstr)
+  if (lstr:len() + rstr:len()) > 252 then
+    return false
+  end
+  for v in lstr:gmatch("[^%.]+") do
+    if not v:match("^[%w%.-]+$") or v:len() > 63
+      or v:match("^-") or v:match("-$") then
+      return false
+    end
+  end
+  return true
+end
+
 local function ip_to_rbl(ip, rbl)
   return table.concat(ip:inversed_str_octets(), ".") .. '.' .. rbl
 end
@@ -82,7 +95,8 @@ local function rbl_cb (task)
 	  end
 	  if not havegot['helo'] then
 	    havegot['helo'] = task:get_helo()
-	    if havegot['helo'] == nil or string.sub(havegot['helo'],1,1) == '[' then
+	    if havegot['helo'] == nil or
+              not validate_dns(havegot['helo'], rbl['rbl']) then
 	      notgot['helo'] = true
 	      return
 	    end