From: Andrew Lewis <nerf@judo.za.org>
Date: Fri, 13 Feb 2015 09:23:06 +0000 (+0200)
Subject: rbl.lua: Try harder to avoid invalid DNS lookups
X-Git-Tag: 0.9.0~720^2~4
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=a7540e1dc1975ce43e20366cdf5d205409782277;p=rspamd.git

rbl.lua: Try harder to avoid invalid DNS lookups
---

diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua
index 9abac0067..bb0732820 100644
--- a/src/plugins/lua/rbl.lua
+++ b/src/plugins/lua/rbl.lua
@@ -1,7 +1,19 @@
 local rbls = {}
 
 local rspamd_logger = require "rspamd_logger"
-local rspamd_ip = require "rspamd_ip"
+
+local function validate_dns(lstr, rstr)
+  if (lstr:len() + rstr:len()) > 252 then
+    return false
+  end
+  for v in lstr:gmatch("[^%.]+") do
+    if not v:match("^[%w%.-]+$") or v:len() > 63
+      or v:match("^-") or v:match("-$") then
+      return false
+    end
+  end
+  return true
+end
 
 local function ip_to_rbl(ip, rbl)
   return table.concat(ip:inversed_str_octets(), ".") .. '.' .. rbl
@@ -83,7 +95,8 @@ local function rbl_cb (task)
 	  end
 	  if not havegot['helo'] then
 	    havegot['helo'] = task:get_helo()
-	    if not havegot['helo'] or string.sub(havegot['helo'],1,1) == '[' or rspamd_ip.from_string(havegot['helo']):is_valid() then
+	    if havegot['helo'] == nil or
+              not validate_dns(havegot['helo'], rbl['rbl']) then
 	      notgot['helo'] = true
 	      return
 	    end