From fa3bba3712a578440421417b64a09c82b4df0b4a Mon Sep 17 00:00:00 2001 From: Andrew Lewis Date: Tue, 17 Feb 2015 10:22:19 +0200 Subject: [PATCH] Make local/private IP exclusions work for all RBL types --- doc/markdown/modules/rbl.md | 4 ++-- src/plugins/lua/rbl.lua | 18 ++++++++++++++---- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/doc/markdown/modules/rbl.md b/doc/markdown/modules/rbl.md index bff67e31d..e27e94049 100644 --- a/doc/markdown/modules/rbl.md +++ b/doc/markdown/modules/rbl.md @@ -55,11 +55,11 @@ If set to true, do not use this RBL if the message sender is authenticated. - default_exclude_private_ips (false) -If true & private_ips is set appropriately, from/received RBL checks will ignore private IP address space. +If true & private_ips is set appropriately, do not use the RBL if the sending host address is in the private IP list & do not check received headers baring these addresses. - default_exclude_local (true) -If true, and local_exclude_ip_map has been set - exclude specified addresses/subnets from received/from RBL checks. +If true & local_exclude_ip_map has been set - do not use the RBL if the sending host address is in the local IP list & do not check received headers baring these addresses. Other parameters which can be set here are: diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua index 198e725f4..625333f01 100644 --- a/src/plugins/lua/rbl.lua +++ b/src/plugins/lua/rbl.lua @@ -133,6 +133,20 @@ local function rbl_cb (task) end end + if (rbl['exclude_local'] or rbl['exclude_private_ips']) and not notgot['from'] then + if not havegot['from'] then + havegot['from'] = task:get_from_ip() + if not havegot['from']:is_valid() then + notgot['from'] = true + end + end + if havegot['from'] and not notgot['from'] and ((rbl['exclude_local'] and + is_excluded_ip(havegot['from'])) or (rbl['exclude_private_ips'] and + is_private_ip(havegot['from']))) then + return + end + end + if rbl['helo'] then (function() if notgot['helo'] then @@ -180,10 +194,6 @@ local function rbl_cb (task) return end end - if (rbl['exclude_private_ips'] and is_private_ip(havegot['from'])) - or (is_excluded_ip(havegot['from']) and rbl['exclude_local']) then - return - end if (havegot['from']:get_version() == 6 and rbl['ipv6']) or (havegot['from']:get_version() == 4 and rbl['ipv4']) then task:get_resolver():resolve_a(task:get_session(), task:get_mempool(), -- 2.39.5