diff options
| author | Andrew Lewis <nerf@judo.za.org> | 2015-02-16 10:59:25 +0200 |
|---|---|---|
| committer | Andrew Lewis <nerf@judo.za.org> | 2015-02-16 11:00:04 +0200 |
| commit | 63f9c87ab75bb3ec0adf8b8e7ec97426477b5c4a (patch) | |
| tree | 4973ae3ac2edc46c4af922880a995b92bcee2fd1 | |
| parent | 3fd3a8e6b708401ca14204f0ab71501c08f16d78 (diff) | |
| download | rspamd-63f9c87ab75bb3ec0adf8b8e7ec97426477b5c4a.tar.gz rspamd-63f9c87ab75bb3ec0adf8b8e7ec97426477b5c4a.zip | |
Make local exclusions configurable per-RBL
| -rw-r--r-- | doc/markdown/modules/rbl.md | 4 | ||||
| -rw-r--r-- | src/plugins/lua/rbl.lua | 15 |
2 files changed, 15 insertions, 4 deletions
diff --git a/doc/markdown/modules/rbl.md b/doc/markdown/modules/rbl.md index 8748f4617..7798f0069 100644 --- a/doc/markdown/modules/rbl.md +++ b/doc/markdown/modules/rbl.md @@ -57,6 +57,10 @@ If set to true, do not use this RBL if the message sender is authenticated. If set to true, from/received RBL checks will ignore private IP address space. +- default_exclude_local (true) + +If true, and local_exclude_ip_map has been set - exclude specified addresses/subnets from received/from RBL checks. + Other parameters which can be set here are: - local_exclude_ip_map diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua index 6fa7d25cc..e32ca136e 100644 --- a/src/plugins/lua/rbl.lua +++ b/src/plugins/lua/rbl.lua @@ -209,7 +209,7 @@ local function rbl_cb (task) havegot['from'] = task:get_from_ip() if not havegot['from']:is_valid() or (rbl['exclude_private_ips'] and is_private_ip(havegot['from'])) - or is_excluded_ip(havegot['from']) then + or (is_excluded_ip(havegot['from']) and rbl['exclude_local']) then notgot['from'] = true return end @@ -239,7 +239,8 @@ local function rbl_cb (task) if ((rh['real_ip']:get_version() == 6 and rbl['ipv6']) or (rh['real_ip']:get_version() == 4 and rbl['ipv4'])) and ((rbl['exclude_private_ips'] and not is_private_ip(rh['real_ip'])) or - not rbl['exclude_private_ips']) and not is_excluded_ip(rh['real_ip']) then + not rbl['exclude_private_ips']) and not (is_excluded_ip(rh['real_ip']) + and rbl['exclude_local']) then task:get_resolver():resolve_a(task:get_session(), task:get_mempool(), ip_to_rbl(rh['real_ip'], rbl['rbl']), rbl_dns_cb, k) end @@ -265,6 +266,7 @@ if type(rspamd_config.get_api_version) ~= 'nil' then rspamd_config:register_module_option('rbl', 'default_exclude_users', 'string') rspamd_config:register_module_option('rbl', 'default_exclude_private_ips', 'string') rspamd_config:register_module_option('rbl', 'local_exclude_ip_map', 'string') + rspamd_config:register_module_option('rbl', 'default_exclude_local', 'string') end end @@ -300,13 +302,18 @@ end if(opts['default_exclude_private_ips'] == nil) then opts['default_exclude_private_ips'] = false end - +if(opts['default_exclude_local'] == nil) then + opts['default_exclude_local'] = true +end if(opts['local_exclude_ip_map'] ~= nil) then local_exclusions = rspamd_config:add_radix_map(opts['local_exclude_ip_map']) end for key,rbl in pairs(opts['rbls']) do - local o = { "ipv4", "ipv6", "from", "received", "unknown", "rdns", "helo", "exclude_users", "exclude_private_ips" } + local o = { + "ipv4", "ipv6", "from", "received", "unknown", "rdns", "helo", "exclude_users", + "exclude_private_ips", "exclude_local" + } for i=1,table.maxn(o) do if(rbl[o[i]] == nil) then rbl[o[i]] = opts['default_' .. o[i]] |