aboutsummaryrefslogtreecommitdiffstats
path: root/src/libserver/spf.h
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2019-10-25 09:22:43 +0100
committerVsevolod Stakhov <vsevolod@highsecure.ru>2019-10-25 09:30:36 +0100
commit9e61dce1b503b21f85ee24378aa4a3383680e792 (patch)
treee7901dedd0489fa8acb38c077fd6f91db1a4afe2 /src/libserver/spf.h
parent1207a8100a44ac98366e8219d4bfef1ab96399a1 (diff)
downloadrspamd-9e61dce1b503b21f85ee24378aa4a3383680e792.tar.gz
rspamd-9e61dce1b503b21f85ee24378aa4a3383680e792.zip
[Feature] Implement configurable limits for SPF lookups
Diffstat (limited to 'src/libserver/spf.h')
-rw-r--r--src/libserver/spf.h8
1 files changed, 8 insertions, 0 deletions
diff --git a/src/libserver/spf.h b/src/libserver/spf.h
index 725d84fe4..cd8eaffac 100644
--- a/src/libserver/spf.h
+++ b/src/libserver/spf.h
@@ -46,6 +46,11 @@ typedef enum spf_action_e {
#define RSPAMD_SPF_FLAG_PERMFAIL (1u << 10u)
#define RSPAMD_SPF_FLAG_RESOLVED (1u << 11u)
+/** Default SPF limits for avoiding abuse **/
+#define SPF_MAX_NESTING 10
+#define SPF_MAX_DNS_REQUESTS 30
+#define SPF_MIN_CACHE_TTL (60 * 5) /* 5 minutes */
+
struct spf_addr {
guchar addr6[sizeof (struct in6_addr)];
guchar addr4[sizeof (struct in_addr)];
@@ -112,6 +117,9 @@ gchar *spf_addr_mask_to_string (struct spf_addr *addr);
struct spf_addr *spf_addr_match_task (struct rspamd_task *task,
struct spf_resolved *rec);
+void spf_library_config (gint max_dns_nesting, gint max_dns_requests,
+ gint min_cache_ttl);
+
#ifdef __cplusplus
}
#endif