aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/plugins/lua/once_received.lua193
-rw-r--r--src/plugins/lua/rbl.lua21
2 files changed, 117 insertions, 97 deletions
diff --git a/src/plugins/lua/once_received.lua b/src/plugins/lua/once_received.lua
index 46a3e1b09..6e1243545 100644
--- a/src/plugins/lua/once_received.lua
+++ b/src/plugins/lua/once_received.lua
@@ -8,88 +8,91 @@ local good_hosts = {}
local rspamd_logger = require "rspamd_logger"
local function check_quantity_received (task)
- local function recv_dns_cb(resolver, to_resolve, results, err)
- task:inc_dns_req()
- if not results then
- task:insert_result(symbol_strict, 1)
- else
- rspamd_logger.info(string.format('SMTP resolver failed to resolve: %s is %s', to_resolve, results[1]))
- local i = true
- for _,h in ipairs(bad_hosts) do
- if string.find(results[1], h) then
- -- Check for good hostname
- if good_hosts then
- for _,gh in ipairs(good_hosts) do
- if string.find(results[1], gh) then
- i = false
- break
- end
- end
- end
- if i then
- task:insert_result(symbol_strict, 1, h)
- return
- end
- end
- end
- end
- end
+ local function recv_dns_cb(resolver, to_resolve, results, err)
+ task:inc_dns_req()
+ if not results then
+ task:insert_result(symbol_strict, 1)
+ else
+ rspamd_logger.info(string.format('SMTP resolver failed to resolve: %s is %s', to_resolve, results[1]))
+ local i = true
+ for _,h in ipairs(bad_hosts) do
+ if string.find(results[1], h) then
+ -- Check for good hostname
+ if good_hosts then
+ for _,gh in ipairs(good_hosts) do
+ if string.find(results[1], gh) then
+ i = false
+ break
+ end
+ end
+ end
+ if i then
+ task:insert_result(symbol_strict, 1, h)
+ return
+ end
+ end
+ end
+ end
+ end
- local recvh = task:get_received_headers()
- if table.maxn(recvh) <= 1 then
- task:insert_result(symbol, 1)
- -- Strict checks
- if symbol_strict then
- local r = recvh[1]
+ if task:get_user() ~= nil then
+ return
+ end
+ local recvh = task:get_received_headers()
+ if table.maxn(recvh) <= 1 then
+ task:insert_result(symbol, 1)
+ -- Strict checks
+ if symbol_strict then
+ local r = recvh[1]
if not r then
return
end
- -- Unresolved host
- if not r['real_hostname'] or string.lower(r['real_hostname']) == 'unknown' or
- string.match(r['real_hostname'], '^%d+%.%d+%.%d+%.%d+$') then
-
- if r['real_ip'] and r['real_ip']:is_valid() then
- -- Try to resolve it again
- task:get_resolver():resolve_ptr(task:get_session(), task:get_mempool(),
- r['real_ip']:to_string(), recv_dns_cb)
- else
- task:insert_result(symbol_strict, 1)
- end
- return
- end
+ -- Unresolved host
+ if not r['real_hostname'] or string.lower(r['real_hostname']) == 'unknown' or
+ string.match(r['real_hostname'], '^%d+%.%d+%.%d+%.%d+$') then
+
+ if r['real_ip'] and r['real_ip']:is_valid() then
+ -- Try to resolve it again
+ task:get_resolver():resolve_ptr(task:get_session(), task:get_mempool(),
+ r['real_ip']:to_string(), recv_dns_cb)
+ else
+ task:insert_result(symbol_strict, 1)
+ end
+ return
+ end
- local i = true
- local hn = string.lower(r['real_hostname'])
+ local i = true
+ local hn = string.lower(r['real_hostname'])
- for _,h in ipairs(bad_hosts) do
- if string.find(hn, h) then
- -- Check for good hostname
- if good_hosts then
- for _,gh in ipairs(good_hosts) do
- if string.find(hn, gh) then
- i = false
- break
- end
- end
- end
- if i then
- task:insert_result(symbol_strict, 1, h)
- return
- end
- end
- end
- end
- end
+ for _,h in ipairs(bad_hosts) do
+ if string.find(hn, h) then
+ -- Check for good hostname
+ if good_hosts then
+ for _,gh in ipairs(good_hosts) do
+ if string.find(hn, gh) then
+ i = false
+ break
+ end
+ end
+ end
+ if i then
+ task:insert_result(symbol_strict, 1, h)
+ return
+ end
+ end
+ end
+ end
+ end
end
-- Registration
if type(rspamd_config.get_api_version) ~= 'nil' then
- if rspamd_config:get_api_version() >= 1 then
- rspamd_config:register_module_option('once_received', 'symbol', 'string')
- rspamd_config:register_module_option('once_received', 'symbol_strict', 'string')
- rspamd_config:register_module_option('once_received', 'bad_host', 'string')
- rspamd_config:register_module_option('once_received', 'good_host', 'string')
- end
+ if rspamd_config:get_api_version() >= 1 then
+ rspamd_config:register_module_option('once_received', 'symbol', 'string')
+ rspamd_config:register_module_option('once_received', 'symbol_strict', 'string')
+ rspamd_config:register_module_option('once_received', 'bad_host', 'string')
+ rspamd_config:register_module_option('once_received', 'good_host', 'string')
+ end
end
-- Configuration
@@ -98,28 +101,28 @@ if opts then
if opts['symbol'] then
local symbol = opts['symbol']
- for n,v in pairs(opts) do
- if n == 'symbol_strict' then
- symbol_strict = v
- if type(rspamd_config.get_api_version) ~= 'nil' then
- rspamd_config:register_virtual_symbol(symbol_strict, 1.0)
- end
- elseif n == 'bad_host' then
- if type(v) == 'string' then
- bad_hosts[1] = v
- else
- bad_hosts = v
- end
- elseif n == 'good_host' then
- if type(v) == 'string' then
- good_hosts[1] = v
- else
- good_hosts = v
- end
- end
- end
+ for n,v in pairs(opts) do
+ if n == 'symbol_strict' then
+ symbol_strict = v
+ if type(rspamd_config.get_api_version) ~= 'nil' then
+ rspamd_config:register_virtual_symbol(symbol_strict, 1.0)
+ end
+ elseif n == 'bad_host' then
+ if type(v) == 'string' then
+ bad_hosts[1] = v
+ else
+ bad_hosts = v
+ end
+ elseif n == 'good_host' then
+ if type(v) == 'string' then
+ good_hosts[1] = v
+ else
+ good_hosts = v
+ end
+ end
+ end
- -- Register symbol's callback
- rspamd_config:register_symbol(symbol, 1.0, check_quantity_received)
- end
+ -- Register symbol's callback
+ rspamd_config:register_symbol(symbol, 1.0, check_quantity_received)
+ end
end
diff --git a/src/plugins/lua/rbl.lua b/src/plugins/lua/rbl.lua
index 9abac0067..0106e41f3 100644
--- a/src/plugins/lua/rbl.lua
+++ b/src/plugins/lua/rbl.lua
@@ -1,7 +1,23 @@
+-- This plugin implements various types of RBL checks
+-- Documentation can be found here:
+-- https://rspamd.com/doc/modules/rbl.html
+
local rbls = {}
local rspamd_logger = require "rspamd_logger"
-local rspamd_ip = require "rspamd_ip"
+
+local function validate_dns(lstr, rstr)
+ if (lstr:len() + rstr:len()) > 252 then
+ return false
+ end
+ for v in lstr:gmatch("[^%.]+") do
+ if not v:match("^[%w-]+$") or v:len() > 63
+ or v:match("^-") or v:match("-$") then
+ return false
+ end
+ end
+ return true
+end
local function ip_to_rbl(ip, rbl)
return table.concat(ip:inversed_str_octets(), ".") .. '.' .. rbl
@@ -83,7 +99,8 @@ local function rbl_cb (task)
end
if not havegot['helo'] then
havegot['helo'] = task:get_helo()
- if not havegot['helo'] or string.sub(havegot['helo'],1,1) == '[' or rspamd_ip.from_string(havegot['helo']):is_valid() then
+ if havegot['helo'] == nil or
+ not validate_dns(havegot['helo'], rbl['rbl']) then
notgot['helo'] = true
return
end