new plugin: qmail-spp-filter
Brought to you by:
pavcio
Menu
▾
▴
new plugin: qmail-spp-filter
|
From: Chris C. <cc...@al...> - 2008-11-06 05:51:39
|
I have created a new plugin I call "qmail-spp-filter". The plugin is up at: https://www.caputo.com/foss/qmail-spp-filter/ The new docs are below. Pawel, please consider this for the plugin directory. Thank you, Chris ----- This program enables qmail-spp commands to be issued based on matches of TCPREMOTEIP, SMTPMAILFROM or SMTPRCPTTO with records in text files. The TinyCDB library (http://www.corpit.ru/mjt/tinycdb.html) is used. Or if is not available, the standard CDB library is used (http://cr.yp.to/cdb/install.html). Compile plugin using something like this for TinyCDB: gcc -g -Wall qmail-spp-filter.c -o qmail-spp-filter -lcdb Or this for standard CDB: gcc -g -Wall qmail-spp-filter.c -o qmail-spp-filter /usr/lib/cdb.a \ /usr/lib/unix.a /usr/lib/buffer.a /usr/lib/alloc.a /usr/lib/byte.a Put qmail-spp-filter in the qmail plugins directory (ex. "/var/qmail/plugins") and add to smtpplugins file (ex. "/var/qmail/control/smtpplugins") after [rcpt] section: [rcpt] plugins/qmail-spp-filter If the "RELAYCLIENT" environment variable (envar) is set, this module exits without doing anything, since the client has permission to relay. IPv6 is supported if TCPREMOTEIP contains an IPv6 address or if TCP6REMOTEIP envar is set. Filters are specified by setting the following envars. SPP_FILTER_#_DEF SPP_FILTER_#_CMD '#' starts at 1 and increments numerically (base 10, no leading zeros) until there is no matching envar. For each DEF envar, there must be a matching CMD envar. DEF envars are defined as: "type:pathname" where "type" is one of: ip list of IP addresses from list of from/sender email addresses regexfrom list of regular expressions to match with from/sender addrs rcpt list of destination/rcptto email addresses regexrcpt list of regular expressions to match with dest/rcptto addrs and pathname is the full filename of a text file with one record per line. Comments start with '#' in the text files. CDB hash files (http://cr.yp.to/cdb.html) are automatically generated for all but regular expression files. CDB generation is triggered if it appears that the source text file is newer than the accompanying CDB file or if a CDB file does not exist. The "qmaild" user must have write access to the directory containing the file. The regular expressions are of the POSIX Extended Regular Expression regex(3) format and are case-insensitive. Possible settings of CMD envars are taken from http://qmail-spp.sourceforge.net/doc/ : Command Description ----------------------------------------------------------------------- A accept mail - turn off qmail-spp in this session N next - accept current SMTP command (do not execute remaining plugins for this command) O ok - like N, but omits qmail checks in MAIL and RCPT Emsg error - do not accept this SMTP command and immediately send msg to the client LMmsg later, mail - like E, but shows error after MAIL command LRmsg later, rcpt - like E, but shows error after RCPT command LDmsg later, data - like E, but shows error after DATA command Rmsg reject mail - send msg to the client and drop connection D drop connection immediately, without printing anything Svar=value set environmental variable var to value Uvar unset var variable Hcontent header - add header content (eg. X-Spam-Flag: YES) Cf...@ba... change last address provided by the client to fo...@ba... (MAIL FROM or RCPT TO address) Pmsg print - send msg to the client Separate commands are separated by a comma or a carriage return. Be careful not to include a comma for any other reason. Once a match is found and a CMD is processed, the plugin exits. An optional SPP_FILTER_NOMATCH_CMD envar can be set if you want the program to issue a qmail-spp command (or commands) if there is a failure to find any match. Except for the SPP_FILTER_NOMATCH_CMD envar, if any CMDs include the special string "send-filter-def" then "send-filter-def" will be replaced by the content of the SPP_FILTER_#_DEF envar that matched. Example envars: SPP_FILTER_1_DEF="ip:/var/qmail/control/whitelist_ips" SPP_FILTER_1_CMD="A,SSPP_FILTER_WHITELISTEDIP_MATCHED=1" SPP_FILTER_2_DEF="regexrcpt:/var/qmail/control/whitelist_regex_rcpts" SPP_FILTER_2_CMD="A,HSPP-Filter-Match: send-filter-def" SPP_FILTER_3_DEF="regexfrom:/var/qmail/control/blacklist_regex_senders" SPP_FILTER_3_CMD="E550 Blacklisted!" SPP_FILTER_4_DEF="rcpt:/var/qmail/control/whitelist_rcpts" SPP_FILTER_4_CMD="A" SPP_FILTER_5_DEF="from:/var/qmail/control/whitelist_senders" SPP_FILTER_5_CMD="A" SPP_FILTER_6_DEF="from:/var/qmail/control/blacklist_senders" SPP_FILTER_6_CMD="E550 Blacklisted!" SPP_FILTER_NOMATCH_CMD="SSPP_FILTER_FOUND_NO_MATCH=1" Example "ip" text file: 127.0.0.1 # full IP address, with no leading zeros 192.168.2 # partial IP address 192.168 # partial IP address 10 # partial IP address 2001:0db8:0000:0000:0000:0000 # invariant part of IPv6 addresses need to # be explicit (no "::" or ":0:" compression # since simple text matching is used. Example "from" or "rcpt" text file: # list of email addresses to whitelist fo...@ba... # comment ba...@fo... Example "regexfrom" or "regexrcpt" regex text file: # ^ and $ operators are automatically added by the plugin. .*@bar.com # match any email from bar.com john-.*@doe.com ----- |
