"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "lib/Mail/SpamAssassin/Plugin/DNSEval.pm" between
Mail-SpamAssassin-3.4.4.tar.bz2 and Mail-SpamAssassin-3.4.5.tar.bz2

About: SpamAssassin is a mail filter that uses a wide range of heuristic tests on mail headers and body text to identify "spam" (also known as unsolicited commercial email) incl. Bayesian (statistical) spam filter and several internet-based realtime blacklists.

DNSEval.pm  (Mail-SpamAssassin-3.4.4.tar.bz2):DNSEval.pm  (Mail-SpamAssassin-3.4.5.tar.bz2)
skipping to change at line 48 skipping to change at line 48
The DNSEval plugin queries dns to see if a domain or an ip address The DNSEval plugin queries dns to see if a domain or an ip address
present on one of email's headers is on a particular rbl. present on one of email's headers is on a particular rbl.
=cut =cut
package Mail::SpamAssassin::Plugin::DNSEval; package Mail::SpamAssassin::Plugin::DNSEval;
use Mail::SpamAssassin::Plugin; use Mail::SpamAssassin::Plugin;
use Mail::SpamAssassin::Logger; use Mail::SpamAssassin::Logger;
use Mail::SpamAssassin::Constants qw(:ip); use Mail::SpamAssassin::Constants qw(:ip);
use Mail::SpamAssassin::Util qw(reverse_ip_address); use Mail::SpamAssassin::Util qw(reverse_ip_address is_fqdn_valid);
use strict; use strict;
use warnings; use warnings;
# use bytes; # use bytes;
use re 'taint'; use re 'taint';
our @ISA = qw(Mail::SpamAssassin::Plugin); our @ISA = qw(Mail::SpamAssassin::Plugin);
my $IP_ADDRESS = IP_ADDRESS; my $IP_ADDRESS = IP_ADDRESS;
my $IP_PRIVATE = IP_PRIVATE; my $IP_PRIVATE = IP_PRIVATE;
skipping to change at line 400 skipping to change at line 400
# backward compatibility # backward compatibility
sub check_rbl_results_for { sub check_rbl_results_for {
#warn "dns: check_rbl_results_for() is deprecated, use check_rbl_sub()\n"; #warn "dns: check_rbl_results_for() is deprecated, use check_rbl_sub()\n";
check_rbl_sub(@_); check_rbl_sub(@_);
} }
# this only checks the address host name and not the domain name because # this only checks the address host name and not the domain name because
# using the domain name had much worse results for dsn.rfc-ignorant.org # using the domain name had much worse results for dsn.rfc-ignorant.org
sub check_rbl_from_host { sub check_rbl_from_host {
my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_; my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_;
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $_[1]->a ll_from_addrs()); _check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $pms->al l_from_addrs());
} }
sub check_rbl_headers { sub check_rbl_headers {
my ($self, $pms, $rule, $set, $rbl_server, $subtest, $test_headers) = @_; my ($self, $pms, $rule, $set, $rbl_server, $subtest, $test_headers) = @_;
return 0 if $self->{main}->{conf}->{skip_rbl_checks}; return 0 if $self->{main}->{conf}->{skip_rbl_checks};
return 0 if !$pms->is_dns_available(); return 0 if !$pms->is_dns_available();
my @env_hdr; my @env_hdr;
my $conf = $self->{main}->{conf}; my $conf = $self->{main}->{conf};
if ( defined $test_headers ) { if ( defined $test_headers ) {
@env_hdr = split(/,/, $test_headers); @env_hdr = split(/,/, $test_headers);
} else { } else {
@env_hdr = split(/,/, $conf->{rbl_headers}); @env_hdr = split(/,/, $conf->{rbl_headers});
} }
foreach my $rbl_headers (@env_hdr) { foreach my $rbl_headers (@env_hdr) {
my $addr = $_[1]->get($rbl_headers.':addr', undef); my $addr = $pms->get($rbl_headers.':addr', undef);
if ( defined $addr && $addr =~ /\@([^\@\s]+)/ ) { if ( defined $addr && $addr =~ /\@([^\@\s]+)/ ) {
$self->_check_rbl_addresses($pms, $rule, $set, $rbl_server, $self->_check_rbl_addresses($pms, $rule, $set, $rbl_server,
$subtest, $addr); $subtest, $addr);
} else { } else {
my $host = $pms->get($rbl_headers); my $unsplitted_host = $pms->get($rbl_headers);
chomp($host); chomp($unsplitted_host);
if($host =~ /^$IP_ADDRESS$/ ) { foreach my $host (split(/\n/, $unsplitted_host)) {
return if ($conf->{tflags}->{$rule}||'') =~ /\bdomains_only\b/; if($host =~ /^$IP_ADDRESS$/ ) {
$host = reverse_ip_address($host); next if ($conf->{tflags}->{$rule}||'') =~ /\bdomains_only\b/;
} else { $host = reverse_ip_address($host);
return if ($conf->{tflags}->{$rule}||'') =~ /\bips_only\b/; } else {
next if ($conf->{tflags}->{$rule}||'') =~ /\bips_only\b/;
next unless is_fqdn_valid($host);
next unless $pms->{main}->{registryboundaries}->is_domain_valid($host)
;
}
$pms->do_rbl_lookup($rule, $set, 'A', "$host.$rbl_server", $subtest);
} }
$pms->do_rbl_lookup($rule, $set, 'A',
"$host.$rbl_server", $subtest) if ( defined $host and $host ne "");
} }
} }
} }
=over 4 =over 4
=item check_rbl_from_domain =item check_rbl_from_domain
This checks all the from addrs domain names as an alternate to check_rbl_from_ho st. As of v3.4.1, it has been improved to include a subtest for a specific octe t. This checks all the from addrs domain names as an alternate to check_rbl_from_ho st. As of v3.4.1, it has been improved to include a subtest for a specific octe t.
=back =back
=cut =cut
sub check_rbl_from_domain { sub check_rbl_from_domain {
my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_; my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_;
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $_[1]->a ll_from_addrs_domains()); _check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $pms->al l_from_addrs_domains());
} }
=over 4 =over 4
=item check_rbl_ns_from =item check_rbl_ns_from
This checks the dns server of the from addrs domain name. This checks the dns server of the from addrs domain name.
It is possible to include a subtest for a specific octet. It is possible to include a subtest for a specific octet.
=back =back
skipping to change at line 487 skipping to change at line 490
last; last;
} }
} }
return 0 unless defined $domain; return 0 unless defined $domain;
dbg("dns: checking NS for host $domain"); dbg("dns: checking NS for host $domain");
my $key = "NS:" . $domain; my $key = "NS:" . $domain;
my $obj = { dom => $domain, rule => $rule, set => $set, rbl_server => $rbl_ser ver, subtest => $subtest }; my $obj = { dom => $domain, rule => $rule, set => $set, rbl_server => $rbl_ser ver, subtest => $subtest };
my $ent = { my $ent = {
key => $key, zone => $domain, obj => $obj, type => "URI-NS", rulename => $rule, key => $key, zone => $domain, obj => $obj, type => "URI-N S",
}; };
# dig $dom ns # dig $dom ns
$ent = $pms->{async}->bgsend_and_start_lookup( $ent = $pms->{async}->bgsend_and_start_lookup(
$domain, 'NS', undef, $ent, $domain, 'NS', undef, $ent,
sub { my ($ent2,$pkt) = @_; sub { my ($ent2,$pkt) = @_;
$self->complete_ns_lookup($pms, $ent2, $pkt, $domain) }, $self->complete_ns_lookup($pms, $ent2, $pkt, $domain) },
master_deadline => $pms->{master_deadline} ); master_deadline => $pms->{master_deadline} );
return $ent; return $ent;
} }
skipping to change at line 517 skipping to change at line 520
# $pkt will be undef if the DNS query was aborted (e.g. timed out) # $pkt will be undef if the DNS query was aborted (e.g. timed out)
dbg("DNSEval: complete_ns_lookup aborted %s", $ent->{key}); dbg("DNSEval: complete_ns_lookup aborted %s", $ent->{key});
return; return;
} }
dbg("DNSEval: complete_ns_lookup %s", $ent->{key}); dbg("DNSEval: complete_ns_lookup %s", $ent->{key});
my @ns = $pkt->authority; my @ns = $pkt->authority;
foreach my $rr (@ns) { foreach my $rr (@ns) {
my $nshost = $rr->mname; my $nshost = $rr->mname;
if(defined($nshost)) { next unless defined $nshost;
chomp($nshost); chomp($nshost);
if (is_fqdn_valid($nshost)) {
if ( defined $subtest ) { if ( defined $subtest ) {
dbg("dns: checking [$nshost] / $rule / $set / $rbl_server / $subtest"); dbg("dns: checking [$nshost] / $rule / $set / $rbl_server / $subtest");
} else { } else {
dbg("dns: checking [$nshost] / $rule / $set / $rbl_server"); dbg("dns: checking [$nshost] / $rule / $set / $rbl_server");
} }
$pms->do_rbl_lookup($rule, $set, 'A', $pms->do_rbl_lookup($rule, $set, 'A',
"$nshost.$rbl_server", $subtest) if ( defined $nshost and $nshost ne "") ; "$nshost.$rbl_server", $subtest);
} }
} }
} }
=over 4 =over 4
=item check_rbl_rcvd =item check_rbl_rcvd
This checks all received headers domains or ip addresses against a specific rbl. This checks all received headers domains or ip addresses against a specific rbl.
It is possible to include a subtest for a specific octet. It is possible to include a subtest for a specific octet.
skipping to change at line 567 skipping to change at line 571
foreach my $host ( @udnsrcvd ) { foreach my $host ( @udnsrcvd ) {
if((defined $host) and ($host ne "")) { if((defined $host) and ($host ne "")) {
chomp($host); chomp($host);
if($host =~ /^$IP_ADDRESS$/ ) { if($host =~ /^$IP_ADDRESS$/ ) {
next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bdomains_only\b/; next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bdomains_only\b/;
$host = reverse_ip_address($host); $host = reverse_ip_address($host);
} else { } else {
next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bips_only\b/; next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bips_only\b/;
$host =~ s/\.$//; $host =~ s/\.$//;
next unless is_fqdn_valid($host);
next unless $pms->{main}->{registryboundaries}->is_domain_valid($host);
} }
if ( defined $subtest ) { if ( defined $subtest ) {
dbg("dns: checking [$host] / $rule / $set / $rbl_server / $subtest"); dbg("dns: checking [$host] / $rule / $set / $rbl_server / $subtest");
} else { } else {
dbg("dns: checking [$host] / $rule / $set / $rbl_server"); dbg("dns: checking [$host] / $rule / $set / $rbl_server");
} }
$pms->do_rbl_lookup($rule, $set, 'A', $pms->do_rbl_lookup($rule, $set, 'A', "$host.$rbl_server", $subtest);
"$host.$rbl_server", $subtest) if ( defined $host and $host ne "");
} }
} }
return 0; return 0;
} }
# this only checks the address host name and not the domain name because # this only checks the address host name and not the domain name because
# using the domain name had much worse results for dsn.rfc-ignorant.org # using the domain name had much worse results for dsn.rfc-ignorant.org
sub check_rbl_envfrom { sub check_rbl_envfrom {
my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_; my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_;
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $_[1]->g et('EnvelopeFrom:addr',undef)); _check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $pms->ge t('EnvelopeFrom:addr',undef));
} }
sub _check_rbl_addresses { sub _check_rbl_addresses {
my ($self, $pms, $rule, $set, $rbl_server, $subtest, @addresses) = @_; my ($self, $pms, $rule, $set, $rbl_server, $subtest, @addresses) = @_;
return 0 if $self->{main}->{conf}->{skip_rbl_checks}; return 0 if $self->{main}->{conf}->{skip_rbl_checks};
return 0 unless $pms->is_dns_available(); return 0 unless $pms->is_dns_available();
my %hosts; my %hosts;
for (@addresses) { for (@addresses) {
skipping to change at line 617 skipping to change at line 622
($rbl_server !~ /\.$/)) { ($rbl_server !~ /\.$/)) {
$rbl_server .= "."; $rbl_server .= ".";
} }
for my $host (keys %hosts) { for my $host (keys %hosts) {
if ($host =~ /^$IP_ADDRESS$/) { if ($host =~ /^$IP_ADDRESS$/) {
next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bdomains_only\b/; next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bdomains_only\b/;
$host = reverse_ip_address($host); $host = reverse_ip_address($host);
} else { } else {
next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bips_only\b/; next if ($pms->{conf}->{tflags}->{$rule}||'') =~ /\bips_only\b/;
next unless is_fqdn_valid($host);
next unless $pms->{main}->{registryboundaries}->is_domain_valid($host);
} }
dbg("dns: checking [$host] / $rule / $set / $rbl_server"); dbg("dns: checking [$host] / $rule / $set / $rbl_server");
$pms->do_rbl_lookup($rule, $set, 'A', "$host.$rbl_server", $subtest); $pms->do_rbl_lookup($rule, $set, 'A', "$host.$rbl_server", $subtest);
} }
} }
sub check_dns_sender { sub check_dns_sender {
my ($self, $pms, $rule) = @_; my ($self, $pms, $rule) = @_;
return 0 if $self->{main}->{conf}->{skip_rbl_checks}; return 0 if $self->{main}->{conf}->{skip_rbl_checks};
 End of changes. 13 change blocks. 
20 lines changed or deleted 28 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)