Jason 'XenoPhage' Frisvold said:
> I'll look into it and see what I come up with myself... If I'm
> successful, I'll be sure to send a patch to the list.. :)
Turns out this was nothing more than the moving of a single line of
code... :) I've attached a complete patch to this message. Standard
disclaimer applies, use at your own risk, if the sun melts down, it's not
my fault, etc..
I hope this helps everyone out there! This toaster is *GREAT* and I'm
just trying to do my part by giving some back!
---------------------------
Jason 'XenoPhage' Frisvold
Engine / Technology Programmer
[EMAIL PROTECTED]
RedHat Certified - RHCE # 803004140609871
MySQL Pro Certified - ID# 207171862
MySQL Core Certified - ID# 205982910
---------------------------
"Something mysterious is formed, born in the silent void. Waiting alone
and unmoving, it is at once still and yet in constant motion. It is the
source of all programs. I do not know its name, so I will call it the Tao
of Programming."
This patch is intended to be used in conjunction with Bill Shupp's large
qmail-toaster-greylisting patch. I tool the existing chkusr-mysql patch
and applied it to qmail, ensuring that chkusr is run before greylisting.
Kudos to Bill and all the others who have put forth the effort to make
such a great email toaster!
So as to not take away any credit due, Bill's original message is below...
Jason Frisvold
This patch was writtn by Antonio Nati ([EMAIL PROTECTED]), and is
only slightly modified by me. This version is suitable for use with mysql
and has tmda support as well. Please edit conf-mysql to match the location
of your libmysqlclient.a library.
Here's a link to the original web page:
http://www.interazioni.it/qmail/#qmail-smtpd
Bill Shupp
diff -urN netqmail-1.05/conf-mysql netqmail-1.05-mine/conf-mysql
--- netqmail-1.05/conf-mysql 1969-12-31 19:00:00.000000000 -0500
+++ netqmail-1.05-mine/conf-mysql 2004-04-30 17:16:34.000000000 -0400
@@ -0,0 +1,3 @@
+/usr/lib/mysql/libmysqlclient.a
+
+The FULL path do the libmysqlclient.a library
diff -urN netqmail-1.05/conf-vpopmail netqmail-1.05-mine/conf-vpopmail
--- netqmail-1.05/conf-vpopmail 1969-12-31 19:00:00.000000000 -0500
+++ netqmail-1.05-mine/conf-vpopmail 2004-04-30 17:16:49.000000000 -0400
@@ -0,0 +1,3 @@
+/home/vpopmail
+
+The home directory of the vpopmail user
diff -urN netqmail-1.05/Makefile netqmail-1.05-mine/Makefile
--- netqmail-1.05/Makefile 2004-04-30 21:32:45.000000000 -0400
+++ netqmail-1.05-mine/Makefile 2004-04-30 17:18:26.000000000 -0400
@@ -23,7 +23,7 @@
auto-ccld.sh: \
conf-cc conf-ld warn-auto.sh
( cat warn-auto.sh; \
- echo CC=\'`head -1 conf-cc`\'; \
+ echo CC=\'`head -1 conf-cc` -I`head -1 conf-vpopmail`/include\'; \
echo LD=\'`head -1 conf-ld`\' \
) > auto-ccld.sh
@@ -1584,8 +1584,10 @@
tls.o ssl_timeoutio.o ndelay.a -L/usr/local/ssl/lib -lssl -lcrypto \
received.o date822fmt.o now.o qmail.o cdb.a fd.a wait.a \
datetime.a getln.a open.a sig.a case.a env.a stralloc.a \
- alloc.a strerr.a substdio.a error.a str.a fs.a auto_qmail.o base64.o `cat \
- socket.lib` dns.o `cat dns.lib`
+ alloc.a strerr.a substdio.a error.a str.a fs.a auto_qmail.o base64.o \
+ `cat socket.lib` dns.o `cat dns.lib` -lcrypt \
+ `head -1 conf-vpopmail`/lib/libvpopmail.a \
+ `head -1 conf-mysql` -lz -lm
qmail-envelope-scanner: \
load qmail-envelope-scanner.o local_scan.o /usr/lib/mysql/libmysqlclient.a
diff -urN netqmail-1.05/qmail-smtpd.c netqmail-1.05-mine/qmail-smtpd.c
--- netqmail-1.05/qmail-smtpd.c 2004-04-30 21:32:45.000000000 -0400
+++ netqmail-1.05-mine/qmail-smtpd.c 2004-04-30 21:09:07.000000000 -0400
@@ -25,6 +25,17 @@
#include "timeoutread.h"
#include "timeoutwrite.h"
#include "commands.h"
+#include <pwd.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <dirent.h>
+#include <stdio.h>
+
+#include "open.h"
+#include <vpopmail.h>
+#include <vauth.h>
+#include <vpopmail_config.h>
+
#include "qregex.h"
#include "strerr.h"
@@ -313,6 +324,194 @@
return 0;
}
+void err_realrcpt() { out("550 sorry, no mailbox here by that name (#5.1.1 - chkusr)\r\n"); }
+
+int realrcpt_check()
+{
+ stralloc user = {0};
+ stralloc domain = {0};
+ stralloc domain_path = {0};
+ stralloc bounce_path = {0};
+ stralloc alias_name = {0};
+ stralloc alias_path = {0};
+ stralloc mailing_path = {0};
+ int count;
+ int retstat = 0;
+ struct vqpasswd *user_passwd = NULL;
+ int fd_file = -1;
+ int read_char;
+ DIR *dir_file = NULL;
+ int offset;
+ char read_buf[1024];
+
+/* if not local rcpthost we cannot control mailbox */
+
+ if (!addrallowed()) { return 1; }
+
+/* Set up our variables */
+
+/* Search the '@' character */
+ count = byte_rchr(addr.s,addr.len,'@');
+
+/*
+ * Give extra room to variables used often or used outside stralloc_x calls
+ * This should make all safer and even faster
+ * (when these fields are used by stralloc_x routines)
+*/
+ if (!stralloc_ready (&domain, 200)) die_nomem();
+ if (!stralloc_ready (&domain_path, 200)) die_nomem();
+
+ if (count < addr.len) {
+ if (!stralloc_copyb (&user, addr.s, count)) die_nomem();
+ if (!stralloc_0 (&user)) die_nomem();
+ if (!stralloc_copys (&domain, addr.s + count + 1)) die_nomem();
+ if (!stralloc_0 (&domain)) die_nomem();
+ }
+ else {
+ if (!stralloc_copys (&user, addr.s)) die_nomem();
+ if (!stralloc_0 (&user)) die_nomem();
+ if (!stralloc_copys (&domain, DEFAULT_DOMAIN)) die_nomem();
+ if (!stralloc_0 (&domain)) die_nomem();
+ }
+
+/* My personal control: continue only if a domain (default or not) is specified */
+
+ if (domain.len == 1)
+ return 0;
+
+ case_lowers (user.s);
+ case_lowers (domain.s);
+
+/* Check if domain is a real domain */
+
+ /* if (!stralloc_0 (&domain)) die_nomem();
+ vget_real_domain(domain.s, domain.a);
+
+ domain.len = strlen (domain.s);
+ if (domain.len > (domain.a - 1)) die_nomem(); */
+
+/* Let's get domain's real path */
+ vget_assign(domain.s, domain_path.s, 156, NULL, NULL);
+
+ domain_path.len = strlen (domain_path.s);
+
+/* Now Let's start the test suite */
+
+ switch (0) {
+
+ case 0:
+/* Check if domain has bouncing enabled */
+
+ /* Allocate room for bounce_path */
+ if (!stralloc_ready (&bounce_path, 200)) die_nomem();
+ if (!stralloc_copy (&bounce_path, &domain_path)) die_nomem();
+ if (!stralloc_cats (&bounce_path, "/.qmail-default")) die_nomem();
+ if (!stralloc_0 (&bounce_path)) die_nomem();
+
+ read_char = 0;
+ fd_file = open_read (bounce_path.s);
+ if (fd_file != -1) {
+ read_char = read (fd_file, read_buf, sizeof(read_buf) - 1);
+ close (fd_file);
+ if (read_char < 0) read_char = 0;
+ }
+ read_buf[read_char] = 0;
+
+ if ( strstr(read_buf, "bounce-no-mailbox") == NULL ) {
+ retstat = 1;
+ break;
+ }
+
+ case 1:
+/* User control: check the existance of a real user */
+
+ user_passwd = vauth_getpw (user.s, domain.s);
+ if (user_passwd == NULL) {
+ count = 0;
+ while ((count < (user.len -1)) && (user_passwd == NULL)) {
+ count += byte_chr(&user.s[count], user.len - count,'-');
+ if (count < user.len) {
+ if (!stralloc_copyb (&alias_name, user.s, count)) die_nomem();
+ if (!stralloc_0 (&alias_name)) die_nomem();
+ user_passwd = vauth_getpw (alias_name.s, domain.s);
+ ++count;
+ }
+ }
+ }
+ if (user_passwd != NULL) {
+
+ /* If user exists check if he has BOUNCE_MAIL flag set */
+
+ if (user_passwd->pw_gid & BOUNCE_MAIL)
+ retstat = 0;
+ else
+ retstat = 1;
+ break;
+ }
+
+ case 2:
+/* Check for aliases/forwards - valias*/
+
+ if (valias_select (user.s, domain.s) != NULL) {
+ retstat = 1;
+ break;
+ }
+
+ case 3:
+/* Check for aliases/forwards - .qmail.x files */
+
+ /* Allocate room for alias_path */
+ if (!stralloc_ready (&alias_path, 200)) die_nomem();
+ if (!stralloc_copy (&alias_name, &user)) die_nomem();
+
+ /* Change all '.' in ':' before continuing on aliases */
+ for (count = 0; count < alias_name.len; ++count)
+ if (*(alias_name.s + count) == '.') *(alias_name.s + count) = ':';
+
+ if (!stralloc_copy (&alias_path, &domain_path)) die_nomem();
+ if (!stralloc_cats (&alias_path, "/.qmail-")) die_nomem();
+ if (!stralloc_cats (&alias_path, alias_name.s)) die_nomem();
+ if (!stralloc_0 (&alias_path)) die_nomem();
+
+ /* access executes anyway as real (vpopmail:vchkpw), that's ok */
+ if (access (alias_path.s, F_OK) == 0) {
+ retstat = 1;
+ break;
+ }
+
+ case 4:
+/* Let's check for mailing lists */
+
+ /* Allocate room for mailing_path */
+ if (!stralloc_ready (&mailing_path, 300)) die_nomem();
+
+ /* Search for the outer '-' character */
+ for (offset = user.len - 1; offset > 0; --offset)
+ if (*(user.s + offset) == '-') {
+ if (!stralloc_copy (&mailing_path, &domain_path)) die_nomem();
+ if (!stralloc_cats (&mailing_path, "/")) die_nomem();
+ if (!stralloc_catb (&mailing_path, user.s, offset)) die_nomem();
+ if (!stralloc_cats (&mailing_path, "/mailinglist")) die_nomem();
+ if (!stralloc_0 (&mailing_path)) die_nomem();
+ /* access executes anyway as real (vpopmail:vchkpw), that's ok */
+ if (access (mailing_path.s, F_OK) == 0) {
+ retstat = 1;
+ break;
+ }
+ }
+
+/*
+ * Add this code if another case is following
+ if (retstat == 1)
+ break;
+*/
+
+ } /* end switch */
+
+ return retstat;
+}
+
+
int mfcheck()
{
stralloc sa = {0};
@@ -423,6 +622,7 @@
rcptcount = 0;
out("250 ok\r\n");
}
+
void smtp_rcpt(arg) char *arg; {
if (!seenmail) { err_wantmail(); return; }
if (!addrparse(arg)) { err_syntax(); return; }
@@ -437,6 +637,9 @@
err_bmt();
return;
}
+ // Check if the rcpt is real first
+ if (!realrcpt_check()) { err_realrcpt(); return; }
+ // Then check to see if they've been through the greylist
if (relayclient) {
--addr.len;
if (!stralloc_cats(&addr,relayclient)) die_nomem();
