[milters] Archive

Lists Index Date Thread Search

Article: 376
From: Anthony Howe
Date: 2005-03-04 07:24:59 -0500
Subject: Re: Sender invalid

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Ismael Perin wrote:
> This log show messages authorizated for the milter-sender becouse is my 
> host, but this user (vnha_hnpm_h_t_u) does not exists.
> 
> -------------------------------------------------
> Mar  3 16:04:39 myserver milter-sender[27810]: 08809 j23J4ad8024769: MX for 
> <vnha_hnpm_h_t_u@myserver.com> is this host, skipping
> 
> Mar  3 16:04:52 myserver sendmail[24769]: j23J4ad8024769: 
> from=<vnha_hnpm_h_t_u@myserver.com>, size=9106, class=0, nrcpts=20, 
> msgid=<200503031904.j23J4ad8024769@myserver.com>, proto=SMTP, daemon=MTA, 
> relay=[201.10.169.96]
> -------------------------------------------------
> 
> What I do to verify senders in my host?
milter-sender does not verify local recipients or senders on the host. I 
tried to do this once to support another feature, but it just wasn't 
possible to do properly.

Essentially, when milter-sender sees email destined for a local 
recipient, it leaves sendmail to delivery the message or return user 
unknown.

In the case of the sender causing a callback to ourselves, I choose not 
to do this. Here's the comment from the source code:

	/* BY-PASS: Skip checking sender when the MX points to this
	 * host. There is no point in doing an expensive check of
	 * the sender, when sendmail has better means to do this.
	 * Even if the sender has falsified their address, better
	 * to pass and let some other tool reject it based on
	 * different critieria.
	 *
	 * This BY-PASS might be removed in the future in favour of
	 * calling ourselves back to validate the address.
	 */

I've included an untested patch that provides an option to disable this 
by-pass.

-- 
Anthony C Howe                                 +33 6 11 89 73 78
http://www.snert.com/       ICQ:
7116561         AIM: Sir Wumpus

"held in my arms / his sun washed face / eyes closed" - Anthony


-- Attached file included as plaintext by Ecartis --
-- File: mxCallBackThisHost.patch

--- milter-sender.c.orig	2005-02-14 09:02:50.859375000 +0100
+++ milter-sender.c	2005-03-04 13:02:43.234375000 +0100
@@ -297,6 +297,7 @@
 static NumericOption mxCallBackIpBlocked	= { 1,
"MxCallBackIpBlocked",		0,	"if our IP appears in an callback error
response, assume accepts any email" };
 static NumericOption mxCallBackConnect 		= { 1,
"MxCallBackConnect",		1,	"enable the callback SMTP connection" };
 static NumericOption mxCallBackMaxAttempts 	= { 0,
"MxCallBackMaxAttempts",		3,	"maximum number of MX hosts to attempt
callback with, 0 = disable callback" };
+static NumericOption mxCallBackThisHost		= { 1,
"mxCallBackThisHost",		0,	"when true, call ourselves back to validate
sender; default false" };
 static NumericOption mxCallAheadOn	 	= { 1, "MxCallAhead",			0,	"an MX
gateway can call the next hop to verify the recipient" };
 static NumericOption mxRejectBenchmark 		= { 1,
"MxRejectBenchmark",		1,	"reject MX with RFC 3330 benchmark network
198.18.0.0/15" };
 static NumericOption mxRejectLinkLocal 		= { 1,
"MxRejectLinkLocal",		1,	"reject MX with RFC 3330 link local addresses
169.254.0.0/16" };
@@ -365,6 +366,7 @@
 	&mxCallBackConnect,
 	&mxCallBackIpBlocked,
 	&mxCallBackMaxAttempts, 
+	&mxCallBackThisHost,
 	&mxRejectBenchmark,
 	&mxRejectLinkLocal,
 	&mxRejectLoopback,
@@ -1643,10 +1645,8 @@
 	Dns dns;
 	sfsistat rc;
 	DnsRecord mx;
-	char *if_addr;
 	CacheEntry entry;
 	const char *error;
-	struct in_addr if_addr_ip;
 	int i, rcode, mxLimit, mxError, status;
 
 	/* Assume the sender will pass the tests. Note that any "goto ok"
@@ -1732,37 +1732,42 @@
 		goto error2;
 	}
 
-	/* BY-PASS: Skip checking sender when the MX points to this
-	 * host. There is no point in doing an expensive check of
-	 * the sender, when sendmail has better means to do this.
-	 * Even if the sender has falsified their address, better
-	 * to pass and let some other tool reject it based on
-	 * different critieria.
-	 *
-	 * This BY-PASS might be removed in the future in favour of
-	 * calling ourselves back to validate the address. 
-	 */
+	if (!mxCallBackThisHost.value) {
+		char *if_addr;
+		struct in_addr if_addr_ip;
+		
+		/* BY-PASS: Skip checking sender when the MX points to this
+		 * host. There is no point in doing an expensive check of
+		 * the sender, when sendmail has better means to do this.
+		 * Even if the sender has falsified their address, better
+		 * to pass and let some other tool reject it based on
+		 * different critieria.
+		 *
+		 * This BY-PASS might be removed in the future in favour of
+		 * calling ourselves back to validate the address. 
+		 */
 
-	if ((if_addr = smfi_getsymval(data->work.ctx, macro_if_addr)) == NULL)
-		if_addr = "0.0.0.0";
+		if ((if_addr = smfi_getsymval(data->work.ctx, macro_if_addr)) == NULL)
+			if_addr = "0.0.0.0";
 
-	/* Using inet_ntoa() fills a static buffer, which is NOT  a
-	 * good thing in a threaded application like this. Instead
-	 * convert from a string to a binary form and compare those,
-	 * which avoids the need for a mutex.
-	 */
-	if (SocketAddressToIP(if_addr, &if_addr_ip)) {
-		(void) setReply(data, 550, "5.0.0", "internal error converting
{if_addr}=\"%s\"", if_addr);
-		rc = SMFIS_ACCEPT;
-		goto error2;
-	}
+		/* Using inet_ntoa() fills a static buffer, which is NOT  a
+		 * good thing in a threaded application like this. Instead
+		 * convert from a string to a binary form and compare those,
+		 * which avoids the need for a mutex.
+		 */
+		if (SocketAddressToIP(if_addr, &if_addr_ip)) {
+			(void) setReply(data, 550, "5.0.0", "internal error converting
{if_addr}=\"%s\"", if_addr);
+			rc = SMFIS_ACCEPT;
+			goto error2;
+		}
 
-	if (memcmp(&if_addr_ip, &mx->ip, sizeof if_addr_ip) == 0) {
-		if (smfLogDetail & SMF_LOG_INFO)
-			syslog(LOG_INFO, TAG_FORMAT "MX for <%s> is this host, skipping",
TAG_ARGS, data->work.mail->address.string);
-		goto ok;
+		if (memcmp(&if_addr_ip, &mx->ip, sizeof if_addr_ip) == 0) {
+			if (smfLogDetail & SMF_LOG_INFO)
+				syslog(LOG_INFO, TAG_FORMAT "MX for <%s> is this host, skipping",
TAG_ARGS, data->work.mail->address.string);
+			goto ok;
+		}
 	}
-
+	
 	/* TEST for internal error conditons that shouldn't occur. */	
 	if (data->mxlist == NULL) {
 		syslog(LOG_ERR, TAG_FORMAT "internal error: empty MX list", TAG_ARGS);



Lists Index Date Thread Search