|
question: i see these messages in my logs for all users (my script is returning a default spam rule directory for every user) : config_spam_rule_load() took 0.000029 secondsand immediately after, i see: DATA command received, args:but i don't see any of the other spam-rules related log messages....such as: Error loading spam rules for useror User spam checking enabledany idea why? looking at the source shows that logging is done on failure/success (if/else) basis. i have the logging level cranked all the way up. and in case you're wondering, i haven't altered any of the source. this issue occurs using a default install. thanks. Bart wrote: Hi, It's good to hear that you got this problem solved for your use, however this is something that we would rather see implemented in the user checking script. Since the percent sign in usernames does actually have a valid use for relaying email, it would not be favourable to disable this feature in the smtp code in case anybody would like to use it. There should be no problems in modifying the user checking script to reject emails with whichever characters you may find unacceptable. Bart On September 5, 2004 02:06 pm, walnut wrote:hi. i wrote the list a little while ago about the %, @ and ! symbols being used as exploits during relay attempts. a few of the relay tests i've tried were able to get qmail (and the magic-mail server) to accept mail for non-existant users with these exploits. while the mail isn't ever delivered, it does generate a bounce and it also has the potential to get a server listed (as irresponsible as that may seem). the test servers are: http://members.iinet.net.au/~remmie/relay/ http://www.antispam-ufrj.pads.ufrj.br/test-relay.html there are several other relay tests online that test for the same hack. i'm writing the list because i found a patch for qmail that prevents these exploits: http://www.qmail.org/qmail-smtpd-relay-reject and i've copied that patch's logic and diff'd magic-smtpd to do the same. my patch works, however i'm just wondering if i've applied the change in the appropriate place. here's my patch: --- orig/magic-smtpd.c 2004-05-03 14:18:36.000000000 -0700 +++ magic-smtpd.c 2004-09-05 13:54:56.655246432 -0700 @@ -1209,6 +1209,21 @@ if (in_rcpt_hosts) { retval = 0; + int j; + char *buffer; + buffer = LM_STRING_BUFFER(rcptaddr); + j = strlen(buffer); + while(--j >= 0) + if (buffer[j] == '@') break; + if (j < 0) j = strlen(buffer); + while(--j >= 0) { + if (buffer[j] == '@' || buffer[j] == '%' || buffer[j] == '!') { + fprintf(stdout, "553 we don't relay (#5.7.1)\r\n"); + fflush(stdout); + return -1; + } + } + /* Check to see if the rcpt address is a valid user */ if ((!rcpt_bracket_ip_flag) && (config.check_valid_users != 0)) { retval = msd_check_rcpt_user(&addr, &spamdir); thanks for your help, and please let me know if this is useful. --------------------------------------------------------------------- To unsubscribe, e-mail: magicmail-users-unsubscribe@linuxmagic.com For additional commands, e-mail: magicmail-users-help@linuxmagic.com |