--
hy,
here I send a little patch I have wrote for exim3 to expand the RBL
functions a little bit.
I has need this patch cause I want allow my users that they will be
allowed to relay if they make SMTP-AUTH and the sending host is listed
on an RBL.
To use this, add this patch and change your config file like these:
rbl_domains = dynablock.easynet.nl/skipauth
With skipauth you can now allow auth. Users to relay if there host is
listed on an RBL.
I have tested it on my host with exim3 and I have seen no problems. But
I'm not an programmer so test it before you use it. I can give no
warranty that here are some bugs.
I hope I can help so a lot of exim3 users.
ruben
--
Ruben Puettmann
ruben@???
http://www.puettmann.net
--
--- smtp_in.c 2003-06-14 15:53:19.000000000 +0200
+++ smtp_in.c-neu 2003-06-14 17:39:23.000000000 +0200
@@ -53,10 +53,13 @@
static BOOL host_allow_relay_anywhere_set;
#ifdef HAVE_AUTH
static BOOL host_must_authenticate;
static BOOL host_must_use_tls_to_authenticate;
static auth_instance *authenticated_by;
+/* start ruben */
+static BOOL rbl_skip_auth = FALSE;
+/* end ruben*/
#endif
#ifdef SUPPORT_TLS
static BOOL host_must_use_tls;
#endif
static BOOL sender_allow_relay_anywhere;
@@ -68,10 +71,11 @@
static BOOL esmtp;
static BOOL host_refuse_all_rcpts;
static BOOL sender_refuse_all_rcpts;
+
static char *relay_msg1;
static char *relay_msg2;
static int relay_errcode;
static int unknown_command_count;
@@ -1468,15 +1472,27 @@
host_accept_relay and /skiprelay is set. */
while (s != NULL)
{
*s++ = 0;
- if (strcmp(s, "warn") == 0) accept = reject = FALSE;
+ /* start ruben */
+ #ifdef HAVE_AUTH
+ if (strcmp(s, "warn") == 0) rbl_skip_auth = accept = reject = FALSE;
+ else if (strcmp(s, "reject") == 0) { rbl_skip_auth = FALSE; reject = TRUE; accept = FALSE; }
+ else if (strcmp(s, "accept") == 0) { rbl_skip_auth = FALSE; accept = TRUE; reject = FALSE; }
+ else if (strcmp(s, "skipauth") == 0) { rbl_skip_auth = TRUE; reject = TRUE; accept = FALSE; }
+ #else
+ if (strcmp(s, "warn") == 0) accept = reject = FALSE;
else if (strcmp(s, "reject") == 0) { reject = TRUE; accept = FALSE; }
else if (strcmp(s, "accept") == 0) { accept = TRUE; reject = FALSE; }
- else if (strcmp(s, "skiprelay") == 0)
- {
+ #endif
+ /*end ruben */
+ else if (strcmp(s, "skiprelay") == 0)
+ {
+ #ifdef HAVE_AUTH
+ rbl_skip_auth = FALSE;
+ #endif
if (! host_allow_relay_anywhere_set) check_host_for_relay();
if (host_allow_relay_anywhere)
{
HDEBUG(9) debug_printf("RBL check skipped because host is in "
"host_accept_relay\n");
@@ -1521,24 +1537,43 @@
if (accept)
{
log_write(1, LOG_MAIN|LOG_REJECT, "recipients accepted from %s "
"(RBL %s/accept)", host_and_ident("", NULL), domain);
+ /* start ruben */
+ rbl_msg_buffer = NULL; /* In case rejected by another criterion */
+ /* end ruben */
listptr = NULL; /* To break the loop */
}
+ /* start ruben */
+ #ifdef HAVE_AUTH
+ /* Handle skipauth */
+
+ else if (rbl_skip_auth)
+ {
+ log_write(1, LOG_MAIN|LOG_REJECT, "recipients will refused from %s "
+ "(RBL %s) if not authenticated", host_and_ident("", NULL), domain);
+ rbl_domain = string_copy(domain);
+ listptr = NULL; /* To break the loop */
+ }
+ #endif
+ /* end ruben */
+
/* Handle rejection */
else if (reject)
{
log_write(1, LOG_MAIN|LOG_REJECT, "recipients refused from %s "
"(RBL %s)", host_and_ident("", NULL), domain);
- host_refuse_all_rcpts = TRUE;
+ /* start ruben */
+ /* host_refuse_all_rcpts = TRUE; */
+ /* end_ruben */
rbl_domain = string_copy(domain);
listptr = NULL; /* To break the loop */
}
-
+
/* Otherwise it is a warning */
else
{
log_write(1, LOG_MAIN|LOG_REJECT, "%s in RBL list at %s "
@@ -2765,11 +2800,24 @@
smtp_printf("550 cannot route to sender address <%s>\r\n",
sender_address);
break;
}
- if (host_refuse_all_rcpts || sender_refuse_all_rcpts)
+/* start ruben */
+#ifdef HAVE_AUTH
+ if (rbl_skip_auth == TRUE && sender_host_authenticated != NULL)
+ {
+ rbl_msg_buffer = NULL;
+ log_write(1, LOG_MAIN|LOG_REJECT, "%s has authenticated and is so allowed to "
+ "relay", host_and_ident("", NULL));
+ }
+
+#endif
+/* end ruben */
+
+
+ if (host_refuse_all_rcpts || sender_refuse_all_rcpts /* start ruben */||rbl_msg_buffer != NULL /* end ruben */)
{
BOOL reject = TRUE;
char *which = "";
sep1 = sep2 = 0;
@@ -2804,10 +2852,13 @@
use in the tailored message. Don't give the host lookup message for
RBL failures - it just confuses people. Say "blacklisted" instead. */
if (rbl_msg_buffer != NULL)
{
+ /* start ruben */
+ host_refuse_all_rcpts = TRUE;
+ /* end ruben */
extra = " (host is blacklisted)";
if (prohibition_message == NULL)
smtp_printf("550-%s\r\n", rbl_msg_buffer);
else
smtp_send_prohibition_message(550, "rbl_reject");
--
