[Exim] Exim3 Patch allow auth. user to relay if sending host…

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Ruben Puettmann
Fecha:  
A: exim-users
Asunto: [Exim] Exim3 Patch allow auth. user to relay if sending host is listed on RBL
--


    hy,


here I send a little patch I have wrote for exim3 to expand the RBL
functions a little bit.

I has need this patch cause I want allow my users that they will be
allowed to relay if they make SMTP-AUTH and the sending host is listed
on an RBL.

To use this, add this patch and change your config file like these:

rbl_domains = dynablock.easynet.nl/skipauth

With skipauth you can now allow auth. Users to relay if there host is
listed on an RBL.

I have tested it on my host with exim3 and I have seen no problems. But
I'm not an programmer so test it before you use it. I can give no
warranty that here are some bugs.

I hope I can help so a lot of exim3 users.


            ruben


--
Ruben Puettmann
ruben@???
http://www.puettmann.net
--
--- smtp_in.c    2003-06-14 15:53:19.000000000 +0200
+++ smtp_in.c-neu    2003-06-14 17:39:23.000000000 +0200
@@ -53,10 +53,13 @@
 static BOOL host_allow_relay_anywhere_set;
 #ifdef HAVE_AUTH
 static BOOL host_must_authenticate;
 static BOOL host_must_use_tls_to_authenticate;
 static auth_instance *authenticated_by;
+/* start ruben */
+static BOOL rbl_skip_auth = FALSE;
+/* end ruben*/
 #endif
 #ifdef SUPPORT_TLS
 static BOOL host_must_use_tls;
 #endif
 static BOOL sender_allow_relay_anywhere;
@@ -68,10 +71,11 @@
 static BOOL esmtp;


static BOOL host_refuse_all_rcpts;
static BOOL sender_refuse_all_rcpts;

+
static char *relay_msg1;
static char *relay_msg2;
static int relay_errcode;
static int unknown_command_count;

@@ -1468,15 +1472,27 @@
       host_accept_relay and /skiprelay is set. */


       while (s != NULL)
         {
         *s++ = 0;
-        if (strcmp(s, "warn") == 0) accept = reject = FALSE;
+        /* start ruben */
+        #ifdef HAVE_AUTH
+        if (strcmp(s, "warn") == 0) rbl_skip_auth = accept = reject = FALSE;
+        else if (strcmp(s, "reject") == 0) { rbl_skip_auth = FALSE; reject = TRUE; accept = FALSE; }
+        else if (strcmp(s, "accept") == 0) { rbl_skip_auth = FALSE; accept = TRUE; reject = FALSE; }
+        else if (strcmp(s, "skipauth") == 0) { rbl_skip_auth = TRUE; reject = TRUE; accept = FALSE; }
+        #else
+        if (strcmp(s, "warn") == 0) accept = reject = FALSE;
         else if (strcmp(s, "reject") == 0) { reject = TRUE; accept = FALSE; }
         else if (strcmp(s, "accept") == 0) { accept = TRUE; reject = FALSE; }
-        else if (strcmp(s, "skiprelay") == 0)
-          {
+        #endif
+        /*end ruben */
+        else if (strcmp(s, "skiprelay") == 0)
+          {
+          #ifdef HAVE_AUTH
+          rbl_skip_auth = FALSE;
+          #endif
           if (! host_allow_relay_anywhere_set) check_host_for_relay();
           if (host_allow_relay_anywhere)
             {
             HDEBUG(9) debug_printf("RBL check skipped because host is in "
               "host_accept_relay\n");
@@ -1521,24 +1537,43 @@


         if (accept)
           {
           log_write(1, LOG_MAIN|LOG_REJECT, "recipients accepted from %s "
             "(RBL %s/accept)", host_and_ident("", NULL), domain);
+          /* start ruben */
+          rbl_msg_buffer = NULL;   /* In case rejected by another criterion */
+          /* end ruben */
           listptr = NULL;        /* To break the loop */
           }


+        /* start ruben */
+        #ifdef HAVE_AUTH
+        /* Handle skipauth */
+
+        else if (rbl_skip_auth)
+          {
+          log_write(1, LOG_MAIN|LOG_REJECT, "recipients will refused from %s "
+          "(RBL %s) if not authenticated", host_and_ident("", NULL), domain);
+          rbl_domain = string_copy(domain);
+          listptr = NULL;        /* To break the loop */
+          }
+        #endif
+         /* end ruben */
+
         /* Handle rejection */


         else if (reject)
           {
           log_write(1, LOG_MAIN|LOG_REJECT, "recipients refused from %s "
             "(RBL %s)", host_and_ident("", NULL), domain);
-          host_refuse_all_rcpts = TRUE;
+          /* start ruben */
+          /* host_refuse_all_rcpts = TRUE; */
+          /* end_ruben */
           rbl_domain = string_copy(domain);
           listptr = NULL;        /* To break the loop */
           }
-
+
         /* Otherwise it is a warning */


         else
           {
           log_write(1, LOG_MAIN|LOG_REJECT, "%s in RBL list at %s "
@@ -2765,11 +2800,24 @@
       smtp_printf("550 cannot route to sender address <%s>\r\n",
         sender_address);
       break;
       }


-    if (host_refuse_all_rcpts || sender_refuse_all_rcpts)
+/* start ruben */
+#ifdef HAVE_AUTH
+    if (rbl_skip_auth == TRUE && sender_host_authenticated != NULL)
+      {
+        rbl_msg_buffer = NULL;
+        log_write(1, LOG_MAIN|LOG_REJECT, "%s has authenticated and is so allowed to "
+        "relay", host_and_ident("", NULL));
+      }
+
+#endif
+/* end ruben */
+
+
+    if (host_refuse_all_rcpts || sender_refuse_all_rcpts /* start ruben */||rbl_msg_buffer != NULL /* end ruben */)
       {
       BOOL reject = TRUE;
       char *which = "";


       sep1 = sep2 = 0;
@@ -2804,10 +2852,13 @@
         use in the tailored message. Don't give the host lookup message for
         RBL failures - it just confuses people. Say "blacklisted" instead. */


         if (rbl_msg_buffer != NULL)
           {
+          /* start ruben */
+          host_refuse_all_rcpts = TRUE;
+          /* end ruben */
           extra = " (host is blacklisted)";
           if (prohibition_message == NULL)
             smtp_printf("550-%s\r\n", rbl_msg_buffer);
           else
             smtp_send_prohibition_message(550, "rbl_reject");
--