diff options
| author | Dirk Meyer <dinoex@FreeBSD.org> | 2019-03-24 20:35:45 +0000 |
|---|---|---|
| committer | Dirk Meyer <dinoex@FreeBSD.org> | 2019-03-24 20:35:45 +0000 |
| commit | 42af77c38adffa05d8bf7297196203c1d03fadda (patch) | |
| tree | 357b08539424d45da57e24db3a98974a9d0e9c6d /mail/sendmail/files | |
| parent | - cleanup patch (diff) | |
- additional blacklisting for frequent useless connections
PR: 236605
Submitted by: Helge Oldach
Diffstat (limited to 'mail/sendmail/files')
| -rw-r--r-- | mail/sendmail/files/patch-srvrsmtp.c | 57 |
1 files changed, 53 insertions, 4 deletions
diff --git a/mail/sendmail/files/patch-srvrsmtp.c b/mail/sendmail/files/patch-srvrsmtp.c index 961aba88eea2..bf17a35e1e3b 100644 --- a/mail/sendmail/files/patch-srvrsmtp.c +++ b/mail/sendmail/files/patch-srvrsmtp.c @@ -1,6 +1,16 @@ --- sendmail/srvrsmtp.c.orig 2015-03-18 11:47:12 UTC +++ sendmail/srvrsmtp.c -@@ -1328,6 +1328,7 @@ smtp(nullserver, d_flags, e) +@@ -831,6 +831,9 @@ smtp(nullserver, d_flags, e) + #if _FFR_BADRCPT_SHUTDOWN + int n_badrcpts_adj; + #endif /* _FFR_BADRCPT_SHUTDOWN */ ++#ifdef USE_BLACKLIST ++ int saved_bl_fd; ++#endif + + SevenBitInput_Saved = SevenBitInput; + smtp.sm_nrcpts = 0; +@@ -1328,6 +1331,7 @@ smtp(nullserver, d_flags, e) (int) tp.tv_sec + (tp.tv_usec >= 500000 ? 1 : 0) ); @@ -8,7 +18,18 @@ } } } -@@ -1721,8 +1722,11 @@ smtp(nullserver, d_flags, e) +@@ -1421,6 +1425,10 @@ smtp(nullserver, d_flags, e) + SmtpPhase = "server cmd read"; + sm_setproctitle(true, e, "server %s cmd read", CurSmtpClient); + ++#ifdef USE_BLACKLIST ++ saved_bl_fd = dup(sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL)); ++#endif ++ + /* handle errors */ + if (sm_io_error(OutChannel) || + (p = sfgets(inp, sizeof(inp), InChannel, +@@ -1721,8 +1729,11 @@ smtp(nullserver, d_flags, e) } else { @@ -20,7 +41,7 @@ if (LogLevel > 9) sm_syslog(LOG_WARNING, e->e_id, "AUTH failure (%s): %s (%d) %s, relay=%.100s", -@@ -1867,6 +1871,9 @@ smtp(nullserver, d_flags, e) +@@ -1867,6 +1878,9 @@ smtp(nullserver, d_flags, e) DELAY_CONN("AUTH"); if (!sasl_ok || n_mechs <= 0) { @@ -30,7 +51,25 @@ message("503 5.3.3 AUTH not available"); break; } -@@ -3523,7 +3530,10 @@ doquit: +@@ -3462,10 +3476,17 @@ doquit: + ** timeouts for the same connection. + */ + ++#ifdef USE_BLACKLIST ++ /* no immediate BLACKLIST_ABUSIVE_BEHAVIOR */ ++ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, saved_bl_fd, "no command issued"); ++#endif + sm_syslog(LOG_INFO, e->e_id, + "%s did not issue MAIL/EXPN/VRFY/ETRN during connection to %s", + CurSmtpClient, d); + } ++#ifdef USE_BLACKLIST ++ close(saved_bl_fd); ++#endif + if (tTd(93, 100)) + { + /* return to handle next connection */ +@@ -3523,7 +3544,10 @@ doquit: #if MAXBADCOMMANDS > 0 if (++n_badcmds > MAXBADCOMMANDS) { @@ -41,3 +80,13 @@ message("421 4.7.0 %s Too many bad commands; closing connection", MyHostName); +@@ -3575,6 +3599,9 @@ doquit: + #if SASL + } + #endif /* SASL */ ++#ifdef USE_BLACKLIST ++ close(saved_bl_fd); ++#endif + } + SM_EXCEPT(exc, "[!F]*") + { |