op public repos

Blob

Date:: Sat Oct 29 16:26:44 2005 UTC
Message:: Thanks to John Cummings.
Actions:: History | Blame | Raw File
1 #include "common.h"
2 #include "smtpd.h"
3 #include <ip.h>
4 
5 enum {
6 	NORELAY = 0,
7 	DNSVERIFY,
8 	SAVEBLOCK,
9 	DOMNAME,
10 	OURNETS,
11 	OURDOMS,
12 
13 	IP = 0,
14 	STRING,
15 };
16 
17 
18 typedef struct Keyword Keyword;
19 
20 struct Keyword {
21 	char	*name;
22 	int	code;
23 };
24 
25 static Keyword options[] = {
26 	"norelay",		NORELAY,
27 	"verifysenderdom",	DNSVERIFY,
28 	"saveblockedmsg",	SAVEBLOCK,
29 	"defaultdomain",	DOMNAME,	
30 	"ournets",		OURNETS,
31 	"ourdomains",		OURDOMS,
32 	0,			NONE,
33 };
34 
35 static Keyword actions[] = {
36 	"allow",		ACCEPT,
37 	"block",		BLOCKED,
38 	"deny",			DENIED,
39 	"dial",			DIALUP,
40 	"delay",		DELAY,
41 	0,			NONE,
42 };
43 
44 static	int	hisaction;
45 static	List	ourdoms;
46 static	List 	badguys;
47 static	ulong	v4peerip;
48 
49 static	char*	getline(Biobuf*);
50 static	int	cidrcheck(char*);
51 
52 static int
53 findkey(char *val, Keyword *p)
54 {
55 
56 	for(; p->name; p++)
57 		if(strcmp(val, p->name) == 0)
58 				break;
59 	return p->code;
60 }
61 
62 char*
63 actstr(int a)
64 {
65 	char buf[32];
66 	Keyword *p;
67 
68 	for(p=actions; p->name; p++)
69 		if(p->code == a)
70 			return p->name;
71 	if(a==NONE)
72 		return "none";
73 	sprint(buf, "%d", a);
74 	return buf;
75 }
76 
77 int
78 getaction(char *s, char *type)
79 {
80 	char buf[1024];
81 	Keyword *k;
82 
83 	if(s == nil || *s == 0)
84 		return ACCEPT;
85 
86 	for(k = actions; k->name != 0; k++){
87 		snprint(buf, sizeof buf, "/mail/ratify/%s/%s/%s", k->name, type, s);
88 		if(access(buf,0) >= 0)
89 			return k->code;
90 	}
91 	return ACCEPT;
92 }
93 
94 int
95 istrusted(char *s)
96 {
97 	char buf[1024];
98 
99 	if(s == nil || *s == 0)
100 		return 0;
101 
102 	snprint(buf, sizeof buf, "/mail/ratify/trusted/%s", s);
103 	return access(buf,0) >= 0;
104 }
105 
106 void
107 getconf(void)
108 {
109 	Biobuf *bp;
110 	char *cp, *p;
111 	String *s;
112 	char buf[512];
113 	uchar addr[4];
114 
115 	v4parseip(addr, nci->rsys);
116 	v4peerip = nhgetl(addr);
117 
118 	trusted = istrusted(nci->rsys);
119 	hisaction = getaction(nci->rsys, "ip");
120 	if(debug){
121 		fprint(2, "istrusted(%s)=%d\n", nci->rsys, trusted);
122 		fprint(2, "getaction(%s, ip)=%s\n", nci->rsys, actstr(hisaction));
123 	}
124 	snprint(buf, sizeof(buf), "%s/smtpd.conf", UPASLIB);
125 	bp = sysopen(buf, "r", 0);
126 	if(bp == 0)
127 		return;
128 
129 	for(;;){
130 		cp = getline(bp);
131 		if(cp == 0)
132 			break;
133 		p = cp+strlen(cp)+1;
134 		switch(findkey(cp, options)){
135 		case NORELAY:
136 			if(fflag == 0 && strcmp(p, "on") == 0)
137 				fflag++;
138 			break;
139 		case DNSVERIFY:
140 			if(rflag == 0 && strcmp(p, "on") == 0)
141 				rflag++;
142 			break;
143 		case SAVEBLOCK:
144 			if(sflag == 0 && strcmp(p, "on") == 0)
145 				sflag++;
146 			break;
147 		case DOMNAME:
148 			if(dom == 0)
149 				dom = strdup(p);
150 			break;
151 		case OURNETS:
152 			if (trusted == 0)
153 				trusted = cidrcheck(p);
154 			break;
155 		case OURDOMS:
156 			while(*p){
157 				s = s_new();
158 				s_append(s, p);
159 				listadd(&ourdoms, s);
160 				p += strlen(p)+1;
161 			}
162 			break;
163 		default:
164 			break;
165 		}
166 	}
167 	sysclose(bp);
168 }
169 
170 /*
171  *	match a user name.  the only meta-char is '*' which matches all
172  *	characters.  we only allow it as "*", which matches anything or
173  *	an * at the end of the name (e.g., "username*") which matches
174  *	trailing characters.
175  */
176 static int
177 usermatch(char *pathuser, char *specuser)
178 {
179 	int n;
180 
181 	n = strlen(specuser)-1;
182 	if(specuser[n] == '*'){
183 		if(n == 0)		/* match everything */
184 			return 0;
185 		return strncmp(pathuser, specuser, n);
186 	}
187 	return strcmp(pathuser, specuser);
188 }
189 
190 static int
191 dommatch(char *pathdom, char *specdom)
192 {
193 	int n;
194 
195 	if (*specdom == '*'){
196 		if (specdom[1] == '.' && specdom[2]){
197 			specdom += 2;
198 			n = strlen(pathdom)-strlen(specdom);
199 			if(n == 0 || (n > 0 && pathdom[n-1] == '.'))
200 				return strcmp(pathdom+n, specdom);
201 			return n;
202 		}
203 	}
204 	return strcmp(pathdom, specdom);
205 }
206 
207 /*
208  *  figure out action for this sender
209  */
210 int
211 blocked(String *path)
212 {
213 	String *lpath;
214 	int action;
215 
216 	if(debug)
217 		fprint(2, "blocked(%s)\n", s_to_c(path));
218 
219 	/* if the sender's IP address is blessed, ignore sender email address */
220 	if(trusted){
221 		if(debug)
222 			fprint(2, "\ttrusted => trusted\n");
223 		return TRUSTED;
224 	}
225 
226 	/* if sender's IP address is blocked, ignore sender email address */
227 	if(hisaction != ACCEPT){
228 		if(debug)
229 			fprint(2, "\thisaction=%s => %s\n", actstr(hisaction), actstr(hisaction));
230 		return hisaction;
231 	}
232 
233 	/* convert to lower case */
234 	lpath = s_copy(s_to_c(path));
235 	s_tolower(lpath);
236 
237 	/* classify */
238 	action = getaction(s_to_c(lpath), "account");
239 	if(debug)
240 		fprint(2, "\tgetaction account %s => %s\n", s_to_c(lpath), actstr(action));
241 	s_free(lpath);
242 	return action;
243 }
244 
245 /*
246  * get a canonicalized line: a string of null-terminated lower-case
247  * tokens with a two null bytes at the end.
248  */
249 static char*
250 getline(Biobuf *bp)
251 {
252 	char c, *cp, *p, *q;
253 	int n;
254 
255 	static char *buf;
256 	static int bufsize;
257 
258 	for(;;){
259 		cp = Brdline(bp, '\n');
260 		if(cp == 0)
261 			return 0;
262 		n = Blinelen(bp);
263 		cp[n-1] = 0;
264 		if(buf == 0 || bufsize < n+1){
265 			bufsize += 512;
266 			if(bufsize < n+1)
267 				bufsize = n+1;
268 			buf = realloc(buf, bufsize);
269 			if(buf == 0)
270 				break;
271 		}
272 		q = buf;
273 		for (p = cp; *p; p++){
274 			c = *p;
275 			if(c == '\\' && p[1])	/* we don't allow \<newline> */
276 				c = *++p;
277 			else
278 			if(c == '#')
279 				break;
280 			else
281 			if(c == ' ' || c == '\t' || c == ',')
282 				if(q == buf || q[-1] == 0)
283 					continue;
284 				else
285 					c = 0;
286 			*q++ = tolower(c);
287 		}
288 		if(q != buf){
289 			if(q[-1])
290 				*q++ = 0;
291 			*q = 0;
292 			break;
293 		}
294 	}
295 	return buf;
296 }
297 
298 static int
299 isourdom(char *s)
300 {
301 	Link *l;
302 
303 	if(strchr(s, '.') == nil)
304 		return 1;
305 
306 	for(l = ourdoms.first; l; l = l->next){
307 		if(dommatch(s, s_to_c(l->p)) == 0)
308 			return 1;
309 	}
310 	return 0;
311 }
312 
313 int
314 forwarding(String *path)
315 {
316 	char *cp, *s;
317 	String *lpath;
318 
319 	if(debug)
320 		fprint(2, "forwarding(%s)\n", s_to_c(path));
321 
322 	/* first check if they want loopback */
323 	lpath = s_copy(s_to_c(s_restart(path)));
324 	if(nci->rsys && *nci->rsys){
325 		cp = s_to_c(lpath);
326 		if(strncmp(cp, "[]!", 3) == 0){
327 found:
328 			s_append(path, "[");
329 			s_append(path, nci->rsys);
330 			s_append(path, "]!");
331 			s_append(path, cp+3);
332 			s_terminate(path);
333 			s_free(lpath);
334 			return 0;
335 		}
336 		cp = strchr(cp,'!');			/* skip our domain and check next */
337 		if(cp++ && strncmp(cp, "[]!", 3) == 0)
338 			goto found;
339 	}
340 
341 	/* if mail is from a trusted IP addr, allow it to forward */
342 	if(trusted) {
343 		s_free(lpath);
344 		return 0;
345 	}
346 
347 	/* sender is untrusted; ensure receiver is in one of our domains */
348 	for(cp = s_to_c(lpath); *cp; cp++)		/* convert receiver lc */
349 		*cp = tolower(*cp);
350 
351 	for(s = s_to_c(lpath); cp = strchr(s, '!'); s = cp+1){
352 		*cp = 0;
353 		if(!isourdom(s)){
354 			s_free(lpath);
355 			return 1;
356 		}
357 	}
358 	s_free(lpath);
359 	return 0;
360 }
361 
362 int
363 masquerade(String *path, char *him)
364 {
365 	char *cp, *s;
366 	String *lpath;
367 	int rv = 0;
368 
369 	if(debug)
370 		fprint(2, "masquerade(%s)\n", s_to_c(path));
371 
372 	if(trusted)
373 		return 0;
374 	if(path == nil)
375 		return 0;
376 
377 	lpath = s_copy(s_to_c(path));
378 
379 	/* sender is untrusted; ensure receiver is in one of our domains */
380 	for(cp = s_to_c(lpath); *cp; cp++)		/* convert receiver lc */
381 		*cp = tolower(*cp);
382 	s = s_to_c(lpath);
383 
384 	/* scan first element of ! or last element of @ paths */
385 	if((cp = strchr(s, '!')) != nil){
386 		*cp = 0;
387 		if(isourdom(s))
388 			rv = 1;
389 	} else if((cp = strrchr(s, '@')) != nil){
390 		if(isourdom(cp+1))
391 			rv = 1;
392 	} else {
393 		if(isourdom(him))
394 			rv = 1;
395 	}
396 
397 	s_free(lpath);
398 	return rv;
399 }
400 
401 /* this is a v4 only check */
402 static int
403 cidrcheck(char *cp)
404 {
405 	char *p;
406 	ulong a, m;
407 	uchar addr[IPv4addrlen];
408 	uchar mask[IPv4addrlen];
409 
410 	if(v4peerip == 0)
411 		return 0;
412 
413 	/* parse a list of CIDR addresses comparing each to the peer IP addr */
414 	while(cp && *cp){
415 		v4parsecidr(addr, mask, cp);
416 		a = nhgetl(addr);
417 		m = nhgetl(mask);
418 		/*
419 		 * if a mask isn't specified, we build a minimal mask
420 		 * instead of using the default mask for that net.  in this
421 		 * case we never allow a class A mask (0xff000000).
422 		 */
423 		if(strchr(cp, '/') == 0){
424 			m = 0xff000000;
425 			p = cp;
426 			for(p = strchr(p, '.'); p && p[1]; p = strchr(p+1, '.'))
427 					m = (m>>8)|0xff000000;
428 
429 			/* force at least a class B */
430 			m |= 0xffff0000;
431 		}
432 		if((v4peerip&m) == a)
433 			return 1;
434 		cp += strlen(cp)+1;
435 	}		
436 	return 0;
437 }
438 
439 int
440 isbadguy(void)
441 {
442 	Link *l;
443 
444 	/* check if this IP address is banned */
445 	for(l = badguys.first; l; l = l->next)
446 		if(cidrcheck(s_to_c(l->p)))
447 			return 1;
448 
449 	return 0;
450 }
451 
452 void
453 addbadguy(char *p)
454 {
455 	listadd(&badguys, s_copy(p));
456 };
457 
458 char*
459 dumpfile(char *sender)
460 {
461 	int i, fd;
462 	ulong h;
463 	static char buf[512];
464 	char *cp;
465 
466 	if (sflag == 1){
467 		cp = ctime(time(0));
468 		cp[7] = 0;
469 		if(cp[8] == ' ')
470 			sprint(buf, "%s/queue.dump/%s%c", SPOOL, cp+4, cp[9]);
471 		else
472 			sprint(buf, "%s/queue.dump/%s%c%c", SPOOL, cp+4, cp[8], cp[9]);
473 		cp = buf+strlen(buf);
474 		if(access(buf, 0) < 0 && sysmkdir(buf, 0777) < 0)
475 			return "/dev/null";
476 		h = 0;
477 		while(*sender)
478 			h = h*257 + *sender++;
479 		for(i = 0; i < 50; i++){
480 			h += lrand();
481 			sprint(cp, "/%lud", h);
482 			if(access(buf, 0) >= 0)
483 				continue;
484 			fd = syscreate(buf, ORDWR, 0666);
485 			if(fd >= 0){
486 				if(debug)
487 					fprint(2, "saving in %s\n", buf);
488 				close(fd);
489 				return buf;
490 			}
491 		}
492 	}
493 	return "/dev/null";
494 }
495 
496 char *validator = "/mail/lib/validateaddress";
497 
498 int
499 recipok(char *user)
500 {
501 	char *cp, *p, c;
502 	char buf[512];
503 	int n;
504 	Biobuf *bp;
505 	int pid;
506 	Waitmsg *w;
507 
508 	if(shellchars(user)){
509 		syslog(0, "smtpd", "shellchars in user name");
510 		return 0;
511 	}
512 
513 	if(access(validator, AEXEC) == 0)
514 	switch(pid = fork()) {
515 	case -1:
516 		break;
517 	case 0:
518 		execl(validator, "validateaddress", user, nil);
519 		exits(0);
520 	default:
521 		while(w = wait()) {
522 			if(w->pid != pid)
523 				continue;
524 			if(w->msg[0] != 0){
525 				/*
526 				syslog(0, "smtpd", "validateaddress %s: %s", user, w->msg);
527 				*/
528 				return 0;
529 			}
530 			break;
531 		}
532 	}
533 
534 	snprint(buf, sizeof(buf), "%s/names.blocked", UPASLIB);
535 	bp = sysopen(buf, "r", 0);
536 	if(bp == 0)
537 		return 1;
538 	for(;;){
539 		cp = Brdline(bp, '\n');
540 		if(cp == 0)
541 			break;
542 		n = Blinelen(bp);
543 		cp[n-1] = 0;
544 
545 		while(*cp == ' ' || *cp == '\t')
546 			cp++;
547 		for(p = cp; c = *p; p++){
548 			if(c == '#')
549 				break;
550 			if(c == ' ' || c == '\t')
551 				break;
552 		}
553 		if(p > cp){
554 			*p = 0;
555 			if(cistrcmp(user, cp) == 0){
556 				syslog(0, "smtpd", "names.blocked blocks %s", user);
557 				Bterm(bp);
558 				return 0;
559 			}
560 		}
561 	}
562 	Bterm(bp);
563 	return 1;
564 }
565 
566 /*
567  *  a user can opt out of spam filtering by creating
568  *  a file in his mail directory named 'nospamfiltering'.
569  */
570 int
571 optoutofspamfilter(char *addr)
572 {
573 	char *p, *f;
574 	int rv;
575 
576 	p = strchr(addr, '!');
577 	if(p)
578 		p++;
579 	else
580 		p = addr;
581 
582 
583 	rv = 0;
584 	f = smprint("/mail/box/%s/nospamfiltering", p);
585 	if(f != nil){
586 		rv = access(f, 0)==0;
587 		free(f);
588 	}
589 
590 	return rv;
591 }