Permalink
Browse files

dnsbl: added log messages, prefixes, additional args

instead of a positional arguments, used named arguments (backwards compatible)
added a couple log message prefixes
removed some trailing whitespace
updated POD
  • Loading branch information...
1 parent 5e7568f commit 1c7d26ecca32d86b7cd6e29d15fbacae0c7016cd @msimerson msimerson committed with rspier May 15, 2012
Showing with 33 additions and 20 deletions.
  1. +33 −20 plugins/dnsbl
View
@@ -12,13 +12,17 @@ a configurable set of RBL services.
=cut
sub register {
- my ($self, $qp, $denial ) = @_;
- if ( defined $denial && $denial =~ /^disconnect$/i ) {
- $self->{_dnsbl}->{DENY} = DENY_DISCONNECT;
- }
- else {
- $self->{_dnsbl}->{DENY} = DENY;
- }
+ my ($self, $qp) = shift, shift;
+
+ if ( @_ % 2 ) {
+ $self->{_args}{reject_type} = shift; # backwards compatibility
+ }
+ else {
+ $self->{_args} = { @_ };
+ };
+
+ my $rej = $self->{_args}{reject_type};
+ $self->{_dnsbl}{DENY} = (defined $rej && $rej =~ /^disconnect$/i) ? DENY_DISCONNECT : DENY;
}
sub hook_connect {
@@ -197,17 +201,20 @@ sub hook_rcpt {
my ($self, $transaction, $rcpt, %param) = @_;
# RBLSMTPD being non-empty means it contains the failure message to return
- if (defined ($ENV{'RBLSMTPD'}) && $ENV{'RBLSMTPD'} ne '') {
+ if (defined $ENV{'RBLSMTPD'} && $ENV{'RBLSMTPD'} ne '') {
my $result = $ENV{'RBLSMTPD'};
my $remote_ip = $self->qp->connection->remote_ip;
$result =~ s/%IP%/$remote_ip/g;
my $msg = $self->qp->config('dnsbl_rejectmsg');
- $self->log(LOGINFO, $msg);
+ $self->log(LOGINFO, "fail: $msg");
return ($self->{_dnsbl}->{DENY}, join(' ', $msg, $result));
}
my $note = $self->process_sockets or return DECLINED;
- return DECLINED if $self->ip_whitelisted();
+ if ( $self->ip_whitelisted() ) {
+ $self->log(LOGINFO, "skip: whitelisted");
+ return DECLINED;
+ };
if ( $rcpt->user =~ /^(?:postmaster|abuse|mailer-daemon|root)$/i ) {
$self->log(LOGWARN, "skip: don't blacklist special account: ".$rcpt->user);
@@ -226,26 +233,32 @@ sub hook_disconnect {
return DECLINED;
}
-=head1 Usage
+=head1 USAGE
Add the following line to the config/plugins file:
- dnsbl [disconnect]
+ dnsbl [ reject_type disconnect ] [loglevel -1]
-If you want to immediately drop the connection (since some blacklisted
-servers attempt multiple sends per session), add the optional keyword
-"disconnect" (case insensitive) to the config line. In most cases, an
+=head2 reject_type
+
+To immediately drop the connection (since some blacklisted servers attempt
+multiple sends per session), set the optional argument I<reject_type> to
+"disconnect" on the config/plugin entry. In most cases, an
IP address that is listed should not be given the opportunity to begin
a new transaction, since even the most volatile blacklists will return
the same answer for a short period of time (the minimum DNS cache period).
-=head1 Configuration files
+=head2 loglevel
+
+Adjust the quantity of logging for this plugin. See docs/logging.pl
-This plugin uses the following configuration files. All of these are optional.
-However, not specifying dnsbl_zones is like not using the plugin at all.
+=head1 CONFIG FILES
=over 4
+This plugin uses the following configuration files. All are optional. Not
+specifying dnsbl_zones is like not using the plugin at all.
+
=item dnsbl_zones
Normal ip based dns blocking lists ("RBLs") which contain TXT records are
@@ -277,7 +290,7 @@ For example:
192.168.1.1
172.16.33.
-NB the environment variable RBLSMTPD is considered before this file is
+NB the environment variable RBLSMTPD is considered before this file is
referenced. See below.
=item dnsbl_rejectmsg
@@ -299,7 +312,7 @@ For example:
=head2 RBLSMTPD
The environment variable RBLSMTPD is supported and mimics the behaviour of
-Dan Bernstein's rblsmtpd. The exception to this is the '-' char at the
+Dan Bernstein's rblsmtpd. The exception to this is the '-' char at the
start of RBLSMTPD which is used to force a hard error in Dan's rblsmtpd.
NB I don't really see the benefit
of using a soft error for a site in an RBL list. This just complicates

0 comments on commit 1c7d26e

Please sign in to comment.