From 08d3bf46991edf4752f3871fe441084cb49ccab4 Mon Sep 17 00:00:00 2001 From: Manvendra Bhangui Date: Sun, 12 May 2024 21:22:59 +0530 Subject: [PATCH] added env variable penalty --- indimail-mta-x/doc/ChangeLog | 2 ++ indimail-mta-x/qmail-smtpd.c | 7 ++-- indimail-mta-x/smtpd.c | 46 +++++++++++++++++--------- indimail-mta-x/tests/test-indimail-mta | 7 +++- 4 files changed, 44 insertions(+), 18 deletions(-) diff --git a/indimail-mta-x/doc/ChangeLog b/indimail-mta-x/doc/ChangeLog index 8b0cd70f3..6ef6202d8 100644 --- a/indimail-mta-x/doc/ChangeLog +++ b/indimail-mta-x/doc/ChangeLog @@ -19,6 +19,8 @@ Release @version@-@release@ Start 05/02/2024 End XX/XX/XXXX 08. fix discarded-qualifier compiler warnings - 12/05/2024 09. fix function prototypes +10. qmail-smtpd.c, smtpd.c: added env variable PENALTY to make penalty for + incorrect passwords configurable * Sun Mar 03 2024 12:20:15 +0000 Manvendra Bhangui 3.0.7-1.1%{?dist} Release 3.0.7-1.1 Start 02/01/2024 End 03/02/2024 diff --git a/indimail-mta-x/qmail-smtpd.c b/indimail-mta-x/qmail-smtpd.c index ce30e42ee..c3fe66de0 100644 --- a/indimail-mta-x/qmail-smtpd.c +++ b/indimail-mta-x/qmail-smtpd.c @@ -1,5 +1,8 @@ /* * $Log: qmail-smtpd.c,v $ + * Revision 1.16 2024-05-12 21:20:28+05:30 Cprogrammer + * added env variable penalty + * * Revision 1.15 2024-05-09 22:03:17+05:30 mbhangui * fix discarded-qualifier compiler warnings * @@ -126,7 +129,7 @@ print_details() "DISABLE_SCRAM_SHA512", "DISABLE_SCRAM_SHA512_PLUS", "DISABLE_VRFY", "DOMAINQUEUE", "ENFORCE_FQDN_HELO", "FORCE_TLS", "FROMRULES", "GREYIP", "HIDE_HOST", "LOGFD", "LOGFILTER", "MASQUERADE", "MAX_RCPT_ERRCOUNT", "NODNSCHECK", - "OPENRELAY", "PLUGINDIR", "RELAYCLIENT", "REQPTR", "REQUIREAUTH", "SECURE_AUTH", + "OPENRELAY", "PENALTY", "PLUGINDIR", "RELAYCLIENT", "REQPTR", "REQUIREAUTH", "SECURE_AUTH", "SERVERCERT", "SHUTDOWN", "SIGNATURES", "SMTP_PLUGIN", "SMTP_PLUGIN_SYMB", "SMTPS", "SMTPUTF8", "SPAMFILTER", #ifdef HAVESRS @@ -278,7 +281,7 @@ main(int argc, char **argv) void getversion_qmail_smtpd_c() { - const char *x = "$Id: qmail-smtpd.c,v 1.15 2024-05-09 22:03:17+05:30 mbhangui Exp mbhangui $"; + const char *x = "$Id: qmail-smtpd.c,v 1.16 2024-05-12 21:20:28+05:30 Cprogrammer Exp mbhangui $"; x++; } diff --git a/indimail-mta-x/smtpd.c b/indimail-mta-x/smtpd.c index 8b2e32a5d..d62457a96 100644 --- a/indimail-mta-x/smtpd.c +++ b/indimail-mta-x/smtpd.c @@ -1,6 +1,6 @@ /* * RCS log at bottom - * $Id: smtpd.c,v 1.325 2024-05-12 00:20:03+05:30 mbhangui Exp mbhangui $ + * $Id: smtpd.c,v 1.326 2024-05-12 21:20:45+05:30 Cprogrammer Exp mbhangui $ */ #include #include @@ -157,8 +157,8 @@ static int smtps = 0; static SSL *ssl = NULL; static struct strerr *se; #endif -static int tr_success = 0; -static c_char *revision = "$Revision: 1.325 $"; +static int tr_success = 0, penalty = 5; +static c_char *revision = "$Revision: 1.326 $"; static c_char *protocol = "SMTP"; static stralloc proto = { 0 }; static stralloc Revision = { 0 }; @@ -1360,7 +1360,8 @@ smtp_badip() { logerr(1, "BAD IP client\n", NULL); logflush(); - sleep(5); + if (penalty > 0) + sleep(penalty); out("421 sorry, your IP (", remoteip, ") is temporarily denied (#4.7.1)\r\n", NULL); flush(); return; @@ -1371,7 +1372,8 @@ smtp_badhost(const char *arg) { logerr(1, "BAD HOST ", remotehost, "\n", NULL); logflush(); - sleep(5); + if (penalty > 0) + sleep(penalty); out("553 sorry, your host (", remotehost, ") has been denied (#5.7.1)\r\n", NULL); flush(); return; @@ -1382,7 +1384,8 @@ smtp_relayreject() { logerr(1, "OPEN RELAY client\n", NULL); logflush(); - sleep(5); + if (penalty > 0) + sleep(penalty); out("553 No mail accepted from an open relay (", remoteip, "); check your server configs (#5.7.1)\r\n", NULL); flush(); @@ -1396,7 +1399,8 @@ smtp_paranoid() logerr(1, "PTR (reverse DNS) record points to wrong hostname\n", NULL); logflush(); - sleep(5); + if (penalty > 0) + sleep(penalty); ptr = env_get("TCPPARANOID"); out("553 sorry, your IP address (", remoteip, NULL); out(") PTR (reverse DNS) record points to wrong hostname", NULL); @@ -1414,7 +1418,8 @@ smtp_ptr() logerr(1, "unable to obtain PTR (reverse DNS) record\n", NULL); logflush(); - sleep(5); + if (penalty > 0) + sleep(penalty); ptr = env_get("REQPTR"); out("553 ", NULL); if (*ptr) @@ -3574,7 +3579,8 @@ check_sender(void *(*inquery) (char, const char *, const char *), const char *li if (check_user_pwd(t_addr.s, at)) { logerr(1, "CHECKSENDER: SMTP Access denied to <", t_addr.s, ">: user does not exist\n", NULL); logflush(); - sleep(5); /*- Prevent DOS */ + if (penalty > 0) /*- Prevent DOS */ + sleep(penalty); out("553 authorization failure (#5.7.1)\r\n", NULL); flush(); return 1; @@ -3593,7 +3599,8 @@ check_sender(void *(*inquery) (char, const char *, const char *), const char *li */ logerr(1, "CHECKSENDER: SMTP Access denied to <", t_addr.s, ">: user does not exist\n", NULL); logflush(); - sleep(5); /*- Prevent DOS */ + if (penalty > 0) /*- Prevent DOS */ + sleep(penalty); out("553 authorization failure (#5.7.1)\r\n", NULL); flush(); return 1; @@ -3621,7 +3628,8 @@ check_sender(void *(*inquery) (char, const char *, const char *), const char *li } else { /* if (in_rcpthosts) */ logerr(1, "CHECKSENDER: SMTP Access denied to <", t_addr.s, ">: user not local\n", NULL); logflush(); - sleep(5); /*- Prevent DOS */ + if (penalty > 0) /*- Prevent DOS */ + sleep(penalty); out("553 authorization failure (#5.7.1)\r\n", NULL); flush(); return 1; @@ -4350,7 +4358,8 @@ smtp_rcpt(const char *arg) } if (result > 0) { rcpt_errcount++; - sleep(5); /*- Prevent DOS */ + if (penalty > 0) /*- Prevent DOS */ + sleep(penalty); } switch (result) { @@ -5368,7 +5377,8 @@ get_scram_record(const char *u, int *mech, int *iter, char **salt, char **stored */ logerr(1, "mail from invalid user <", u, ">\n", NULL); logflush(); - sleep(5); /*- Prevent DOS */ + if (penalty > 0) /*- Prevent DOS */ + sleep(penalty); out("553 authorization failure (#5.7.1)\r\n", NULL); flush(); return ((PASSWD *) NULL); @@ -6339,7 +6349,8 @@ smtp_auth(const char *arg) case 1:/*- auth fail */ case 2:/*- misuse */ err_authfailure(user.len ? user.s : 0, j); - sleep(5); + if (penalty > 0) + sleep(penalty); out("535 authorization failure (#5.7.8)\r\n", NULL); flush(); break; @@ -7119,6 +7130,8 @@ qmail_smtpd(int argc, char **argv, char **envp) else smtp_port = -1; port = smtp_port; + if ((ptr = env_get("PENALTY"))) + scan_int(ptr, &penalty); if ((ptr = env_get("ODMR"))) {/*- support ODMR on port 25 */ if (smtp_port != SUBM_PORT) smtp_port = ODMR_PORT; @@ -7368,6 +7381,9 @@ addrrelay() /* * $Log: smtpd.c,v $ + * Revision 1.326 2024-05-12 21:20:45+05:30 Cprogrammer + * made penalty configurable + * * Revision 1.325 2024-05-12 00:20:03+05:30 mbhangui * fix function prototypes * @@ -7803,7 +7819,7 @@ addrrelay() const char * getversion_smtpd_c() { - const char *x = "$Id: smtpd.c,v 1.325 2024-05-12 00:20:03+05:30 mbhangui Exp mbhangui $"; + const char *x = "$Id: smtpd.c,v 1.326 2024-05-12 21:20:45+05:30 Cprogrammer Exp mbhangui $"; x++; return revision + 11; diff --git a/indimail-mta-x/tests/test-indimail-mta b/indimail-mta-x/tests/test-indimail-mta index 5bb271c73..03b39e86e 100755 --- a/indimail-mta-x/tests/test-indimail-mta +++ b/indimail-mta-x/tests/test-indimail-mta @@ -1,6 +1,6 @@ #!/bin/sh # -# $Id: test-indimail-mta,v 1.76 2024-05-12 00:20:03+05:30 mbhangui Exp mbhangui $ +# $Id: test-indimail-mta,v 1.77 2024-05-12 21:22:10+05:30 Cprogrammer Exp mbhangui $ # start=$(date +'%s') user=$(whoami) @@ -1216,6 +1216,7 @@ start_tcpserver_smtp() echo 1 > $testdir/smtpd/variables/MAKE_SEEKABLE echo "" > $testdir/smtpd/variables/DKIMVERIFY echo 1 > $testdir/smtpd/variables/BADHELOCHECK + echo 0 > $testdir/smtpd/variables/PENALTY echo "$sbindir/qmail-dkim $sbindir/qmail-spamfilter" > $testdir/smtpd/variables/QMAILQUEUE ( if [ $# -eq 1 ] ; then @@ -3352,6 +3353,7 @@ setup_svscan_basic() echo $cntrldir > $servicedir/smtpd/variables/CONTROLDIR echo $testdir/queue > $servicedir/smtpd/variables/QUEUEDIR echo $certdir > $servicedir/smtpd/variables/CERTDIR + echo 0 > $servicedir/smtpd/variables/PENALTY ( printf "#!/bin/sh\nexec $envdir ./variables $tcpserver -u qmaild -g qmail -v -l $HOSTNAME -HR 0 " printf "$smtp_port $qmail_smtpd $HOSTNAME $testdir/bin/authsmtp " @@ -9085,6 +9087,9 @@ exit 0 # # $Log: test-indimail-mta,v $ +# Revision 1.77 2024-05-12 21:22:10+05:30 Cprogrammer +# create env variable PENALTY +# # Revision 1.76 2024-05-12 00:20:03+05:30 mbhangui # fix function prototypes #