Lines 111-124
Link Here
|
111 |
while (defined ($relay = shift @{$self->{relays}})) |
111 |
while (defined ($relay = shift @{$self->{relays}})) |
112 |
{ |
112 |
{ |
113 |
# trusted_networks matches? |
113 |
# trusted_networks matches? |
114 |
if ($in_trusted && $did_user_specify_trust && !$trusted->contains_ip ($relay->{ip})) |
114 |
if ($in_trusted && $did_user_specify_trust && !$relay->{auth} && !$trusted->contains_ip ($relay->{ip})) |
115 |
{ |
115 |
{ |
116 |
$in_trusted = 0; # we're in deep water now |
116 |
$in_trusted = 0; # we're in deep water now |
117 |
} |
117 |
} |
118 |
|
118 |
|
119 |
# internal_networks matches? |
119 |
# internal_networks matches? |
120 |
if ($did_user_specify_internal) { |
120 |
if ($did_user_specify_internal) { |
121 |
if (!$internal->contains_ip ($relay->{ip})) { |
121 |
if (!$relay->{auth} && !$internal->contains_ip ($relay->{ip})) { |
122 |
$in_internal = 0; |
122 |
$in_internal = 0; |
123 |
} |
123 |
} |
124 |
} else { |
124 |
} else { |
Lines 370-375
Link Here
|
370 |
my $IP_ADDRESS = IP_ADDRESS; |
370 |
my $IP_ADDRESS = IP_ADDRESS; |
371 |
my $IP_IN_RESERVED_RANGE = IP_IN_RESERVED_RANGE; |
371 |
my $IP_IN_RESERVED_RANGE = IP_IN_RESERVED_RANGE; |
372 |
my $LOCALHOST = LOCALHOST; |
372 |
my $LOCALHOST = LOCALHOST; |
|
|
373 |
my $auth = ''; |
373 |
|
374 |
|
374 |
# Received: (qmail 27981 invoked by uid 225); 14 Mar 2003 07:24:34 -0000 |
375 |
# Received: (qmail 27981 invoked by uid 225); 14 Mar 2003 07:24:34 -0000 |
375 |
# Received: (qmail 84907 invoked from network); 13 Feb 2003 20:59:28 -0000 |
376 |
# Received: (qmail 84907 invoked from network); 13 Feb 2003 20:59:28 -0000 |
Lines 387-392
Link Here
|
387 |
$id = $1; |
388 |
$id = $1; |
388 |
} |
389 |
} |
389 |
|
390 |
|
|
|
391 |
# try to catch authenticated message identifier |
392 |
# the first one works for Sendmail, MDaemon, some webmail servers, and others |
393 |
# with ESMTPA, ESMTPSA, LMTPA, LMTPSA should cover RFC 3848 compliant MTAs |
394 |
# with ASMTP (Authenticated SMTP) is used by Earthlink, Exim 4.34, and others |
395 |
# with HTTP should only be authenticated webmail sessions |
396 |
if (/^from .*?(\]\)|\)\]) .*?\((.*?authenticated.*?)\).*? by/) { |
397 |
$auth = $2; |
398 |
} elsif (/ by .*? with (ESMTPA|ESMTPSA|LMTPA|LMTPSA|ASMTP|HTTP) /i) { |
399 |
$auth = $1; |
400 |
} |
401 |
|
390 |
if (/^from /) { |
402 |
if (/^from /) { |
391 |
# try to catch enveloper senders |
403 |
# try to catch enveloper senders |
392 |
if (/(?:return-path:? |envelope-(?:sender|from)[ =])(\S+)\b/i) { |
404 |
if (/(?:return-path:? |envelope-(?:sender|from)[ =])(\S+)\b/i) { |
Lines 1066-1072
Link Here
|
1066 |
ident => $ident, |
1078 |
ident => $ident, |
1067 |
envfrom => $envfrom, |
1079 |
envfrom => $envfrom, |
1068 |
lc_by => (lc $by), |
1080 |
lc_by => (lc $by), |
1069 |
lc_helo => (lc $helo) |
1081 |
lc_helo => (lc $helo), |
|
|
1082 |
auth => $auth |
1070 |
}; |
1083 |
}; |
1071 |
|
1084 |
|
1072 |
# perform rDNS check if MTA has not done it for us. |
1085 |
# perform rDNS check if MTA has not done it for us. |
Lines 1106-1112
Link Here
|
1106 |
# of entries must be preserved, so that regexps that assume that |
1119 |
# of entries must be preserved, so that regexps that assume that |
1107 |
# e.g. "ip" comes before "helo" will still work. |
1120 |
# e.g. "ip" comes before "helo" will still work. |
1108 |
# |
1121 |
# |
1109 |
my $asstr = "[ ip=$ip rdns=$rdns helo=$helo by=$by ident=$ident envfrom=$envfrom intl=0 id=$id ]"; |
1122 |
my $asstr = "[ ip=$ip rdns=$rdns helo=$helo by=$by ident=$ident envfrom=$envfrom intl=0 id=$id auth=$auth ]"; |
1110 |
dbg ("received-header: parsed as $asstr"); |
1123 |
dbg ("received-header: parsed as $asstr"); |
1111 |
$relay->{as_string} = $asstr; |
1124 |
$relay->{as_string} = $asstr; |
1112 |
|
1125 |
|