Lines 41-47
Link Here
|
41 |
|
41 |
|
42 |
# the important bit! |
42 |
# the important bit! |
43 |
$self->register_eval_rule("check_for_numeric_helo"); |
43 |
$self->register_eval_rule("check_for_numeric_helo"); |
44 |
$self->register_eval_rule("check_for_illegal_ip"); |
|
|
45 |
$self->register_eval_rule("check_all_trusted"); |
44 |
$self->register_eval_rule("check_all_trusted"); |
46 |
$self->register_eval_rule("check_no_relays"); |
45 |
$self->register_eval_rule("check_no_relays"); |
47 |
$self->register_eval_rule("check_relays_unparseable"); |
46 |
$self->register_eval_rule("check_relays_unparseable"); |
Lines 73-79
Link Here
|
73 |
} |
72 |
} |
74 |
} |
73 |
} |
75 |
|
74 |
|
76 |
sub helo_forgery_whitelisted { |
75 |
sub _helo_forgery_whitelisted { |
77 |
my ($helo, $rdns) = @_; |
76 |
my ($helo, $rdns) = @_; |
78 |
if ($helo eq 'msn.com' && $rdns eq 'hotmail.com') { return 1; } |
77 |
if ($helo eq 'msn.com' && $rdns eq 'hotmail.com') { return 1; } |
79 |
0; |
78 |
0; |
Lines 96-127
Link Here
|
96 |
return 0; |
95 |
return 0; |
97 |
} |
96 |
} |
98 |
|
97 |
|
99 |
sub check_for_illegal_ip { |
|
|
100 |
my ($self, $pms) = @_; |
101 |
|
102 |
foreach my $rcvd ( @{$pms->{relays_untrusted}} ) { |
103 |
# (note this might miss some hits if the Received.pm skips any invalid IPs) |
104 |
# do we really want to chase the more recent IANA allocations? |
105 |
# check: http://www.iana.org/assignments/ipv4-address-space/ |
106 |
foreach my $check ( $rcvd->{ip}, $rcvd->{by} ) { |
107 |
return 1 if ($check =~ /^ |
108 |
(?:[0157]|22[4-9]|2[3-9]\d|[12]\d{3,}|[3-9]\d\d+) \.\d+\.\d+\.\d+ |
109 |
$/x); |
110 |
} |
111 |
} |
112 |
return 0; |
113 |
} |
114 |
|
115 |
sub sent_by_applemail { |
116 |
my ($self, $pms) = @_; |
117 |
|
118 |
return 0 unless ($pms->get("MIME-Version") =~ /Apple Message framework/); |
119 |
return 0 unless ($pms->get("X-Mailer") =~ /^Apple Mail \(\d+\.\d+\)/); |
120 |
return 0 unless ($pms->get("Message-Id") =~ |
121 |
/^<[A-F0-9]+(?:-[A-F0-9]+){4}\@\S+.\S+>$/); |
122 |
return 1; |
123 |
} |
124 |
|
125 |
# note using IPv4 addresses for now due to empty strings matching IP_ADDRESS |
98 |
# note using IPv4 addresses for now due to empty strings matching IP_ADDRESS |
126 |
# due to bug in pure IPv6 address regular expression |
99 |
# due to bug in pure IPv6 address regular expression |
127 |
sub helo_ip_mismatch { |
100 |
sub helo_ip_mismatch { |
Lines 375-381
Link Here
|
375 |
my $prev = $from[$i-1]; |
348 |
my $prev = $from[$i-1]; |
376 |
if (defined($prev) && $i > 0 |
349 |
if (defined($prev) && $i > 0 |
377 |
&& $prev =~ /^\w+(?:[\w.-]+\.)+\w+$/ |
350 |
&& $prev =~ /^\w+(?:[\w.-]+\.)+\w+$/ |
378 |
&& $by ne $prev && !helo_forgery_whitelisted($by, $prev)) |
351 |
&& $by ne $prev && !_helo_forgery_whitelisted($by, $prev)) |
379 |
{ |
352 |
{ |
380 |
dbg2("eval: forged-HELO: mismatch on from: '$prev' != '$by'"); |
353 |
dbg2("eval: forged-HELO: mismatch on from: '$prev' != '$by'"); |
381 |
$pms->{mismatch_from}++; |
354 |
$pms->{mismatch_from}++; |