From f7e542297a404f8ae6d4535b6e295f18fb4438fb Mon Sep 17 00:00:00 2001 From: schmonz Date: Sat, 24 Apr 2004 05:29:36 +0000 Subject: Add revision 1.01 of Ward Vandewege's badrcptto patch. With this patch, qmail-smtpd will reject mail during the SMTP conversation if a recipient is listed in control/badrcptto. This complements control/badmailfrom as found in stock qmail. Requested by Nathan Arthur. Add an rc.d script for qmail-pop3d. It needs sysutils/checkpassword, which is so tiny I've added the dependency even as I don't use qmail-pop3d myself. In the rc.d script for qmail-smtpd, require control/rcpthosts to be present. This prevents accidental open relays. Now that it's used for the path to checkpassword too, rename LOCALBASE_UCSPI_TCP to LOCALBASE_NORMAL. Convert to buildlink3. Bump PKGREVISION. --- mail/qmail/MESSAGE | 4 +-- mail/qmail/Makefile | 13 +++++---- mail/qmail/distinfo | 4 +-- mail/qmail/files/qmailpop3d.sh | 30 ++++++++++++++++++++ mail/qmail/files/qmailsmtpd.sh | 7 +++-- mail/qmail/patches/patch-an | 62 ++++++++++++++++++++++++++++++++++++++---- 6 files changed, 102 insertions(+), 18 deletions(-) create mode 100644 mail/qmail/files/qmailpop3d.sh (limited to 'mail') diff --git a/mail/qmail/MESSAGE b/mail/qmail/MESSAGE index 191e9ba8004..13047d06601 100644 --- a/mail/qmail/MESSAGE +++ b/mail/qmail/MESSAGE @@ -1,12 +1,12 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.6 2004/04/10 05:53:31 schmonz Exp $ +$NetBSD: MESSAGE,v 1.7 2004/04/24 05:29:36 schmonz Exp $ To be able to view manpages either add "${QMAILDIR}/man/" to the _default line in /etc/man.conf or specify this directory in MANPATH variable in your environment. To start qmail at startup, set qmail=YES in /etc/rc.conf. - + To start qmail-pop3d at startup, set qmailpop3d=YES in /etc/rc.conf. To start qmail-smtpd at startup, set qmailsmtpd=YES in /etc/rc.conf. =========================================================================== diff --git a/mail/qmail/Makefile b/mail/qmail/Makefile index 6d59b4a34c4..a96f1b52241 100644 --- a/mail/qmail/Makefile +++ b/mail/qmail/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.22 2004/04/10 14:15:24 schmonz Exp $ +# $NetBSD: Makefile,v 1.23 2004/04/24 05:29:36 schmonz Exp $ # DISTNAME= qmail-1.03 -PKGREVISION= 5 +PKGREVISION= 6 CATEGORIES= mail MASTER_SITES= http://cr.yp.to/software/ \ ftp://ftp.ntnu.no/pub/unix/mail/qmail/ \ @@ -13,9 +13,12 @@ MAINTAINER= schmonz@NetBSD.org HOMEPAGE= http://www.qmail.org/ COMMENT= Secure, reliable, efficient, simple, and fast MTA for UNIX systems +DEPENDS+= checkpassword-[0-9]*:../../sysutils/checkpassword DEPENDS+= qmail-users>=1.0:../../mail/qmail-users DEPENDS+= ucspi-tcp-[0-9]*:../../net/ucspi-tcp +USE_BUILDLINK3= yes + ALL_TARGET= it man INSTALL_TARGET= setup check @@ -29,11 +32,11 @@ USE_PKGINSTALL= yes DEINSTALL_EXTRA_TMPL+= ${.CURDIR}/DEINSTALL OWN_DIRS+= ${QMAILDIR} -EVAL_PREFIX+= LOCALBASE_UCSPI_TCP=ucspi-tcp +EVAL_PREFIX+= LOCALBASE_NORMAL=ucspi-tcp FILES_SUBST+= QMAILDIR=${QMAILDIR} -FILES_SUBST+= LOCALBASE_UCSPI_TCP=${LOCALBASE_UCSPI_TCP} -RCD_SCRIPTS= qmail qmailsmtpd +FILES_SUBST+= LOCALBASE_NORMAL=${LOCALBASE_NORMAL} +RCD_SCRIPTS= qmail qmailsmtpd qmailpop3d RCD_SCRIPTS_EXAMPLEDIR= ${QMAILDIR}/etc/rc.d .include "../../mk/bsd.prefs.mk" diff --git a/mail/qmail/distinfo b/mail/qmail/distinfo index 8e1c27a16c1..e90b3e7aae3 100644 --- a/mail/qmail/distinfo +++ b/mail/qmail/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.4 2004/04/10 05:30:06 schmonz Exp $ +$NetBSD: distinfo,v 1.5 2004/04/24 05:29:36 schmonz Exp $ SHA1 (qmail-1.03.tar.gz) = 18fb960481291a0503e93a94df3f6094edb7f27a Size (qmail-1.03.tar.gz) = 220668 bytes @@ -15,7 +15,7 @@ SHA1 (patch-aj) = a1691a04a90f3969ac8853e7d04833603195880e SHA1 (patch-ak) = d1e88006f04874df6c1896b08bbdfb4e5d67f654 SHA1 (patch-al) = 20a8bb4d44477522135762219c4aaeebddfd6085 SHA1 (patch-am) = fd1d09686dcdbb58b7a45c114aa56d0b1360035b -SHA1 (patch-an) = de2bb294c742ee4b512634f37553bdb79ea7ffb1 +SHA1 (patch-an) = 352fefafcf726fa9b5ae69822519d4c976032da2 SHA1 (patch-ao) = 63176ba524913c6e693de7460d25016a10a438f8 SHA1 (patch-ap) = de2d4d409c5e588e1cf9c6ca2cd966eeef022a55 SHA1 (patch-aq) = 2e5f0a4870b13ff60f79edf5dc58eff783fd5bea diff --git a/mail/qmail/files/qmailpop3d.sh b/mail/qmail/files/qmailpop3d.sh new file mode 100644 index 00000000000..f0a8a54de6f --- /dev/null +++ b/mail/qmail/files/qmailpop3d.sh @@ -0,0 +1,30 @@ +#!@RCD_SCRIPTS_SHELL@ +# +# $NetBSD: qmailpop3d.sh,v 1.1 2004/04/24 05:29:36 schmonz Exp $ +# + +# PROVIDE: mail +# REQUIRE: qmail + +. /etc/rc.subr + +name="qmailpop3d" +rcvar=${name} +required_files="@QMAILDIR@/control/me" +command="@LOCALBASE_NORMAL@/bin/tcpserver" +procname=${name} +start_precmd="qmailpop3d_precmd" + +if [ -z "$qmailpop3d_flags" ]; then + qmailpop3d_flags="-v -H -R -l 0" +fi + +qmailpop3d_precmd() +{ + command="@SETENV@ - @LOCALBASE_NORMAL@/bin/argv0 @LOCALBASE_NORMAL@/bin/tcpserver $name $qmailpop3d_flags 0 110 @QMAILDIR@/bin/qmail-popup `@CAT@ @QMAILDIR@/control/me` @LOCALBASE_NORMAL@/bin/checkpassword @QMAILDIR@/bin/qmail-pop3d Maildir 2>&1 | @QMAILDIR@/bin/splogger pop3d 3" + command_args="&" + rc_flags="" +} + +load_rc_config $name +run_rc_command "$1" diff --git a/mail/qmail/files/qmailsmtpd.sh b/mail/qmail/files/qmailsmtpd.sh index 44453ec653c..284bf5655e0 100644 --- a/mail/qmail/files/qmailsmtpd.sh +++ b/mail/qmail/files/qmailsmtpd.sh @@ -1,6 +1,6 @@ #!@RCD_SCRIPTS_SHELL@ # -# $NetBSD: qmailsmtpd.sh,v 1.1 2004/04/10 05:30:06 schmonz Exp $ +# $NetBSD: qmailsmtpd.sh,v 1.2 2004/04/24 05:29:36 schmonz Exp $ # # PROVIDE: mail @@ -10,7 +10,8 @@ name="qmailsmtpd" rcvar=${name} -command="@LOCALBASE_UCSPI_TCP@/bin/tcpserver" +required_files="@QMAILDIR@/control/rcpthosts" +command="@LOCALBASE_NORMAL@/bin/tcpserver" procname=${name} start_precmd="qmailsmtpd_precmd" @@ -20,7 +21,7 @@ fi qmailsmtpd_precmd() { - command="@SETENV@ - @LOCALBASE_UCSPI_TCP@/bin/argv0 @LOCALBASE_UCSPI_TCP@/bin/tcpserver $name $qmailsmtpd_flags -u `@ID@ -u qmaild` -g `@ID@ -g qmaild` 0 smtp @QMAILDIR@/bin/qmail-smtpd 2>&1 | @QMAILDIR@/bin/splogger smtpd 3" + command="@SETENV@ - @LOCALBASE_NORMAL@/bin/argv0 @LOCALBASE_NORMAL@/bin/tcpserver $name $qmailsmtpd_flags -u `@ID@ -u qmaild` -g `@ID@ -g qmaild` 0 25 @QMAILDIR@/bin/qmail-smtpd 2>&1 | @QMAILDIR@/bin/splogger smtpd 3" command_args="&" rc_flags="" } diff --git a/mail/qmail/patches/patch-an b/mail/qmail/patches/patch-an index 7f0797b1b6e..a183669395e 100644 --- a/mail/qmail/patches/patch-an +++ b/mail/qmail/patches/patch-an @@ -1,10 +1,12 @@ -$NetBSD: patch-an,v 1.1 2004/04/10 05:30:06 schmonz Exp $ +$NetBSD: patch-an,v 1.2 2004/04/24 05:29:36 schmonz Exp $ --- qmail-smtpd.c.orig 1998-06-15 06:53:16.000000000 -0400 +++ qmail-smtpd.c -@@ -51,12 +51,12 @@ void straynewline() { out("451 See http: +@@ -50,13 +50,14 @@ void die_ipme() { out("421 unable to fig + void straynewline() { out("451 See http://pobox.com/~djb/docs/smtplf.html.\r\n"); flush(); _exit(1); } void err_bmf() { out("553 sorry, your envelope sender is in my badmailfrom list (#5.7.1)\r\n"); } ++void err_brt() { out("553 sorry, this recipient is in my badrecipientto list (#5.7.1)\r\n"); } void err_nogateway() { out("553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)\r\n"); } -void err_unimpl() { out("502 unimplemented (#5.5.1)\r\n"); } +void err_unimpl(arg) char *arg; { out("502 unimplemented (#5.5.1)\r\n"); } @@ -18,7 +20,7 @@ $NetBSD: patch-an,v 1.1 2004/04/10 05:30:06 schmonz Exp $ void err_qqt() { out("451 qqt failure (#4.3.0)\r\n"); } -@@ -67,11 +67,11 @@ void smtp_greet(code) char *code; +@@ -67,11 +68,11 @@ void smtp_greet(code) char *code; substdio_puts(&ssout,code); substdio_put(&ssout,greeting.s,greeting.len); } @@ -33,7 +35,47 @@ $NetBSD: patch-an,v 1.1 2004/04/10 05:30:06 schmonz Exp $ { smtp_greet("221 "); out("\r\n"); flush(); _exit(0); } -@@ -232,7 +232,7 @@ void smtp_ehlo(arg) char *arg; +@@ -96,6 +97,9 @@ stralloc liphost = {0}; + int bmfok = 0; + stralloc bmf = {0}; + struct constmap mapbmf; ++int brtok = 0; ++stralloc brt = {0}; ++struct constmap mapbrt; + + void setup() + { +@@ -116,6 +120,11 @@ void setup() + if (bmfok == -1) die_control(); + if (bmfok) + if (!constmap_init(&mapbmf,bmf.s,bmf.len,0)) die_nomem(); ++ ++ brtok = control_readfile(&brt,"control/badrcptto",0); ++ if (brtok == -1) die_control(); ++ if (brtok) ++ if (!constmap_init(&mapbrt,brt.s,brt.len,0)) die_nomem(); + + if (control_readint(&databytes,"control/databytes") == -1) die_control(); + x = env_get("DATABYTES"); +@@ -208,6 +217,17 @@ int bmfcheck() + return 0; + } + ++int brtcheck() ++{ ++ int j; ++ if (!brtok) return 0; ++ if (constmap(&mapbrt,addr.s,addr.len - 1)) return 1; ++ j = byte_rchr(addr.s,addr.len,'@'); ++ if (j < addr.len) ++ if (constmap(&mapbrt,addr.s + j,addr.len - j - 1)) return 1; ++ return 0; ++} ++ + int addrallowed() + { + int r; +@@ -232,7 +252,7 @@ void smtp_ehlo(arg) char *arg; smtp_greet("250-"); out("\r\n250-PIPELINING\r\n250 8BITMIME\r\n"); seenmail = 0; dohelo(arg); } @@ -42,7 +84,15 @@ $NetBSD: patch-an,v 1.1 2004/04/10 05:30:06 schmonz Exp $ { seenmail = 0; out("250 flushed\r\n"); -@@ -316,8 +316,8 @@ int *hops; +@@ -258,6 +278,7 @@ void smtp_rcpt(arg) char *arg; { + } + else + if (!addrallowed()) { err_nogateway(); return; } ++ if (!env_get("RELAYCLIENT") && brtcheck()) { err_brt(); return; } + if (!stralloc_cats(&rcptto,"T")) die_nomem(); + if (!stralloc_cats(&rcptto,addr.s)) die_nomem(); + if (!stralloc_0(&rcptto)) die_nomem(); +@@ -316,8 +337,8 @@ int *hops; if (flagmaybex) if (pos == 7) ++*hops; if (pos < 2) if (ch != "\r\n"[pos]) flagmaybey = 0; if (flagmaybey) if (pos == 1) flaginheader = 0; @@ -52,7 +102,7 @@ $NetBSD: patch-an,v 1.1 2004/04/10 05:30:06 schmonz Exp $ if (ch == '\n') { pos = 0; flagmaybex = flagmaybey = flagmaybez = 1; } } switch(state) { -@@ -365,7 +365,7 @@ void acceptmessage(qp) unsigned long qp; +@@ -365,7 +386,7 @@ void acceptmessage(qp) unsigned long qp; out("\r\n"); } -- cgit v1.2.3