1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
$NetBSD: patch-az,v 1.4 2021/07/04 07:57:13 jnemeth Exp $
--- sendmail/srvrsmtp.c.orig 2020-06-08 08:35:03.000000000 +0000
+++ sendmail/srvrsmtp.c
@@ -48,6 +48,10 @@ static bool tls_ok_srv = false;
static bool NotFirstDelivery = false;
#endif
+#if NAMED_BIND
+extern struct __res_state sm_res;
+#endif
+
/* server features */
#define SRV_NONE 0x0000 /* none... */
#define SRV_OFFER_TLS 0x0001 /* offer STARTTLS */
@@ -1408,6 +1412,7 @@ smtp(nullserver, d_flags, e)
(int) tp.tv_sec +
(tp.tv_usec >= 500000 ? 1 : 0)
);
+ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "pre-greeting traffic");
}
}
}
@@ -1680,7 +1685,12 @@ smtp(nullserver, d_flags, e)
/* get an OK if we're done */
if (result == SASL_OK)
{
+ int fd;
+
authenticated:
+ fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
+ BLACKLIST_NOTIFY(BLACKLIST_AUTH_OK, fd, "AUTH OK");
+
message("235 2.0.0 OK Authenticated");
authenticating = SASL_IS_AUTH;
macdefine(&BlankEnvelope.e_macro, A_TEMP,
@@ -1825,6 +1835,7 @@ smtp(nullserver, d_flags, e)
{ \
SET_AUTH_USER_CONDITIONALLY \
message("535 5.7.0 authentication failed"); \
+ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL), "AUTH FAIL"); \
if (LogLevel >= 9) \
sm_syslog(LOG_WARNING, e->e_id, \
"AUTH failure (%s): %s (%d) %s%s%.*s, relay=%.100s", \
@@ -1940,6 +1951,10 @@ smtp(nullserver, d_flags, e)
if (nullserver != NULL &&
++n_badcmds > MAXBADCOMMANDS)
{
+ int fd;
+
+ fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
+ BLACKLIST_NOTIFY(BLACKLIST_ABUSIVE_BEHAVIOR, fd, "too many bad commands");
message("421 4.7.0 %s Too many bad commands; closing connection",
MyHostName);
@@ -3663,7 +3678,11 @@ doquit:
#if MAXBADCOMMANDS > 0
if (++n_badcmds > MAXBADCOMMANDS)
{
+ int fd;
+
stopattack:
+ fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
+ BLACKLIST_NOTIFY(BLACKLIST_ABUSIVE_BEHAVIOR, fd, "too many bad commands");
message("421 4.7.0 %s Too many bad commands; closing connection",
MyHostName);
@@ -4136,8 +4155,8 @@ smtp_data(smtp, e)
id = e->e_id;
#if NAMED_BIND
- _res.retry = TimeOuts.res_retry[RES_TO_FIRST];
- _res.retrans = TimeOuts.res_retrans[RES_TO_FIRST];
+ sm_res.retry = TimeOuts.res_retry[RES_TO_FIRST];
+ sm_res.retrans = TimeOuts.res_retrans[RES_TO_FIRST];
#endif
#if _FFR_PROXY
|