Ir al contenido principal

Ralsina.Me — El sitio web de Roberto Alsina

The RA SPP Plugin collection

2006-04-09 00:16

This pack­age pro­vides sev­er­al plug­ins meant to be used with a qmail patched us­ing qmail-spp (http://q­mail-sp­p.s­f.net).

They cov­er di­verse ar­eas, and are meant to be writ­ten ac­cord­ing to the fol­low­ing prin­ci­ples:

  • Good per­­for­­mance

They are writ­ten when­ev­er pos­si­ble in C, and try to be short and di­rec­t.

  • Good log­ging

They should in­form the us­er of what they do. No email should ev­er be re­ject­ed with­out log­ging some­thing. Al­so, all plug­ins logs in­clude the PID of the qmail-smt­pd pro­cess, so you can eas­i­ly group all events of a con­nec­tion.

  • Se­cu­ri­­ty

Since writ­ing in C ex­pos­es one­self to the dan­gers of mem­o­ry cor­rup­tion, I have tried to use, when­ev­er it makes sense, the Bet­ter String Li­brary, to avoid prob­lem­s. While this makes the plug­ins larg­er, it al­so makes me feel more com­fort­able.

Al­so, for most plu­g­in­s, it should be pos­si­ble to run them as a very un­priv­i­leged us­er or in a ch­root jail. This is not yet im­ple­ment­ed, but it is worth think­ing about.

Cur­rent ver­sion is 0.2.2 (See Changel­og)

The plug­ins in­clud­ed are:

There is al­so a pub­lic SVN repos­i­to­ry with much new­er (hope­ful­ly bet­ter) code at gogle­code.

Changelog

  • 2006-05-11 ver­­sion 0.2.2

    • Fixed stupid bug in ipthrot­­­tle plug­in (was send­ing a de­bug mes­sage to the clien­t)

  • 2006-04-21 ver­­sion 0.2.1

    • Fixed Make­­­file, maybe it now builds with old­er gc­c.

  • 2006-04-08 ver­­sion 0.2

    • Fixed rcptchecks to de­­­tect vpop­­­mail do­­­mains cor­rec­t­­­ly

    • Spel­l­ing er­rors point­ed by Pawel Forem­s­­­ki

    • Small doc­u­­­men­­­ta­­­tion fix­es

  • Ver­­sion 0.1

    • Orig­i­­­nal non-re­lease ;-)

netmax / 2006-04-18 18:43:

ver 0.2 does not compile with older GCC

please fix!

mail:/dist/current/ra-plugins-0.2 # gcc --version
2.95.3
mail:/dist/current/ra-plugins-0.2 # make
gcc -Wall -g -Os -o authchecks authchecks.c bstraux.c bstraux.h bstrlib.c bstrlib.h
In file included from authchecks.c:23:
bstrlib.h:173: parse error before `.'
bstrlib.h:173: stray '' in program

[snipped a lot of similar errors]


Edited By Siteowner

Roberto Alsina / 2006-04-18 19:00:

Sorry, those files are not my code.

Maybe you can point it out to the author at http://bstring.sf.net

Mao / 2006-04-21 13:40:

On my debian 3.1 it cannot compile!
Why?

vmail1:/usr/local/src/qmail/spp-plugins/ra-plugins-0.2# make
gcc -Wall -g -Os -o authchecks authchecks.c bstraux.c bstraux.h bstrlib.c bstrlib.h
gcc: compilation of header file requested
bstrlib.c:1391: warning: type defaults to `int' in declaration of `instr_fnptr'
gcc: compilation of header file requested
make: *** [authchecks] Error 1
vmail1:/usr/local/src/qmail/spp-plugins/ra-plugins-0.2#

Thank's

Roberto Alsina / 2006-04-21 14:13:

Interesting.

Maybe both compilation errors are caused by the same thing.

I have uploaded a 0.2.1 version that changes the Makefile so it doesn' t try to build the .h files.

On gcc 3.4, that works, maybe on earlier versions it doesn't.

Please check it and let me know if it works now.

Mao / 2006-04-21 14:37:

Thank's.
Now it is
ipthrottle.c:27:19: relay.h: No such file or directory
i have changed
include to
include "relay.h"
and now i get
make
gcc -Wall -g -Os -o ipthrottle ipthrottle.c bstraux.c bstrlib.c -lrelay
bstrlib.c:1391: warning: type defaults to `int' in declaration of `instr_fnptr'
/usr/bin/ld: cannot find -lrelay
collect2: ld returned 1 exit status
make: *** [ipthrottle] Error 1
:-(

Roberto Alsina / 2006-04-21 15:57:

Read the docs for that plugin: it requires relayd (and it's librelay).

If you need ipthrottle, then install that.

If you don't, use make -k so it goes on and builds whatever plugins it can :-)

Miroslaw Lach / 2006-07-25 21:35:

Perhaps it's not common config but on my server sometimes I'm using .qmail-XXX files inside vpopmail domain directory. Because rcptchecks does not "support" this kind of "accounts" i had to patch it. If you're interested diff is avaible at http://mirek.czuwaj.net/pat....

Roberto Alsina / 2006-07-26 00:06:

Miroslav: awesome! I'll make a new release with this patch soon!

Dave Gempton / 2006-11-03 00:40:

hardcoderbl - love it! But ...

Ive notices a number of spam messages getting through where they have multiple "recieved from:" sections in the mail header.

Often the chain of servers starts at a blocked servers IP. When I check the logged messages I see that hardcoderbl checked one of the servers at the top of the chain and accepted it. Rather than checking the servers at the start of the chain. This may relate to the info that qmail-spp is passing.

If you have any suggestions on how to improve the checking, I'd really appreciate it.

Here is an example:
The log showed : accepted 203.96.152.182

But the chain starts at 202.156.242.116 which is listed in dynablock.njabl.org.

Return-Path:
Delivered-To: davidg@ttc4it.co.nz
Received: (qmail 1487 invoked by alias); 2 Nov 2006 19:08:58 -0000
Delivered-To: rach@ttc4it.co.nz
Received: (qmail 1483 invoked from network); 2 Nov 2006 19:08:58 -0000
Received: from linda-3.paradise.net.nz (203.96.152.182) by host-192-170-100.2.thebook.... with SMTP; 2 Nov 2006 19:08:58 -0000
Received: from smtp-2.paradise.net.nz (tclsnelb1-src-1.paradise.ne... [203.96.152.172]) by linda-3.paradise.net.nz (Paradise.net.nz) with ESMTP id for rach@ttc4it.co.nz; Fri, 03 Nov 2006 05:28:28 +1300 (NZDT)
Received: from [202.156.8.10] (cm116.gamma242.maxonline.co... [202.156.242.116]) by smtp-2.paradise.net.nz (Postfix) with ESMTP id 762BB160B1E3 for ; Fri, 03 Nov 2006 05:28:25 +1300 (NZDT)

Roberto Alsina / 2006-11-03 02:12:

Dave: There is a reason for it.

When any of the RBL checkers do their thing, the only known IP is from where the connection is actually coming from.

This is a good thing, because if you check the first IP, noone will send you email ;-)

That first IP is probably the user's home IP, and **all** of them are in dynablock, because they are home or dynamic IPs.

If the user is sending you mail via his ISP's server, he is doing the right thing, and RBL leaves him alone.

Renato Ornelas / 2006-11-25 00:12:

I've got some spam here today... The spammer used my domain in upper case, so rcptchecks doesn't cosidered it local.

To correct this, i add the following to line 82:

btolower(smtprcptto);

Roberto Alsina / 2006-11-25 00:46:

Renato: Thanks for the message, I have it fixed in 0.2.9, which of course is not released yet :-(

Dean / 2010-03-01 08:20:

Are you still developing these plugins? If not, do you have any recommendations for actively-developed SPP plugins?

Roberto Alsina / 2010-03-01 10:39:

The SVN version is pretty mature and stable, and variations of it have been used in production for years.
Sadly the whole qmail ecosystem seems to have shriveled and died, so this is mostly a legacy product.

Contents © 2000-2023 Roberto Alsina