- Add more useful patches

- Use OPTIONS

PR:		ports/66173
Submitted by:	Michael Ranner
Approved by:	maintainer timeout

4 files changed, 540 insertions, 0 deletions

diff --git a/mail/messagewall/files/patch-applemail b/mail/messagewall/files/applemail.patch
index cdc7b211d776..cdc7b211d776 100644
--- a/mail/messagewall/files/patch-applemail
+++ b/mail/messagewall/files/applemail.patch
diff --git a/mail/messagewall/files/broken_parameter_value.patch b/mail/messagewall/files/broken_parameter_value.patch
new file mode 100644
index 000000000000..556edadecd9b
--- /dev/null
+++ b/mail/messagewall/files/broken_parameter_value.patch
@@ -0,0 +1,21 @@
+--- rfc822.c.orig	Fri Jul 12 19:45:03 2002
++++ rfc822.c	Sun May  2 18:04:34 2004
+@@ -156,7 +156,7 @@
+ 	} else {
+ 		j = i;
+ 		while (j < headervalue->l &&
+-			strchr(RFC822_WHITESPACE,headervalue->s[j]) == NULL)
++			strchr(RFC822_WHITESPACE_LOOSE,headervalue->s[j]) == NULL && headervalue->s[j] != ';')
+ 			j++;
+ 	}
+ 
+--- rfc822.h.orig	Mon Jun 24 20:45:00 2002
++++ rfc822.h	Sun May  2 18:04:34 2004
+@@ -21,6 +21,7 @@
+ #include <firestring.h>
+ 
+ #define RFC822_WHITESPACE " \t"
++#define RFC822_WHITESPACE_LOOSE "\t\n\r"
+ #define RFC822_VALUE_MAXLEN 256
+ 
+ struct rfc822_message_t {
diff --git a/mail/messagewall/files/paranoia.patch b/mail/messagewall/files/paranoia.patch
new file mode 100644
index 000000000000..85b8aa003fb8
--- /dev/null
+++ b/mail/messagewall/files/paranoia.patch
@@ -0,0 +1,433 @@
+--- dbase.c.orig	2002-10-18 17:24:16.000000000 +0200
++++ dbase.c	2003-01-26 13:33:27.000000000 +0100
+@@ -653,6 +653,8 @@
+ 		dbase_load_estr_score_ll(config,&profile->filename_reject,"filename_reject");
+ 		dbase_load_estr_score_ll(config,&profile->mime_reject,"mime_reject");
+ 
++		dbase_load_estr_score_ll(config,&profile->fakedbighost_reject,"fakedbighost_reject");
++		
+ 		dbase_load_estr_ll(config,&profile->mime_strip,"mime_strip");
+ 		dbase_load_estr_ll(config,&profile->mime_allow,"mime_allow");
+ 		dbase_load_int(config,&profile->reject,"reject");
+--- firemake.binaries.orig	2002-06-28 22:29:44.000000000 +0200
++++ firemake.binaries	2003-01-26 13:33:27.000000000 +0100
+@@ -1,3 +1,3 @@
+-messagewall: auth.o client.o dbase.o dnsbl.o dnsdcc.o md5.o messagewall.o mime.o rdns.o rfc822.o rmx.o security.o smtp.o tls.o virus.o
++messagewall: auth.o client.o dbase.o dnsbl.o dnsdcc.o md5.o messagewall.o mime.o rdns.o rfc822.o rmx.o security.o smtp.o tls.o virus.o paranoia.o
+ messagewallctl: messagewallctl.o
+ messagewallstats: messagewallstats.o
+--- man/messagewall_profiles.5.orig	2002-07-22 17:17:33.000000000 +0200
++++ man/messagewall_profiles.5	2003-01-26 13:33:27.000000000 +0100
+@@ -1,5 +1,5 @@
+ .\" (C) 2002 Ian Gulliver
+-.TH messagewall_profiles 5 2002-06-08
++.TH messagewall_profiles 5 2002-12-06
+ .SH DESCRIPTION
+ Any regular files in the directory defined as
+ .B profile_dir
+@@ -42,7 +42,7 @@
+ .I Default: 1
+ .br
+ This is the score at which MessageWall will reject the message.
+-Any message acheiving a score below this will simply have warnings
++Any message achieving a score below this will simply have warnings
+ added to its headers indicating which tests it failed.
+ 
+ .B mime_strip
+@@ -138,6 +138,29 @@
+ return mail cause the message to be rejected.  This should be safe
+ to use in almost all cases.
+ 
++.B fakedbighost_reject
++.br
++.I Example:
++.br
++.I fakedbighost_reject=1,hotmail.com
++.br
++The value of a
++.B fakedbighost_reject
++line should contain a domain/host name. Incoming mail from this
++domain (the domainname is taken from the sending address) is checked against 
++the "Received:" header fields. If NO match is found the assigned score is added. 
++Use this with extreme care! And only use this for big sites that have their 
++mail servers host name in the Received header line. If only the ip address 
++is shown in the Received header (which is ok with rfc821) this feature is
++worthless. Many small sites are
++virtual which means the host name of the actual domain the mail belongs 
++to isn't shown in any of the Received lines. Instead the name or ip 
++address of the ISP hosting the virtual domain is in the Received line.
++And don't forget nearly all header lines can be forged.
++There can be multiple
++.B fakedbighost_reject
++lines.
++
+ .B header_reject
+ .br
+ .I Example:
+@@ -146,7 +169,7 @@
+ .br
+ The value of a
+ .B header_reject
+-line should contain a colon seperated
++line should contain a colon separated
+ string of Header:Key.  The "Key" will be case-sensitively searched
+ for in the value of the header.  If a match is found, the message
+ is refused.  There can be multiple
+@@ -161,7 +184,7 @@
+ .br
+ The value of a
+ .B header_rejecti
+-line should contain a colon seperated
++line should contain a colon separated
+ string of Header:Key.  The "Key" will be case-insensitively searched
+ for in the value of the header.  If a match is found, the message
+ is refused.  There can be multiple
+--- messagewall.h.orig	2002-10-18 17:24:16.000000000 +0200
++++ messagewall.h	2003-01-26 13:33:39.000000000 +0100
+@@ -167,6 +167,7 @@
+ 	int reject;
+ 	struct messagewall_header_reject_t *header_rejecti;
+ 	struct messagewall_header_reject_t *header_reject;
++	struct messagewall_estr_score_ll_t *fakedbighost_reject;
+ 	struct messagewall_estr_score_ll_t *body_reject;
+ 	struct messagewall_estr_score_ll_t *body_rejecti;
+ 	struct messagewall_estr_score_ll_t *filename_reject;
+--- messagewallstats.c.orig	2002-10-18 17:24:16.000000000 +0200
++++ messagewallstats.c	2003-01-26 13:33:27.000000000 +0100
+@@ -21,6 +21,7 @@
+ #include <string.h>
+ #include <firestring.h>
+ 
++
+ static const char tagstring[] = "$Id: messagewallstats.c,v 1.17.2.3 2002/10/01 19:05:22 ian Exp $";
+ 
+ struct counter {
+@@ -37,6 +38,7 @@
+ struct counter *rmx = NULL;
+ struct counter *rmx_temp = NULL;
+ struct counter *to_cc = NULL;
++struct counter *fakedbighost = NULL;
+ struct counter *from = NULL;
+ struct counter *dnsbl_domain = NULL;
+ struct counter *dnsdcc = NULL;
+@@ -118,6 +120,7 @@
+ 	int filter_dnsbl_domain = 0;
+ 	int filter_dnsbl = 0;
+ 	int filter_to_cc = 0;
++	int filter_fakedbighost = 0;
+ 	int filter_from = 0;
+ 	int filter_rmx = 0;
+ 	int filter_rdns = 0;
+@@ -302,6 +305,20 @@
+ 			}
+ 			continue;
+ 		}
++
++		if (strstr(line, "no matching host of domain from sending address found in mail trace header") != NULL) {
++			filter_fakedbighost++;
++			start = strstr(line,"PARANOIA/WARNING: ");
++			if (start == NULL)
++				continue;
++			start += 18;
++			end = strchr(start,':');
++			if (end != NULL) {
++				*end = '\0';
++				increment(&fakedbighost,start);
++			}
++			continue;
++		}
+ 		
+ 		if (strstr(line,"envelope reverse path not in From\n") != NULL) {
+ 			filter_from++;
+@@ -574,6 +591,8 @@
+ 	fprintf(stdout,"Messages Rejected by Filter: %d\n",filter_reject);
+ 	fprintf(stdout,"\tFailed To/CC: %d\n",filter_to_cc);
+ 	print(to_cc,"\t\t");
++	fprintf(stdout,"\tFailed From/faked big host: %d\n",filter_fakedbighost);
++	print(fakedbighost,"\t\t");
+ 	fprintf(stdout,"\tFailed From: %d\n",filter_from);
+ 	print(from,"\t\t");
+ 	fprintf(stdout,"\tMatched DNSBL: %d\n",filter_dnsbl);
+--- paranoia.c.orig	1970-01-01 01:00:00.000000000 +0100
++++ paranoia.c	2003-01-26 13:33:27.000000000 +0100
+@@ -0,0 +1,145 @@
++/*
++paranoia.c - paranoia host checking for MessageWall
++Copyright (C) 2002 Collin R. Mulliner
++
++MessageWall Copyright (C) 2002 Ian Gulliver
++
++This program is free software; you can redistribute it and/or modify
++it under the terms of version 2 of the GNU General Public License as
++published by the Free Software Foundation.
++
++This program is distributed in the hope that it will be useful,
++but WITHOUT ANY WARRANTY; without even the implied warranty of
++MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++GNU General Public License for more details.
++
++You should have received a copy of the GNU General Public License
++along with this program; if not, write to the Free Software
++Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
++*/
++
++#include <stdio.h>
++#include <string.h>
++#include <firestring.h>
++#include "messagewall.h"
++#include "mime.h"
++#include "smtp.h"
++#include "rfc822.h"
++#include "paranoia.h"
++
++/*
++ *  look for domain in "by" and "from" part of mail path (in "Received" line)
++ */
++int check_by_from(struct firestring_estr_t *hline, struct firestring_estr_t *domain)
++{
++	struct firestring_estr_t host;
++	int i;
++	
++	
++	i = firestring_estr_stristr(hline, "from", 0);
++	if (i != -1) {
++		i += 4;
++		while (hline->l > i && strchr(RFC822_WHITESPACE, hline->s[i])) { i++; }
++		host.s = &hline->s[i];
++		host.l = i;
++		while (hline->l > i && !strchr(RFC822_WHITESPACE, hline->s[i])) { i++; }
++		host.l = i - host.l; 
++		host.a = host.l;
++		
++		if (firestring_estr_estristr(&host, domain, 0) != -1) return(0);
++	}
++	
++	i = firestring_estr_stristr(hline, "by", 0);
++	if (i != -1) {
++		i += 2;
++		while (hline->l > i && strchr(RFC822_WHITESPACE, hline->s[i])) { i++; }
++		host.s = &hline->s[i];
++		host.l = i;
++		while (hline->l > i && !strchr(RFC822_WHITESPACE, hline->s[i])) { i++; }
++		host.l = i - host.l; 
++		host.a = host.l;
++		
++		if (firestring_estr_estristr(&host, domain, 0) != -1) return(0);
++	}
++	
++	return(1);
++}
++
++/*
++ * mail path checking
++ */
++int paranoia_fakedbighost_check(struct rfc822_message_t *message, struct messagewall_estr_score_ll_t *head, struct firestring_estr_t *address)
++{
++	struct firestring_estr_t *value;
++	int i, n;
++	struct firestring_estr_t domain_part, *recv;
++	int atpos, dotpos, lastdotpos, llastdotpos;
++	int docheck = 0;
++
++/*	fprintf(stderr, "Paranoia DEBUG: address=");
++	for (i = 0; i < address->l; i++) {
++		fprintf(stderr, "%c", address->s[i]);
++	}
++	fprintf(stderr, "\n");
++*/
++	/* we only want the second level domain, no subdomain or host */
++	atpos = firestring_estr_strchr(address, '@', 0);
++	if (atpos != -1) {
++		dotpos = atpos;
++		lastdotpos = atpos;
++		do {
++			llastdotpos = lastdotpos;
++			lastdotpos = dotpos;
++			dotpos = firestring_estr_strchr(address, '.', lastdotpos+1);
++		} while (dotpos != -1);
++	
++		firestring_estr_alloc(&domain_part, address->l);
++		firestring_estr_estrcpy(&domain_part, address, llastdotpos+1);
++	}
++	else return(0);
++
++/*	fprintf(stderr, "Paranoia DEBUG: domain=");
++	for (i = 0; i < domain_part.l; i++) {
++		fprintf(stderr, "%c", domain_part.s[i]);
++	}
++	fprintf(stderr, "\n");
++*/	
++	/* do we have to check this message? */
++	while (head != NULL) {
++		if (firestring_estr_estristr(&head->string, &domain_part, 0) == 0) {
++			docheck = 1;
++			break;
++		}
++		head = head->next;
++	}
++	
++	/* don't do check! - return ok */
++	if (docheck == 0) {
++		firestring_estr_free(&domain_part);
++		return(0);
++	}
++	
++	/* some debbuging stuff */
++/*	fprintf(stderr,"Paranoia DEBUG: [from: %s] [domain: %s]\n", address->s, domain_part.s);
++*/	
++	/* step thru all received lines and check the by/from hosts */
++	n = 0;
++	do {
++		recv = rfc822_header_value_n(message, "Received:", n);
++	
++		if (recv != NULL) {
++			/* if check is successful return */
++			if (check_by_from(recv, &domain_part) == 0) {
++				firestring_estr_free(&domain_part);
++				return(0);
++			}
++		}
++		n++;
++	} while (recv != NULL);
++	
++	/* free memory */
++	firestring_estr_free(&domain_part);
++	
++	/* return score when not found */
++	return(head->score);
++}
+--- paranoia.h.orig	1970-01-01 01:00:00.000000000 +0100
++++ paranoia.h	2003-01-26 13:33:27.000000000 +0100
+@@ -0,0 +1,31 @@
++/*
++paranoia.c - paranoia host checking declarations for MessageWall
++Copyright (C) 2002 Collin R. Mulliner
++
++MessageWall Copyright (C) 2002 Ian Gulliver
++
++This program is free software; you can redistribute it and/or modify
++it under the terms of version 2 of the GNU General Public License as
++published by the Free Software Foundation.
++
++This program is distributed in the hope that it will be useful,
++but WITHOUT ANY WARRANTY; without even the implied warranty of
++MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++GNU General Public License for more details.
++
++You should have received a copy of the GNU General Public License
++along with this program; if not, write to the Free Software
++Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
++*/
++
++#ifndef _PARANOIA_H
++#define _PARANOIA_H
++
++#define PARANOIA_MSG "no matching host of domain from sending address found in mail trace header"
++
++#include <firestring.h>
++
++int check_by_from(struct firestring_estr_t *hline, struct firestring_estr_t *domain);
++int paranoia_fakedbighost_check(struct rfc822_message_t *message, struct messagewall_estr_score_ll_t *head, struct firestring_estr_t *address);
++
++#endif
+--- profiles/Warning.orig	2002-06-21 19:02:51.000000000 +0200
++++ profiles/Warning	2003-01-26 13:33:27.000000000 +0100
+@@ -31,3 +31,6 @@
+ header_rejecti=1,X-Mailer:bulk
+ virus_scan=1,virus.patterns
+ mime_allow=text/plain
++fakedbighost_reject=1,hotmail.com
++fakedbighost_reject=1,aol.com
++
+--- rfc822.c.orig	2002-07-12 19:45:03.000000000 +0200
++++ rfc822.c	2003-01-26 13:33:27.000000000 +0100
+@@ -51,6 +51,44 @@
+ 	}
+ }
+ 
++/*
++ * get header value of header line with more then one accurence
++ * get Nth line (starts at 0 (zero)), count beginns top of mail
++ */
++struct firestring_estr_t *rfc822_header_value_n(struct rfc822_message_t *message, char *header, int n) {
++	static struct firestring_estr_t ret;
++	int i,j,l,c = 0;
++	int newline = 1;
++
++	l = strlen(header);
++	for (i = 0; i < message->header.l - l; i++) {
++		if (newline == 1 && firestring_strncasecmp(&message->header.s[i],header,l) == 0) {
++		   if (c < n) { c++; continue; }
++			/*
++			 * got it
++			 */
++			i += l;
++			while (i < message->header.l && strchr(RFC822_WHITESPACE,message->header.s[i++]) != NULL);
++			i--;
++			for (j = i; j <= message->header.l - 2; j++)
++				if (memcmp(&message->header.s[j],"\r\n",2) == 0)
++					if (j >= message->header.l - 3 || strchr(RFC822_WHITESPACE,message->header.s[j+2]) == NULL)
++						break;
++			ret.s = &message->header.s[i];
++			ret.a = ret.l = j - i;
++			return &ret;
++		} else if (memcmp(&message->header.s[i],"\r\n",2) == 0) {
++			/*
++			 * new line
++			 */
++			newline = 1;
++			i++;
++		} else
++			newline = 0;
++	}
++	return NULL;
++}
++
+ struct firestring_estr_t *rfc822_header_value(struct rfc822_message_t *message, char *header) {
+ 	static struct firestring_estr_t ret;
+ 	int i,j,l;
+--- rfc822.h.orig	2002-06-24 20:45:00.000000000 +0200
++++ rfc822.h	2003-01-26 13:33:27.000000000 +0100
+@@ -30,6 +30,7 @@
+ 
+ int rfc822_split_message(struct firestring_estr_t *data, struct rfc822_message_t *message);
+ 
++struct firestring_estr_t *rfc822_header_value_n(struct rfc822_message_t *message, char *header, int n);
+ struct firestring_estr_t *rfc822_header_value(struct rfc822_message_t *message, char *header);
+ struct firestring_estr_t *rfc822_eheader_value(struct rfc822_message_t *message, struct firestring_estr_t *header);
+ struct firestring_estr_t *rfc822_parameter_value(struct firestring_estr_t *headervalue, char *parameter);
+--- smtp.c.orig	2002-10-18 17:24:16.000000000 +0200
++++ smtp.c	2003-01-26 13:33:27.000000000 +0100
+@@ -206,6 +206,7 @@
+ 
+ int smtp_checks_gotmessage(int client) {
+ 	int numparts;
++	int score = 0;
+ 
+ 	/*
+ 	 * clear dnsdcc queries for client
+@@ -263,6 +264,14 @@
+ 	}
+ 
+ 	/*
++	 * check for "faked big host"
++	 */
++	if ((score = paranoia_fakedbighost_check(&clients[client].parts[0].message, clients[client].profile->fakedbighost_reject, &clients[client].from)) != 0) {
++		if (smtp_reject(client,"PARANOIA","%e: no matching host of domain from sending address found in mail trace header",SMTP_FROM_RECEIVED,score,0,&clients[client].from,NULL) != 0)
++			return(0);
++	}
++	
++	/*
+ 	 * header rejection checks
+ 	 */
+ 	if (rfc822_header_reject_check(client) == 1 || rfc822_header_rejecti_check(client) == 1)
+--- smtp.h.orig	2002-09-28 19:21:02.000000000 +0200
++++ smtp.h	2003-01-26 13:33:27.000000000 +0100
+@@ -63,6 +63,7 @@
+ #define SMTP_7BIT "501 MessageWall: SMTP/FATAL: Server sent an 8bit character to a 7bit server\r\n"
+ #define SMTP_TO_CC "552 MessageWall: RFC822/REJECT: %e: Target address must be in To or CC headers\r\n"
+ #define SMTP_FROM "552 MessageWall: RFC822/REJECT: %e: Source address must be in From header\r\n"
++#define SMTP_FROM_RECEIVED "552 MessageWall: PARANOIA/REJECT: %e: no matching host of domain from sending address found in mail trace header\r\n"
+ #define SMTP_REALNAME "552 MessageWall: RFC822/REJECT: From address must contain a real name\r\n"
+ #define SMTP_HEADER "552 MessageWall: RFC822/REJECT: Message contained banned header fields: %e%e\r\n"
+ #define SMTP_ERRORS "554 MessageWall: SMTP/REJECT: Too many errors, goodbye\r\n"
diff --git a/mail/messagewall/files/spam_stats.patch b/mail/messagewall/files/spam_stats.patch
new file mode 100644
index 000000000000..ecc0f98c4896
--- /dev/null
+++ b/mail/messagewall/files/spam_stats.patch
@@ -0,0 +1,86 @@
+--- messagewallstats.c.orig	Fri Oct 18 17:24:16 2002
++++ messagewallstats.c	Sun May  2 18:30:47 2004
+@@ -48,6 +48,8 @@
+ struct counter *virus = NULL;
+ struct counter *encoding = NULL;
+ struct counter *illegal_multipart = NULL;
++struct counter *dnsbl_domain_spam_score = NULL;
++struct counter *dnsbl_spam_score = NULL;
+ 
+ void increment(struct counter **head, char *name) {
+ 	struct counter *temp;
+@@ -96,9 +98,9 @@
+ 	int quit = 0;
+ 	int disconnect = 0;
+ 	int disconnect_data = 0;
+-        long bytes_total = 0;
+-        long bytes_delivered = 0;
+-        long bytes_received =0;
++	long bytes_total = 0;
++	long bytes_delivered = 0;
++	long bytes_received =0;
+ 	int idle = 0;
+ 	int errors = 0;
+ 	int bare_lf = 0;
+@@ -275,6 +277,15 @@
+ 				*end = '\0';
+ 				increment(&dnsbl,start);
+ 			}
++			
++			if (end != NULL) {
++				start = end + 1;
++				end = strchr(start, ':');
++				*end = '\0';
++				
++				increment(&dnsbl_spam_score,start);
++			}
++			
+ 			continue;
+ 		}
+ 
+@@ -286,6 +297,21 @@
+ 				*end = '\0';
+ 				increment(&dnsbl_domain,start);
+ 			}
++			
++			if (end != NULL) {
++				end++;
++				start = strchr(end, ':');
++				*start = '\0';
++				start = strchr(end, '.');
++				if (strchr(start+1, '.') != NULL) {
++					start++;
++				}
++				else {
++					start = end;
++				}
++				increment(&dnsbl_domain_spam_score,start);
++			}
++			
+ 			continue;
+ 		}
+ 
+@@ -607,11 +633,18 @@
+ 	print(encoding,"\t\t");
+ 	fprintf(stdout,"\tInvalid QP encoding: %d\n",filter_qp);
+ 	fprintf(stdout,"\tInvalid base64 encoding: %d\n",filter_base64);
+-        fprintf(stdout,"\n");
++	fprintf(stdout,"\n");
+ 
+-        fprintf(stdout,"Mail Traffic\n");
+-        fprintf(stdout,"\tBytes received: %ld\n",bytes_total);
+-        fprintf(stdout,"\tBytes rejected: %ld\n",bytes_total - bytes_delivered);
+-        fprintf(stdout,"\tBytes accepted: %ld\n",bytes_delivered);
++	fprintf(stdout,"Mail Traffic\n");
++	fprintf(stdout,"\tBytes received: %ld\n",bytes_total);
++	fprintf(stdout,"\tBytes rejected: %ld\n",bytes_total - bytes_delivered);
++	fprintf(stdout,"\tBytes accepted: %ld\n",bytes_delivered);
++	
++	fprintf(stdout, "\nSpammers");
++	fprintf(stdout, "\n\tDomain based:\n");
++	print(dnsbl_domain_spam_score,"\t\t");
++	fprintf(stdout, "\n\tIP based:\n");
++	print(dnsbl_spam_score,"\t\t");
++		
+ 	exit(0);
+ }