From c2198ed2313309933ed0c38b130fd115c3765394 Mon Sep 17 00:00:00 2001 From: ache Date: Sun, 19 May 2002 09:05:38 +0000 Subject: Understand modern 4-letters domain names Don't trust EXTRA_HEADERS and HELO, all of this can be easily faked Restrict sensing of 3-rd level domains to known variants --- mail/ricochet/Makefile | 8 ++--- mail/ricochet/files/patch-ricochet | 65 +++++++++++++++++++++++++++++++++----- 2 files changed, 61 insertions(+), 12 deletions(-) (limited to 'mail/ricochet') diff --git a/mail/ricochet/Makefile b/mail/ricochet/Makefile index 0889f979a0e3..c141df7e7899 100644 --- a/mail/ricochet/Makefile +++ b/mail/ricochet/Makefile @@ -7,7 +7,7 @@ PORTNAME= ricochet PORTVERSION= 0.97 -PORTREVISION= 5 +PORTREVISION= 6 CATEGORIES= mail MASTER_SITES= http://vipul.net/perl/sources/spamcontrol/ricochet/ @@ -21,10 +21,10 @@ RUN_DEPENDS= ${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/Mail/Internet.pm:${POR NO_BUILD= yes -post-patch: +do-configure: .for file in install ricochet - @${PERL5} -pi -e 's,%%PREFIX%%,${PREFIX},g' ${WRKSRC}/${file} - @${PERL5} -pi -e 's,%%INSTALL_DATA%%,${INSTALL_DATA},g' ${WRKSRC}/${file} + ${PERL5} -pi -e 's,%%PREFIX%%,${PREFIX},g' ${WRKSRC}/${file} + ${PERL5} -pi -e 's,%%INSTALL_DATA%%,${INSTALL_DATA},g' ${WRKSRC}/${file} .endfor do-install: diff --git a/mail/ricochet/files/patch-ricochet b/mail/ricochet/files/patch-ricochet index 38ddbad7f8ba..a163df96a17c 100644 --- a/mail/ricochet/files/patch-ricochet +++ b/mail/ricochet/files/patch-ricochet @@ -1,6 +1,18 @@ --- ricochet.orig Thu Feb 8 22:23:19 2001 -+++ ricochet Thu Mar 7 03:31:11 2002 -@@ -227,13 +227,19 @@ ++++ ricochet Sun May 19 12:24:58 2002 +@@ -128,7 +128,10 @@ + ## List of receipients at ORIG_DOMAN + ## besides the CONTACTS. + +- EXTRA_HEADERS => [qw/from reply-to sender errors-to return-path/], ++## Anything there can be easily faked, producing lots of unwanted ++## complaints. Better will not use it. ++## EXTRA_HEADERS => [qw/from reply-to sender errors-to return-path/], ++ EXTRA_HEADERS => undef, + ## Headers to analyze besides + ## 'Received' + +@@ -227,13 +230,19 @@ $self->debug (0, "\nANALYZING HEADERS...\n"); @@ -21,7 +33,7 @@ if ((_nslookup ($host) && ($NS = 1)) || (_mxlookup ($host) && ($MX = 1))) { $self->debug (2,"+ $host EXISTS.\n") if $NS; $self->debug (2,"+ $host HAS A MX RECORD.\n") if $MX; -@@ -244,6 +250,7 @@ +@@ -244,6 +253,7 @@ } } else { $self->debug (2,"- POSSIBLY FAKED HEADER. $host DOESN'T EXIST.\n") } } @@ -29,9 +41,26 @@ } @{$self->{EXTRA_HEADERS}}; while ($match == 0) { -@@ -406,8 +413,14 @@ - my @transmit_hosts = $by =~ /($HOSTRE)/gs; +@@ -379,7 +389,7 @@ + ## --------------------------------------------------------------------------- + sub authentic { +- my $HOSTRE = '[\dA-Za-z\-\.]+\.[A-Za-z]{2,3}(?=[^A-Za-z\-\d])'; ++ my $HOSTRE = '[\dA-Za-z\-\.]+\.[A-Za-z]{2,4}(?=[^A-Za-z\-\d])'; + my $IPRE = '\d{1,3}\.\d{1,3}\.\d{1,3}.\d{1,3}'; + + my ($self, $received) = @_; +@@ -401,13 +411,20 @@ + + $received =~ /from\s(.*?)$rfc/s; my $from = " $1 "; + $received =~ /by\s(.*?)$rfc/s; my $by = " $1 "; +- my @orig_hosts = $from =~ /($HOSTRE)/gs; ++ ++ ## Trust only "(host.name [" part, HELO can be fake ++ my @orig_hosts = $from =~ /\([^()\[\]]*?($HOSTRE)[^()\[\]]*?\[/gs; + my @orig_ips = $from =~ /($IPRE)/gs; + my @transmit_hosts = $by =~ /($HOSTRE)/gs; +- my @ips = $by =~ /($IPRE)/gs; + + my $header = $self->{MAIL}->head; @@ -45,7 +74,7 @@ $auth = 1; $self->{ORIG_HOSTS}->add ($_); $self->debug (2,"+ $_ EXISTS."); -@@ -417,15 +430,21 @@ +@@ -417,15 +434,21 @@ my $host; grep { if ($host = _ptrquery ($_)) { @@ -70,7 +99,7 @@ $auth = 1; $self->{TRANSMIT_HOSTS}->add ($_); $self->debug (2,"+ $_ EXISTS."); -@@ -439,7 +458,13 @@ +@@ -439,7 +462,13 @@ } unless ($self->relaxed == 1) { @@ -85,7 +114,7 @@ } $self->debug (2, "+ Seems Authentic.\n"); -@@ -574,7 +599,8 @@ +@@ -574,7 +603,8 @@ sub initialize { my $self = shift; @@ -95,3 +124,23 @@ Carp::croak "** Ricochet configuration file $rc doesn't exist. Aborting.\n" unless -e $rc; open (RC, $rc); grep { +@@ -758,8 +788,8 @@ + + sub _domain { + my $host = shift; $host =~ y/A-Z/a-z/; my $domain = ''; +- ($domain) = $host =~ /([\da-z\-]+\.[a-z]{2,3}\.[a-z]{2})$/; +- ($domain) = $host =~ /([\da-z\-]+\.[a-z]{2,3})$/ unless $domain; ++ ($domain) = $host =~ /([\da-z\-]+\.(edu?|com?|net?|org?|gov?|int|ac|pp)\.[a-z]{2})$/; ++ ($domain) = $host =~ /([\da-z\-]+\.[a-z]{2,4})$/ unless $domain; + return $domain ? $domain : undef; + } + +@@ -769,7 +799,7 @@ + ## --------------------------------------------------------------------------- + + sub _host { +- my $hostre = '[\dA-Za-z\-\.]+\.[A-Za-z]{2,3}(?=[^A-Za-z\-\d]|$)'; ++ my $hostre = '[\dA-Za-z\-\.]+\.[A-Za-z]{2,4}(?=[^A-Za-z\-\d]|$)'; + my $data = shift; + my ($host) = $data =~ /($hostre)/; + return $host if $host ne ''; -- cgit