2005/07/19

Discard Bad Spam MX by mimedefang

http://lists.roaringpenguin.com/pipermail/mimedefang/2004-September/024600.html
#***********************************************************************
# Define MX and other machines that may relay to us - bad mail from
# these boxen will be silently dropped instead of rejected
#***********************************************************************
%MXHosts = (
'146.82.138.6'
,'146.82.138.7'
,'146.82.138.27'
,'192.25.206.10'
,'205.210.42.52'
,'205.210.42.53'
,'66.35.250.206'
,'66.35.250.209'
,'206.191.13.82'
);
sub Drop_If_MX {
# Return parameters
my ($code, $msg, $smtp_code, $smtp_dsn, $delay) = @_;
if ( exists($MXHosts{$RelayAddr}) ) {
$code = 'DISCARD';
$delay = 0;
return ($code, $msg, $smtp_code, $smtp_dsn, $delay);
};
sub Action_If_MX {
# Return parameters
my ($msg, $smtp_code, $smtp_dsn) = @_;
if ( exists($MXHosts{$RelayAddr}) ) {
return (action_discard());
}
else {
md_syslog('warning',
"Action_If_MX: $RelayAddr, $msg, $smtp_code, $smtp_dsn");
return (action_bounce($msg, $smtp_code, $smtp_dsn));
};
};
...
return(Drop_If_MX('REJECT', 'Invalid MX', '', '', 20));
...
if ($hits >= 10) {
return Action_If_MX("Spam level: $hits", "554", "5.7.1 Spam level $h
};


http://www.mimedefang.org/kwiki/index.cgi?CheckForMX

use Net::DNS;

sub GetHostAddresses ($$) {
my ($resolver,$hostname) = @_;
my @addresses;
my $received = $resolver->search($hostname);
foreach my $rr ($received->answer) {
next unless $rr->type eq "A";
push(@addresses, $rr->address);
}
return @addresses;
}

# GetDomainMXAddresses(resolver,domain)
# returns array of IP addresses for domain's MX list
# if no MX records, returns array of IP addresses for this hostname

sub GetDomainMXAddresses ($$) {
my ($resolver,$domain) = @_;
my @mxlist = mx($resolver, $domain);
my @mxaddresses;
if (@mxlist) {
push(@mxaddresses, map { GetHostAddresses($resolver, $_->exchange); } @mxlist);
} else { # check for an A record for the domain...
push(@mxaddresses, GetHostAddresses($resolver, $domain));
}
return @mxaddresses;
}

# MTA_is_domain_MX(domain,address)
# returns TRUE if address is a MX for domain

sub MTA_is_domain_MX ($$) {
my ($domain,$address) = @_;
return grep { /^$address$/ } GetDomainMXAddresses(Net::DNS::Resolver->new, $domain);
}

#Usage:
if (MTA_is_domain_MX($MyDomain,$RelayAddr)) {
# don't pester mx backup
return action_discard();
} else {
return action_bounce($message);
}

http://sial.org/howto/mimedefang/check-sender/

our %forged_domains = (
'hotmail.com' => undef,
'yahoo.com' => undef,
'yahoo.co.kr' => undef,
'msn.com' => undef,
'excite.com' => undef,
'juno.com' => undef,
'telus.net' => undef,
'iname.com' => undef,
'gmx.net' => undef,
'email.com' => undef,
'charter.net' => undef,
'bigfoot.com' => undef,
'earthlink.net' => undef,
'mailcity.com' => undef,
'mail.com' => undef,
'bellsouth.net' => undef,
'aol.com' => undef,
'yume.otegami.com' => undef,
'usa.net' => undef,
);

use Net::DNS;
our $dns = Net::DNS::Resolver->new;
$dns->defnames(0); # do not search default domain

sub filter_recipient {
my ($recipient, $sender, $ip, $hostname, $first, $helo,
$rcpt_mailer, $rcpt_host, $rcpt_addr) = @_;

if (email_is_forged($sender, $ip)) {
md_syslog('info', "MDLOG,$MsgID,forgedsender,$hostname,$ip");
return 'REJECT', "Sender address rejected by incoming for domain";
}

return 'CONTINUE', 'ok';
}

sub email_is_forged {
my ($sender, $ip) = @_;

my ($domain) = $sender =~ / \@ ([\w.-]+) [>.]* $ /x;
return 0 unless exists $forged_domains{$domain};

my $mx = $dns->query($domain, 'MX');

my @mxs;

if ($mx) {
for my $rr ($mx->answer) {
push @mxs, $rr->exchange if $rr->type eq 'MX';
}
}

# no MX (or Net::DNS error), fallback to A record for domain
unless (@mxs) {
md_syslog 'warning',
"$QueueID: sender check found no MX found for $domain: $dns->errorstring";
push @mxs, $domain;
}

for my $host (@mxs) {
my ($result, $msg) =
md_check_against_smtp_server('<>', $sender,
'FIX-THIS-INVALID-HELO-ARG.com', $host);
next if $result eq 'TEMPFAIL';
return ($result eq 'REJECT' ? 1 : 0);
}

return 0;
}

sub filter_recipient {
my ($recipient, $sender, $ip, $hostname, $first, $helo,
$rcpt_mailer, $rcpt_host, $rcpt_addr) = @_;

load_sendmail_macros();



for my $rr ($mx->answer) {
next unless $rr->type eq 'MX';
my ($result, $msg) =
md_check_against_smtp_server('<>',
$sender, $SendmailMacros{j}, $rr->exchange);
next if $result eq 'TEMPFAIL';
return ($result eq 'REJECT' ? 1 : 0);
}

posted by SOLEWA @ 9:44 AM   0 comments

0 Comments:

Post a Comment

<< Home