summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAntonio Radici <antonio@dyne.org>2011-05-06 15:25:14 +0000
committerAntonio Radici <antonio@dyne.org>2011-05-06 15:25:14 +0000
commitb3f943b545829eddf8d2ad642133dc3749182d50 (patch)
tree8aa2d8ded79b16086b86a9f46698323d38212626
parentb32e49f53bf26698d209f46e7d299f14d04b023e (diff)
parent187975042f247c2bc64d1011c13e90d6c1207088 (diff)
Merge commit 'upstream/1.34'
-rw-r--r--Changes6
-rw-r--r--README1
-rwxr-xr-xpostgrey17
-rw-r--r--postgrey_whitelist_clients16
4 files changed, 34 insertions, 6 deletions
diff --git a/Changes b/Changes
index 272f557..d6c2095 100644
--- a/Changes
+++ b/Changes
@@ -1,3 +1,9 @@
+* 2011-05-04: version 1.34
+
+ - gracefully handle future timestamps in the database (Andreas Hoedle)
+ - replaced obsolete Digest::SHA1 with Digest::SHA (Salvatore Bonaccorso)
+ - updated whitelist
+
* 2010-05-04: version 1.33
- fix warning with IPv6 address (Edwin Kremer)
diff --git a/README b/README
index 6802e50..c6fc092 100644
--- a/README
+++ b/README
@@ -12,6 +12,7 @@ Requirements
- IO::Multiplex (Perl Module)
- BerkeleyDB (Perl Module)
- Berkeley DB >= 4.1 (Library)
+- Digest::SHA (Perl Module, only for --privacy option)
Documentation
diff --git a/postgrey b/postgrey
index 0149bad..7cb0352 100755
--- a/postgrey
+++ b/postgrey
@@ -22,7 +22,7 @@ use POSIX qw(strftime setlocale LC_ALL);
use vars qw(@ISA);
@ISA = qw(Net::Server::Multiplex);
-my $VERSION = '1.33';
+my $VERSION = '1.34';
my $DEFAULT_DBDIR = '/var/spool/postfix/postgrey';
my $CONFIG_DIR = '/etc/postfix';
@@ -375,7 +375,7 @@ sub smtpd_access_policy($$)
$cawl_db = $self->{postgrey}{db_cawl};
$cawl_key = $attr->{client_address};
if ($self->{postgrey}{privacy}) {
- $cawl_key = Digest::SHA1::sha1_hex($cawl_key);
+ $cawl_key = Digest::SHA::sha1_hex($cawl_key);
}
my $cawl_val = $cawl_db->{$cawl_key};
($cawl_count, $cawl_last) = split(/,/,$cawl_val) if defined $cawl_val;
@@ -383,7 +383,7 @@ sub smtpd_access_policy($$)
# whitelist if count is enough
if(defined $cawl_count and $cawl_count >= $self->{postgrey}{awl_clients})
{
- if($now >= $cawl_last+3600) {
+ if(($now >= $cawl_last+3600) or ($cawl_last > $now)) {
$cawl_count++; # for statistics
$cawl_db->{$cawl_key}=$cawl_count.','.$now;
}
@@ -398,7 +398,7 @@ sub smtpd_access_policy($$)
$self->do_client_substitutions($attr->{client_address}, $attr->{client_name});
my $key = lc "$client_net/$sender/$attr->{recipient}";
if ($self->{postgrey}{privacy}) {
- $key = Digest::SHA1::sha1_hex($key);
+ $key = Digest::SHA::sha1_hex($key);
}
my $val = $db->{$key};
my $first;
@@ -416,6 +416,11 @@ sub smtpd_access_policy($$)
# it is beyond the retry_window
$first = $now if $now-$first > $self->{postgrey}{retry_window};
}
+ # test for invalid first-seen date in the future
+ if($first > $now) {
+ $self->mylog(1, "correcting date for first seen in the future!");
+ $first = $now;
+ }
}
else {
$first = $now;
@@ -623,9 +628,9 @@ sub main()
$server->read_clients_whitelists();
$server->read_recipients_whitelists();
- # --privacy requires Digest::SHA1
+ # --privacy requires Digest::SHA
if($opt{'privacy'}) {
- require Digest::SHA1;
+ require Digest::SHA;
}
$0 = join(' ', @{$server->{server}{commandline}});
diff --git a/postgrey_whitelist_clients b/postgrey_whitelist_clients
index f4ecb0d..9dbe6bd 100644
--- a/postgrey_whitelist_clients
+++ b/postgrey_whitelist_clients
@@ -2,6 +2,8 @@
# --------------------------------------------
# put this file in /etc/postfix or specify its path
# with --whitelist-clients=xxx
+#
+# postgrey version: 1.34, build date: 2011-05-04
# greylisting.org: Southwest Airlines (unique sender, no retry)
southwest.com
@@ -196,9 +198,23 @@ yahoo.com
/^outmail\d+\.sctm\.tfbnw\.net$/
# 2009-02-10: server14.cyon.ch (long retry, reported by Alex Beckert)
server14.cyon.ch
+# 2009-08-19: 126.com (big pool)
+/^m\d+-\d+\.126\.com$/
# 2010-01-08: tifr.res.in (no retry, reported by Alex Beckert)
home.theory.tifr.res.in
# 2010-01-08: 1blu.de (long retry, reported by Alex Beckert)
ms4-1.1blu.de
# 2010-03-17: chello.at (big pool, reported by Jan-willem van Eys)
/^viefep\d+-int\.chello\.at$/
+# 2010-05-31: nic.nu (long retry, reported by Ivan Sie)
+mx.nic.nu
+# 2010-06-10: Microsoft servers (long/no retry, reported by Roy McMorran)
+bigfish.com
+frontbridge.com
+microsoft.com
+# 2010-06-18: Google/Postini (big pool, reported by Warren Trakman)
+postini.com
+# 2011-02-04: evanzo-server.de (no retry, reported by Andre Hoepner)
+/^mx.*\.evanzo-server\.de$/
+# 2011-05-02: upcmail.net (big pool, reported by Michael Monnerie)
+upcmail.net