Plugin: remotehost

This plugin provides an ability for rejecting/deferring messages based on regular expressions in the senders' remotehost names aka TCPREMOTEHOST environment variable if found or otherwise remoteip aka TCPREMOTEIP is being used instead.

If you use with tcpserver option -h and -p, then TCPREMOTEHOST will be set accordingly if valid DNS record is found.

This idea I got it from naokih at iron-horse dot org via google search using badremotehost as search keyword. You can read the qmail patch at http://n.h7a.org/hacks/qmail-badremotehost.patch.

IMPORTANT: This plugin is written for and tested with mailfront 1.12.

Configuration

$REMOTEHOST_LINEMAX

Line buffer size (defaults to 512)

$BADREMOTEHOST

If set, the named file is loaded and parsed (see below), and pattern matching is enabled. This is blacklist remotehost in short.

$GOODREMOTEHOST

If set, the named file is loaded and parsed (see below), and pattern matching is enabled. This is whitelist remotehost in short.

$REMOTEHOST_REJECT

If set, $BADREMOTEHOST matched will reject messages with code 554 instead of 451.

Sender Action

None

Recipient Action

None

Data Action

When client starts to transmit data, this plugin will start its regular expressions matching for $GOODREMOTEHOST and $BADREMOTEHOST. If any pattern matches found in $GOODREMOTEHOST, the message won't be rejected and will bypass $BADREMOTEHOST check if enabled.

If any pattern matches found in $BADREMOTEHOST, the message is rejected if $REMOTEHOST_REJECT is set otherwise it is deferred.

If sender is authenticated or $RELAYCLIENT environment variable is set, then this plugin will be skipped.

Message Action

None

Patterns File Format

The patterns file contains a list of standard regular expressions patterns except those lines started with # will be ignored. A control character = appear right after # which is used for customized reject message in $BADREMOTEHOST:

#

Comment line, ignored.

#=

Comment line with a control character =. This is to let you customize reject message. The latest #= line will be used before the pattern matched line. i.e. if the match is at line 4 and there is a #= line before line 4 will be used. It won't use any line after the pattern match. Default response message:

Sorry, your remotehost match our prohibited list. (#5.7.1)

The following patterns list example for $BADREMOTEHOST:

#=We don't accept email from remotehost with bad reverse DNS.
# The below match any $TCPREMOTEHOST = $TCPREMOTEIP due to $TCPREMOTEHOST is not set.
^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$
#=We don't accept email from dynamic ip users.
^(pool|user|dhcp|dialup|ppp|adsl|dynamic|dyn)[^\.]*[0-9]