You are here: start » plugins » auth » restrict_submission
You are currently not logged in! Enter your authentication credentials below to log in. You need to have cookies enabled to log in.
You don't have an account yet? Just get one: Register
Forgotten your password? Get a new one: Send new password
Plug-in Summary
| Plug-in name: | restrict_submission |
| Info: | Restricts the use of a specific port to authorised users only |
| Author: | Eliot Foster |
| Email: | |
| Compatibility: | Requires forkserver with multiple –port arguments enabled |
| Download: | inline |
Restricts the use of a specific port to authorised users only
#!/usr/bin/perl -Tw
#
# This plugin makes sure that foreign MTAs do not attempt to send mail to mail submission ports (465,587)
#
# Basically:
# 1.) A list of ports is given as a set of arguments
# 2.) If a connection comes in on one of those ports and is not a relayclient (authenticated)
# 3.) Reject the connection
#
# example config line for config/plugins:
# restrict_submission 465 587
use Qpsmtpd::DSN;
sub init {
my ($self, $qp, @args) = @_;
my %ports = ();
if (@args) {
@ports{@args} = @args;
}
$self->{_submission_ports} = \%ports;
}
sub hook_mail {
my ($self, $transaction, $sender) = @_;
# all is well if relaying
return (DECLINED)
if ( $self->qp->connection->relay_client );
# RFC2476, section 3.2: MUST accept null return path
return (DECLINED) if
($sender->format eq "<>");
# if the local port is one of the defined submission restricted ports, DENY
if (defined( $self->{_submission_ports}->{ $self->qp->connection->local_port } )) {
return Qpsmtpd::DSN->sec_sender_unauthorized(DENY, "Authentication required for submission");
}
return (DECLINED);
}