You are here: start » plugins » auth » restrict_submission
You are currently not logged in! Enter your authentication credentials below to log in. You need to have cookies enabled to log in.
Plug-in Summary
| Plug-in name: | restrict_submission |
| Info: | Restricts the use of a specific port to authorised users only |
| Author: | Eliot Foster |
| Email: | |
| Compatibility: | Requires forkserver with multiple –port arguments enabled |
| Download: | inline |
Restricts the use of a specific port to authorised users only
#!/usr/bin/perl -Tw
#
# This plugin makes sure that foreign MTAs do not attempt to send mail to mail submission ports (465,587)
#
# Basically:
# 1.) A list of ports is given as a set of arguments
# 2.) If a connection comes in on one of those ports and is not a relayclient (authenticated)
# 3.) Reject the connection
#
# example config line for config/plugins:
# restrict_submission 465 587
use Qpsmtpd::DSN;
sub init {
my ($self, $qp, @args) = @_;
my %ports = ();
if (@args) {
@ports{@args} = @args;
}
$self->{_submission_ports} = \%ports;
}
sub hook_mail {
my ($self, $transaction, $sender) = @_;
# all is well if relaying
return (DECLINED)
if ( $self->qp->connection->relay_client );
# RFC2476, section 3.2: MUST accept null return path
return (DECLINED) if
($sender->format eq "<>");
# if the local port is one of the defined submission restricted ports, DENY
if (defined( $self->{_submission_ports}->{ $self->qp->connection->local_port } )) {
return Qpsmtpd::DSN->sec_sender_unauthorized(DENY, "Authentication required for submission");
}
return (DECLINED);
}