qpsmtpd Wiki

[[plugins:auth:restrict_submission]]

You are here: start » plugins » auth » restrict_submission



Login

You are currently not logged in! Enter your authentication credentials below to log in. You need to have cookies enabled to log in.

Login

You don't have an account yet? Just get one: Register

Forgotten your password? Get a new one: Set new password

Restricts the use of a specific port to authorised users only 











#!/usr/bin/perl -Tw
#
# This plugin makes sure that foreign MTAs do not attempt to send mail to mail submission ports (465,587)
#
# Basically:
# 1.) A list of ports is given as a set of arguments
# 2.) If a connection comes in on one of those ports and is not a relayclient (authenticated)
# 3.) Reject the connection
#
# example config line for config/plugins:
# 	restrict_submission 465 587

use Qpsmtpd::DSN;

sub init {
  my ($self, $qp, @args) = @_;

  my %ports = ();
  if (@args) {
    @ports{@args} = @args;
  }

  $self->{_submission_ports} = \%ports;
}

sub hook_mail {
  my ($self, $transaction, $sender) = @_;

  # all is well if relaying
  return (DECLINED)
    if ( $self->qp->connection->relay_client );

  # RFC2476, section 3.2:  MUST accept null return path
  return (DECLINED) if
    ($sender->format eq "<>");

  # if the local port is one of the defined submission restricted ports, DENY
  if (defined( $self->{_submission_ports}->{ $self->qp->connection->local_port } )) {
    return Qpsmtpd::DSN->sec_sender_unauthorized(DENY, "Authentication required for submission");
  }

  return (DECLINED);
}
 

plugins/auth/restrict_submission.txt · Last modified: 2007/05/01 02:01 by jamtur01

Back to top