head 1.1; access; symbols pkgsrc-2026Q1:1.1.0.18 pkgsrc-2026Q1-base:1.1 pkgsrc-2025Q4:1.1.0.16 pkgsrc-2025Q4-base:1.1 pkgsrc-2025Q3:1.1.0.14 pkgsrc-2025Q3-base:1.1 pkgsrc-2025Q2:1.1.0.12 pkgsrc-2025Q2-base:1.1 pkgsrc-2025Q1:1.1.0.10 pkgsrc-2025Q1-base:1.1 pkgsrc-2024Q4:1.1.0.8 pkgsrc-2024Q4-base:1.1 pkgsrc-2024Q3:1.1.0.6 pkgsrc-2024Q3-base:1.1 pkgsrc-2024Q2:1.1.0.4 pkgsrc-2024Q2-base:1.1 pkgsrc-2024Q1:1.1.0.2 pkgsrc-2024Q1-base:1.1; locks; strict; comment @# @; 1.1 date 2024.01.15.04.50.56; author jnemeth; state Exp; branches; next ; commitid Nv1wagQpcgwUbvUE; desc @@ 1.1 log @mail/sendmail-snapshot: import sendmail-8.18.0.2 Sendmail acts as a unified "post office" to which all mail can be submitted. Address interpretation is controlled by a production system, which can parse both domain-based addressing and old-style "ad hoc" addresses. The production system is powerful enough to rewrite addresses in the message header to conform to the standards of a number of common target networks, including old (NCP/RFC733) Arpanet, new (TCP/RFC822) Arpanet, UUCP, and Phonenet. Sendmail also implements an SMTP server, message queueing, and aliasing. This package is for snapshot (alpha/beta) releases, which aren't considered to be release/production quality. It may be used to test new features. Some features / bug fixes may be backported to the regular sendmail package. @ text @$NetBSD$ --- sendmail/srvrsmtp.c.orig 2023-12-05 09:53:22.000000000 +0000 +++ sendmail/srvrsmtp.c @@@@ -51,6 +51,10 @@@@ static bool tls_ok_srv = false; static bool NotFirstDelivery = false; #endif +#if NAMED_BIND +extern struct __res_state sm_res; +#endif + /* server features */ #define SRV_NONE 0x00000000 /* none... */ #define SRV_OFFER_TLS 0x00000001 /* offer STARTTLS */ @@@@ -1801,7 +1805,12 @@@@ smtp(nullserver, d_flags, e) /* get an OK if we're done */ if (result == SASL_OK) { + int fd; + authenticated: + fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); + BLACKLIST_NOTIFY(BLACKLIST_AUTH_OK, fd, "AUTH OK"); + message("235 2.0.0 OK Authenticated"); authenticating = SASL_IS_AUTH; macdefine(&BlankEnvelope.e_macro, A_TEMP, @@@@ -1946,6 +1955,7 @@@@ smtp(nullserver, d_flags, e) { \ SET_AUTH_USER_CONDITIONALLY \ message("535 5.7.0 authentication failed"); \ + BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL), "AUTH FAIL"); \ if (LogLevel >= 9) \ sm_syslog(LOG_WARNING, e->e_id, \ "AUTH failure (%s): %s (%d) %s%s%.*s, relay=%.100s", \ @@@@ -2061,6 +2071,10 @@@@ smtp(nullserver, d_flags, e) if (nullserver != NULL && ++n_badcmds > MAXBADCOMMANDS) { + int fd; + + fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); + BLACKLIST_NOTIFY(BLACKLIST_ABUSIVE_BEHAVIOR, fd, "too many bad commands"); message("421 4.7.0 %s Too many bad commands; closing connection", MyHostName); @@@@ -2578,6 +2592,7 @@@@ smtp(nullserver, d_flags, e) "rejecting %s from %s [%s] due to traffic before response", SmtpPhase, CurHostName, anynet_ntoa(&RealHostAddr)); + BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "pre-greeting traffic"); usrerr("554 5.5.0 SMTP protocol error"); nullserver = "Command rejected"; #if MILTER @@@@ -3514,7 +3529,10 @@@@ smtp(nullserver, d_flags, e) if (!smtp_data(&smtp, e, !bitset(SRV_ALLOW_BAD_PIPELINE, features) && !gothello && !tls_active && !auth_active)) + { + BLACKLIST_NOTIFY(BLACKLIST_ABUSIVE_BEHAVIOR, fd, "pre-DATA traffic stuffing"); goto doquit; + } break; case CMDRSET: /* rset -- reset state */ @@@@ -3921,7 +3939,11 @@@@ smtp(nullserver, d_flags, e) #if MAXBADCOMMANDS > 0 if (++n_badcmds > MAXBADCOMMANDS) { + int fd; + stopattack: + fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); + BLACKLIST_NOTIFY(BLACKLIST_ABUSIVE_BEHAVIOR, fd, "too many bad commands"); message("421 4.7.0 %s Too many bad commands; closing connection", MyHostName); @@@@ -4414,8 +4436,8 @@@@ smtp_data(smtp, e, check_stuffing) id = e->e_id; #if NAMED_BIND - _res.retry = TimeOuts.res_retry[RES_TO_FIRST]; - _res.retrans = TimeOuts.res_retrans[RES_TO_FIRST]; + sm_res.retry = TimeOuts.res_retry[RES_TO_FIRST]; + sm_res.retrans = TimeOuts.res_retrans[RES_TO_FIRST]; #endif #if _FFR_PROXY @