couriertcpd: do not issue ANY queries for DNSBL lookups.

author: Sam Varshavchik 2017-03-11 10:10:39 -0500
committer: Sam Varshavchik 2017-03-11 10:10:39 -0500
commit: 19717bb6b4bea979efc5b441f91ae11b982f6fd4 (patch)
tree: 167a737f38b8f9317b0ec9b74402b8110e5be1b6 /tcpd/tcpd.c
parent: 914d160ada16463a76d42011aa8d721134fba9b8 (diff)
download: courier-libs-19717bb6b4bea979efc5b441f91ae11b982f6fd4.tar.bz2
1 files changed, 16 insertions, 3 deletions
diff --git a/tcpd/tcpd.c b/tcpd/tcpd.c
index 819dc51..093a23a 100644
--- a/tcpd/tcpd.c
+++ b/tcpd/tcpd.c
@@ -1624,11 +1624,11 @@ static void docheckblocklist(struct blocklist_s *p, const char *nameptr)
 	if (p->allow)
 		wanttxt = p->msg != 0;
 	else
-		wanttxt = (p->msg == 0 || *p->msg == 0);
+		wanttxt = p->msg && strcmp(p->msg, "*") == 0;
 
 	(void)rfc1035_resolve_cname(&res,
 			hostname,
-			wanttxt ? RFC1035_TYPE_ANY:RFC1035_TYPE_A,
+			wanttxt ? RFC1035_TYPE_TXT:RFC1035_TYPE_A,
 			RFC1035_CLASS_IN, &replyp, 0);
 
 	if (!replyp)
@@ -1673,12 +1673,25 @@ static void docheckblocklist(struct blocklist_s *p, const char *nameptr)
 		if (!search_txt_records(&res, p->allow, varname, replyp,
 					hostname) && !p->allow)
 		{
+			size_t l=strlen(p->zone)+40;
+			char *buf=malloc(l+1);
+
+			if (!buf)
+			{
+				perror("malloc");
+				_exit(1);
+			}
+
+			buf[snprintf(buf, l, "Sender @ blacklisted by %s",
+				     p->zone)]=0;
+
 			/*
 			** Even though we did not find a TXT record, we're here
 			** because of an A record, so for -blocks, we must
 			** set varname to something.
 			*/
-			mysetenv(varname, "Access denied.");
+			mkmymsg(varname, buf);
+			free(buf);
 		}
 
 		found=1;
author	Sam Varshavchik	2017-03-11 10:10:39 -0500
committer	Sam Varshavchik	2017-03-11 10:10:39 -0500
commit	19717bb6b4bea979efc5b441f91ae11b982f6fd4 (patch)
tree	167a737f38b8f9317b0ec9b74402b8110e5be1b6 /tcpd/tcpd.c
parent	914d160ada16463a76d42011aa8d721134fba9b8 (diff)
download	courier-libs-19717bb6b4bea979efc5b441f91ae11b982f6fd4.tar.bz2