[Postfixbuch-users] Fallstudie: Missbrauch des Dienstes durch Spammer - Die Lösung
Achim Lammerts
ml-pbu at admin.syntaxys.net
So Sep 3 17:21:39 CEST 2006
Alexander Dalloz schrieb:
> Einen patch solltest du besser per "diff" generieren, damit man ihn auch
> vernünftig im Code indentifizieren kann; z.B. `diff -uN throttle.c.orig
> throttle.c'
> .
>
> Alexander
>
>
>
--- throttle.c.orig 2006-06-28 12:41:37.000000000 +0200
+++ throttle.c 2006-09-03 14:45:12.000000000 +0200
@@ -38,6 +38,8 @@
int
throttle_check (unsigned int fd)
{
+ if(strlen(triplet_array[fd][4]) > 0)
+ {
unsigned int tnum = 0;
unsigned int tresult = 0;
@@ -58,13 +60,14 @@
" ORDER BY _priority DESC LIMIT 1",
host_array[fd][2], host_array[fd][3], host_array[fd][4],
host_array[fd][5]);
- } else if((SENDER_THROTTLE_SASL == 1) && (triplet_array[fd][4][0] !=
0x00)) {
- tnum = 2;
- snprintf(mysqlquery_array[fd], 512,
- "SELECT _from,_count_max,_count_cur,_date,_quota_cur,_quota_max,"
- " _time_limit,_mail_size,_count_tot,_rcpt_max,_rcpt_cur,_rcpt_tot,"
- " _log_warn, _log_panic, _abuse_tot"
- " FROM throttle WHERE _from='%s'", triplet_array[fd][4]);
+ } else if(SENDER_THROTTLE_SASL == 1) {
+/* } else if((SENDER_THROTTLE_SASL == 1) && (triplet_array[fd][4][0]
!= 0x00)) { */
+ tnum = 2;
+ snprintf(mysqlquery_array[fd], 512,
+ "SELECT _from,_count_max,_count_cur,_date,_quota_cur,_quota_max,"
+ "
_time_limit,_mail_size,_count_tot,_rcpt_max,_rcpt_cur,_rcpt_tot,"
+ " _log_warn, _log_panic, _abuse_tot"
+ " FROM throttle WHERE _from='%s'", triplet_array[fd][4]);
} else {
tnum = 3;
snprintf(mysqlquery_array[fd], 512,
@@ -184,6 +187,12 @@
logmessage("fatal: throttle_check(): no tnum\n");
return (-1);
}
+ }
+ else
+ {
+ if(DEBUG > 0)
+ logmessage("DEBUG: No SASL user");
+ }
return (0); /* never reached */
}
--- throttle_sasl.c.orig 2006-04-04 16:39:57.000000000 +0200
+++ throttle_sasl.c 2006-09-03 14:21:26.000000000 +0200
@@ -37,7 +37,8 @@
int
throttle_sasl (unsigned int fd)
{
-
+if(strlen(triplet_array[fd][4]) > 0)
+ {
if(DEBUG > 0)
logmessage("DEBUG: fd: %d checking throttle-sasl\n", fd);
@@ -193,9 +194,7 @@
return (-5);
}
-
update:
-
/* if the sender has not reached his quota, increase count */
logmessage("rcpt=%lu, throttle=update(%c), host=%s, from=%s, to=%s,
size=%d/%d, "
"quota=%d/%d, count=%d/%d(%d), rcpt=%d/%d(%d),
threshold=%d%|%d%|%d%, sasl_username=%s\n",
@@ -235,6 +234,13 @@
instance_inc[fd],
triplet_array[fd][4]);
if(db_doquery(fd) == -1) return(db_failure(fd, "throttle"));
+}
+else
+ {
+ if(DEBUG > 0)
+ logmessage("DEBUG: No SASL user");
+ }
+
return (0); /* never reached */
}
Mehr Informationen über die Mailingliste Postfixbuch-users