Milter-greylist

Hi !

More and more spammers are using misconfigured (or spam-and-drop)
domains with wildcard (+all) SPF policy. This defeats milter-greylist
protection, as SPF-compliant senders are not subject to initial message
delay.

I propose a trivial code that reduces trust in too-permissive SPF domains.

This works as follows:

- Test incoming address with SPF_CHECK as usual.
- If address is permitted (EXF_SPF), test some bogus IP-addressed with
the same domain/SPF policy.
- If bogus addresses are permitted, then do not trust the domain SPF record.


What do you think ?


Code snippet follows (call it instead of SPF_CHECK in milter-greylist.c):
===
int spf_wildcard_filter(sa, salen, helo, fromp)
         struct sockaddr *sa;
         socklen_t salen;
         char *helo;
         char *fromp;
{
int result=SPF_CHECK(sa,salen,helo,fromp);

// Negative results are reported immidiately
if(result!=EXF_SPF) return(result);

// FIXME: it would be nice to support IPv6 here
if(sa->sa_family!=AF_INET) return(result);

// FIXME: Bogus addresses should be generated by rand()
// or set in config file (probably better)
// For now I just hard-code two "suffucuently bogus" addresses here
struct sockaddr_in fakeaddr;
fakeaddr.sin_family=AF_INET;
fakeaddr.sin_port=25;

// If bogus address is not allowed, we trust this domain
inet_aton("250.19.0.16",&(fakeaddr.sin_addr));
if(SPF_CHECK(&fakeaddr,salen,helo,fromp)!=EXF_SPF) return(result);
inet_aton("127.210.140.17",&(fakeaddr.sin_addr));
if(SPF_CHECK(&fakeaddr,salen,helo,fromp)!=EXF_SPF) return(result);

// It's a spammer - ignore SPF check result
mg_log(LOG_INFO,"SPF fake/wildcard policy detected");
return(EXF_NONE);
}
===

---
Sincerely yours,
Sergey Kogan