Milter-greylist

No reply. No opinon?

Emmanuel Dreyfus <manu@...> wrote:

> Bruncsak, Attila <attila.bruncsak@...> wrote:
> 
> > I do not see any bug.
> 
> I tracked it down to this minimal example:
> 
> racl blacklist rcpt archibald.haddock@... msg "blacklisted"
> racl whitelist auth /.*/ report "Authenticated sender"
> racl whitelist default
> 
> Sending as an authenticated user, I get the following result:
> archibald.haddock@... -> blacklisted, as expected
> emmanuel.dreyfus@... -> accepted
> 
> Now if I start sending with an accepted user first:
> emmanuel.dreyfus@... -> accepted
> archibald.haddock@... -> wrongly accepted
> 
> My understanding is that the offending code is at the begining of
> real_envrcpt():
>         
>         if ((priv->priv_sr.sr_whitelist & EXF_WHITELIST) &&
>             (priv->priv_sr.sr_whitelist &
>              (EXF_NONIP | EXF_AUTH | EXF_STARTTLS | EXF_SPF)))
>                 goto exit_accept;
> 
> That reuses the status from previous recipient. I made the change below,
> which avoids it based on a global configuration parameter, but I wonder
> if it makes sense to preserve the original behavior. Is it just a plain
> bug, or can it have some merit?
> 
> --- milter-greylist-4.5.1/milter-greylist.c 
> +++ milter-greylist-4.5.1p1/milter-greylist.c 
> @@ -638,8 +638,16 @@
>          */
>         prop_clear(priv, UP_CLEARPROP);
>  #endif
>  
> +       /*
> +        * If we re-evaluate racl for each recipient, forget
> +        * about previous decision.
> +        */
> +       if (conf.c_multiracl)
> +               priv->priv_sr.sr_whitelist &=
> +                    ~(EXF_WHITELIST|EXF_GREYLIST|EXF_BLACKLIST);
> +
>         if ((priv->priv_sr.sr_whitelist & EXF_WHITELIST) &&
>             (priv->priv_sr.sr_whitelist &
>              (EXF_NONIP | EXF_AUTH | EXF_STARTTLS | EXF_SPF)))
>                 goto exit_accept;


-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...