Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: [milter-greylist] Submitter DNS name resolution and forgery detection

2013-08-10 by Jim Klimov

On 2013-08-10 18:52, manu@... wrote:
> Jim Klimov <jimklimov@... <mailto:jimklimov%40cos.ru>> wrote:
>
>  > The updated patch also includes keywords unbracket and nounbracket
>  > to enable or disable this functionality via config-file.
>
> I am not sure I understand correctly: unbracket is the default and
> should do the current behavior, right? Why add a new option.

Basically, because a distro maintainer or you as the vanilla tarball
maker is free to pick the hardcoded default (retain current behavior
and leave bracketed IP-quads "as is", or use new behavior and try to
resolve these). Whichever the default is, the end-user has a keyword
to explicitly enable or disable this logic; latter mostly reserved
for cases of "thread-unsafe" DNS resolvers and somesuch.

> Anyway, I am not sure it is on purpose, but current behavior is
> inconditionnaly altered: if priv->priv_hostname[0] == '[' ) then it
> will get resolved

No, at least in the second version of the patch that I posted (which
introduces the tunable). If the hostname starts with the bracket, we
evaluate the tunable flag and debug-log either that we will resolve
the bad name or skip it (and in case of enabled debug, we do log
something of this either way). If the unbracketing is disabled, we
skip the routine and goto next logic. Yes, maybe this is how goto's
are deemed not stylish... but this was not the first one in codebase
so I thought it's okay ;)

> A note on style: milter-greylist never published coding style guidelines
> mandate no more than 80 char/line, and no spaces inside parenthesis.

I tried to adhere to this myself, but I guess a few lines slipped
past, mostly due to long strings or tabbing... as an important
factor: what indentation to the unpublished guidelines prefer?
4-space tabs? 8? Another? ;)

It may also be that this code should be broken into more separate
routines (as some classics put it, if the function is over 100 lines
or needs more than three tabs - split it!) but I am not quite ready
to undertake this here... except if to move the whole new code into
a function and only invoke it to verify the priv_hostname. Hmmm...
this would likely also let remove the unstylish goto's ;)

Would you require the style and/or structure changes like this
before accepting the patch?

Thanks,
//Jim

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.