Milter-greylist

Hi,  New to the list.  

Not having used a milter before, I could only get it to work with 
sendmail.cf, except the greylist part got trashed any time I updated 
sendmail.mc

After hours of searching, maybe in all the wrong places, I found the 
elusive answer that seems to be assumed.  Could this be added to the 
manual to save other people the same frustration?

For those of you who build your .cf from a .mc file with m4, you must 
define:

define(`_FFR_MILTER', `1')dnl. 

Then the mail filter can be defined as: 

INPUT_MAIL_FILTER(`greylist',
`S=local:/var/milter-greylist/milter-greylist.sock')dnl
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')dnl
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')dnl
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')dnl

I use sendmail 8.12.11 (RHEL3), and I just added:

------------
INPUT_MAIL_FILTER(`greylist',
`S=local:/var/milter-greylist/milter-greylist.sock')dnl
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')dnl
define(`confMILTER_MACROS_HELO', `{verify},
{cert_subject}')dnl
define(`confMILTER_MACROS_ENVFROM', `i,
{auth_authen}')dnl
------------

to sendmail.mc I copied this from one of the pages in
milter-greylist site.

i use other milters that require just one line using
INPUT_MAIL_FILTER (like clamav), i wonder if this
could be done with greylist-milter to simplify
sendmail.mc configuration.

javier

--- antispamz <antispamz@...> wrote:

> Hi,  New to the list.  
> 
> Not having used a milter before, I could only get it
> to work with 
> sendmail.cf, except the greylist part got trashed
> any time I updated 
> sendmail.mc
> 
> After hours of searching, maybe in all the wrong
> places, I found the 
> elusive answer that seems to be assumed.  Could this
> be added to the 
> manual to save other people the same frustration?
> 
> For those of you who build your .cf from a .mc file
> with m4, you must 
> define:
> 
> define(`_FFR_MILTER', `1')dnl. 
> 
> Then the mail filter can be defined as: 
> 
> INPUT_MAIL_FILTER(`greylist',
>
`S=local:/var/milter-greylist/milter-greylist.sock')dnl
> define(`confMILTER_MACROS_CONNECT', `j,
> {if_addr}')dnl
> define(`confMILTER_MACROS_HELO', `{verify},
> {cert_subject}')dnl
> define(`confMILTER_MACROS_ENVFROM', `i,
> {auth_authen}')dnl
> 
> 
> 
> 



		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail

Hi,

>>>>> On Sun, 05 Sep 2004 18:56:56 -0000
>>>>> "antispamz" <antispamz@...> said:

antispamz> For those of you who build your .cf from a .mc file with m4, you must 
antispamz> define:

antispamz> define(`_FFR_MILTER', `1')dnl. 

Then, your sendmail is too old.  You should consider upgrading your
sendmail to latest one.
_FFR means `for future release'.  Once MILTER was added as FFR, and
MILTER became standard in sendmail since 8.12.0.  During FFR period,
you need to set _FFR_* to enable that feature.

Sincerely,

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@...  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

javier wilson <axioma@...> wrote:

> i use other milters that require just one line using
> INPUT_MAIL_FILTER (like clamav), i wonder if this
> could be done with greylist-milter to simplify
> sendmail.mc configuration.

The other lines specify which sendmail macro should be made visible to
milter-greylist. If you remove them, you loose the queue id display in
the logs, the SMTP authentication, and other minor functionnality.

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...

Hi,

>>>>> On Sun, 5 Sep 2004 21:42:32 +0200
>>>>> manu@... said:

> i use other milters that require just one line using
> INPUT_MAIL_FILTER (like clamav), i wonder if this
> could be done with greylist-milter to simplify
> sendmail.mc configuration.

manu> The other lines specify which sendmail macro should be made visible to
manu> milter-greylist. If you remove them, you loose the queue id display in
manu> the logs, the SMTP authentication, and other minor functionnality.

I'm curious about this issue.  Because, I'm using multiple milters on
my server.

As far as I read cf/README, most of the macros which miter-greylist
explicitly requires are visible by default except {verify} of
confMILTER_MACROS_HELO.  So, I believe what we need to specify
explicitly is only confMILTER_MACROS_HELO like follows to avoid side
effect to other milters:

define(`confMILTER_MACROS_HELO', `{verify}, {tls_version}, {cipher},
{cipher_bits}, {cert_subject}, {cert_issuer}')

Correct me if I'm wrong.

Sincerely,

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@...  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

Hajimu UMEMOTO <ume@...> wrote:

> As far as I read cf/README, most of the macros which miter-greylist
> explicitly requires are visible by default except {verify} of
> confMILTER_MACROS_HELO.  So, I believe what we need to specify
> explicitly is only confMILTER_MACROS_HELO like follows to avoid side
> effect to other milters:
> 
> define(`confMILTER_MACROS_HELO', `{verify}, {tls_version}, {cipher},
> {cipher_bits}, {cert_subject}, {cert_issuer}')
> 
> Correct me if I'm wrong.

I think you're right. Note that you don't need verify if you don't use
SMTP authentication to whitelist the sender.

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...

At 01:28 PM 9.6.2004 +0900, Hajimu UMEMOTO wrote:
>
>Hi,
>
>>>>>> On Sun, 5 Sep 2004 21:42:32 +0200
>>>>>> manu@... said:
>
>> i use other milters that require just one line using
>> INPUT_MAIL_FILTER (like clamav), i wonder if this
>> could be done with greylist-milter to simplify
>> sendmail.mc configuration.
>
>manu> The other lines specify which sendmail macro should be made visible to
>manu> milter-greylist. If you remove them, you loose the queue id display in
>manu> the logs, the SMTP authentication, and other minor functionnality.
>
>I'm curious about this issue.  Because, I'm using multiple milters on
>my server.
>
>As far as I read cf/README, most of the macros which miter-greylist
>explicitly requires are visible by default except {verify} of
>confMILTER_MACROS_HELO.  So, I believe what we need to specify
>explicitly is only confMILTER_MACROS_HELO like follows to avoid side
>effect to other milters:
>
>define(`confMILTER_MACROS_HELO', `{verify}, {tls_version}, {cipher},
>{cipher_bits}, {cert_subject}, {cert_issuer}')
>
>Correct me if I'm wrong.
>
>Sincerely,
>
>--
>Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan

I found I had to comment out the use of milter-greylist macros because I
had errors with them. The Sendmail-8.12.11 seemed to have everything needed
for GL. I remember comparing them, but I had so much trouble trying
milter-sender with its own set of macros, I may be confused.

Don't the stipulation of specific macros modify/replace those in the
defaults if not the same ones??

Which reminds me: Emmanuel, have you thought any more about adding the
callback feature to GL....??
I've given up on milter-sender -- plus, it calls for another database not
installed -- that's just too much trouble and still may not work (for me).

Best regards,
Jack L. Stone,
Administrator

Sage American
http://www.sage-american.com
jacks@...

Jack L. Stone <jacks@...> wrote:

> Don't the stipulation of specific macros modify/replace those in the
> defaults if not the same ones??

No idea, I don't use macros, I use the kit Jussieu (excellent
sendmail.cf preprocessor, but the documentation is only in french)
 
> Which reminds me: Emmanuel, have you thought any more about adding the
> callback feature to GL....??
> I've given up on milter-sender -- plus, it calls for another database not
> installed -- that's just too much trouble and still may not work (for me).

I won't add it to milter-greylist, I'll do a new milter just for that
feature. There is no reason to bloat milter-greylist with a callback
function where you can do that in another milter.

But for now I'm busy with something completely different: Cisco VPN
support for racoon. 

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...

hi all 

i am using milter-greylist ver 1.5.6 
it seems that the senders address is cutting off
after 30 characters. so some rules 
defined in /etc/mail/greylist.conf didn't work

is there a bugfix or workaround 
to increase the string-length for 
example to 64 

best regards 
hans 

--

On Tue, Sep 07, 2004 at 02:18:49PM +0200, hans hm04 wrote:
> i am using milter-greylist ver 1.5.6 
> it seems that the senders address is cutting off
> after 30 characters. so some rules 
> defined in /etc/mail/greylist.conf didn't work

That's a known "feature".

> is there a bugfix or workaround to increase the string-length for 
> example to 64 

Change "ADDRLEN" in "dump.h" to 65 and rebuild.

	Kind regards

-- 
Matthias Scheler                                  http://scheler.de/~matthias/

On Tue, Sep 07, 2004 at 02:18:49PM +0200, hans hm04 wrote:
> i am using milter-greylist ver 1.5.6 
> it seems that the senders address is cutting off
> after 30 characters. so some rules 
> defined in /etc/mail/greylist.conf didn't work

You can use a regex.

> is there a bugfix or workaround 
> to increase the string-length for 
> example to 64 

Sure: bump ADDRLEN in dump.h and rebuild.

--
Emmanuel Dreyfus
manu@...

> > is there a bugfix or workaround 
> > to increase the string-length for 
> > example to 64 
> 
> Sure: bump ADDRLEN in dump.h and rebuild.


I'm a newbie here, but looking at the code it appears
that the printf statements (when dumping to
greylist.db) use a hardcoded "%32s", so you probably
should bump that also? I'm not sure whether the
import/reread code has similar issues.

--John


		
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail

jothev <jothev@...> wrote:

> I'm a newbie here, but looking at the code it appears
> that the printf statements (when dumping to
> greylist.db) use a hardcoded "%32s", so you probably
> should bump that also? I'm not sure whether the
> import/reread code has similar issues.

True, you need to bump this as well, else the dump reload won't work as
expected.

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...

Hello,

Dynamic memory allocation would be cleaner. No need to have 'magic numbers'
hardcoded.
In my greylist.conf there are 5477 subscriber at this moment, with average
address length 21 characters, max address length 43 chars. Memory
utilization would be better even counting the extra pointer spaces since
today I have to hardcode higher value (127) to be on the safe side.

Bests,
Attila

PS: I am still running in "test mode" in production. Did we arrived to a
conclusion on better naming?

-----Original Message-----
From: manu@... [mailto:manu@...]
Sent: mercredi, 8. septembre 2004 00:27
To: milter-greylist@yahoogroups.com
Subject: Re: [milter-greylist] cutting off sender-string


jothev <jothev@...> wrote:

> I'm a newbie here, but looking at the code it appears
> that the printf statements (when dumping to
> greylist.db) use a hardcoded "%32s", so you probably
> should bump that also? I'm not sure whether the
> import/reread code has similar issues.

True, you need to bump this as well, else the dump reload won't work as
expected.

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...



 
Yahoo! Groups Links

<attila.bruncsak@...> wrote:

> Dynamic memory allocation would be cleaner. No need to have 'magic numbers'
> hardcoded.

Yes, it's planned for some day. Feel free to submit a patch for it.
 
> PS: I am still running in "test mode" in production. Did we arrived to a
> conclusion on better naming?

Not yet. Any suggestion?

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...

hi 

thanks to all, who did response to my posting, 
especially to you emmanuel for milter-greylist.
it's really a great tool for preventing spam. 

i did made the following mods:

======================================================================
*** .dump.h_orig        Tue Sep  7 18:32:21 2004
--- dump.h      Wed Sep  8 19:32:04 2004
***************
*** 54,60 ****
  #endif
  
  #define DATELEN 40
! #define ADDRLEN       31
  #define IPADDRLEN sizeof("255.255.255.255")
  
  #include "milter-greylist.h"
--- 54,61 ----
  #endif
  
  #define DATELEN 40
! /* changed by mayer */ 
! #define ADDRLEN       63
  #define IPADDRLEN sizeof("255.255.255.255")
  
  #include "milter-greylist.h"
======================================================================
*** .autowhite.c_orig   Mon Aug  2 14:11:48 2004
--- autowhite.c Wed Sep  8 19:30:35 2004
***************
*** 275,281 ****
        struct tm tm;
  
        fprintf(stream, "\n\n#\n# Auto-whitelisted tuples\n#\n");
!       fprintf(stream, "# Sender IP    %32s    %32s    Expire\n",
            "Sender e-mail", "Recipient e-mail");
  
        AUTOWHITE_RDLOCK;
--- 275,281 ----
        struct tm tm;
  
        fprintf(stream, "\n\n#\n# Auto-whitelisted tuples\n#\n");
!       fprintf(stream, "# Sender IP    %64s    %64s    Expire\n",
            "Sender e-mail", "Recipient e-mail");
  
        AUTOWHITE_RDLOCK;
***************
*** 286,292 ****
                iptostring(aw->a_sa, aw->a_salen, textaddr, sizeof(textaddr));
  
                fprintf(stream, 
!                   "%s     %32s    %32s    %ld AUTO # %s\n",
                    textaddr, aw->a_from, aw->a_rcpt, 
                    (long)aw->a_tv.tv_sec, textdate);
  
--- 286,292 ----
                iptostring(aw->a_sa, aw->a_salen, textaddr, sizeof(textaddr));
  
                fprintf(stream, 
!                   "%s     %64s    %64s    %ld AUTO # %s\n",
                    textaddr, aw->a_from, aw->a_rcpt, 
                    (long)aw->a_tv.tv_sec, textdate);
======================================================================
*** .pending.c_orig     Tue Aug  3 23:56:07 2004
--- pending.c   Wed Sep  8 19:30:47 2004
***************
*** 341,347 ****
        struct tm tm;
  
        fprintf(stream, "\n\n#\n# greylisted tuples\n#\n");
!       fprintf(stream, "# Sender IP    %32s    %32s    Time accepted\n", 
            "Sender e-mail", "Recipient e-mail");
  
        PENDING_RDLOCK;
--- 341,347 ----
        struct tm tm;
  
        fprintf(stream, "\n\n#\n# greylisted tuples\n#\n");
!       fprintf(stream, "# Sender IP    %64s    %64s    Time accepted\n", 
            "Sender e-mail", "Recipient e-mail");
  
        PENDING_RDLOCK;
***************
*** 349,355 ****
                localtime_r((time_t *)&pending->p_tv.tv_sec, &tm);
                strftime(textdate, DATELEN, "%Y-%m-%d %T", &tm);
  
!               fprintf(stream, "%s     %32s    %32s    %ld # %s\n", 
                    pending->p_addr, pending->p_from, 
                    pending->p_rcpt, (long)pending->p_tv.tv_sec, textdate);
                
--- 349,355 ----
                localtime_r((time_t *)&pending->p_tv.tv_sec, &tm);
                strftime(textdate, DATELEN, "%Y-%m-%d %T", &tm);
  
!               fprintf(stream, "%s     %64s    %64s    %ld # %s\n", 
                    pending->p_addr, pending->p_from, 
                    pending->p_rcpt, (long)pending->p_tv.tv_sec, textdate);
======================================================================


i will post tomorrow the results.

best regards 
hans 

-- 

On Tue, Sep 07, 2004 at 03:20:02PM -0700, jothev wrote:
> 
> > > is there a bugfix or workaround 
> > > to increase the string-length for 
> > > example to 64 
> > 
> > Sure: bump ADDRLEN in dump.h and rebuild.
> 
> 
> I'm a newbie here, but looking at the code it appears
> that the printf statements (when dumping to
> greylist.db) use a hardcoded "%32s", so you probably
> should bump that also? I'm not sure whether the
> import/reread code has similar issues.
> 
> --John
> 
> 
> 		
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail - 50x more storage than other providers!
> http://promotions.yahoo.com/new_mail
> 
> 
> 
>  
> Yahoo! Groups Links
> 
> 
> 
>

hi emmanuel 

On Tue, Sep 07, 2004 at 02:40:23PM +0000, Emmanuel Dreyfus wrote:
> 
> You can use a regex.
> 

yes, i am using regex. 
but cutting off is on the right site of the address, not 
on the left. so my regex for example for /.*\.at/ 
didn't work, if the right 10 or 15 characters 
are missing. 

best regards 
hans 

--

On Wed, Sep 08, 2004 at 06:55:06AM +0200, manu@... wrote:
> <attila.bruncsak@...> wrote:
> 
> > Dynamic memory allocation would be cleaner. No need to have 'magic numbers'
> > hardcoded.
> 
> Yes, it's planned for some day. Feel free to submit a patch for it.

i don't wont to break down a discussion 
about memory allocation here. my opinion is, that
32 characters is a little bit less. 
names ( first + family ) in austria can have 15 
till 20 characters.  sometimes up to 25 
also domain-names can have up to 20 characters.

so, for me is a very good solution with 64 chars.
if there should be an email-address 
with more than 64 char - ok kismet. 
but this will fit in more than 99.99 % 


best regards 
hans 

--

hans hm04 <hm04.yer@...> wrote:

> so, for me is a very good solution with 64 chars.
> if there should be an email-address 
> with more than 64 char - ok kismet. 
> but this will fit in more than 99.99 %

The right way is to malloc the string, we should move forward to this
solution.

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...

On Wed, Sep 08, 2004 at 08:34:23PM +0200, hans hm04 wrote:
> ======================================================================
> *** .dump.h_orig        Tue Sep  7 18:32:21 2004
> --- dump.h      Wed Sep  8 19:32:04 2004
> ***************
> *** 54,60 ****
>   #endif
>   
>   #define DATELEN 40
> ! #define ADDRLEN       31
>   #define IPADDRLEN sizeof("255.255.255.255")
>   
>   #include "milter-greylist.h"
> --- 54,61 ----
>   #endif
>   
>   #define DATELEN 40
> ! /* changed by mayer */ 
> ! #define ADDRLEN       63

Either that should read 65 ...


>                 fprintf(stream, 
> !                   "%s     %64s    %64s    %ld AUTO # %s\n",
>                     textaddr, aw->a_from, aw->a_rcpt, 
>                     (long)aw->a_tv.tv_sec, textdate);
[...]
> !       fprintf(stream, "# Sender IP    %64s    %64s    Time accepted\n", 
>             "Sender e-mail", "Recipient e-mail");
[...]
> !               fprintf(stream, "%s     %64s    %64s    %ld # %s\n", 
>                     pending->p_addr, pending->p_from, 
>                     pending->p_rcpt, (long)pending->p_tv.tv_sec, textdate);

... or these should read "%62s".

	Kind regards

-- 
Matthias Scheler                                  http://scheler.de/~matthias/

hi matthias 

i agree, if the string has 64 char, then the buffer 
should have + 1 for the (char)0 
but then the original source would be wrong too. 
ADDRLEN was 31 and printf has %32s 
i did only multiply by 2 in an analog way. 

but maybe the idea was an other. i did really not 
look around at the source code. i am sure emmanuel can 
give the answer. 
and the original greylist.db file has 31 long
char-strings, for those, which are cut off. 
and therefor a %32s-printf would be o.k. 

but thanks for advice. 

best regards 
hans 

-- 

On Thu, Sep 09, 2004 at 08:42:47AM +0200, Matthias Scheler wrote:
> > ! #define ADDRLEN       63
> 
> Either that should read 65 ...
> 
> > !               fprintf(stream, "%s     %64s    %64s    %ld # %s\n", 
> ... or these should read "%62s".
> 
> 	Kind regards
> 
> -- 
> Matthias Scheler                                  http://scheler.de/~matthias/
> 
> 
> 
>  
> Yahoo! Groups Links
> 
> 
> 
>

hi 

i did say, i will give an answer about the result.
i can say, it's great. there are several email-addresses
between 35 and 40 chars long. all those problems, also
with regex, are solved for me now. 


On Wed, Sep 08, 2004 at 09:04:50PM +0200, manu@... wrote:
> 
> The right way is to malloc the string, we should move forward to this
> solution.

hi Emmanuel 

thats right. no veto. but befor investigating much time, give you 
a kick for the next minor-release and multiply those 
values by about 2. 

best regards 
hans

--- In milter-greylist@yahoogroups.com, hans hm04 <hm04.yer@m...> wrote:
> 
> hi 
> 
> i did say, i will give an answer about the result.
> i can say, it's great. there are several email-addresses
> between 35 and 40 chars long. all those problems, also
> with regex, are solved for me now. 
> 
> 
> On Wed, Sep 08, 2004 at 09:04:50PM +0200, manu@n... wrote:
> > 
> > The right way is to malloc the string, we should move forward to this
> > solution.
> 
> hi Emmanuel 
> 
> thats right. no veto. but befor investigating much time, give you 
> a kick for the next minor-release and multiply those 
> values by about 2. 

 an other solution for the next minor release, is to keep long strings
for from/to field before regex matching (mlfi_envfrom, mlfi_envrcpt,
strip blanks) in milter-greylist.c

 just after, strings can be truncated to a small ADDRLEN (chances are
low that collisons be harmfull) and the remainig code left untouch

 its a very small modification with no risk of breaking what already works

 hashing (md5) could be used instead of truncating to definitively
prevent collisions, keeping fixed length allocations (see my other
post) ... but it more than a minor release

 LF.

--
Laurent FACQ - Réseau REAUMUR / Bordeaux

Hi,

>>>>> On Wed, 8 Sep 2004 21:04:50 +0200
>>>>> manu@... said:

manu> hans hm04 <hm04.yer@...> wrote:

> so, for me is a very good solution with 64 chars.
> if there should be an email-address 
> with more than 64 char - ok kismet. 
> but this will fit in more than 99.99 %

manu> The right way is to malloc the string, we should move forward to this
manu> solution.

How about this patch?  It allocates a memory for a sender address and
a recipient address for autowhite, except and pending lists.  Instead,
ADDRLEN is enlarged to 127 to handle input string well, and to guard
against very large address in milter-greylist.c, conf_yacc.y and
dump_yacc.y.

Index: autowhite.c
diff -u -p autowhite.c.orig autowhite.c
--- autowhite.c.orig	Mon Aug  2 21:11:48 2004
+++ autowhite.c	Mon Sep 13 02:57:58 2004
@@ -138,8 +138,8 @@ autowhite_add(sa, salen, from, rcpt, dat
 		 */
 		if (ip_equal(sa, aw->a_sa) &&
 		    ((conf.c_lazyaw == 1) ||
-		    ((strncasecmp(from, aw->a_from, ADDRLEN) == 0) &&
-		    (strncasecmp(rcpt, aw->a_rcpt, ADDRLEN) == 0)))) {
+		    ((strcasecmp(from, aw->a_from) == 0) &&
+		    (strcasecmp(rcpt, aw->a_rcpt) == 0)))) {
 			timeradd(&now, &delay, &aw->a_tv);
 
 			dirty++;
@@ -241,8 +241,8 @@ autowhite_check(sa, salen, from, rcpt, q
 		}
 		if (ip_match(sa, aw->a_sa, mask) &&
 		    ((conf.c_lazyaw == 1) ||
-		    ((strncasecmp(from, aw->a_from, ADDRLEN) == 0) &&
-		    (strncasecmp(rcpt, aw->a_rcpt, ADDRLEN) == 0)))) {
+		    ((strcasecmp(from, aw->a_from) == 0) &&
+		    (strcasecmp(rcpt, aw->a_rcpt) == 0)))) {
 			timeradd(&now, &delay, &aw->a_tv);
 
 			dirty++;
@@ -275,7 +275,7 @@ autowhite_textdump(stream)
 	struct tm tm;
 
 	fprintf(stream, "\n\n#\n# Auto-whitelisted tuples\n#\n");
-	fprintf(stream, "# Sender IP    %32s    %32s    Expire\n",
+	fprintf(stream, "# Sender IP\t%s\t%s\tExpire\n",
 	    "Sender e-mail", "Recipient e-mail");
 
 	AUTOWHITE_RDLOCK;
@@ -286,7 +286,7 @@ autowhite_textdump(stream)
 		iptostring(aw->a_sa, aw->a_salen, textaddr, sizeof(textaddr));
 
 		fprintf(stream, 
-		    "%s     %32s    %32s    %ld AUTO # %s\n",
+		    "%s\t%s\t%s\t%ld AUTO # %s\n",
 		    textaddr, aw->a_from, aw->a_rcpt, 
 		    (long)aw->a_tv.tv_sec, textdate);
 
@@ -320,17 +320,15 @@ autowhite_get(sa, salen, from, rcpt, dat
 
 	bzero((void *)aw, sizeof(*aw));
 
-	if ((aw->a_sa = malloc(salen)) == NULL) {
+	if ((aw->a_sa = malloc(salen)) == NULL ||
+	    (aw->a_from = strdup(from)) == NULL ||
+	    (aw->a_rcpt = strdup(rcpt)) == NULL) {
 		syslog(LOG_ERR, "malloc failed: %s", strerror(errno));
 		exit(EX_OSERR);
 	}
 
 	memcpy(aw->a_sa, sa, salen);
 	aw->a_salen = salen;
-	strncpy(aw->a_from, from, ADDRLEN);
-	aw->a_from[ADDRLEN] = '\0';
-	strncpy(aw->a_rcpt, rcpt, ADDRLEN);
-	aw->a_rcpt[ADDRLEN] = '\0';
 
 	if (date == NULL)
 		timeradd(&now, &delay, &aw->a_tv);
@@ -348,6 +346,8 @@ autowhite_put(aw)	/* autowhite list must
 {
 	TAILQ_REMOVE(&autowhite_head, aw, a_list);	
 	free(aw->a_sa);
+	free(aw->a_from);
+	free(aw->a_rcpt);
 	free(aw);
 
 	return;
Index: autowhite.h
diff -u autowhite.h.orig autowhite.h
--- autowhite.h.orig	Sun Aug  1 18:27:03 2004
+++ autowhite.h	Sun Sep 12 23:36:05 2004
@@ -47,8 +47,8 @@
 struct autowhite {
 	struct sockaddr *a_sa;
 	socklen_t a_salen;
-	char a_from[ADDRLEN + 1];
-	char a_rcpt[ADDRLEN + 1];
+	char *a_from;
+	char *a_rcpt;
 	struct timeval a_tv;
 	TAILQ_ENTRY(autowhite) a_list;
 };
Index: dump.h
diff -u dump.h.orig dump.h
--- dump.h.orig	Tue Jun  8 23:47:47 2004
+++ dump.h	Mon Sep 13 03:00:18 2004
@@ -54,7 +54,7 @@
 #endif
 
 #define DATELEN 40
-#define ADDRLEN	31
+#define ADDRLEN	127
 #define IPADDRLEN sizeof("255.255.255.255")
 
 #include "milter-greylist.h"
Index: except.c
diff -u -p except.c.orig except.c
--- except.c.orig	Tue Aug 10 05:29:08 2004
+++ except.c	Mon Sep 13 02:50:12 2004
@@ -167,14 +167,13 @@ except_add_from(email)	/* exceptlist mus
 {
 	struct except *except;
 
-	if ((except = malloc(sizeof(*except))) == NULL) {
+	if ((except = malloc(sizeof(*except))) == NULL ||
+	    (except->e_from = strdup(email)) == NULL) {
 		syslog(LOG_ERR, "except malloc failed: %s", strerror(errno));
 		exit(EX_OSERR);
 	}
 		
 	except->e_type = E_FROM;
-	strncpy(except->e_from, email, ADDRLEN);
-	except->e_from[ADDRLEN] = '\0';
 	LIST_INSERT_HEAD(&except_head, except, e_list);
 
 	if (conf.c_debug)
@@ -189,14 +188,13 @@ except_add_rcpt(email)	/* exceptlist mus
 {
 	struct except *except;
 
-	if ((except = malloc(sizeof(*except))) == NULL) {
+	if ((except = malloc(sizeof(*except))) == NULL ||
+	    (except->e_rcpt = strdup(email)) == NULL) {
 		syslog(LOG_ERR, "except malloc failed: %s", strerror(errno));
 		exit(EX_OSERR);
 	}
 		
 	except->e_type = E_RCPT;
-	strncpy(except->e_rcpt, email, ADDRLEN);
-	except->e_rcpt[ADDRLEN] = '\0';
 	LIST_INSERT_HEAD(&except_head, except, e_list);
 
 	if (conf.c_debug)
@@ -211,14 +209,13 @@ except_add_domain(domain)	/* exceptlist 
 {
 	struct except *except;
 
-	if ((except = malloc(sizeof(*except))) == NULL) {
+	if ((except = malloc(sizeof(*except))) == NULL ||
+	    (except->e_domain = strdup(domain)) == NULL) {
 		syslog(LOG_ERR, "except malloc failed: %s", strerror(errno));
 		exit(EX_OSERR);
 	}
 		
 	except->e_type = E_DOMAIN;
-	strncpy(except->e_domain, domain, ADDRLEN);
-	except->e_domain[ADDRLEN] = '\0';
 	LIST_INSERT_HEAD(&except_head, except, e_list);
 
 	if (conf.c_debug)
@@ -498,7 +495,7 @@ emailcmp(big, little)
 		if (tolower(big[0]) != tolower(little[0]))
 			big++;
 
-		for (i = 0; big[0] && little[i] && (i < ADDRLEN); i++) {
+		for (i = 0; big[0] && little[i]; i++) {
 			if (tolower(big[0]) != tolower(little[i]))
 				break;
 			big++;
@@ -519,20 +516,30 @@ except_clear(void) {	/* exceptlist must 
 		except = LIST_FIRST(&except_head);
 		LIST_REMOVE(except, e_list);
 
-		if (except->e_type == E_NETBLOCK) {
+		switch (except->e_type) {
+		case E_NETBLOCK:
 			free(except->e_addr);
 			free(except->e_mask);
-		}
-
-		if (except->e_type == E_FROM_RE)
+			break;
+		case E_FROM:
+			free(except->e_from);
+			break;
+		case E_RCPT:
+			free(except->e_rcpt);
+			break;
+		case E_DOMAIN:
+			free(except->e_domain);
+			break;
+		case E_FROM_RE:
 			regfree(&except->e_from_re);
-
-		if (except->e_type == E_RCPT_RE)
+			break;
+		case E_RCPT_RE:
 			regfree(&except->e_rcpt_re);
-
-		if (except->e_type == E_DOMAIN_RE)
+			break;
+		case E_DOMAIN_RE:
 			regfree(&except->e_domain_re);
-
+			break;
+		}
 		free(except);
 	}
 
Index: except.h
diff -u except.h.orig except.h
--- except.h.orig	Mon Aug  2 21:11:48 2004
+++ except.h	Mon Sep 13 02:39:04 2004
@@ -85,9 +85,9 @@
 			socklen_t nb_addrlen;
 			ipaddr *nb_mask;
 		} d_netblock;
-		char d_from[ADDRLEN + 1];
-		char d_rcpt[ADDRLEN + 1];
-		char d_domain[ADDRLEN + 1];
+		char *d_from;
+		char *d_rcpt;
+		char *d_domain;
 		regex_t d_from_re;
 		regex_t d_rcpt_re;
 		regex_t d_domain_re;
Index: pending.c
diff -u -p pending.c.orig pending.c
--- pending.c.orig	Wed Aug  4 06:56:07 2004
+++ pending.c	Mon Sep 13 02:56:50 2004
@@ -134,10 +134,21 @@ pending_get(sa, salen, from, rcpt, date)
 		pending = NULL;
 		goto out;
 	}
-	strncpy(pending->p_from, from, ADDRLEN);
-	pending->p_from[ADDRLEN] = '\0';
-	strncpy(pending->p_rcpt, rcpt, ADDRLEN);
-	pending->p_rcpt[ADDRLEN] = '\0';
+	if ((pending->p_from = strdup(from)) == NULL) {
+		free(pending->p_addr);
+		free(pending->p_sa);
+		free(pending);
+		pending = NULL;
+		goto out;
+	}
+	if ((pending->p_rcpt = strdup(rcpt)) == NULL) {
+		free(pending->p_from);
+		free(pending->p_addr);
+		free(pending->p_sa);
+		free(pending);
+		pending = NULL;
+		goto out;
+	}
 
 	pending->p_refcnt = 1;
 
@@ -198,8 +209,8 @@ pending_del(sa, salen, from, rcpt, time)
 		 * Look for our entry.
 		 */
 		if ((strncmp(addr, pending->p_addr, sizeof(addr)) == 0) &&
-		    (strncmp(from, pending->p_from, ADDRLEN) == 0) &&
-		    (strncmp(rcpt, pending->p_rcpt, ADDRLEN) == 0) &&
+		    (strcmp(from, pending->p_from) == 0) &&
+		    (strcmp(rcpt, pending->p_rcpt) == 0) &&
 		    (pending->p_tv.tv_sec == time)) {
 			pending_put(pending);
 			break;
@@ -287,8 +298,8 @@ pending_check(sa, salen, from, rcpt, rem
 #endif
 		}
 		if (ip_match(sa, pending->p_sa, mask) &&
-		    (strncmp(from, pending->p_from, ADDRLEN) == 0) &&
-		    (strncmp(rcpt, pending->p_rcpt, ADDRLEN) == 0)) {
+		    (strcmp(from, pending->p_from) == 0) &&
+		    (strcmp(rcpt, pending->p_rcpt) == 0)) {
 			rest = accepted - now;
 
 			if (rest < 0) {
@@ -341,7 +352,7 @@ pending_textdump(stream)
 	struct tm tm;
 
 	fprintf(stream, "\n\n#\n# greylisted tuples\n#\n");
-	fprintf(stream, "# Sender IP	%32s	%32s	Time accepted\n", 
+	fprintf(stream, "# Sender IP\t%s\t%s\tTime accepted\n", 
 	    "Sender e-mail", "Recipient e-mail");
 
 	PENDING_RDLOCK;
@@ -349,7 +360,7 @@ pending_textdump(stream)
 		localtime_r((time_t *)&pending->p_tv.tv_sec, &tm);
 		strftime(textdate, DATELEN, "%Y-%m-%d %T", &tm);
 
-		fprintf(stream, "%s	%32s	%32s	%ld # %s\n", 
+		fprintf(stream, "%s\t%s\t%s\t%ld # %s\n", 
 		    pending->p_addr, pending->p_from, 
 		    pending->p_rcpt, (long)pending->p_tv.tv_sec, textdate);
 		
@@ -383,6 +394,8 @@ pending_free(pending)
 	UNLOCK(refcnt_lock);
 	free(pending->p_sa);
 	free(pending->p_addr);
+	free(pending->p_from);
+	free(pending->p_rcpt);
 	free(pending);
 }
 
Index: pending.h
diff -u pending.h.orig pending.h
--- pending.h.orig	Mon Aug  2 21:11:48 2004
+++ pending.h	Mon Sep 13 02:51:36 2004
@@ -65,8 +65,8 @@
 	char *p_addr;
 	struct sockaddr *p_sa;
 	socklen_t p_salen;
-	char p_from[ADDRLEN + 1];
-	char p_rcpt[ADDRLEN + 1];
+	char *p_from;
+	char *p_rcpt;
 	struct timeval p_tv;
 	int p_refcnt;
 	TAILQ_ENTRY(pending) p_list;

Sincerely,

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@...  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

Hajimu UMEMOTO <ume@...> wrote:

> How about this patch?  It allocates a memory for a sender address and
> a recipient address for autowhite, except and pending lists.  Instead,
> ADDRLEN is enlarged to 127 to handle input string well, and to guard
> against very large address in milter-greylist.c, conf_yacc.y and
> dump_yacc.y.

Instead of 127, what about using the maximum limits here? RFC 821
suggests 64 chars for mailbox and 64 chars for domain name. Plus the '@'
and optionnal quotes around the mailbox, that makes 131. Was it
obsoleted by a newer RFC? I recall a limit of 1024 on the domain name,
but I can't find updated documentation. 
  
> --- pending.c.orig    Wed Aug  4 06:56:07 2004
> +++ pending.c Mon Sep 13 02:56:50 2004
> @@ -134,10 +134,21 @@ pending_get(sa, salen, from, rcpt, date)
>               pending = NULL;
>               goto out;
>       }
> -     strncpy(pending->p_from, from, ADDRLEN);
> -     pending->p_from[ADDRLEN] = '\0';
> -     strncpy(pending->p_rcpt, rcpt, ADDRLEN);
> -     pending->p_rcpt[ADDRLEN] = '\0';
> +     if ((pending->p_from = strdup(from)) == NULL) {
> +             free(pending->p_addr);
> +             free(pending->p_sa);
> +             free(pending);
> +             pending = NULL;
> +             goto out;
> +     }
> +     if ((pending->p_rcpt = strdup(rcpt)) == NULL) {
> +             free(pending->p_from);
> +             free(pending->p_addr);
> +             free(pending->p_sa);
> +             free(pending);
> +             pending = NULL;
> +             goto out;
> +     }

Is there any reason for not sipply panic (ie: display an error and exit)
here?

Otherwise, looks great.

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...

Hi,

>>>>> On Mon, 13 Sep 2004 00:11:49 +0200
>>>>> manu@... said:

> How about this patch?  It allocates a memory for a sender address and
> a recipient address for autowhite, except and pending lists.  Instead,
> ADDRLEN is enlarged to 127 to handle input string well, and to guard
> against very large address in milter-greylist.c, conf_yacc.y and
> dump_yacc.y.

manu> Instead of 127, what about using the maximum limits here? RFC 821
manu> suggests 64 chars for mailbox and 64 chars for domain name. Plus the '@'
manu> and optionnal quotes around the mailbox, that makes 131. Was it
manu> obsoleted by a newer RFC? I recall a limit of 1024 on the domain name,
manu> but I can't find updated documentation. 

Yes, it is better to use the maximum limits instead of 127.  However,
I'm not sure the value is.
  
> --- pending.c.orig    Wed Aug  4 06:56:07 2004
> +++ pending.c Mon Sep 13 02:56:50 2004
> @@ -134,10 +134,21 @@ pending_get(sa, salen, from, rcpt, date)
>               pending = NULL;
>               goto out;
>       }
> -     strncpy(pending->p_from, from, ADDRLEN);
> -     pending->p_from[ADDRLEN] = '\0';
> -     strncpy(pending->p_rcpt, rcpt, ADDRLEN);
> -     pending->p_rcpt[ADDRLEN] = '\0';
> +     if ((pending->p_from = strdup(from)) == NULL) {
> +             free(pending->p_addr);
> +             free(pending->p_sa);
> +             free(pending);
> +             pending = NULL;
> +             goto out;
> +     }
> +     if ((pending->p_rcpt = strdup(rcpt)) == NULL) {
> +             free(pending->p_from);
> +             free(pending->p_addr);
> +             free(pending->p_sa);
> +             free(pending);
> +             pending = NULL;
> +             goto out;
> +     }

manu> Is there any reason for not sipply panic (ie: display an error and exit)
manu> here?

Because, error handling against malloc() in pending_get() is written
so.

Sincerely,

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@...  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

Hajimu UMEMOTO <ume@...> wrote:

> manu> Instead of 127, what about using the maximum limits here? RFC 821
> manu> suggests 64 chars for mailbox and 64 chars for domain name. Plus the '@'
> manu> and optionnal quotes around the mailbox, that makes 131. Was it
> manu> obsoleted by a newer RFC? I recall a limit of 1024 on the domain name,
> manu> but I can't find updated documentation. 
> 
> Yes, it is better to use the maximum limits instead of 127.  However,
> I'm not sure the value is.

What is the limit in sendmail?
   
> Because, error handling against malloc() in pending_get() is written
> so.

Sounds fine then. I'll commit that once we'll have found the maximum
length of an e-mail address.

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...

Hi,

>>>>> On Mon, 13 Sep 2004 07:32:22 +0200
>>>>> manu@... said:

manu> What is the limit in sendmail?

Though I don't check sendmail, I found the description in RFC 2821:

>   local-part
>      The maximum total length of a user name or other local-part is 64
>      characters.
>
>   domain
>      The maximum total length of a domain name or number is 255
>      characters.

So, it should be 64 + 255 + 1 (for @) + 2 (for < and >) = 322.

manu> Sounds fine then. I'll commit that once we'll have found the maximum
manu> length of an e-mail address.

Thanks!

Sincerely,

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@...  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

On Mon, Sep 13, 2004 at 04:15:46PM +0900, Hajimu UMEMOTO wrote:
> So, it should be 64 + 255 + 1 (for @) + 2 (for < and >) = 322.

I'd add 2 for possible double quotes. Does 324 seems fine to everyone?

-- 
Emmanuel Dreyfus
manu@...