InterCD 2000 December

home *** CD-ROM | disk | FTP | other *** search

/ InterCD 2000 December / december_2000.iso / Intercd / root / Mail / ^MailShield / setup.exe / data1.cab / Default_Rule_Files / data.mml < prev next >

Wrap

Text File | 2000-10-18 | 16.3 KB | 456 lines

############################################################################## # data.mml # # MailShield script that is run after the SMTP DATA command ends # At this point, we have everything we need to decide whether to allow # or reject the message. The sender is expect either an OK or a refusal # at this point. # ############################################################################## # check to see if we should canonize the From: and Reply-To: addresses. if (scalar(@canonize) > 0) { # canonize the From header, if one exists in this message if (index(lc(&HeaderGet("from")), @canonize) > -1) { &HeaderSet("From", &Canonize(&HeaderGet("from"))); $canonized = 1; }; # canonize the Reply-To header, if one exists in this message if (index(lc(&HeaderGet("reply-to")), @canonize) > -1) { &HeaderSet("Reply-To", &Canonize(&HeaderGet("reply-to"))); $canonized = 1; }; # commit the changed header if ($canonized == 1) { $Header = &HeaderBuild; &CommitHeader; }; }; ############################################################################## # If an email address has been designated to receive BCC copies of all incoming # mail, then send it now. if (length($bcc_all_backup) > 0) { &SendBccNow($bcc_backup, "", ""); }; ############################################################################# # (optional) Append SMTP transfer info, which normally would not be # visible by the message recipient. Useful for later changing the rules. # You can append headers as shown below. Be sure to call &CommitHeader; # after any changes with the &Header... calls to commit your changes. if ($append_smtp_info) { $Header .= "\nX-SMTP-HELO: ".$SmtpHelo. "\nX-SMTP-MAIL-FROM: ".$SmtpMailFrom. "\nX-SMTP-RCPT-TO: ".join(",", @SmtpRcptTo). "\nX-SMTP-PEER-INFO: ".$PeerHostname." [".$PeerTcpip."]"; &CommitHeader; }; ############################################################################## # check for text in the To: header that we always accept mail for if (scalar(@ok_to) > 0) { if (regindex(lc(&HeaderGet("to")), @ok_to) > -1) { $accept = TRUE; }; }; ############################################################################## # If MailShield mail merge support is enabled, check for the merge code, and # if it is present, BCC this message to all its recipients, performing mail # merging while sending. Then set the response message, and refuse/exit so # that no further processing of this message occurs. if ($enable_mail_merge) { if (index(@Data, "<!-- merge") > -1) { $response = &BccWithMailMerge ( $SmtpMailFrom, @Data, @SmtpRcptTo, $smtp_server); &LogMessage($response." (mail merge enabled message detected)"); &Message($response); &Refuse; exit; }; }; ############################################################################## # If this host has been accepted for relaying in begin.mml, the perform no more tests if ($accept) { exit; }; ## ## Message header tests ## ############################################################################## # Sleep for a number of seconds if we have been instructed to tarpit this connection. if ($tarpit) { sleep($tarpit_delay); }; ############################################################################## # check to see if a From: address is missing if ($reject_no_from) { if ((!&HeaderExists("from")) || (length(&ExtractEmailAddress(&HeaderGet("from"))) == 0)) { $smtp_message = "550 Body From: is missing or empty"; $log_message = "550 Body From: is missing or empty"; &DefaultRejection; }; }; ############################################################################## # check to see if a banned X-Mailer header if (scalar(@banned_xmailer) > 0) { if (&HeaderExists("x-mailer")) { if (regindex(lc(&HeaderGet("x-mailer")), @banned_xmailer) > -1) { $smtp_message = "550 Mail refused"; $log_message = "550 Banned X-Mailer: text was found: '".$match."'"; &DefaultRejection; }; }; }; ############################################################################## # check to see if a Subject: address is missing if ($reject_no_subject) { if (!&HeaderExists("subject")) { $smtp_message = "550 Body Subject: is missing or empty"; $log_message = "550 Body Subject: is missing or empty"; &DefaultRejection; }; }; ############################################################################## # check to see if a Date: header is missing if ($reject_no_date) { if (!&HeaderExists("date")) { $smtp_message = "550 Body Date: is missing or empty"; $log_message = "550 Body Date: is missing or empty"; &DefaultRejection; }; }; ############################################################################## # check to see if a To: address is missing if ($reject_no_to) { if (!&HeaderExists("to")) { $smtp_message = "550 Body To: is missing or empty"; $log_message = "550 Body To: is missing or empty"; &DefaultRejection; }; }; ############################################################################## # check to see if this From: address has been banned if (regindex(lc(&HeaderGet("from")), @banned_from) > -1) { $smtp_message = "550 Body From: is invalid"; $log_message = "550 Body From: of '".&HeaderGet("from")."' is not allowed / matched ".$match; &DefaultRejection; }; ############################################################################## # check to make sure that the From: address appears to be in a valid syntax, # that it have a domain name, and that the domain name is valid. if ($reject_invalid_from) { if (!&EmailAddressValid( &HeaderGet("from") )) { $smtp_message = "550 Your Body From: is invalid"; $log_message = "550 Body From: of ".&HeaderGet("from")." is not valid"; &DefaultRejection; }; }; ############################################################################## # check to make sure that the To: address appears to be in a valid syntax, # that it have a domain name, and that the domain name is valid. if ($reject_invalid_to) { if (!&EmailAddressValid( &HeaderGet("to") )) { $smtp_message = "550 Your Body To: is invalid"; $log_message = "550 Body To: of ".&HeaderGet("to")." is not valid"; &DefaultRejection; }; }; ############################################################################## # Check to see if any banned text appears anywhere in the header. if (scalar(@banned_header) > 0) { if (regindex(lc($Header), @banned_header) > -1) { $smtp_message = "550 Mail refused"; $log_message = "550 Banned text appeared in header: '".$match."'"; &DefaultRejection; }; }; ############################################################################## # Check for maximum size of message if ($DataBytes > $max_message_size) { $smtp_message = "550 Message too large"; $log_message = "550 Maximum body size of ".$max_message_size." bytes exceeded"; &DefaultRejection; }; ############################################################################## # Check for maximum number of message lines if ($DataLines > $max_message_lines) { $smtp_message = "550 Message too long"; $log_message = "550 Maximum body line count of ".$max_message_lines." exceeded"; &DefaultRejection; }; ############################################################################## # Check for maximum Received: HELO text line size if ($max_recv > 0) { @array_helo = &extract(/from [^ ]*/, &HeaderGetAll("received")); if (&LongestLengthInArray(@array_helo) > ($max_recv + 5)) { $smtp_message = "550 Message rejected"; $log_message = "550 Maximum Received header line size of ".$max_recv." characters exceeded, found text: ".$match; &DefaultRejection; }; }; ############################################################################## # Check for HELO field tampering, by looking for ()[] in the "Received: from 'hostname'" if ($helo_tampering) { @array_helo = &extract(/from [^ ]*/, &HeaderGetAll("received")); push (@to_find, "("); push (@to_find, ")"); push (@to_find, "["); push (@to_find, "]"); if (regindex(@array_helo, @to_find) > -1) { $smtp_message = "550 Message rejected"; $log_message = "550 HELO field tampering detected, found ".$match." in 'Received: from ...' HELO field" ; &DefaultRejection; }; }; ############################################################################## # Check for banned text in the filenames of MIME attachments if (scalar(@banned_attachment_filenames) > 0) { @mime_array = &HeaderMimeGetAllArray; @array_files = &extract(/name="?[^"]+"?/, join("\n", @mime_array)); if (regindexlc(@array_files, @banned_attachment_filenames) > -1) { $smtp_message = "550 Message rejected"; $log_message = "550 Banned filename text of ".$match." found"; &DefaultRejection; }; }; ############################################################################## # Check for maximum length of filenames in MIME attachments if ($max_attachment_filename_length > 0) { @mime_array = &HeaderMimeGetAllArray; @array_files = &extract(/filename="[^"]*"/, join("\n", @mime_array)); if (&LongestLengthInArray(@array_files) > ($max_attachment_filename_length + 11)) { $smtp_message = "550 Message rejected"; $log_message = "550 Maximum filename attachment size of ".$max_attachment_filename_length." reached for: ".$match; &DefaultRejection; }; }; ############################################################################## # Check for maximum number of recipients in the TO: CC: and BCC: headers if (&CountRecipients > $max_recipients) { $smtp_message = "550 Message has too many recipients"; $log_message = "550 Maximum recipient count of ".$max_recipients." exceeded, counted ".&CountRecipients." recipients in this message"; &DefaultRejection; }; ############################################################################## # Check for forged date header if ($reject_forged_date_header) { push(@forged_date_headers, "-0600 (EST)"); if (index(&HeaderGet("date"), @forged_date_headers) > -1) { $smtp_message = "550 Mail refused"; $log_message = "550 Forged Date: header text was detected: '".$match."'"; &DefaultRejection; }; }; ############################################################################## # Check for forged message id if ($reject_forged_message_id_header) { push(@forged_messageid_headers, "AAA000000.00000"); push(@forged_messageid_headers, "Mach10"); if (index(&HeaderGet("message-id"), @forged_messageid_headers) > -1) { $smtp_message = "550 Mail refused"; $log_message = "550 Forged Message-Id: header text was detected: '".$match."'"; &DefaultRejection; }; push(@forged_messageid_regep, "RAF[0-9]+\.[0-9]+_[0-9]+"); push(@forged_messageid_regep, ".*>.*>"); if (&HeaderGet("message-id") =~ @forged_messageid_regep) { $smtp_message = "550 Mail refused"; $log_message = "550 Forged Message-Id: header text was detected: '".$match."'"; &DefaultRejection; }; }; ############################################################################## # Check for unwanted Subject text if (scalar(@banned_subject) > 0) { if (regindex(lc(&HeaderGet("subject")), @banned_subject) > -1) { $smtp_message = "550 Mail refused"; $log_message = "550 Banned Subject: text was found: '".$match."'"; &DefaultRejection; }; }; ############################################################################## # Check for unwanted Subject prefix if (scalar(@banned_subject_prefix) > 0) { if (regindex(lc(&HeaderGet("subject")), @banned_subject_prefix) == 0) { $smtp_message = "550 Mail refused"; $log_message = "550 Banned Subject: prefix was found: '".$match."'"; &DefaultRejection; }; }; ############################################################################## # Check for unwanted To: text if (scalar(@banned_to) > 0) { if (regindex(lc(&HeaderGet("to")), @banned_to) > -1) { $smtp_message = "550 Mail refused"; $log_message = "550 Banned To: text was found: '".$match."'"; &DefaultRejection; }; }; ############################################################################## # Check for unwanted Received: text if (scalar(@banned_recv) > 0) { @received = &HeaderGetArray("received"); lc(@received); if (regindex(@received, @banned_recv) > -1) { $smtp_message = "550 Mail refused"; $log_message = "550 Banned Received: text was found: '".$match."'"; &DefaultRejection; }; }; ## ## Message body tests ## ############################################################################## # check to see if any banned text appears anywhere (header or body) if ($DataBytes < $large_passthrough) { if (scalar(@banned_text) > 0) { if (regindexlc(@Data, @banned_text) > -1) { $smtp_message = "550 Mail refused"; $log_message = "550 Banned text appeared in header or body: '".$match."'"; &DefaultRejection; }; }; }; ## ## Final processing of this message ## ############################################################################## # Check if this message should be sent to a backup, rather than rejected if ($send_to_backup) { &SendMessageToBackup; $send_to_backup = FALSE; }; # optional steps follow, move them before the "final processing" step if # you want to use them ############################################################################# # Modify the entire message as lines # # The @Data array holds every line in the message. You can change this as # you see fit. Any changes you make to this array will be reflected in the # message that MailShield delivers #@Data =~ s/shelby.com/tile.net/; #&CommitData; ############################################################################# # Modify the header # # You can modify the header of the message by either appending the $Header # variable and then calling &CommitHeaderText; or by calls to HeaderSet, # HeaderAppend and HeaderDeleteKey followed by a call to &CommitHeaderCalls # to save the changes made by those function calls. #$Header .= "\nX-Test: test test"; #&CommitHeaderText; #&HeaderAppend("X-Local-Comment", "Received by MailShield"); #&CommitHeaderCalls; ############################################################################# # The print statement can be useful for debugging #print "Passed through data..."; ############################################################################# # Change the recipients # # The @SmtpRcptTo array variable holds all the recipient addresses of this # message. You can change this as you see fit, and append additional recipients # if need be. No "commit" statement is needed to make changes appear. #@SmtpRcptTo =~ s/shelby.com/tile.net/;