git: a269b1a83999 - main - mail/sendmail: blacklist rejected hosts
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 17 Jul 2025 11:02:40 UTC
The branch main has been updated by dinoex:
URL: https://cgit.FreeBSD.org/ports/commit/?id=a269b1a839991a8ba3216804da9d3ccbfb57351b
commit a269b1a839991a8ba3216804da9d3ccbfb57351b
Author: Dirk Meyer <dinoex@FreeBSD.org>
AuthorDate: 2025-07-17 11:02:28 +0000
Commit: Dirk Meyer <dinoex@FreeBSD.org>
CommitDate: 2025-07-17 11:02:28 +0000
mail/sendmail: blacklist rejected hosts
PR: 287739
Submitted by: Helge Oldach
---
mail/sendmail/Makefile | 2 +-
mail/sendmail/files/patch-srvrsmtp.c | 34 ++++++++++++++++++++++++++++++----
2 files changed, 31 insertions(+), 5 deletions(-)
diff --git a/mail/sendmail/Makefile b/mail/sendmail/Makefile
index b32083c73a8b..083d106a8cb4 100644
--- a/mail/sendmail/Makefile
+++ b/mail/sendmail/Makefile
@@ -1,6 +1,6 @@
PORTNAME= sendmail
PORTVERSION= 8.18.1
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= mail
MASTER_SITES= ftp://ftp.sendmail.org/pub/sendmail/
DISTNAME= ${PORTNAME}.${PORTVERSION}
diff --git a/mail/sendmail/files/patch-srvrsmtp.c b/mail/sendmail/files/patch-srvrsmtp.c
index b2d019c6f386..ecdba53c3660 100644
--- a/mail/sendmail/files/patch-srvrsmtp.c
+++ b/mail/sendmail/files/patch-srvrsmtp.c
@@ -51,7 +51,33 @@
if (LogLevel >= 9) \
sm_syslog(LOG_WARNING, e->e_id, \
"AUTH failure (%s): %s (%d) %s%s%.*s, relay=%.100s", \
-@@ -2116,6 +2130,9 @@ smtp(nullserver, d_flags, e)
+@@ -2065,6 +2079,13 @@ smtp(nullserver, d_flags, e)
+ case CMDEHLO:
+ case CMDNOOP:
+ case CMDRSET:
++ if (lognullconnection)
++ {
++ int fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
++ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, nullserver);
++ }
++ /* FALLTHROUGH */
++
+ case CMDERROR:
+ /* process normally */
+ break;
+@@ -2092,6 +2113,11 @@ smtp(nullserver, d_flags, e)
+ #endif /* MAXBADCOMMANDS > 0 */
+ if (nullserver != NULL)
+ {
++ if (lognullconnection)
++ {
++ int fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
++ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, nullserver);
++ }
+ if (ISSMTPREPLY(nullserver))
+ {
+ /* Can't use ("%s", ...) due to usrerr() requirements */
+@@ -2116,6 +2142,9 @@ smtp(nullserver, d_flags, e)
DELAY_CONN("AUTH");
if (!sasl_ok || n_mechs <= 0)
{
@@ -61,7 +87,7 @@
message("503 5.3.3 AUTH not available");
break;
}
-@@ -3841,10 +3858,17 @@ smtp(nullserver, d_flags, e)
+@@ -3841,10 +3870,17 @@ smtp(nullserver, d_flags, e)
** timeouts for the same connection.
*/
@@ -79,7 +105,7 @@
if (tTd(93, 100))
{
/* return to handle next connection */
-@@ -3926,7 +3950,10 @@ smtp(nullserver, d_flags, e)
+@@ -3926,7 +3962,10 @@ smtp(nullserver, d_flags, e)
#if MAXBADCOMMANDS > 0
if (++n_badcmds > MAXBADCOMMANDS)
{
@@ -90,7 +116,7 @@
message("421 4.7.0 %s Too many bad commands; closing connection",
MyHostName);
-@@ -3980,6 +4007,9 @@ smtp(nullserver, d_flags, e)
+@@ -3980,6 +4019,9 @@ smtp(nullserver, d_flags, e)
}
#if SASL
}