Browse Source

ADD: number_of_unimplemented_commands_allowed and related code

ps 8 years ago
parent
commit
33f53a7403
2 changed files with 20 additions and 0 deletions
  1. 5 0
      src/Configfile.tmpl
  2. 15 0
      src/Proxy.cpp

+ 5 - 0
src/Configfile.tmpl

@@ -80,6 +80,11 @@ bool,throttle,true
 * don't set this too high (more than 3), as that will drop MANY connections
 int,throttling_time,1
 
+* number of unimplemented responses allowed
+* this is the total number of "503 Unimplemented" responses allowed from the server
+* -1 = unlimited
+int,number_of_unimplemented_commands_allowed,-1
+
 * whether we should check if there is data before we send the SMTP banner.
 * if there is data the email is almost certainly spam.
 bool,allow_data_before_banner,false

+ 15 - 0
src/Proxy.cpp

@@ -45,6 +45,7 @@ void Proxy::run(string &peer_address)
   string ehlostr="";
   string resolvedname="";
   unsigned char last_state=SMTP_STATE_WAIT_FOR_HELO;
+  long unimplemented_requests=0;
 
   try
   {
@@ -299,6 +300,20 @@ void Proxy::run(string &peer_address)
         //or to not advertise it as the last capability.
         if("250 pipelining"==Utils::strtolower(strtemp)||"250 chunking"==Utils::strtolower(strtemp))
           strtemp="250 x-noextension";
+	
+	//try to annoy spammers who send us too many senseless commands by delaying their connection a lot
+        if("502"==code) //502 unimplemented -> count them, if bigger than a certain number, terminate connection
+        {
+          if(cfg.getNumberOfUnimplementedCommandsAllowed()!=-1&&++unimplemented_requests>cfg.getNumberOfUnimplementedCommandsAllowed())
+          {
+            inside.writeLine("QUIT");
+            inside.close(); //close the socket now and leave server alone
+            sleep(60);
+            outside.writeLine("502 Too many unimplemented commands, closing connection");
+            return;
+          }
+        }
+
         if(strtemp.length())
           outside.writeLine(strtemp);
       }