keks-overlay.git

@@ -1,2 +1,4 @@

+AUX courier-pythonfilter-ipv6-networkblocks.patch 1257 SHA256 03ff746c167329aaf3ae23a0068c841341d132dadbedd0042abe18f8592d618c SHA512 29c80a3f247259d35076c985a54e9e053b61867da12849fa1bffc98ba45e9d56cd3afda9d61c9b65e2cfc9897e313d2ce40e14b71157aa5df03d58728ce92c37 WHIRLPOOL 766705ae92870832d5da7a11599fc1938c10506828fae0da66e6ce084f043597c8138e185a17c4983f78a830761e0730ec32561158f7cc4e307d5f36f13ef482

+AUX courier-pythonfilter-whitelist-sender.patch 2205 SHA256 7bd9aa340e11ae7c8a36a2b1f5d249c866bf320ae02e622adb48a51cd08b3de1 SHA512 9a25b079ed7b7680ba59809a1cf600c53b0ca688f138e01255e8d47ba34d144996381ac38d5a0ce93986c73e0c59adf59661d8824c190371744c789b4a667d75 WHIRLPOOL 746f803b9169c79ad9c2d6fd1b8910aa6908898d91b9ca92a16e26f8903865e76748f32b42df16604882d438178223f02e4232d9f212e06d3c6a06d87e3e80ec

 DIST courier-pythonfilter-1.11.tar.gz 65193 SHA256 84d004665384e64c1aa42b9f8e77fa15ae87453b1c75eb992b3d665504cc7eff SHA512 75ffff7d9692861c535ee18d1d25954c79e81275641172ad706caf0c65dc715ffd4a1c021b0e26fc992fffdf6c2842ed8fc688eff82ec42591b35af834c0ace4 WHIRLPOOL c6b139f1d1f9ba67c502c6e59181d22ac0705260161d4a74bd81fee49724b665c99834fb7275ca1fb2bf2b933761c993010766dac1aaf46a4036d29a5b0c84da

-EBUILD courier-pythonfilter-1.11.ebuild 491 SHA256 158c66afb78c12520e79207190ccf2b820c7fd88fb656bb91b16cdbf2a08d19b SHA512 5b05e1d9031422abb78114e8bf8fffee1bfafce21443630592ffac55480c894d3c03764f79c0aac4db84d3711dd6a186028a887ef9a687faabfcc9ccc6ce907d WHIRLPOOL 2ab4bf63964727342ea7e25a5c2a904b524dbf6a13444e907f89f5a56979c012fb291a21759f8400e3591a326ebc25be47927ca99a5dadc1371a15a7f53f90b6

+EBUILD courier-pythonfilter-1.11.ebuild 626 SHA256 1813c18aaf186ae3f1e9ab1ce2009c6150f81beaa19bbc72af3c6f9c12996845 SHA512 19eb0bd699ebb65a0a2a451742d7ca5331f2c830877dece69314103f7b7636fa1f066860daf596b711377e749a317ad4ceed8496287fac16a4eaade74d6cd831 WHIRLPOOL 7040e0524a453378fc0277c93c86f5edfa29c2d59cf9b04784c4ff82fad3914542d6e3a24d25de47781b6bff378047e65893740cf9e58a77276ceb544b95cfcb

@@ -19,3 +19,9 @@ IUSE=""

 RDEPEND=""

 DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]

 	mail-mta/courier"

+

+PATCHES=(

+	"${FILESDIR}/courier-pythonfilter-ipv6-networkblocks.patch"

+	"${FILESDIR}/courier-pythonfilter-whitelist-sender.patch"

+	)

+

@@ -0,0 +1,32 @@

+From 85c456fce923cb967fb3852d81763eb74093cc26 Mon Sep 17 00:00:00 2001

+From: Bernd Wurst <bernd@milch.schokokeks.org>

+Date: Tue, 14 Mar 2017 14:44:28 +0100

+Subject: [PATCH] Add IPv6 network calculation

+

+---

+ filters/greylist.py | 12 ++++++++++--

+ 1 file changed, 10 insertions(+), 2 deletions(-)

+

+diff --git a/filters/greylist.py b/filters/greylist.py

+index ad044ea..ffc1eb7 100644

+--- a/filters/greylist.py

++++ b/filters/greylist.py

+@@ -87,8 +87,16 @@ def doFilter(bodyFile, controlFileList):

+     # Calculate the /24 network

+     IPv4Match = _IPv4Regex.match(sendersIP)

+     if(IPv4Match is None):

+-        # IPv6 network calculation isn't handled yet

+-        sendersIPNetwork = sendersIP

++        # possibly IPv6

++        try:

++            pos = sendersIP.rindex(':')

++            sendersIPNetwork = sendersIP[:pos+1]

++            # If there are not more than 4 colons left in the address after stripping, something is wrong

++            if sendersIPNetwork.count(':') < 5:

++                raise ValueError('Too generic address or no valid ipv6 address: %s\n' % sendersIPNetwork)

++        except ValueError as e:

++            sendersIPNetwork = sendersIP

++            sys.stderr.write(str(e))

+     else:

+        sendersIPNetwork = IPv4Match.group(1)

+ 

@@ -0,0 +1,59 @@

+From 61f1ae2cd94ece9e452e8fd02dbdf4d2f91f85e2 Mon Sep 17 00:00:00 2001

+From: Bernd Wurst <bernd@milch.schokokeks.org>

+Date: Tue, 14 Mar 2017 15:44:40 +0100

+Subject: [PATCH] Add configurable mode that whitelists only senders IP

+ addresses instead of triplets

+

+---

+ filters/greylist.py | 24 +++++++++++++++++++++++-

+ 1 file changed, 23 insertions(+), 1 deletion(-)

+

+diff --git a/filters/greylist.py b/filters/greylist.py

+index ffc1eb7..614e4c4 100644

+--- a/filters/greylist.py

++++ b/filters/greylist.py

+@@ -42,6 +42,7 @@

+ sendersPassedTTL = 60 * 60 * 24 * 36

+ sendersNotPassedTTL = 60 * 60 * 24

+ greylistTime = 300

++onlySendersIP = False

+ 

+ _IPv4Regex = re.compile('^(\d+\.\d+\.\d+)\.\d+$')

+ 

+@@ -113,6 +114,22 @@ def doFilter(bodyFile, controlFileList):

+     _sendersPassed.purge()

+     _sendersNotPassed.purge()

+ 

++    if onlySendersIP:

++        found = False

++        addrMd5 = hashlib.md5(sendersIPNetwork)

++        addrdigest = addrMd5.hexdigest()

++        _sendersPassed.lock()

++        try:

++            if _sendersPassed.has_key(addrdigest):

++                _Debug('address found in the Passed db')

++                _sendersPassed[addrdigest] = time.time()

++                found = True

++        finally:

++            _sendersPassed.unlock()

++

++        if found:

++            return ''

++

+     # Create a new MD5 object.  The sender/recipient/IP triplets will

+     # be stored in the db in the form of an MD5 digest.

+     senderMd5 = hashlib.md5(sender)

+@@ -152,7 +169,12 @@ def doFilter(bodyFile, controlFileList):

+                         biggestTimeToGo = timeToGo

+                 else:

+                     _Debug('triplet in NotPassed db is now passed')

+-                    _sendersPassed[cdigest] = time.time()

++                    if onlySendersIP:

++                        addrMd5 = hashlib.md5(sendersIPNetwork)

++                        addrdigest = addrMd5.hexdigest()

++                        _sendersPassed[addrdigest] = time.time()

++                    else:

++                        _sendersPassed[cdigest] = time.time()

+                     del(_sendersNotPassed[cdigest])

+             elif _sendersPassed.has_key(cdigest):

+                 _Debug('triplet found in the Passed db')