keks-overlay.git

@@ -0,0 +1 @@

+DIST courier-pythonfilter-3.0.6.tar.gz 63899 BLAKE2B 8a7e437849abf4f2273c2ae9f117ba30683b74d9dabb6487ce2d0db0868b593da00ae2af2021c3a88ae4155b3d4f63c1b2b0a82bf836244a52a215f9025424e7 SHA512 7d25e6d466351cf987ed71eb9fee8396b87deffbe5a16be17ae94d806a0d9fe8330f243880388d87e7eef3c99fc2a073de94204540c8838995357d5799506ca3

@@ -0,0 +1,31 @@

+# Copyright 1999-2025 Gentoo Authors

+# Distributed under the terms of the GNU General Public License v2

+

+EAPI=8

+PYTHON_COMPAT=( python3_{9,10,11,12,13} )

+PYPI_NO_NORMALIZE=1

+DISTUTILS_USE_PEP517=setuptools

+inherit distutils-r1 pypi

+

+PATCHES=( "${FILESDIR}/${P}-ipv6.diff" )

+

+DESCRIPTION="Python filtering architecture for the Courier MTA"

+HOMEPAGE="https://pypi.org/project/courier-pythonfilter/"

+

+LICENSE="GPL-3"

+SLOT="0"

+KEYWORDS="amd64"

+

+DEPEND="mail-mta/courier"

+

+python_install() {

+	distutils-r1_python_install

+	rm -rf "${D}$(python_get_sitedir)/etc" || die

+}

+

+python_install_all() {

+	distutils-r1_python_install_all

+

+	insinto /etc

+	doins pythonfilter.conf pythonfilter-modules.conf

+}

@@ -0,0 +1,61 @@

+https://github.com/gordonmessmer/courier-pythonfilter/pull/10

+

+diff --git a/filters/pythonfilter/whitelist_dnswl.py b/filters/pythonfilter/whitelist_dnswl.py

+index aa03376..57b0ff5 100644

+--- a/filters/pythonfilter/whitelist_dnswl.py

++++ b/filters/pythonfilter/whitelist_dnswl.py

+@@ -19,6 +19,7 @@

+ 

+ import sys

+ import socket

++import ipaddress

+ import courier.control

+ import courier.config

+ 

+@@ -45,22 +46,30 @@ def do_filter(body_path, control_paths):

+     except:

+         return '451 Internal failure locating control files'

+ 

+-    if senders_ip and '.' in senders_ip:

+-        # '.' must be in senders_ip until there are DNSWLs that support IPv6

+-        octets = senders_ip.split('.')

+-        octets.reverse()

+-        octets_r = '.'.join(octets)

+-        for zone in dnswl_zone:

+-            lookup = '%s.%s' % (octets_r, zone)

+-            try:

+-                lookup_result = socket.gethostbyname(lookup)

+-            except:

+-                lookup_result = None

+-            if lookup_result:

+-                # For now, any result is good enough.

+-                return '200 Ok'

+-

+-    # Return no decision for everyone else.

++    try:

++        sender = ipaddress.ip_address(senders_ip)

++    except ValueError:

++        sys.stderr.write(f'whitelist_dnswl: unparsable senders_ip: {senders_ip}\n')

++        return ''

++

++    # sender is either IPV4Address or IPV6Address object, 

++    reverse = sender.reverse_pointer.replace('.in-addr.arpa', '').replace('.ip6.arpa', '')

++

++    for zone in dnswl_zone:

++        lookup = '%s.%s' % (reverse, zone)

++        try:

++            lookup_result = socket.gethostbyname(lookup)

++        except:

++            lookup_result = None

++        if lookup_result:

++            # special case for access blocked on dnswl.org

++            if lookup_result == '127.0.0.255':

++                # access blocked, no nonspam indicator

++                continue

++            # For now, any other result is good enough.

++            return '200 Ok'

++

++    # Return no decision if reaching this

+     return ''

+ 

+