1 /************************************************************************
2 * Copyright (c) 1999-2006 The Apache Software Foundation. *
3 * All rights reserved. *
4 * ------------------------------------------------------------------- *
5 * Licensed under the Apache License, Version 2.0 (the "License"); you *
6 * may not use this file except in compliance with the License. You *
7 * may obtain a copy of the License at: *
8 * *
9 * http://www.apache.org/licenses/LICENSE-2.0 *
10 * *
11 * Unless required by applicable law or agreed to in writing, software *
12 * distributed under the License is distributed on an "AS IS" BASIS, *
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or *
14 * implied. See the License for the specific language governing *
15 * permissions and limitations under the License. *
16 ***********************************************************************/
17
18 package org.apache.james.smtpserver;
19
20 import org.apache.avalon.framework.logger.AbstractLogEnabled;
21 import org.apache.avalon.framework.configuration.Configuration;
22 import org.apache.avalon.framework.configuration.Configurable;
23 import org.apache.avalon.framework.configuration.ConfigurationException;
24 import java.util.ArrayList;
25 import java.util.StringTokenizer;
26
27 /***
28 * Connect handler for DNSRBL processing
29 */
30 public class DNSRBLHandler
31 extends AbstractLogEnabled
32 implements ConnectHandler, Configurable {
33 /***
34 * The lists of rbl servers to be checked to limit spam
35 */
36 private String[] whitelist;
37 private String[] blacklist;
38
39 /***
40 * @see org.apache.avalon.framework.configuration.Configurable#configure(Configuration)
41 */
42 public void configure(Configuration handlerConfiguration) throws ConfigurationException {
43
44 Configuration rblserverConfiguration = handlerConfiguration.getChild("rblservers", false);
45 if ( rblserverConfiguration != null ) {
46 ArrayList rblserverCollection = new ArrayList();
47 Configuration[] children = rblserverConfiguration.getChildren("whitelist");
48 if ( children != null ) {
49 for ( int i = 0 ; i < children.length ; i++ ) {
50 String rblServerName = children[i].getValue();
51 rblserverCollection.add(rblServerName);
52 if (getLogger().isInfoEnabled()) {
53 getLogger().info("Adding RBL server to whitelist: " + rblServerName);
54 }
55 }
56 if (rblserverCollection != null && rblserverCollection.size() > 0) {
57 whitelist = (String[]) rblserverCollection.toArray(new String[rblserverCollection.size()]);
58 rblserverCollection.clear();
59 }
60 }
61 children = rblserverConfiguration.getChildren("blacklist");
62 if ( children != null ) {
63 for ( int i = 0 ; i < children.length ; i++ ) {
64 String rblServerName = children[i].getValue();
65 rblserverCollection.add(rblServerName);
66 if (getLogger().isInfoEnabled()) {
67 getLogger().info("Adding RBL server to blacklist: " + rblServerName);
68 }
69 }
70 if (rblserverCollection != null && rblserverCollection.size() > 0) {
71 blacklist = (String[]) rblserverCollection.toArray(new String[rblserverCollection.size()]);
72 rblserverCollection.clear();
73 }
74 }
75 }
76
77 }
78
79
80
81
82
83
84 public void onConnect(SMTPSession session) {
85 boolean blocklisted = checkDNSRBL(session, session.getRemoteIPAddress());
86 session.setBlockListed(blocklisted);
87 }
88
89
90 /***
91 * @see org.apache.james.smtpserver.SMTPHandlerConfigurationData#checkDNSRBL(Socket)
92 */
93
94
95
96
97
98
99
100 public boolean checkDNSRBL(SMTPSession session, String ipAddress) {
101
102
103
104
105
106 if (session.isRelayingAllowed()) {
107 getLogger().info("Ipaddress " + session.getRemoteIPAddress() + " is allowed to relay. Don't check it");
108 return false;
109 }
110
111 if (whitelist != null || blacklist != null) {
112 StringBuffer sb = new StringBuffer();
113 StringTokenizer st = new StringTokenizer(ipAddress, " .", false);
114 while (st.hasMoreTokens()) {
115 sb.insert(0, st.nextToken() + ".");
116 }
117 String reversedOctets = sb.toString();
118
119 if (whitelist != null) {
120 String[] rblList = whitelist;
121 for (int i = 0 ; i < rblList.length ; i++) try {
122 java.net.InetAddress addr = org.apache.james.dnsserver.DNSServer.getByName(reversedOctets + rblList[i]);
123 if (getLogger().isInfoEnabled()) {
124 getLogger().info("Connection from " + ipAddress + " whitelisted by " + rblList[i]);
125 }
126
127
128
129
130
131
132
133
134 if (getLogger().isDebugEnabled()) {
135 getLogger().debug("Whitelist addr = " + addr.toString());
136 }
137
138 return false;
139 } catch (java.net.UnknownHostException uhe) {
140 if (getLogger().isDebugEnabled()) {
141 getLogger().debug("unknown host exception thrown:" + reversedOctets + rblList[i]);
142 }
143 }
144 }
145
146 if (blacklist != null) {
147 String[] rblList = blacklist;
148 for (int i = 0 ; i < rblList.length ; i++) try {
149 java.net.InetAddress addr = org.apache.james.dnsserver.DNSServer.getByName(reversedOctets + rblList[i]);
150 if (getLogger().isInfoEnabled()) {
151 getLogger().info("Connection from " + ipAddress + " restricted by " + rblList[i] + " to SMTP AUTH/postmaster/abuse.");
152 }
153
154
155
156
157
158
159
160
161 if (getLogger().isDebugEnabled()) {
162 getLogger().debug("Blacklist addr = " + addr.toString());
163 }
164
165 return true;
166 } catch (java.net.UnknownHostException uhe) {
167
168 if (getLogger().isDebugEnabled()) {
169 getLogger().debug("unknown host exception thrown:" + reversedOctets + rblList[i]);
170 }
171 }
172 }
173 }
174 return false;
175 }
176
177 }