aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMark Sapiro <mark@msapiro.net>2018-06-04 18:02:12 -0700
committerMark Sapiro <mark@msapiro.net>2018-06-04 18:02:12 -0700
commitb0fda7ec4f1927bae0f930500dea17294b5bbf20 (patch)
tree96432701160ac405b0b4646e5cb43a35d1df1d54
parente3da06f338f4ebf125de481bbad5ae7d2bf7a282 (diff)
downloadmailman2-b0fda7ec4f1927bae0f930500dea17294b5bbf20.tar.gz
mailman2-b0fda7ec4f1927bae0f930500dea17294b5bbf20.tar.xz
mailman2-b0fda7ec4f1927bae0f930500dea17294b5bbf20.zip
Added BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE Feature
Diffstat (limited to '')
-rwxr-xr-xMailman/Defaults.py.in7
-rwxr-xr-xMailman/MailList.py7
-rw-r--r--Mailman/Utils.py21
-rw-r--r--NEWS4
4 files changed, 38 insertions, 1 deletions
diff --git a/Mailman/Defaults.py.in b/Mailman/Defaults.py.in
index fc72ef0d..a124832d 100755
--- a/Mailman/Defaults.py.in
+++ b/Mailman/Defaults.py.in
@@ -142,9 +142,14 @@ RECAPTCHA_SECRET_KEY = None
# in the installation. This supplements the individual list's ban_list.
# For example, to ban xxx@aol.com and any @gmail.com address beginning with
# yyy, set
-# GLOBAL_BAN_LIST = ['xxx@aol.com', '^yyy.*@gmail\.com$']
+# GLOBAL_BAN_LIST = ['xxx@aol\.com', '^yyy.*@gmail\.com$']
GLOBAL_BAN_LIST = []
+# IF the following is set to Yes, and a web subscribe comes from an IPv4
+# address and the IP is listed in Spamhaus ZEN, the subscription will be
+# blocked.
+BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE = No
+
# Command that is used to convert text/html parts into plain text. This
# should output results to standard output. %(filename)s will contain the
# name of the temporary file that the program should operate on.
diff --git a/Mailman/MailList.py b/Mailman/MailList.py
index 619c3206..ecd6ce5c 100755
--- a/Mailman/MailList.py
+++ b/Mailman/MailList.py
@@ -908,6 +908,13 @@ class MailList(HTMLFormatter, Deliverer, ListAdmin,
syslog('vette', '%s banned subscription: %s%s (matched: %s)',
realname, email, whence, pattern)
raise Errors.MembershipIsBanned, pattern
+ # See if this is from a spamhaus listed IP.
+ if remote and BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE:
+ if Utils.banned_ip(remote):
+ whence = ' from %s' % remote
+ syslog('vette', '%s banned subscription: %s%s (Spamhaus IP)',
+ realname, email, whence)
+ raise Errors.MembershipIsBanned, pattern
# Sanity check the digest flag
if digest and not self.digestable:
raise Errors.MMCantDigestError
diff --git a/Mailman/Utils.py b/Mailman/Utils.py
index fd6ac796..2f9bda63 100644
--- a/Mailman/Utils.py
+++ b/Mailman/Utils.py
@@ -1495,3 +1495,24 @@ def xml_to_unicode(s, cset):
else:
return s
+def banned_ip(ip):
+ if not dns_resolver:
+ return False
+ parts = ip.split('.')
+ if len(parts) != 4:
+ return False
+ lookup = '{}.{}.{}.{}.zen.spamhaus.org'.format(parts[3],
+ parts[2],
+ parts[1],
+ parts[0])
+ resolver = dns.resolver.Resolver()
+ try:
+ ans = resolver.query(lookup, dns.rdatatype.A)
+ except DNSException:
+ return False
+ if not ans:
+ return False
+ text = ans.rrset.to_text()
+ if re.search(r'127\.0\.0\.\d{1,2}$', text, re.MULTILINE):
+ return True
+ return False
diff --git a/NEWS b/NEWS
index 0841d402..3d59db2e 100644
--- a/NEWS
+++ b/NEWS
@@ -24,6 +24,10 @@ Here is a history of user visible changes to Mailman.
- An option has been added to bin/add_members to issue invitations
instead of immediately adding members. (LP: #1773064)
+ - A new BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE setting has been added to
+ enable blocking web subscribes from IPv4 addresses listed in Spamhaus
+ ZEN.
+
i18n
- The Japanese translation has been updated by Yasuhito FUTATSUKI.