diff options
author | Mark Sapiro <mark@msapiro.net> | 2018-06-04 18:02:12 -0700 |
---|---|---|
committer | Mark Sapiro <mark@msapiro.net> | 2018-06-04 18:02:12 -0700 |
commit | b0fda7ec4f1927bae0f930500dea17294b5bbf20 (patch) | |
tree | 96432701160ac405b0b4646e5cb43a35d1df1d54 | |
parent | e3da06f338f4ebf125de481bbad5ae7d2bf7a282 (diff) | |
download | mailman2-b0fda7ec4f1927bae0f930500dea17294b5bbf20.tar.gz mailman2-b0fda7ec4f1927bae0f930500dea17294b5bbf20.tar.xz mailman2-b0fda7ec4f1927bae0f930500dea17294b5bbf20.zip |
Added BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE Feature
-rwxr-xr-x | Mailman/Defaults.py.in | 7 | ||||
-rwxr-xr-x | Mailman/MailList.py | 7 | ||||
-rw-r--r-- | Mailman/Utils.py | 21 | ||||
-rw-r--r-- | NEWS | 4 |
4 files changed, 38 insertions, 1 deletions
diff --git a/Mailman/Defaults.py.in b/Mailman/Defaults.py.in index fc72ef0d..a124832d 100755 --- a/Mailman/Defaults.py.in +++ b/Mailman/Defaults.py.in @@ -142,9 +142,14 @@ RECAPTCHA_SECRET_KEY = None # in the installation. This supplements the individual list's ban_list. # For example, to ban xxx@aol.com and any @gmail.com address beginning with # yyy, set -# GLOBAL_BAN_LIST = ['xxx@aol.com', '^yyy.*@gmail\.com$'] +# GLOBAL_BAN_LIST = ['xxx@aol\.com', '^yyy.*@gmail\.com$'] GLOBAL_BAN_LIST = [] +# IF the following is set to Yes, and a web subscribe comes from an IPv4 +# address and the IP is listed in Spamhaus ZEN, the subscription will be +# blocked. +BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE = No + # Command that is used to convert text/html parts into plain text. This # should output results to standard output. %(filename)s will contain the # name of the temporary file that the program should operate on. diff --git a/Mailman/MailList.py b/Mailman/MailList.py index 619c3206..ecd6ce5c 100755 --- a/Mailman/MailList.py +++ b/Mailman/MailList.py @@ -908,6 +908,13 @@ class MailList(HTMLFormatter, Deliverer, ListAdmin, syslog('vette', '%s banned subscription: %s%s (matched: %s)', realname, email, whence, pattern) raise Errors.MembershipIsBanned, pattern + # See if this is from a spamhaus listed IP. + if remote and BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE: + if Utils.banned_ip(remote): + whence = ' from %s' % remote + syslog('vette', '%s banned subscription: %s%s (Spamhaus IP)', + realname, email, whence) + raise Errors.MembershipIsBanned, pattern # Sanity check the digest flag if digest and not self.digestable: raise Errors.MMCantDigestError diff --git a/Mailman/Utils.py b/Mailman/Utils.py index fd6ac796..2f9bda63 100644 --- a/Mailman/Utils.py +++ b/Mailman/Utils.py @@ -1495,3 +1495,24 @@ def xml_to_unicode(s, cset): else: return s +def banned_ip(ip): + if not dns_resolver: + return False + parts = ip.split('.') + if len(parts) != 4: + return False + lookup = '{}.{}.{}.{}.zen.spamhaus.org'.format(parts[3], + parts[2], + parts[1], + parts[0]) + resolver = dns.resolver.Resolver() + try: + ans = resolver.query(lookup, dns.rdatatype.A) + except DNSException: + return False + if not ans: + return False + text = ans.rrset.to_text() + if re.search(r'127\.0\.0\.\d{1,2}$', text, re.MULTILINE): + return True + return False @@ -24,6 +24,10 @@ Here is a history of user visible changes to Mailman. - An option has been added to bin/add_members to issue invitations instead of immediately adding members. (LP: #1773064) + - A new BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE setting has been added to + enable blocking web subscribes from IPv4 addresses listed in Spamhaus + ZEN. + i18n - The Japanese translation has been updated by Yasuhito FUTATSUKI. |