From cd47d41512f99aff9eaaaaf6e796a34aa00fa8bf Mon Sep 17 00:00:00 2001
From: Jim Popovitch <jimpop@domainmail.org>
Date: Wed, 6 Jun 2018 10:06:19 +0000
Subject: Improved logging of security related events

---
 Mailman/Utils.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'Mailman/Utils.py')

diff --git a/Mailman/Utils.py b/Mailman/Utils.py
index 6038667b..b38776f8 100644
--- a/Mailman/Utils.py
+++ b/Mailman/Utils.py
@@ -111,7 +111,11 @@ def list_exists(listname):
     # But first ensure the list name doesn't contain a path traversal
     # attack.
     if len(re.sub(mm_cfg.ACCEPTABLE_LISTNAME_CHARACTERS, '', listname)) > 0:
-        syslog('mischief', 'Hostile listname: %s', listname)
+        remote = os.environ.get('HTTP_FORWARDED_FOR',
+                 os.environ.get('HTTP_X_FORWARDED_FOR',
+                 os.environ.get('REMOTE_ADDR',
+                                'unidentified origin')))
+        syslog('mischief', 'Hostile listname: listname=%s remote=%s', listname, remote)
         return False
     basepath = Site.get_listpath(listname)
     for ext in ('.pck', '.pck.last', '.db', '.db.last'):
-- 
cgit v1.2.3


From e7fff57cf267b6a4c5ba8ce25db19806fe172b32 Mon Sep 17 00:00:00 2001
From: Jim Popovitch <jimpop@domainmail.org>
Date: Mon, 11 Jun 2018 17:55:03 +0000
Subject: Support for verifying subscriber domains against the Spamhaus DBL

---
 Mailman/Utils.py | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'Mailman/Utils.py')

diff --git a/Mailman/Utils.py b/Mailman/Utils.py
index 6038667b..a8c8fd82 100644
--- a/Mailman/Utils.py
+++ b/Mailman/Utils.py
@@ -1530,3 +1530,25 @@ def banned_ip(ip):
     if re.search(r'127\.0\.0\.[2-7]$', text, re.MULTILINE):
         return True
     return False
+
+def banned_domain(email):
+    if not dns_resolver:
+        return False
+
+    email = email.lower()
+    user, domain = ParseEmail(email)
+
+    lookup = '%s.zen.spamhaus.org' % (domain)
+
+    resolver = dns.resolver.Resolver()
+    try:
+        ans = resolver.query(lookup, dns.rdatatype.A)
+    except DNSException:
+        return False
+    if not ans:
+        return False
+    text = ans.rrset.to_text()
+    if re.search(r'127\.0\.1\.\d{1,3}$', text, re.MULTILINE):
+        if not re.search(r'127\.0\.1\.255$', text, re.MULTILINE):
+            return True
+    return False
-- 
cgit v1.2.3