libspf2 1.2.10
|
00001 /* 00002 * This program is free software; you can redistribute it and/or modify 00003 * it under the terms of either: 00004 * 00005 * a) The GNU Lesser General Public License as published by the Free 00006 * Software Foundation; either version 2.1, or (at your option) any 00007 * later version, 00008 * 00009 * OR 00010 * 00011 * b) The two-clause BSD license. 00012 * 00013 * These licenses can be found with the distribution in the file LICENSES 00014 */ 00015 00016 #ifndef INC_SPF_SERVER 00017 #define INC_SPF_SERVER 00018 00019 typedef struct SPF_server_struct SPF_server_t; 00020 00021 #include "spf_record.h" 00022 #include "spf_dns.h" 00023 00024 #ifndef SPF_MAX_DNS_MECH 00025 /* It is a bad idea to change this for two reasons. 00026 * 00027 * First, the obvious reason is the delays caused on the mail server 00028 * you are running. DNS lookups that timeout can be *very* time 00029 * consuming, and even successful DNS lookups can take 200-500ms. 00030 * Many MTAs can't afford to wait long and even 2sec is pretty bad. 00031 * 00032 * The second, and more important reason, is the SPF records come from 00033 * a third party which may be malicious. This third party can direct 00034 * DNS lookups to be sent to anyone. If there isn't a limit, then it 00035 * is easy for someone to create a distributed denial of service 00036 * attack simply by sending a bunch of emails. Unlike the delays on 00037 * your system caused by many DNS lookups, you might not even notice 00038 * that you are being used as part of a DDoS attack. 00039 */ 00040 #define SPF_MAX_DNS_MECH 10 00041 #endif 00042 #ifndef SPF_MAX_DNS_PTR 00043 /* It is a bad idea to change this for the same reasons as mentioned 00044 * above for SPF_MAX_DNS_MECH 00045 */ 00046 #define SPF_MAX_DNS_PTR 10 00047 #endif 00048 #ifndef SPF_MAX_DNS_MX 00049 /* It is a bad idea to change this for the same reasons as mentioned 00050 * above for SPF_MAX_DNS_MECH 00051 */ 00052 #define SPF_MAX_DNS_MX 10 00053 #endif 00054 00055 struct SPF_server_struct { 00056 SPF_dns_server_t*resolver; 00057 SPF_record_t *local_policy; 00058 SPF_macro_t *explanation; 00060 char *rec_dom; 00062 int max_dns_mech; 00063 int max_dns_ptr; 00064 int max_dns_mx; 00066 int sanitize; 00067 int debug; 00068 int destroy_resolver; 00069 }; 00070 00071 typedef 00072 enum SPF_server_dnstype_enum { 00073 SPF_DNS_RESOLV, SPF_DNS_CACHE, SPF_DNS_ZONE 00074 } SPF_server_dnstype_t; 00075 00076 SPF_server_t *SPF_server_new(SPF_server_dnstype_t dnstype,int debug); 00077 SPF_server_t *SPF_server_new_dns(SPF_dns_server_t *dns,int debug); 00078 void SPF_server_free(SPF_server_t *sp); 00079 SPF_errcode_t SPF_server_set_rec_dom(SPF_server_t *sp, 00080 const char *dom); 00081 SPF_errcode_t SPF_server_set_sanitize(SPF_server_t *sp, 00082 int sanitize); 00083 SPF_errcode_t SPF_server_set_explanation(SPF_server_t *sp, 00084 const char *exp, SPF_response_t **spf_responsep); 00085 SPF_errcode_t SPF_server_set_localpolicy(SPF_server_t *sp, 00086 const char *policy, int use_default_whitelist, 00087 SPF_response_t **spf_responsep); 00088 00089 SPF_errcode_t SPF_server_get_record(SPF_server_t *spf_server, 00090 SPF_request_t *spf_request, 00091 SPF_response_t *spf_response, 00092 SPF_record_t **spf_recordp); 00093 00097 #define SPF_DECL_ACCESS_INT(f) \ 00098 SPF_errcode_t \ 00099 SPF_server_set_ ## f(SPF_server_t *spf_server, int n); \ 00100 int \ 00101 SPF_server_get_ ## f(SPF_server_t *spf_server); 00102 00103 SPF_DECL_ACCESS_INT(max_dns_mech); 00104 SPF_DECL_ACCESS_INT(max_dns_ptr); 00105 SPF_DECL_ACCESS_INT(max_dns_mx); 00106 00107 #endif