OXIESEC PANEL
- Current Dir:
/
/
opt
/
alt
/
python27
/
lib
/
python2.7
/
site-packages
/
postomaat
/
plugins
Server IP: 2a02:4780:11:1084:0:327f:3464:10
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
12/18/2024 09:49:00 AM
rwxr-xr-x
📄
__init__.py
578 bytes
03/16/2023 02:20:00 PM
rw-r--r--
📄
__init__.pyc
162 bytes
12/18/2024 09:49:00 AM
rw-r--r--
📄
blackwhitelist.py
10.08 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
blackwhitelist.pyc
7.95 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
call-ahead.py
77.45 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
call-ahead.pyc
67.93 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
complexrules.py
14.59 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
complexrules.pyc
17.37 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
dbwriter.py
5.7 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
dbwriter.pyc
4.69 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
ebl-lookup.py
9.03 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
ebl-lookup.pyc
8.3 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
enforcetls.py
5.1 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
enforcetls.pyc
4.39 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
fluentd_writer.py
6.92 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
fluentd_writer.pyc
6.73 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
geoip.py
7.47 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
geoip.pyc
7.4 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
helotld.py
3.37 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
helotld.pyc
3.07 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
killer.py
1.15 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
killer.pyc
1.47 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
messagesize.py
3.86 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
messagesize.pyc
3.54 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
originpolicy.py
11.2 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
originpolicy.pyc
9.51 KB
12/18/2024 09:49:00 AM
rw-r--r--
📁
ratelimit
-
12/18/2024 09:49:00 AM
rwxr-xr-x
📄
rdns.py
4.42 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
rdns.pyc
4.82 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
recipientrules.py
11.64 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
recipientrules.pyc
10.1 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
script.py
5.55 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
script.pyc
6 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
spfcheck.py
15.57 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
spfcheck.pyc
11.36 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
srs.py
4.51 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
srs.pyc
3.85 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
suspect_collect.py
7.84 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
suspect_collect.pyc
8.42 KB
12/18/2024 09:49:00 AM
rw-r--r--
Editing: rdns.py
Close
# -*- coding: UTF-8 -*- # Copyright 2012-2018 Oli Schacher # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # # """ plugins with rdns checks """ from postomaat.shared import ScannerPlugin,DUNNO,REJECT,DEFER,DEFER_IF_PERMIT,FILTER,HOLD,PREPEND,WARN,FileList import re class IdentityCrisis(ScannerPlugin): """ Reject clients with no FCcdns and address literal HELO """ def __init__(self,config,section=None): ScannerPlugin.__init__(self,config,section) self.logger=self._logger() self.requiredvars={ 'action':{ 'default':'DEFER', 'description':'Action if sender has no FcRDNS and is using a address literal HELO', }, 'message':{ 'default':'No FcrDNS and address literal HELO - Who are you?', }, } self.pattern=re.compile('^\[[0-9a-fA-F:.]+\]$') def examine(self,suspect): retaction=DUNNO retmessage="" revclient=suspect.get_value('reverse_client_name') if revclient is None or revclient.strip()=='unknown' or revclient.strip()=='': helo_name=suspect.get_value('helo_name') if helo_name is None or self.pattern.match(helo_name) is not None: retaction=self.config.get(self.section,'action').strip() retmessage=self.config.get(self.section,'message').strip() return retaction,retmessage def lint(self): lint_ok=True retaction=self.config.get(self.section,'action').strip().lower() reasonable_actions=[REJECT,DEFER,DEFER_IF_PERMIT,FILTER,HOLD,PREPEND,WARN] if retaction not in reasonable_actions: print("are you sure about action '%s' ?"%retaction) print("I'd expect one of %s"%(",".join(reasonable_actions))) lint_ok=False if not self.checkConfig(): print('Error checking config') lint_ok = False return lint_ok def __str__(self): return "Identity Crisis" class CreativeTLD(ScannerPlugin): """ Reject clients with unofficial TLD in rdns """ def __init__(self,config,section=None): ScannerPlugin.__init__(self,config,section) self.logger=self._logger() self.requiredvars={ 'action':{ 'default':'REJECT', 'description':'Action if sender uses invalid TLD', }, 'message':{ 'default':'forged rDNS TLD', }, 'tldfile':{ 'default':'/etc/mail/tlds-alpha-by-domain.txt', }, } self.filelist=FileList(filename=None,strip=True, skip_empty=True, skip_comments=True,lowercase=True,minimum_time_between_reloads=86400) def examine(self,suspect): retaction,retmessage = DUNNO,'' revclient=suspect.get_value('reverse_client_name') self.filelist.filename=self.config.get(self.section,'domainsfile') tlds = self.filelist.get_list() if revclient is None or revclient.strip()=='unknown' or '.' not in revclient: return DUNNO,'' tld=revclient.split('.')[-1].lower() if tld not in tlds: retaction=self.config.get(self.section,'action').strip() retmessage=self.config.get(self.section,'message').strip() return retaction,retmessage def lint(self): lint_ok=True retaction=self.config.get(self.section,'action').strip().lower() reasonable_actions=[REJECT,DEFER,DEFER_IF_PERMIT,FILTER,HOLD,PREPEND,WARN] if retaction not in reasonable_actions: print("are you sure about action '%s' ?"%retaction) print("I'd expect one of %s"%(",".join(reasonable_actions))) lint_ok=False if not self.checkConfig(): print('Error checking config') lint_ok = False return lint_ok def __str__(self): return "Creative TLD"