OXIESEC PANEL
- Current Dir:
/
/
opt
/
alt
/
python27
/
lib
/
python2.7
/
site-packages
/
postomaat
/
plugins
Server IP: 2a02:4780:11:1084:0:327f:3464:10
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
12/18/2024 09:49:00 AM
rwxr-xr-x
📄
__init__.py
578 bytes
03/16/2023 02:20:00 PM
rw-r--r--
📄
__init__.pyc
162 bytes
12/18/2024 09:49:00 AM
rw-r--r--
📄
blackwhitelist.py
10.08 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
blackwhitelist.pyc
7.95 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
call-ahead.py
77.45 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
call-ahead.pyc
67.93 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
complexrules.py
14.59 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
complexrules.pyc
17.37 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
dbwriter.py
5.7 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
dbwriter.pyc
4.69 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
ebl-lookup.py
9.03 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
ebl-lookup.pyc
8.3 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
enforcetls.py
5.1 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
enforcetls.pyc
4.39 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
fluentd_writer.py
6.92 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
fluentd_writer.pyc
6.73 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
geoip.py
7.47 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
geoip.pyc
7.4 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
helotld.py
3.37 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
helotld.pyc
3.07 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
killer.py
1.15 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
killer.pyc
1.47 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
messagesize.py
3.86 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
messagesize.pyc
3.54 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
originpolicy.py
11.2 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
originpolicy.pyc
9.51 KB
12/18/2024 09:49:00 AM
rw-r--r--
📁
ratelimit
-
12/18/2024 09:49:00 AM
rwxr-xr-x
📄
rdns.py
4.42 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
rdns.pyc
4.82 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
recipientrules.py
11.64 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
recipientrules.pyc
10.1 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
script.py
5.55 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
script.pyc
6 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
spfcheck.py
15.57 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
spfcheck.pyc
11.36 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
srs.py
4.51 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
srs.pyc
3.85 KB
12/18/2024 09:49:00 AM
rw-r--r--
📄
suspect_collect.py
7.84 KB
03/16/2023 02:20:00 PM
rw-r--r--
📄
suspect_collect.pyc
8.42 KB
12/18/2024 09:49:00 AM
rw-r--r--
Editing: srs.py
Close
# -*- coding: UTF-8 -*- # Copyright 2012-2018 Fumail Project # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # # from postomaat.shared import ScannerPlugin, DUNNO, REJECT, apply_template try: import SRS HAVE_SRS=True except ImportError: SRS=None HAVE_SRS=False class SRSBounceVerify(ScannerPlugin): """ This plugin checks the validity of SRS bounces. Intended to be used in conjunction with after queue SRS mechanisms such as Fuglu's SRS Plugin. """ def __init__(self,config,section=None): ScannerPlugin.__init__(self,config,section) self.logger=self._logger() self.requiredvars = { 'forward_domain': { 'default': 'example.com', 'description': 'the SRS envelope sender domain', }, 'secret': { 'default': '', 'description': 'cryptographic secret. set the same random value on all your machines', }, 'maxage': { 'default': '8', 'description': 'maximum lifetime of bounces', }, 'hashlength': { 'default': '8', 'description': 'size of auth code', }, 'separator': { 'default': '=', 'description': 'SRS token separator', }, 'messagetemplate':{ 'default':'${from_address} is not a valid SRS bounce address' }, 'accept_unsigned': { 'default': 'True', 'description': 'Accept unsigend (non SRS) recpients. Set to False to reject', } } def _init_srs(self): secret = self.config.get(self.section, 'secret') maxage = self.config.getint(self.section, 'maxage') hashlength = self.config.getint(self.section, 'hashlength') separator = self.config.get(self.section, 'separator') srs = SRS.new(secret=secret, maxage=maxage, hashlength=hashlength, separator=separator, alwaysrewrite=True) return srs def examine(self, suspect): if not HAVE_SRS: return DUNNO forward_domain = self.config.get(self.section, 'forward_domain') if suspect.to_domain != forward_domain: self.logger.debug('SRS: ignoring mail to %s - only accepting %s' % (suspect.to_address, forward_domain)) return DUNNO action = DUNNO message = None srs = self._init_srs() if suspect.to_address.lower().startswith('srs'): orig_rcpt = suspect.to_address try: recipient = srs.reverse(orig_rcpt) self.logger.info('SRS: decrypted bounce address %s to %s' % (orig_rcpt, recipient)) except Exception as e: self.logger.error('SRS: Failed to decrypt %s reason: %s' % (orig_rcpt, str(e))) action = REJECT message = apply_template(self.config.get(self.section, 'messagetemplate'), suspect) else: self.logger.debug('SRS: ignoring unsigned address %s' % (suspect.to_address)) if not self.config.getboolean(self.section, 'accept_unsigned'): action = REJECT message = apply_template(self.config.get(self.section, 'messagetemplate'), suspect) return action, message def lint(self): allok = self.checkConfig() if not HAVE_SRS: allok = False print('SRS library not found') if self.config.get(self.section, 'secret') == '': allok = False print('no secret set in config') if allok: srs = self._init_srs() forward_domain = self.config.get(self.section, 'forward_domain') srs.forward('foobar@example.com', forward_domain) return allok def __str__(self): return "SRSBounceVerify"