From 5d8d6c4de1940413f42e7b1c913db4b233606146 Mon Sep 17 00:00:00 2001 From: John Denker Date: Fri, 20 Jul 2012 12:50:55 -0700 Subject: builing some features to penalize spammers, by pushing the greylisting barrier into the future --- tools/greylist.c | 51 +++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 37 insertions(+), 14 deletions(-) (limited to 'tools') diff --git a/tools/greylist.c b/tools/greylist.c index 1320257..00272d8 100644 --- a/tools/greylist.c +++ b/tools/greylist.c @@ -95,17 +95,20 @@ public: { gettimeofday(&now, NULL); } - int doit(); + int doit(const int penalty=0); // access comes after modification: - void update(const string msg, const timeval new_mod, const timeval new_ac); + void update(const string msg, const timeval new_mod, + const timeval new_ac, const int penalty=0); }; -string time_out(const int ttt){ +string time_out(const int _ttt){ + int ttt(abs(_ttt)); int sec(ttt % 60); int min((ttt / 60) % 60); int hr(ttt / 3600); stringstream foo; int didsome(0); + if (_ttt < 0) foo << "-"; if (hr) { foo << hr << ":"; didsome++; @@ -142,7 +145,10 @@ void scan(const string p, const int copies=1){ int ac_age = now.tv_sec - mystat.st_atime; cout << setw(10) << time_out(mod_age) << " " << setw(10) << time_out(ac_age); - if (mod_age - ac_age < minimum_age // early bird, or completely unused + if (mod_age < 0) { + cout << " penalty"; + } + else if (mod_age - ac_age < minimum_age // early bird, or completely unused && mod_age > probation) { // did not diligently resubmit cout << " disprobation"; if (mod_age != ac_age) cout << "!"; @@ -165,17 +171,23 @@ void scan(const string p, const int copies=1){ } } -void whatsit::update(const string msg, const timeval new_mod, const timeval new_ac){ +void whatsit::update(const string msg, const timeval new_mod, + const timeval new_ac, const int penalty){ cerr << progname << ": " << msg << ": " << ipbase; if (hostname.length()) cerr << " " << hostname; cerr << " mod_age: " << time_out(mod_age) << " ac_age: " << time_out(ac_age) << endl; + timeval pen_mod(new_mod); + if (penalty) { + pen_mod = now; + pen_mod.tv_sec += penalty; + } timeval upd[2] = { // beware: access illogically comes *before* modification here: new_ac, - new_mod + pen_mod }; utimes(ipname.c_str(), upd); } @@ -187,12 +199,19 @@ int main(int _argc, char** _argv){ whatsit foo(argv[0], dirname); argc--; argv++; int scanmode(0); int copies(1); + int penalty(0); while (argc > 0) { string arg = argv[0]; argc--; argv++; - if (arg == "-scan") { + if (prefix(arg, "-scan")) { scanmode++; - } else if (arg == "-copy") { + } else if (prefix(arg, "-copy")) { copies++; + } else if (prefix(arg, "-penalize")) { + if (!argc){ + cerr << "Option '" << arg << "' requires an argument" << endl; + exeunt(ex_syserr); + } + penalty = atoi(*argv++); argc--; } else { cerr << "Unrecognized arg: " << arg << endl; exeunt(ex_syserr); @@ -203,10 +222,10 @@ int main(int _argc, char** _argv){ return 0; } - return foo.doit(); + return foo.doit(penalty); } -int whatsit::doit(){ +int whatsit::doit(const int penalty){ char* ipvar = getenv("TCPREMOTEIP"); if (!ipvar) { cerr << progname << ": TCPREMOTEIP not set???" << endl; @@ -266,20 +285,24 @@ int whatsit::doit(){ mod_age = now.tv_sec - ipstat.st_mtime; ac_age = now.tv_sec - ipstat.st_atime; timeval mod_orig = {ipstat.st_mtime, 0}; + if (mod_age < 0) { + update("penalty box", mod_orig, now, penalty); + exeunt(ex_spam); + } if (mod_age < minimum_age) { - update("early bird", mod_orig, now); + update("early bird", mod_orig, now, penalty); exeunt(ex_greylisting); } if (mod_age - ac_age < minimum_age // early bird, or completely unused && mod_age > probation) { // did not diligently resubmit - update("disprobation", now, now); + update("disprobation", now, now, penalty); exeunt(ex_greylisting); } if (ac_age > maximum_age) { - update("too old, starting over", now, now); + update("too old, starting over", now, now, penalty); exeunt(ex_greylisting); } // if all checks are passed, must be OK: - update("returning customer", mod_orig, now); + update("returning customer", mod_orig, now, penalty); return 0; } -- cgit v1.2.3