prosody-modules: mod_register_dnsbl/mod_register_dnsbl.lua@6412595e2046 (annotated)

2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	1	local adns = require "net.adns";
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	2	local async = require "util.async";
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	3
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	4	local rbl = module:get_option_string("registration_rbl");
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	5
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	6	local function reverse(ip, suffix)
2139 42b095dab626 mod_register_dnsbl: Fix matching pattern (Thanks Ge0rG) Kim Alvefur <zash@zash.se> parents: 2116 diff changeset	7	local a,b,c,d = ip:match("^(%d+).(%d+).(%d+).(%d+)$");
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	8	if not a then return end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	9	return ("%d.%d.%d.%d.%s"):format(d,c,b,a, suffix);
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	10	end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	11
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	12	module:hook("user-registering", function (event)
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	13	local session, ip = event.session, event.ip;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	14	if not ip then
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	15	session.log("debug", "Unable to check DNSBL when IP is unknown");
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	16	return;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	17	end
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	18	local rbl_ip, err = reverse(ip, rbl);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	19	if not rbl_ip then
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	20	session.log("debug", "Unable to check DNSBL for ip %s: %s", ip, err);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	21	return;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	22	end
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	23
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	24	local wait, done = async.waiter();
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	25	adns.lookup(function (reply)
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	26	if reply and reply[1] and reply[1].a then
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	27	session.log("debug", "DNSBL response: %s IN A %s", rbl_ip, reply[1].a);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	28	session.log("info", "Blocking %s from registering %s (dnsbl hit)", ip, event.username);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	29	event.allowed = false;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	30	event.reason = "Blocked by DNSBL";
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	31	end
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	32	done();
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	33	end, rbl_ip);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	34	wait();
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	35	end);

author	Kim Alvefur <zash@zash.se>
	Fri, 23 Feb 2018 21:56:42 +0100
changeset 2894	6412595e2046
parent 2207	2dcc3079572c
child 2895	84670bac7348
permissions	-rw-r--r--