NNRP Perl Filter
Enhancement Patch

This patch is against a stock INN 1.5.1 nnrpd. Apply it in the nnrpd directory of the source tree. Affected files are perl.c and post.c. You need only recompile nnrpd (do a 'make' in the nnrp directory) and copy the new executable to /usr/news/bin or wherever is appropriate for your server.

    This patch does several things:
  1. Gives the Perl filter (filter_nnrpd.pl) access to message bodies, in the $body variable.
  2. Gives the Perl filter access to the poster's authinfo username, in the $user variable. Obviously this has no effect unless you use authinfo.
  3. Adds a returncode DROP to the Perl interface. If the string returned by the Perl subroutine begins with DROP, the post will be discarded and success returned to the client.
  4. Adds a returncode SPOOL to the Perl interface. If the string returned by the Perl subroutine begins with SPOOL, success will be returned to the client and the post will be saved to in.coming/spam for manual inspection.

Thus, doing something like this:













return "DROP spam" if ($body =~ /http:..dirty\.spammer\.com/);

will drop any post containing that URL while returning success to the posting client, making the spammer think he is being successful and keeping him from changing ISPs and starting over somewhere else.













return "SPOOL possible MMF" if ($hdr{"Subject"} =~ /Make Money Fast/);

will spool "suspect" posts in in.coming/spam so you can look at them and decide whether they should go out. They can be injected manually with rnews.













return "posting access denied" if ($user eq "badguy");

will return failure for anything posted by "badguy", removing his Usenet posting ability while still allowing him to read. (Requires authinfo).













return "SPOOL suspect post from $user" if ($user = "maybebadguy");

will spool posts from "maybebadguy" for manual inspection, while returning success to the posting client. They can be injected manually with rnews after inspection. (Requires authinfo.)

Obviously this opens up far greater possibilities than the simple examples above; I've already got a few ideas.

This code was written by Andrew Gierth and can be distributed freely, with attribution. Testing, hacking, patch generating, documentation, and other nonsense by Jeremy Nixon.

NOTE: I have not tested the authinfo stuff extensively.

Standard warning:


Some browsers interpret the 





">"

and 





"<"

symbols in the text below as HTML tag delimiters, and will not display this correctly. Saving the page as text (or viewing as HTML source) and cutting/pasting from that text will solve this problem 






--8<-------CUT-HERE-----------------------------------------------
diff -u perl.c.orig perl.c
--- perl.c.orig	Thu Jul 24 19:01:42 1997
+++ perl.c	Tue Aug 19 18:43:32 1997
@@ -34,14 +34,16 @@
 extern char LogName[];
 
 char *
-HandleHeaders()
+HandleHeaders(char *article)
 {
    dSP;
    HEADER	*hp;
    HV		*hdr;
+   SV		*body;
    int		rc;
    char		*p;
    static char	buf[256];
+   extern char  PERMuser[];
 
    if (!PerlFilterActive)
        return NULL; /* not really necessary */
@@ -56,11 +58,16 @@
          hv_store(hdr, (char *) hp->;Name, strlen(hp->Name), newSVpv(hp->Value, 0), 0);
    }
 
+   body = perl_get_sv("body", TRUE);
+   sv_setpv(body, article);
+   sv_setpv(perl_get_sv("user",TRUE), PERMuser);
+
    rc = perl_call_argv("filter_post", G_EVAL|G_SCALAR, NULL);
 
    SPAGAIN;
 
    hv_undef (hdr);
+   sv_setsv (body, &sv_undef);
 
    buf [0] = '\0' ;
    
diff -u post.c.orig post.c
--- post.c.orig	Thu Jul 24 19:01:42 1997
+++ post.c	Tue Aug 19 18:46:42 1997
@@ -681,12 +681,13 @@
 
 
 /*
-**  Spool article to temp file.
+**  Spool article to specified temp file.
 */
 STATIC STRING
-Spoolit(article, Error)
+SpoolitTo(article, Error, SpoolDir)
     char 		*article;
     char		*Error;
+    char		*SpoolDir;
 {
     static char		CANTSPOOL[NNTP_STRLEN+2];
     register HEADER	*hp;
@@ -700,7 +701,7 @@
     sprintf(CANTSPOOL, "%s and can't write text to local spool file", Error);
 
     /* Try to write it to the spool dir. */
-    TempName(_PATH_SPOOLNEWS, temp);
+    TempName(SpoolDir, temp);
     /* rnews -U ignores files starting with . */
     strrchr(temp, '/')[1] = '.';
     if ((F = fopen(temp, "w")) == NULL) {
@@ -738,7 +739,7 @@
     if (fclose(F))
 	return CANTSPOOL;
 
-    TempName(_PATH_SPOOLNEWS, path);
+    TempName(SpoolDir, path);
     if (rename(temp, path) < 0) {
         syslog(L_FATAL, "cant rename %s %s %m", temp, path);
 	return CANTSPOOL;
@@ -748,6 +749,17 @@
     return NULL;
 }
 
+/*
+**  Spool article to temp file.
+*/
+STATIC STRING
+Spoolit(article, Error)
+  char                *article;
+  char                *Error;
+{
+  return SpoolitTo(article, Error, _PATH_SPOOLNEWS);
+}
+
 STRING
 ARTpost(article, idbuff)
     char		*article;
@@ -824,8 +836,19 @@
 
 #if defined(DO_PERL)
     /* Calls the Perl subroutine for headers management */
-    if ((p = (char *)HandleHeaders()) != NULL)
-        return p;
+    if ((p = (char *)HandleHeaders(article)) != NULL) {
+       if (strncmp(p, "DROP", 4) == 0) {
+           syslog(L_NOTICE, "%s post %s", ClientHost, p);
+           return NULL;
+       }
+       else if (strncmp(p, "SPOOL", 5) == 0) {
+           syslog(L_NOTICE, "%s post %s", ClientHost, p);
+           return SpoolitTo(article, p, _PATH_SPOOLNEWS "/spam");
+       }
+       else
+           return p;
+    }
+
 #endif /* defined(DO_PERL) */
 
     /* Open a local connection to the server. */
--8<---------------------------------------------------------------

Do a good deed for millions of people today - nuke a spammer!

Return to the News Server Patches Page

Home - Usenet Area - General - Email Area

Made With Macintosh  © 1997 Ken Lucke - all rights reserved  Spun With PageSpinner