File Coverage

blib/lib/Mail/MtPolicyd/Plugin/SqlList.pm

Criterion	Covered	Total	%
statement	30	32	93.7
branch	9	12	75.0
condition	1	3	33.3
subroutine	6	6	100.0
pod	1	1	100.0
total	47	54	87.0

line	stmt	bran	cond	sub	pod	time	code
1							package Mail::MtPolicyd::Plugin::SqlList;
2
3	2			2		2279	use Moose;
	2					6
	2					16
4	2			2		13095	use namespace::autoclean;
	2					5
	2					22
5
6							our $VERSION = '1.23'; # VERSION
7							# ABSTRACT: mtpolicyd plugin for accessing a SQL white/black/access list
8
9							extends 'Mail::MtPolicyd::Plugin';
10							with 'Mail::MtPolicyd::Plugin::Role::Scoring';
11							with 'Mail::MtPolicyd::Plugin::Role::UserConfig' => {
12							'uc_attributes' => [ 'enabled' ],
13							};
14							with 'Mail::MtPolicyd::Plugin::Role::SqlUtils';
15
16	2			2		254	use Mail::MtPolicyd::Plugin::Result;
	2					4
	2					894
17
18
19							has 'enabled' => ( is => 'rw', isa => 'Str', default => 'on' );
20
21							has 'sql_query' => (
22							is => 'rw', isa => 'Str',
23							default => 'SELECT client_ip FROM whitelist WHERE client_ip=INET_ATON(?)',
24							);
25
26							has 'score' => ( is => 'rw', isa => 'Maybe[Num]' );
27							has 'match_action' => ( is => 'rw', isa => 'Maybe[Str]' );
28							has 'not_match_action' => ( is => 'rw', isa => 'Maybe[Str]' );
29
30							sub _query_db {
31	4			4		6	my ( $self, $ip ) = @_;
32	4					160	return $self->execute_sql($self->sql_query, $ip)->fetchrow_array;
33							}
34
35							sub run {
36	5			5	1	800	my ( $self, $r ) = @_;
37	5					245	my $ip = $r->attr('client_address');
38	5					194	my $session = $r->session;
39	5					8	my $config;
40
41	5	100				19	if( $self->get_uc( $session, 'enabled') eq 'off' ) {
42	1					5	return;
43							}
44
45	4	50				10	if( ! defined $ip) {
46	0					0	$self->log($r, 'no attribute \'client_address\' in request');
47	0					0	return;
48							}
49
50							my $value = $r->do_cached( $self->name.'-result',
51	4			4		149	sub { $self->_query_db($ip) } );
	4					12
52	4	100				65	if( $value ) {
53	2					82	$self->log($r, 'client_address '.$ip.' matched SqlList '.$self->name);
54	2	50	33			90	if( defined $self->score
55							&& ! $r->is_already_done($self->name.'-score') ) {
56	2					69	$self->add_score($r, $self->name , $self->score);
57							}
58	2	50				80	if( defined $self->match_action ) {
59	2					76	return Mail::MtPolicyd::Plugin::Result->new(
60							action => $self->match_action,
61							abort => 1,
62							);
63							}
64							} else {
65	2					83	$self->log($r, 'client_address '.$ip.' did not match SqlList '.$self->name);
66	2	100				95	if( defined $self->not_match_action ) {
67	1					44	return Mail::MtPolicyd::Plugin::Result->new(
68							action => $self->not_match_action,
69							abort => 1,
70							);
71							}
72							}
73
74	1					6	return;
75							}
76
77
78							__PACKAGE__->meta->make_immutable;
79
80							1;
81
82							__END__
83
84							=pod
85
86							=encoding UTF-8
87
88							=head1 NAME
89
90							Mail::MtPolicyd::Plugin::SqlList - mtpolicyd plugin for accessing a SQL white/black/access list
91
92							=head1 VERSION
93
94							version 1.23
95
96							=head1 SYNOPSIS
97
98							<Plugin whitelist>
99							module="SqlList"
100							sql_query="SELECT client_ip FROM whitelist WHERE client_ip=?"
101							match_action=dunno
102							</Plugin>
103
104							<Plugin blacklist>
105							module="SqlList"
106							sql_query="SELECT client_ip FROM blacklist WHERE client_ip=?"
107							match_action="reject you are blacklisted!"
108							</Plugin>
109
110							=head1 DESCRIPTION
111
112							Plugin checks the client_address against a SQL table.
113
114							Depending on wether a supplied SQL query matched actions can be taken.
115
116							=head2 PARAMETERS
117
118							The module takes the following parameters:
119
120							=over
121
122							=item (uc_)enabled (default: "on")
123
124							Could be set to 'off' to deactivate check. Could be used to activate/deactivate check per user.
125
126							=item sql_query (default: "SELECT client_ip FROM whitelist WHERE client_ip=INET_ATON(?)")
127
128							Prepared SQL statement to use for checking an IP address.
129
130							? will be replaced by the IP address.
131
132							The module will match if the statement returns one or more rows.
133
134							=back
135
136							By default the plugin will do nothing. One of the following actions should be specified:
137
138							=over
139
140							=item match_action (default: empty)
141
142							If given this action will be returned to the MTA if the SQL query matched.
143
144							=item not_match_action (default: empty)
145
146							If given this action will be returned to the MTA if the SQL query DID NOT matched.
147
148							=item score (default: empty)
149
150							If given this score will be applied to the session.
151
152							=back
153
154							=head1 EXAMPLE WITH A MYSQL TABLE
155
156							You may use the following table for storing ipv4 addresses in MySQL:
157
158							CREATE TABLE `whitelist` (
159							`id` int(11) NOT NULL AUTO_INCREMENT,
160							`client_ip` INT UNSIGNED NOT NULL,
161							PRIMARY KEY (`id`),
162							UNIQUE KEY `client_ip` (`client_ip`)
163							) ENGINE=MyISAM DEFAULT CHARSET=latin1
164
165							INSERT INTO whitelist VALUES(NULL, INET_ATON('127.0.0.1'));
166
167							And use it as a whitelist in mtpolicyd:
168
169							<VirtualHost 12345>
170							name="reputation"
171							<Plugin whitelist>
172							module="SqlList"
173							sql_query="SELECT client_ip FROM whitelist WHERE client_ip=INET_ATON(?)"
174							match_action="dunno"
175							</Plugin>
176							<Plugin trigger-greylisting>
177							...
178							</VirtualHost>
179
180							=head1 AUTHOR
181
182							Markus Benning <ich@markusbenning.de>
183
184							=head1 COPYRIGHT AND LICENSE
185
186							This software is Copyright (c) 2014 by Markus Benning <ich@markusbenning.de>.
187
188							This is free software, licensed under:
189
190							The GNU General Public License, Version 2, June 1991
191
192							=cut