pro/pwmailr/pwmailr.py

#! /usr/bin/python2.6
# -*- coding: utf-8 -*-

# <pwmailr.py  Receive e-mail filters And white list filter.>
# Copyright (C) <2012> <yasuyosi kimura>
#
# This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.


### Revision 0.0  2012/01/08 20:03:00  Test version.
### Vre 0.0


#import os
import sys
import time
import traceback
import Milter
#import StringIO
#import email
#from socket import AF_INET, AF_INET6
from Milter.dynip import is_dynip as dynip
from Milter.utils import parseaddr, parse_addr, parse_header
from Milter.dns import Session as dnsSession

import re

import smtplib
from email.MIMEText import MIMEText
from email.Header import Header
from email.Utils import formatdate


import logging
import logging.handlers
#import MySQLdb

socketname = "inet:1025@localhost"
###socketname = "/var/spool/postfix/private/rpwmiltersock"
sockettimeout = 600

fqdn = re.compile(r'^[a-z0-9][-a-z0-9]*(\.[a-z0-9][-a-z0-9]*)*(\.[a-z]{2,10})$')
fqdnjp = re.compile(r'\.[a-z]{2,2}\.jp$|([a-z0-9][-a-z0-9]{2,63}\.[a-z]{2,10})$')
## print fqdnjp.search('.or.jp')

##    %(levelno)s         Numeric logging level for the message (DEBUG, INFO,
##                        WARNING, ERROR, CRITICAL)
log_filename = "/var/log/pwmail/pwmailr.log"

### log_level = logging.DEBUG
log_level = logging.INFO
### log_level = logging.WARNING

my_logger = logging.getLogger("pwmailr")
my_logger.setLevel(log_level)
### log_fh = logging.StreamHandler(sys.stdout)
log_fh = logging.handlers.RotatingFileHandler(log_filename, maxBytes=1024000, backupCount=10)
log_fh.setLevel(logging.DEBUG)
log_fm = logging.Formatter("%(asctime)s - %(levelname)s - %(message)s")
log_fh.setFormatter(log_fm)
my_logger.addHandler(log_fh)


my_domainlist = ()
# def my_setdomainlist():
#   db = MySQLdb.connect(user="postfixuser", passwd="oakiki", db="postfixadmin")
#   cur = db.cursor()
#   cur.execute("SELECT domain FROM domain")
#   dm = cur.fetchall() 
#   d = ()
#   for v in dm:
#     p = (v[0],len(v[0]))
#     d = d + (p,)
#   return d

# my_domainlist = my_setdomainlist()

sendmail_port = 1026
to_pwadmin = "pwadmin@pwmail.jp"
##to_pwadmin = "kimura@oakiki.jp"

class myMilter(Milter.Base):

  def __init__(self):  # A new instance with each new connection.
    self.id = Milter.uniqueID()  # Integer incremented with each call.
#    self.Fname = None       # sender in SMTP form

  def msg_cnvt(self, s):
    for enc1 in ('cp932','utf8'):
      try:
        u = unicode(s,enc1)
      except UnicodeDecodeError: continue
      break
    return u

  def msg_connect(self, rcpt_addr):
    if not self.Cname:
      Cname = u""
    else:
      Cname = self.msg_cnvt(self.Cname)
    if not self.IP:
      IP = u""
    else:
      IP = self.msg_cnvt(self.IP)
    if not self.Hname:
      Hname = u""
    else:
      Hname = self.msg_cnvt(self.Hname)
    if not self.Fname:
      Fname = u""
    else:
      Fname = self.msg_cnvt(self.Fname)
    if not rcpt_addr:
      wrcpt_addr = u""
    else:
      wrcpt_addr = self.msg_cnvt(rcpt_addr)
    try:
      return u"connect from %s at %s\nhelo: %s\nmail from: %s\nrcpt to: %s\n" % (Cname, IP, Hname, Fname, wrcpt_addr) 
    except:
      self.log_warning("msg_connect:", traceback.format_exc())
      return u""

  def send_admin1(self, rcpt_addr, subject, ERlevel):
    encoding = "ISO-2022-JP"

    body = self.msg_connect(rcpt_addr) + u"X-PWmail: %s\n" % self.PWmsg
    mf = parse_addr(rcpt_addr)
    un = mf[0]
    pos = un.find('+')
    if pos != -1:
      un = un[:pos]
    from_addr = un + "+admin@" + mf[1]
    to_addr = un + "+" + ERlevel + "@" + mf[1]

    try:
      msg = MIMEText(body.encode(encoding,'replace'), 'plain', encoding)
      msg['Subject'] = Header(subject, encoding)
      msg['From'] = from_addr
      msg['To'] = to_addr
      msg['Date'] = formatdate()
    except:
      self.log_warning('send_admin1 MIMEText:',traceback.format_exc())
      return

    # SMTP���������������������������������localhost:25
    s = smtplib.SMTP('localhost',sendmail_port,'localhost')
    try:
      s.sendmail(from_addr, [to_pwadmin], msg.as_string())
    except:
      self.log_warning('send_admin1 sendmail:',traceback.format_exc())
    s.quit()

  def msg_Header(self, hd):
    if not self.HFrom:
      hfrom = u""
    else:
      hfrom = unicode(self.HFrom, 'utf8', 'replace')
    if not self.Subject:
      subject = u""
    else:
      subject = unicode(self.Subject, 'utf8', 'replace')
    try:
      return u"Header-From: %s\nHeader-Subject: %s\nHeader-Date: %s\n" % (hfrom, subject, hd)
    except:
      self.log_warning("msg_Header:", traceback.format_exc())
      return u""

  def send_admin2(self, rcpt_addr, subject, ERlevel):
    encoding = "ISO-2022-JP"
    if not self.HDate:
      hdate = ""
    else:
      hdate = self.HDate

    body = self.msg_connect(rcpt_addr) + self.msg_Header(hdate) + u"X-PWmail: %s\n" % (self.PWmsg)
    mf = parse_addr(rcpt_addr)
    un = mf[0]
    pos = un.find('+')
    if pos != -1:
      un = un[:pos]
    from_addr = un + "+admin@" + mf[1]
    to_addr = un + "+" + ERlevel + "@" + mf[1]

    try:
      msg = MIMEText(body.encode(encoding,'replace'), 'plain', encoding)
      msg['Subject'] = Header(subject, encoding)
      msg['From'] = from_addr
      msg['To'] = to_addr
      msg['Date'] = hdate
    except:
      self.log_warning('send_admin2 MIMEText:',traceback.format_exc())
      return

    # SMTP���������������������������������localhost:25
    s = smtplib.SMTP('localhost',sendmail_port,'localhost')
    try:
      s.sendmail(from_addr, [to_pwadmin], msg.as_string())
    except:
      self.log_warning('send_admin2 sendmail:',traceback.format_exc())
    s.quit()

  def send_admin3(self, rcpt_addr, subject, ERlevel):
    encoding = "ISO-2022-JP"
    if not self.HDate:
      hdate = ""
    else:
      hdate = self.HDate

    body = self.msg_connect(rcpt_addr) + self.msg_Header(hdate) + u"X-PWmail: %s\n" % (self.PWmsg)
    mf = parse_addr(rcpt_addr)
    un = mf[0]
    pos = un.find('+')
    if pos != -1:
      un = un[:pos]
    from_addr = un + "+admin@" + mf[1]
    to_addr = un + "+" + ERlevel + "@" + mf[1]

    try:
      msg = MIMEText(body.encode(encoding,'replace'), 'plain', encoding)
      msg['Subject'] = Header(subject, encoding)
      msg['From'] = from_addr
      msg['To'] = to_addr
      msg['Date'] = hdate
    except:
      self.log_warning('send_admin3 MIMEText:',traceback.format_exc())
      return

    # SMTP���������������������������������localhost:25
    s = smtplib.SMTP('localhost',sendmail_port,'localhost')
    try:
      s.sendmail(from_addr, [to_addr,to_pwadmin], msg.as_string())
    except:
      self.log_warning('send_admin3 sendmail:',traceback.format_exc())
    s.quit()


#  @Milter.noreply
  def connect(self, IPname, family, hostaddr):
    self.log("connect from %s at %s" % (IPname, hostaddr) )

    # Ini Setup
    if hostaddr and len(hostaddr) > 0:
      self.IP = hostaddr[0]
    else: 
      self.log_critical("REJECT: connect attacks")
      self.setreply('550','5.7.1', 'Banned for connect attacks')
      return Milter.REJECT

    self.IP = hostaddr[0]
##    self.port = hostaddr[1]
    self.Cname = IPname.lower()  # Name from a reverse IP lookup
    if fqdn.match(self.Cname):
      self.Cfqdn = True
      self.Cdynip = dynip(self.Cname, self.IP)
      self.Cipok = self.DNSCheck(IPname, self.IP)
      if (self.Cname != IPname) and (not self.Cdynip) and (not self.Cipok):
        self.Cipok = self.DNSCheck(self.Cname, self.IP)
    else:
      self.Cfqdn = False
      self.Cipok = None
      self.Cdynip = None

    self.Hname = None
    self.Hipok = None
    self.Hmyd = None
#    self.Hfqdn = None   # None or (not None):True
    
    return Milter.CONTINUE


#  @Milter.noreply
  def hello(self, heloname):
    self.log("HELO",heloname)

    # Ini Setup
    self.PWmsg = ""
    if self.Cfqdn:
      if self.Cdynip:
        self.PWmsg = self.PWmsg + "Cdynip "             # yellow (self.Cipok) True:OK False:Error
      if self.Cipok == None:
        self.PWmsg = self.PWmsg + "ngCipok "            # error
      elif self.Cipok == False:
        self.PWmsg = self.PWmsg + "noCipok "            # error (self.Cdynip) True:Error False:(self.Hipok,self.Fipok) True:OK
    else:
      self.PWmsg = self.PWmsg + "noCfqdn "

    self.Hname = heloname.lower()
    self.Hipok = None
    self.Hmyd = None

    if not fqdn.match(self.Hname):
      self.Hfqdn = False
      self.Hdynip = None
      self.PWmsg = self.PWmsg + "noHfqdn "              # error (self.Cipok,self.Fipok) True:OK False:Error
      return Milter.CONTINUE

    self.Hfqdn = True
    self.Hmyd = self.my_domain_check(self.Hname)
    if self.Hmyd:
      self.PWmsg = self.PWmsg + "Hmyd "               # error
      return Milter.CONTINUE

    self.Hdynip = dynip(self.Hname, self.IP)
    if self.Hdynip:
      self.PWmsg = self.PWmsg + "Hdynip "             # yellow (self.Hipok) True:OK False:Error
      if self.Cdynip:
        if self.Cname == self.Hname:
          self.Hipok = self.Cipok
          if self.Hipok == None:
            self.PWmsg = self.PWmsg + "ngHipok "      # error
          elif self.Hipok == False:
            self.PWmsg = self.PWmsg + "noHipok "      # error (self.Cipok,self.Fipok) True:OK False:Error
          return Milter.CONTINUE
 
    if self.Cipok:
      if self.eq_domain_check(self.Cname, self.Hname): #type1
        self.Hipok = True
        return Milter.CONTINUE

      Hdmain = self.Hname
      pos = Hdmain.find('.')
      Hdmain = Hdmain[pos+1:]
      if fqdnjp.search(Hdmain):
        if self.eq_domain_check(self.Cname, Hdmain): #type2
          self.Hipok = True
          return Milter.CONTINUE

    self.Hipok = self.DNSCheck(heloname, self.IP)
    if (self.Hname != heloname) and (not self.Hdynip) and (not self.Hipok):
      self.Hipok = self.DNSCheck(self.Hname, self.IP)

    if self.Hipok == None:
      self.PWmsg = self.PWmsg + "ngHipok "            # error
    elif self.Hipok == False:
      self.PWmsg = self.PWmsg + "noHipok "            # error (self.Cipok,self.Fipok) True:OK False:Error

    return Milter.CONTINUE


#  @Milter.noreply
  def envfrom(self, mailfrom, *str):
    self.log("mail from:", mailfrom, *str)

    # Ini Setup
    self.Fname = mailfrom
    self.Fad = ''
    self.Fd = ''
    self.Ffqdn = None
    self.Fmyd = False
    self.Fipok = None
    self.Fdynip = None
    self.Relay = False
    
    self.Rname = []  # list of recipients
    self.RnER = False

#    if self.Hmyd:
#      return Milter.CONTINUE

    if self.Fname == '<>':
      return Milter.CONTINUE

    mb = parseaddr(self.Fname)
    ### self.log_debug('parseaddr(mailfrom):%s:(%s, %s)' % (self.Fname,mb[0],mb[1]))
    if (mb[1] == None) or (mb[1] == ''):
      self.Ffqdn = False
      self.PWmsg = self.PWmsg + "noFfqdn "              # error
      return Milter.CONTINUE

    self.Fad = mb[1]
    mf = parse_addr(mb[1])
    ### self.log_debug("domain parse_addr(mb[1]):%s:%d" % (mb[1],len(mf)))
    if len(mf) != 2:
      self.Ffqdn = False
      self.PWmsg = self.PWmsg + "noFfqdn "              # error
      return Milter.CONTINUE

    self.Fd = mf[1].lower()
    if not fqdn.match(self.Fd):
      self.Ffqdn = False
      self.PWmsg = self.PWmsg + "noFfqdn "              # error
      return Milter.CONTINUE

    self.Ffqdn = True

    self.Fmyd = self.my_domain_check(self.Fd)
    if self.Fmyd:
      self.PWmsg = self.PWmsg + "Fmyd "               # error
      return Milter.CONTINUE

    self.Fdynip = dynip(self.Fd, self.IP)
    if self.Fdynip:
      self.PWmsg = self.PWmsg + "Fdynip "             # error

    self.Fipok = self.DNSCheck(self.Fd, self.IP)
    if self.Fipok == None:
      self.PWmsg = self.PWmsg + "ngFipok "            # error
      return Milter.CONTINUE

    if (self.Fipok == False):
      self.PWmsg = self.PWmsg + "noFipok "            # OK
      if (self.Hipok):
        if not self.eq_domain_check(self.Hname, self.Fd):
          self.Relay = True
          self.PWmsg = self.PWmsg + "relay "              # yellow
      elif (self.Cipok):
        if not self.eq_domain_check(self.Cname, self.Fd):
          self.Relay = True
          self.PWmsg = self.PWmsg + "relay "              # yellow

    return Milter.CONTINUE


#  @Milter.noreply
  def envrcpt(self, recipient, *str):
## ������������������������������������������������������
    self.log("rcpt to:", recipient, ":", *str)
    self.Rname.append(recipient)
    
    if recipient.find('+') != -1:
      self.RnER = True
#######################Abort
      self.setreply('550','5.1.1','<%s>: Recipient address rejected: User unknown.' % (recipient))
      self.log_critical('550','(%s:%s) %s %s: Recipient address rejected: User unknown.' % (self.Hname,self.IP,self.Fname,recipient))
      self.send_admin1(recipient, u"���������������������", "abort")
      return Milter.REJECT

    return Milter.CONTINUE


#  @Milter.noreply
  def data(self):
    self.log_debug("data")

## Abort ���������������      
###++++++++++++++++++++Error  self.Fname == '<>'  self.Ffqdn == None  (postmaster) OK
    if (not self.Hfqdn) and (not self.Cipok) and (not self.Fipok):
      self.setreply('504','5.5.2','<%s>: Helo command rejected: need fully-qualified hostname.' % (self.Hname))
      self.log_critical('504','(%s:%s) %s %s: Helo command rejected: need fully-qualified hostname.' % (self.Hname,self.IP,self.Fname,self.Rname))
      return Milter.REJECT

###++++++++++++++++++++Error  self.Fname == '<>'  self.Ffqdn == None  (postmaster) OK
    if (not self.Cipok) and (not self.Hipok) and (not self.Fipok):
      self.setreply('550','5.7.1','(%s:%s): Helo command rejected: Host not found.' % (self.Hname,self.IP))
      self.log_critical('550','(%s:%s) %s %s: Helo command rejected: Host not found.' % (self.Hname,self.IP,self.Fname,self.Rname))
      return Milter.REJECT

## ������������������������������������
#######################Abort
    if self.Hmyd:
      self.setreply('504','5.5.2','<%s>: Helo command rejected: Breach of Local Policy.' % (self.Hname))
      self.log_critical('504','(%s:%s) %s %s: Helo command rejected: Breach of Local Policy.' % (self.Hname,self.IP,self.Fname,self.Rname))
      for rad in self.Rname:
        self.send_admin1(rad, u"���������������������������������������", "abort")
      return Milter.REJECT

#######################Abort
    if (self.Ffqdn == False) or (self.Fdynip):
      self.setreply('504','5.5.2','%s: Sender address rejected: need fully-qualified address.' % (self.Fname))
      self.log_critical('504','(%s:%s) %s %s: Sender address rejected: need fully-qualified address.' % (self.Hname,self.IP,self.Fname,self.Rname))
      for rad in self.Rname:
        self.send_admin1(rad, u"���������������������", "abort")
      return Milter.REJECT

#######################Abort
    if self.Fmyd:
      self.setreply('504','5.5.2','%s: Sender address rejected: Breach of Local Policy.' % (self.Fname))
      self.log_critical('504','(%s:%s) %s %s: Sender address rejected: Breach of Local Policy.' % (self.Hname,self.IP,self.Fname,self.Rname))
      for rad in self.Rname:
        self.send_admin1(rad, u"������������������������������", "abort")
      return Milter.REJECT

##  ������������������������������������������������������������
#######################Abort    self.Fname != '<>'
    if (self.Ffqdn) and (self.Fipok == None):
      self.setreply('550','5.7.1','%s: Sender address rejected: Breach of Domain.' % (self.Fname))
      self.log_critical('550','(%s:%s) %s %s: Sender address rejected: Breach of Domain.' % (self.Hname,self.IP,self.Fname,self.Rname))
      for rad in self.Rname:
        self.send_admin1(rad, u"������������������������������", "abort")
      return Milter.REJECT


    # Ini Setup
    self.FromAD = []
    self.HFrom = None
    self.HDate = None
    self.Subject = None
    self.HMid = None
    self.HList = None

#    if self.Relay:
#      self.log_warning('relay mail helo(%s:%s) from:%s to:%s' % (self.Hname, self.IP, self.Fname, ' '.join([m for m in self.Rname])))

    return Milter.CONTINUE


#  @Milter.noreply
  def header(self, name, hval):
    ### self.log_debug("header:%s: %s" % (name,hval))
    
    nbuf = name.lower()
    if nbuf == "from":
      ms = []
      adbuf = hval.split(',')
      for ad in adbuf:
        ma = parseaddr(ad)
        mn = parse_header(ma[0])
        ms.append(mn + ' <' + ma[1] + '>')
        self.FromAD.append((mn, ma[1]))
      mf = ",".join(ms)
      if not self.HFrom:
        self.HFrom = mf
      else:
        self.HFrom = self.HFrom + ',' + mf
      self.log_debug("Header-From-B:", hval)
      self.log("Header-From:", mf)
    elif nbuf == "date":
      self.HDate = hval
    elif nbuf == "subject":
      self.Subject = parse_header(hval)
      self.log_debug("Subject-B:", hval)
      self.log("Subject:", self.Subject)
    elif nbuf == "message-id":
      self.log("Message-ID:", hval)
      self.HMid = hval
    elif nbuf.startswith("list-"):
      self.HList = True

    return Milter.CONTINUE


#  @Milter.noreply
  def eoh(self):
    self.log_debug("eoh")

    if not self.HDate:
      self.PWmsg = self.PWmsg + "noHDate "              # error
    if not self.HMid:
      self.PWmsg = self.PWmsg + "noHMid "               # yellow (self.Cdynip,self.Hdynip,self.Relay) True:Error

#######################
    self.HFfqdn = None

    self.HFmyd = False
    self.HFdynip = None
    self.HFipok = None
#    self.HFadER = None
    self.HFdnok = None
    self.HFadok = None
    self.HFromAD = None

    if len(self.FromAD) != 1:
      self.HFadER = True
      self.PWmsg = self.PWmsg + "HFadER "
    else:
      self.HFadER = False
      ad = self.FromAD[0][1]
      self.HFromAD = ad
### ������������������������
      if (ad[0] == "'") and (ad[-1] == "'"):
        ad = ad[1:-1]
### ������������������������
      if (ad == None) or (ad == ''):
        self.HFfqdn = False
        self.PWmsg = self.PWmsg + "noHFfqdn "
      else:
        mf = parse_addr(ad)
        if len(mf) != 2:
          self.HFfqdn = False
          self.PWmsg = self.PWmsg + "noHFfqdn "
        else:
          dn = mf[1].lower()
          if not fqdn.match(dn):
            self.HFfqdn = False
            self.PWmsg = self.PWmsg + "noHFfqdn "
          else:
            self.HFfqdn = True
            self.HFmyd = self.my_domain_check(dn)
            if self.HFmyd:
              self.PWmsg = self.PWmsg + "HFmyd "
            else:
              self.HFdynip = dynip(dn, self.IP)
              if self.HFdynip:
                self.PWmsg = self.PWmsg + "HFdynip "
              self.HFipok = self.DNSCheck(dn, self.IP)
              if self.HFipok == None:
                self.PWmsg = self.PWmsg + "ngHFipok "
              elif self.HFipok == False:
                self.PWmsg = self.PWmsg + "noHFipok "
              if self.Ffqdn:
                if self.Fd == dn:
                  self.HFdnok = True
                else:
                  self.HFdnok = False
                  self.PWmsg = self.PWmsg + "noHFdnok "
                if self.Fad == ad:
                  self.HFadok = True
                else:
                  self.HFadok = False
                  self.PWmsg = self.PWmsg + "noHFadok "

    if self.HList:
      self.PWmsg = self.PWmsg + "List "

    if self.PWmsg != "":
      self.log("X-PWmail:", self.PWmsg)


##  ������������������������������������������������������������
#######################Abort    self.Fname != '<>'
##    if (self.Ffqdn) and (self.Fipok == None):
##      self.setreply('550','5.7.1','%s: Sender address rejected: Breach of Domain.' % (self.Fname))
##      self.log_critical('550','(%s:%s) %s %s: Sender address rejected: Breach of Domain.' % (self.Hname,self.IP,self.Fname,self.Rname))
##      for rad in self.Rname:
##        self.send_admin2(rad, u"������������������������������", "abort")
##      return Milter.REJECT


###--------------------Abort
    if not self.HDate:
      self.setreply('550','5.7.1','Breach of Header-Date Policy.')
      self.log_critical('550','Breach of Header-Date Policy.')
      for rad in self.Rname:
        self.send_admin2(rad, u"���������������������������", "abort")
      return Milter.REJECT

###--------------------Abort
    if (self.HFadER) or (not self.HFfqdn) or (self.HFmyd) or (self.HFdynip):
      self.setreply('550','5.7.1','%s: Breach of Header-From Local Policy.' % (','.join([m for d, m in self.FromAD])))
      self.log_critical('550','(%s): Breach of Header-From Local Policy.' % (','.join([m for d, m in self.FromAD])))
      for rad in self.Rname:
        self.send_admin2(rad, u"������������������", "abort")
      return Milter.REJECT

###--------------------Abort
#    if not self.HFfqdn:
#      self.setreply('550','5.7.1','%s: Header-From address rejected: need fully-qualified address.' % (self.HFromAD))
#      self.log_critical('550','%s: Header-From address rejected: need fully-qualified address.' % (self.HFromAD))
#      for rad in self.Rname:
#        self.send_admin2(rad, u"���������������������", "abort")
#      return Milter.REJECT

###--------------------Abort
    if not self.HMid:
      self.setreply('550','5.7.1','%s: Breach of Message-ID Local Policy.' % (','.join([m for d, m in self.FromAD])))
      self.log_critical('550','(%s): Breach of Message-ID Local Policy.' % (','.join([m for d, m in self.FromAD])))
      for rad in self.Rname:
        self.send_admin2(rad, u"Message-ID���������", "abort")
      return Milter.REJECT


## ������������������������������������������������������black
#  ���������������������������������������������������������self.send_admin���������������
# X-PWmail: Cdynip ngHipok noFipok relay noHFipok ���������������������
# X-PWmail: Cdynip noHfqdn noFipok relay noHFipok ���������������������

###--------------------Abort
    if (self.Cdynip) and ((self.Hipok == None) or (not self.Hfqdn)):
      self.setreply('550','5.7.1','(%s:%s): Helo command rejected: Host not found.' % (self.Hname,self.IP))
      self.log_critical('550','(%s:%s) %s %s: Helo command rejected: Host not found.' % (self.Hname,self.IP,self.Fname,self.Rname))
      for rad in self.Rname:
        self.send_admin3(rad, u"������������������������������������", "abort")
      return Milter.REJECT

    if (self.Cdynip) or (self.Hdynip) or ((self.Relay) and (self.HList)):
      msg = u"������������"
      if (self.Cdynip) or (self.Hdynip):
        msg = msg + u"������������������������������"
      if (self.Relay) and (self.HList):
        msg = msg + u"���������������������������"

      for rad in self.Rname:
        self.send_admin3(rad, msg, "black")


    return Milter.CONTINUE


  def eom(self):
    self.log_debug("eom")

    self.addheader('X-PWfrom',self.Fname)

    if self.PWmsg != "":
      self.addheader('X-PWmail',self.PWmsg)

    return Milter.CONTINUE

  def abort(self):
    self.log_debug("abort")
    return Milter.CONTINUE

  def close(self):
    #
    # End Setup
    #
    # always called, even when abort is called.  Clean up
    # any external resources here.
    self.log("close")
    return Milter.CONTINUE


  ## === Support Functions ===

  def my_domain_check(self,td):
    tl = len(td)
    for d, l in my_domainlist:
      if tl == l:
        if td == d:
          return True
      elif tl > l:
        if td.endswith(d):
          if td[tl - l -1] == '.':
            return True
    return False
  
  def eq_domain_check(self, td, d):
    tl = len(td)
    l = len(d)
    if tl == l:
      if td == d:
        return True
    elif tl > l:
      if td.endswith(d):
        if td[tl - l -1] == '.':
          return True
    return False

  def DNSCheck(self,name,ipad):
    aok = False
    rv = False
    rm = 'A'
    s = dnsSession()
    ads = s.dns(name, 'A')
    if len(ads) > 0:
      aok = True
      for a in ads:
        if a == ipad:
          rv = True
          break
    if rv == False:
      rm = 'MX'
      mxr = s.dns(name, 'MX')
      l = len(mxr)
      if l > 0:
        for v,n in mxr:
          ads = s.dns(n, 'A')
          if len(ads) > 0:
            for a in ads:
              if a == ipad:
                rv = True
              elif not a:
                rm = 'MA'
                rv = None
          else:
            ads = s.dns(n, 'AAAA')
            if len(ads) > 0:
              for a in ads:
                if not a:
                  rm = 'MAAAA'
                  rv = None
            else:
              rm = 'MA'
              rv = None
      else:
        if aok == False:
          rv = None
    return rv

  def log_debug(self, *msg):
    my_logger.debug('[%d] %s',self.id,' '.join([str(m) for m in msg]))

  def log(self,*msg):
    my_logger.info('[%d] %s',self.id,' '.join([str(m) for m in msg]))

  def log_warning(self, *msg):
    my_logger.warning('[%d] %s',self.id,' '.join([str(m) for m in msg]))

  def log_error(self, *msg):
    my_logger.error('[%d] %s',self.id,' '.join([str(m) for m in msg]))

  def log_critical(self, *msg):
    my_logger.critical('[%d] %s',self.id,' '.join([str(m) for m in msg]))


## ===
    
def main():
## smtpd_milters = unix:private/pwmailsock
##  socketname = "inet:port@localhost"
##  sockettimeout = 600
  my_logger.info("pwmailr startup")

  global my_domainlist
  s = sys.argv[1]
  for v in s.split(','):
    p = (v,len(v))
    my_domainlist = my_domainlist + (p,)

  my_logger.info("mydomain:" + str(my_domainlist))

  # Register to have the Milter factory create instances of your class:
#  protocol_flags = Milter.P_NR_CONN + Milter.P_NR_HELO + Milter.P_NR_MAIL + Milter.P_NR_RCPT 
#  protocol_flags += Milter.P_NR_DATA + Milter.P_NR_HDR + Milter.P_NR_EOH
#  Milter.factory = Milter.enable_protocols(myMilter, protocol_flags)

  Milter.factory = myMilter
  flags = Milter.ADDHDRS
  Milter.set_flags(flags)       # tell Sendmail which features we use

  Milter.runmilter("pwmailr",socketname,sockettimeout)
  my_logger.info("pwmailr shutdown")

if __name__ == "__main__":
  main()
