ports//mail/libspf2/work/libspf2-1.2.5/src/include/spf

/* 
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of either:
 * 
 *   a) The GNU Lesser General Public License as published by the Free
 *      Software Foundation; either version 2.1, or (at your option) any
 *      later version,
 * 
 *   OR
 * 
 *   b) The two-clause BSD license.
 *
 * These licenses can be found with the distribution in the file LICENSES
 */

#ifndef INC_SPF_SERVER
#define INC_SPF_SERVER

typedef struct SPF_server_struct SPF_server_t;

#include "spf_record.h"
#include "spf_dns.h"

#ifndef SPF_MAX_DNS_MECH
/* It is a bad idea to change this for two reasons.
 *
 * First, the obvious reason is the delays caused on the mail server
 * you are running.  DNS lookups that timeout can be *very* time
 * consuming, and even successful DNS lookups can take 200-500ms.
 * Many MTAs can't afford to wait long and even 2sec is pretty bad.
 *
 * The second, and more important reason, is the SPF records come from
 * a third party which may be malicious.  This third party can direct
 * DNS lookups to be sent to anyone.  If there isn't a limit, then it
 * is easy for someone to create a distributed denial of service
 * attack simply by sending a bunch of emails.  Unlike the delays on
 * your system caused by many DNS lookups, you might not even notice
 * that you are being used as part of a DDoS attack.
 */
#define SPF_MAX_DNS_MECH 10
#endif
#ifndef SPF_MAX_DNS_PTR
/* It is a bad idea to change this for the same reasons as mentioned
 * above for SPF_MAX_DNS_MECH
 */
#define SPF_MAX_DNS_PTR   5
#endif
#ifndef SPF_MAX_DNS_MX
/* It is a bad idea to change this for the same reasons as mentioned
 * above for SPF_MAX_DNS_MECH
 */
#define SPF_MAX_DNS_MX    5
#endif

struct SPF_server_struct {
	SPF_dns_server_t*resolver;		/* SPF DNS resolver */
	SPF_record_t	*local_policy;	/* Local policies */
	SPF_macro_t		*explanation;	/* Explanation string */

	char			*rec_dom;		/* Default receiving domain */

	int				 max_dns_mech;	/* DoS limit on SPF mechanisms */
	int				 max_dns_ptr;	/* DoS limit on PTR records */
	int				 max_dns_mx;	/* DoS limit on MX records */

	int				 sanitize;		/* limit charset in messages */
	int				 debug;			/* print debug info */
};

typedef
enum SPF_server_dnstype_enum {
	SPF_DNS_RESOLV, SPF_DNS_CACHE
} SPF_server_dnstype_t;

SPF_server_t	*SPF_server_new(SPF_server_dnstype_t dnstype,int debug);
void			 SPF_server_free(SPF_server_t *sp);
SPF_errcode_t	 SPF_server_set_rec_dom(SPF_server_t *sp,
					const char *dom);
SPF_errcode_t	 SPF_server_set_sanitize(SPF_server_t *sp,
					int sanitize);
SPF_errcode_t	 SPF_server_set_explanation(SPF_server_t *sp,
					const char *exp, SPF_response_t **spf_responsep);
SPF_errcode_t	 SPF_server_set_localpolicy(SPF_server_t *sp,
					const char *policy, int use_default_whitelist,
					SPF_response_t **spf_responsep);

SPF_errcode_t	 SPF_server_get_record(SPF_server_t *spf_server,
					SPF_request_t *spf_request,
					SPF_response_t *spf_response,
					SPF_record_t **spf_recordp);

#define SPF_DECL_ACCESS_INT(f) \
	SPF_errcode_t \
		SPF_server_set_max_dns_mech(SPF_server_t *spf_server, int n); \
	int \
		SPF_server_get_max_dns_mech(SPF_server_t *spf_server);

SPF_DECL_ACCESS_INT(max_dns_mech);
SPF_DECL_ACCESS_INT(max_dns_ptr);
SPF_DECL_ACCESS_INT(max_dns_mx);

#endif
syntax highlighted by Code2HTML, v. 0.9.1