From c500696487f953274d0513f4aa8dbf60fec7c1a2 Mon Sep 17 00:00:00 2001 From: Thomas Waldmann Date: Mon, 8 Nov 2021 22:44:04 +0100 Subject: [PATCH] enable blacklisting of email addresses (regex) we had email domain blacklisting before, but this is more powerful. --- src/nsupdate/accounts/registration_form.py | 10 +++++----- src/nsupdate/settings/base.py | 7 ++++--- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/src/nsupdate/accounts/registration_form.py b/src/nsupdate/accounts/registration_form.py index 99e2a74..d65a4cc 100644 --- a/src/nsupdate/accounts/registration_form.py +++ b/src/nsupdate/accounts/registration_form.py @@ -21,7 +21,7 @@ resolver.lifetime = 5.0 resolver.nameservers = settings.NAMESERVERS -maildomain_blacklist = settings.MAILDOMAIN_BLACKLIST.strip().splitlines() +email_blacklist = settings.EMAIL_BLACKLIST.strip().splitlines() def check_mx(domain): @@ -49,9 +49,9 @@ def check_mx(domain): return valid -def check_blacklist(domain): - for blacklisted_re in maildomain_blacklist: - if re.search(blacklisted_re, domain): +def check_blacklist(email): + for blacklisted_re in email_blacklist: + if re.search(blacklisted_re, email): return False return True @@ -68,7 +68,7 @@ class RegistrationFormValidateEmail(RegistrationForm): valid_mx = check_mx(domain) except Exception as e: logger.exception('RegistrationFormValidateEmail raised an exception:') - not_blacklisted = check_blacklist(domain) + not_blacklisted = check_blacklist(email) if valid_mx and not_blacklisted: return email logger.info('RegistrationFormValidateEmail: rejecting email address %r' % email) diff --git a/src/nsupdate/settings/base.py b/src/nsupdate/settings/base.py index 76063e8..47c140e 100644 --- a/src/nsupdate/settings/base.py +++ b/src/nsupdate/settings/base.py @@ -62,12 +62,13 @@ BAD_HOSTS = set([]) # please configure your own nameservers in your local settings file. NAMESERVERS = ['8.8.8.8', '1.1.1.1', ] -# registration email validation: disallow specific email domains, +# registration email validation: disallow specific email patterns, # e.g. domains that have a non-working mx / that are frequently abused. # we use a multiline string here with one regex per line (used with re.search). -# the domains given below are just examples, please configure your own +# the patterns given below are just examples, please configure your own # regexes in your local settings file. -MAILDOMAIN_BLACKLIST = r""" +EMAIL_BLACKLIST = r""" +foobar@example\.org$ mailcatch\.com$ mailspam\.xyz$ """