implement only monitoring dns blocklists, without using them for incoming deliveries

so you can still know when someone has put you on their blocklist (which may affect delivery), without using them. also query dnsbls for our ips more often when we do more outgoing connections for delivery: once every 100 messages, but at least 5 mins and at most 3 hours since the previous check.
2025-07-10 07:14:40 +03:00 · 2024-03-05 16:30:38 +01:00
parent e0c36edb8f
commit 15e450df61
13 changed files with 305 additions and 83 deletions
--- a/mox-/admin.go
+++ b/mox-/admin.go
@ -1069,6 +1069,35 @@ func AccountLimitsSave(ctx context.Context, account string, maxOutgoingMessagesP
 	return nil
 }

+func MonitorDNSBLsSave(ctx context.Context, zones []dns.Domain) (rerr error) {
+	log := pkglog.WithContext(ctx)
+	defer func() {
+		if rerr != nil {
+			log.Errorx("saving monitor dnsbl zones", rerr)
+		}
+	}()
+
+	Conf.dynamicMutex.Lock()
+	defer Conf.dynamicMutex.Unlock()
+
+	c := Conf.Dynamic
+
+	// Compose new config without modifying existing data structures. If we fail, we
+	// leave no trace.
+	nc := c
+	nc.MonitorDNSBLs = make([]string, len(zones))
+	nc.MonitorDNSBLZones = nil
+	for i, z := range zones {
+		nc.MonitorDNSBLs[i] = z.Name()
+	}
+
+	if err := writeDynamic(ctx, log, nc); err != nil {
+		return fmt.Errorf("writing domains.conf: %v", err)
+	}
+	log.Info("monitor dnsbl zones saved")
+	return nil
+}
+
 type TLSMode uint8

 const (