Mercurial > dnsbl

comparison src/context.cpp @ 326:5e4b5540c8cc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
allow multiple dkim signers in authentication results
author Carl Byington <carl@five-ten-sg.com>
date Sun, 18 Dec 2016 16:51:33 -0800
parents b6f173ac5209
children c9932c4d8053
comparison
equal deleted inserted replaced
325:28b6e0d97c5b 326:5e4b5540c8cc
1097 if (!dnswl_list_parsed && parent) return parent->get_dnswl_list(); 1097 if (!dnswl_list_parsed && parent) return parent->get_dnswl_list();
1098 return dnswl_list; 1098 return dnswl_list;
1099 } 1099 }
1100 1100
1101 1101
1102 bool CONTEXT::acceptable_content(recorder &memory, int score, int bulk, const char *signer, const char *from, string& msg) { 1102 bool CONTEXT::acceptable_content(recorder &memory, int score, int bulk, string_set &signers, const char *from, string& msg) {
1103 const char *st = find_dkim_signer(signer); 1103 DKIMP dk = find_dkim_from(from);
1104 if (st == token_white) return true; 1104 bool requirement = false;
1105 if (st == token_black) { 1105 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) {
1106 const char *st = find_dkim_signer(*s);
1107 // signed by a white listed signer
1108 if (st == token_white) return true;
1109 // signed by a black listed signer
1110 if (st == token_black) {
1111 char buf[maxlen];
1112 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", *s);
1113 msg = string(buf);
1114 return false;
1115 }
1116
1117 if (dk) {
1118 st = dk->action;
1119 // signed by a white listed signer
1120 if ((st == token_signed_white) && (strcasecmp(*s,dk->signer) == 0)) return true;
1121 // is it signed by the required signer
1122 if ((st == token_require_signed) && (strcasecmp(*s,dk->signer) == 0)) requirement = true;
1123 // signed by a black listed signer
1124 if ((st == token_signed_black) && (strcasecmp(*s,dk->signer) == 0)) {
1125 char buf[maxlen];
1126 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", dk->signer);
1127 msg = string(buf);
1128 return false;
1129 }
1130 }
1131 }
1132
1133 if (dk && (dk->action == token_require_signed) && !requirement) {
1106 char buf[maxlen]; 1134 char buf[maxlen];
1107 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", signer); 1135 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer);
1108 msg = string(buf); 1136 msg = string(buf);
1109 return false; 1137 return false;
1110 }
1111
1112 DKIMP dk = find_dkim_from(from);
1113 if (dk) {
1114 st = dk->action;
1115 // signed by a white listed signer
1116 if ((st == token_signed_white) && (strcasecmp(signer,dk->signer) == 0)) return true;
1117 // not signed by the required signer
1118 if ((st == token_require_signed) && (strcasecmp(signer,dk->signer) != 0)) {
1119 char buf[maxlen];
1120 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer);
1121 msg = string(buf);
1122 return false;
1123 }
1124 // signed by a black listed signer
1125 if ((st == token_signed_black) && (strcasecmp(signer,dk->signer) == 0)) {
1126 char buf[maxlen];
1127 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", dk->signer);
1128 msg = string(buf);
1129 return false;
1130 }
1131 } 1138 }
1132 1139
1133 if (spamassassin_limit && (score > spamassassin_limit)) { 1140 if (spamassassin_limit && (score > spamassassin_limit)) {
1134 char buf[maxlen]; 1141 char buf[maxlen];
1135 snprintf(buf, sizeof(buf), "Mail rejected - spam assassin score %d", score); 1142 snprintf(buf, sizeof(buf), "Mail rejected - spam assassin score %d", score);