Mercurial > dnsbl
comparison src/dnsbl.cpp @ 326:5e4b5540c8cc
allow multiple dkim signers in authentication results
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Sun, 18 Dec 2016 16:51:33 -0800 |
| parents | 28b6e0d97c5b |
| children | 51846836ec92 |
comparison
equal
deleted
inserted
replaced
| 325:28b6e0d97c5b | 326:5e4b5540c8cc |
|---|---|
| 523 helo = NULL; | 523 helo = NULL; |
| 524 mailaddr = NULL; | 524 mailaddr = NULL; |
| 525 fromaddr = NULL; | 525 fromaddr = NULL; |
| 526 header_count = 0; | 526 header_count = 0; |
| 527 dkim_ok = true; | 527 dkim_ok = true; |
| 528 dkim_signer = NULL; | |
| 529 queueid = NULL; | 528 queueid = NULL; |
| 530 authenticated = NULL; | 529 authenticated = NULL; |
| 531 client_name = NULL; | 530 client_name = NULL; |
| 532 client_dns_name = NULL; | 531 client_dns_name = NULL; |
| 533 client_dns_forged = false; | 532 client_dns_forged = false; |
| 572 delete dwp; | 571 delete dwp; |
| 573 delayer.pop_front(); | 572 delayer.pop_front(); |
| 574 } | 573 } |
| 575 if (mailaddr) free((void*)mailaddr); | 574 if (mailaddr) free((void*)mailaddr); |
| 576 if (fromaddr) free((void*)fromaddr); | 575 if (fromaddr) free((void*)fromaddr); |
| 577 if (dkim_signer) free((void*)dkim_signer); | |
| 578 if (queueid) free((void*)queueid); | 576 if (queueid) free((void*)queueid); |
| 579 if (authenticated) free((void*)authenticated); | 577 if (authenticated) free((void*)authenticated); |
| 580 if (client_name) free((void*)client_name); | 578 if (client_name) free((void*)client_name); |
| 581 if (client_dns_name) free((void*)client_dns_name); | 579 if (client_dns_name) free((void*)client_dns_name); |
| 580 discard(dkim_signers); | |
| 582 discard(hosts_uribl); | 581 discard(hosts_uribl); |
| 583 delayer.clear(); | 582 delayer.clear(); |
| 584 discard(env_to); | 583 discard(env_to); |
| 585 if (memory) delete memory; | 584 if (memory) delete memory; |
| 586 if (scanner) delete scanner; | 585 if (scanner) delete scanner; |
| 591 eom = false; | 590 eom = false; |
| 592 mailaddr = NULL; | 591 mailaddr = NULL; |
| 593 fromaddr = NULL; | 592 fromaddr = NULL; |
| 594 header_count = 0; | 593 header_count = 0; |
| 595 dkim_ok = true; | 594 dkim_ok = true; |
| 596 dkim_signer = NULL; | |
| 597 queueid = NULL; | 595 queueid = NULL; |
| 598 authenticated = NULL; | 596 authenticated = NULL; |
| 599 client_name = NULL; | 597 client_name = NULL; |
| 600 client_dns_name = NULL; | 598 client_dns_name = NULL; |
| 601 host_uribl = NULL; | 599 host_uribl = NULL; |
| 1472 if (strcasecmp(headerf, "Authentication-Results") != 0) priv.dkim_ok = false; | 1470 if (strcasecmp(headerf, "Authentication-Results") != 0) priv.dkim_ok = false; |
| 1473 if (strncasecmp(headerv, token_myhostname, strlen(token_myhostname)) != 0) priv.dkim_ok = false; | 1471 if (strncasecmp(headerv, token_myhostname, strlen(token_myhostname)) != 0) priv.dkim_ok = false; |
| 1474 if (priv.dkim_ok) { | 1472 if (priv.dkim_ok) { |
| 1475 const int nmatch = 2; | 1473 const int nmatch = 2; |
| 1476 regmatch_t match[nmatch]; | 1474 regmatch_t match[nmatch]; |
| 1477 if (0 == regexec(&dkim_pattern, msg, nmatch, match, 0)) { | 1475 while (true) { |
| 1478 int s1 = match[1].rm_so; // domain | 1476 if (0 == regexec(&dkim_pattern, msg, nmatch, match, 0)) { |
| 1479 int e1 = match[1].rm_eo; | 1477 int s1 = match[1].rm_so; // domain |
| 1480 if (s1 != -1) { | 1478 int e1 = match[1].rm_eo; |
| 1481 msg[e1] = '\0'; | 1479 if (s1 != -1) { |
| 1482 priv.dkim_signer = strdup(msg+s1); | 1480 msg[e1] = '\0'; |
| 1481 priv.dkim_signers.insert(strdup(msg+s1)); | |
| 1482 } | |
| 1483 } | 1483 } |
| 1484 else break; | |
| 1484 } | 1485 } |
| 1485 } | 1486 } |
| 1486 } | 1487 } |
| 1487 if ((priv.header_count > 2) && (strcasecmp(headerf, "from"))) { | 1488 if ((priv.header_count > 2) && (strcasecmp(headerf, "from"))) { |
| 1488 const int nmatch = 2; | 1489 const int nmatch = 2; |
| 1580 char buf[maxlen]; | 1581 char buf[maxlen]; |
| 1581 string msg; | 1582 string msg; |
| 1582 string_set alive; | 1583 string_set alive; |
| 1583 bool random = false; | 1584 bool random = false; |
| 1584 int limit = 0; | 1585 int limit = 0; |
| 1585 snprintf(buf, sizeof(buf), "acceptable content from %s signer %s", (priv.fromaddr) ? priv.fromaddr : token_asterisk, (priv.dkim_signer) ? priv.dkim_signer : token_asterisk); | 1586 if (priv.dkim_signers.empty()) { |
| 1586 my_syslog(&priv, buf); | 1587 snprintf(buf, sizeof(buf), "acceptable content from %s signer *", |
| 1588 (priv.fromaddr) ? priv.fromaddr : token_asterisk); | |
| 1589 my_syslog(&priv, buf); | |
| 1590 } | |
| 1591 else { | |
| 1592 for (string_set::iterator s=priv.dkim_signers.begin(); s!=priv.dkim_signers.end(); s++) { | |
| 1593 snprintf(buf, sizeof(buf), "acceptable content from %s signer %s", | |
| 1594 (priv.fromaddr) ? priv.fromaddr : token_asterisk, *s); | |
| 1595 my_syslog(&priv, buf); | |
| 1596 } | |
| 1597 } | |
| 1587 | 1598 |
| 1588 for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) { | 1599 for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) { |
| 1589 const char *rcpt = (*i).first; | 1600 const char *rcpt = (*i).first; |
| 1590 CONTEXT &con = *((*i).second); | 1601 CONTEXT &con = *((*i).second); |
| 1591 if (!con.acceptable_content(*priv.memory, score, bulk, priv.dkim_signer, priv.fromaddr, msg)) { | 1602 if (!con.acceptable_content(*priv.memory, score, bulk, priv.dkim_signers, priv.fromaddr, msg)) { |
| 1592 // bad html tags or excessive hosts or | 1603 // bad html tags or excessive hosts or |
| 1593 // high spam assassin score or dcc bulk threshold exceedeed | 1604 // high spam assassin score or dcc bulk threshold exceedeed |
| 1594 // or signed by a dkim signer that we don't like | 1605 // or signed by a dkim signer that we don't like |
| 1595 // or header from requires dkim signer that is missing | 1606 // or header from requires dkim signer that is missing |
| 1596 smfi_delrcpt(ctx, (char*)rcpt); | 1607 smfi_delrcpt(ctx, (char*)rcpt); |