Mercurial > dnsbl

comparison src/context.cpp @ 381:879a470c6ac3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fetch spf txt records for required dkim signers
author Carl Byington <carl@five-ten-sg.com>
date Tue, 28 Feb 2017 17:02:07 -0800
parents fd145e9a3df0
children c378e9d03f37
comparison
equal deleted inserted replaced
380:0495e767bfb7 381:879a470c6ac3
1120 p++; 1120 p++;
1121 } while (true); 1121 } while (true);
1122 } 1122 }
1123 1123
1124 1124
1125 const char *CONTEXT::acceptable_content(recorder &memory, int score, int bulk, const char *queueid, string_set &signers, const char *from, string& msg) { 1125 #ifdef NS_PACKETSZ
1126 bool CONTEXT::resolve_spf(const char *from, int32_t ip, mlfiPriv *priv)
1127 {
1128 char buf[maxlen];
1129 dns_interface(*priv, from, ns_t_txt, false, NULL, buf, maxlen);
1130 if (*buf) {
1131 log(priv->queueid, "found txt record %s", buf);
1132 }
1133 return false;
1134 }
1135 #endif
1136
1137
1138 const char *CONTEXT::acceptable_content(recorder &memory, int score, int bulk, const char *queueid, string_set &signers, const char *from, mlfiPriv *priv, string& msg) {
1126 DKIMP dk = find_dkim_from(from); 1139 DKIMP dk = find_dkim_from(from);
1127 1140
1128 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { 1141 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) {
1129 const char *st = find_dkim_signer(*s); 1142 const char *st = find_dkim_signer(*s);
1130 // signed by a white listed signer 1143 // signed by a white listed signer
1154 msg = string(buf); 1167 msg = string(buf);
1155 return token_black; 1168 return token_black;
1156 } 1169 }
1157 } 1170 }
1158 if (st == token_require_signed) { 1171 if (st == token_require_signed) {
1172 #ifdef NS_PACKETSZ
1173 // not signed by the required signers, but maybe passes strong spf check
1174 if (resolve_spf(from, priv->ip, priv) {
1175 log(queueid, "spf pass for %s rather than required dkim signer", from);
1176 return token_white;
1177 }
1178 #endif
1159 char buf[maxlen]; 1179 char buf[maxlen];
1160 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer); 1180 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer);
1161 msg = string(buf); 1181 msg = string(buf);
1162 return token_black; 1182 return token_black;
1163 } 1183 }