Mercurial > dnsbl
comparison src/context.cpp @ 331:9800776436b9
allow dkim whitelisting to override uribl hosts in the mail body
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Mon, 19 Dec 2016 15:32:32 -0800 |
| parents | b5b93a7e1e6d |
| children | ed04479a8e12 |
comparison
equal
deleted
inserted
replaced
| 330:b5b93a7e1e6d | 331:9800776436b9 |
|---|---|
| 1106 my_syslog(queueid, buf); | 1106 my_syslog(queueid, buf); |
| 1107 } | 1107 } |
| 1108 } | 1108 } |
| 1109 | 1109 |
| 1110 | 1110 |
| 1111 bool CONTEXT::acceptable_content(recorder &memory, int score, int bulk, const char *queueid, string_set &signers, const char *from, string& msg) { | 1111 const char *CONTEXT::acceptable_content(recorder &memory, int score, int bulk, const char *queueid, string_set &signers, const char *from, string& msg) { |
| 1112 DKIMP dk = find_dkim_from(from); | 1112 DKIMP dk = find_dkim_from(from); |
| 1113 bool requirement = false; | 1113 bool requirement = false; |
| 1114 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { | 1114 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { |
| 1115 const char *st = find_dkim_signer(*s); | 1115 const char *st = find_dkim_signer(*s); |
| 1116 // signed by a white listed signer | 1116 // signed by a white listed signer |
| 1117 if (st == token_white) { | 1117 if (st == token_white) { |
| 1118 log(queueid, "whitelisted dkim signer %s", *s); | 1118 log(queueid, "whitelisted dkim signer %s", *s); |
| 1119 return true; | 1119 return token_white; |
| 1120 } | 1120 } |
| 1121 // signed by a black listed signer | 1121 // signed by a black listed signer |
| 1122 if (st == token_black) { | 1122 if (st == token_black) { |
| 1123 char buf[maxlen]; | 1123 char buf[maxlen]; |
| 1124 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", *s); | 1124 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", *s); |
| 1125 msg = string(buf); | 1125 msg = string(buf); |
| 1126 return false; | 1126 return token_black; |
| 1127 } | 1127 } |
| 1128 | 1128 |
| 1129 if (dk) { | 1129 if (dk) { |
| 1130 st = dk->action; | 1130 st = dk->action; |
| 1131 // signed by a white listed signer | 1131 // signed by a white listed signer |
| 1132 if ((st == token_signed_white) && (strcasecmp(*s,dk->signer) == 0)) { | 1132 if ((st == token_signed_white) && (strcasecmp(*s,dk->signer) == 0)) { |
| 1133 log(queueid, "whitelisted dkim signer %s", *s); | 1133 log(queueid, "whitelisted dkim signer %s", *s); |
| 1134 return true; | 1134 return token_white; |
| 1135 } | 1135 } |
| 1136 // signed by the required signer | 1136 // signed by the required signer |
| 1137 if ((st == token_require_signed) && (strcasecmp(*s,dk->signer) == 0)) { | 1137 if ((st == token_require_signed) && (strcasecmp(*s,dk->signer) == 0)) { |
| 1138 log(queueid, "required dkim signer %s", *s); | 1138 log(queueid, "required dkim signer %s", *s); |
| 1139 requirement = true; | 1139 requirement = true; |
| 1141 // signed by a black listed signer | 1141 // signed by a black listed signer |
| 1142 if ((st == token_signed_black) && (strcasecmp(*s,dk->signer) == 0)) { | 1142 if ((st == token_signed_black) && (strcasecmp(*s,dk->signer) == 0)) { |
| 1143 char buf[maxlen]; | 1143 char buf[maxlen]; |
| 1144 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", dk->signer); | 1144 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", dk->signer); |
| 1145 msg = string(buf); | 1145 msg = string(buf); |
| 1146 return false; | 1146 return token_black; |
| 1147 } | 1147 } |
| 1148 } | 1148 } |
| 1149 } | 1149 } |
| 1150 | 1150 |
| 1151 if (dk && (dk->action == token_require_signed) && !requirement) { | 1151 if (dk && (dk->action == token_require_signed)) { |
| 1152 char buf[maxlen]; | 1152 if (requirement) return token_white; |
| 1153 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer); | 1153 else { |
| 1154 msg = string(buf); | 1154 char buf[maxlen]; |
| 1155 return false; | 1155 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer); |
| 1156 msg = string(buf); | |
| 1157 return token_black; | |
| 1158 } | |
| 1156 } | 1159 } |
| 1157 | 1160 |
| 1158 if (spamassassin_limit && (score > spamassassin_limit)) { | 1161 if (spamassassin_limit && (score > spamassassin_limit)) { |
| 1159 char buf[maxlen]; | 1162 char buf[maxlen]; |
| 1160 snprintf(buf, sizeof(buf), "Mail rejected - spam assassin score %d", score); | 1163 snprintf(buf, sizeof(buf), "Mail rejected - spam assassin score %d", score); |
| 1161 msg = string(buf); | 1164 msg = string(buf); |
| 1162 return false; | 1165 return token_black; |
| 1163 } | 1166 } |
| 1164 if (dcc_bulk_threshold && (bulk >= dcc_bulk_threshold)) { | 1167 if (dcc_bulk_threshold && (bulk >= dcc_bulk_threshold)) { |
| 1165 char buf[maxlen]; | 1168 char buf[maxlen]; |
| 1166 snprintf(buf, sizeof(buf), "Mail rejected - dcc score %d", bulk); | 1169 snprintf(buf, sizeof(buf), "Mail rejected - dcc score %d", bulk); |
| 1167 msg = string(buf); | 1170 msg = string(buf); |
| 1168 return false; | 1171 return token_black; |
| 1169 } | 1172 } |
| 1170 if (memory.excessive_bad_tags(tag_limit)) { | 1173 if (memory.excessive_bad_tags(tag_limit)) { |
| 1171 msg = string(tag_limit_message); | 1174 msg = string(tag_limit_message); |
| 1172 return false; | 1175 return token_black; |
| 1173 } | 1176 } |
| 1174 if (!host_random && memory.excessive_hosts(host_limit)) { | 1177 if (!host_random && memory.excessive_hosts(host_limit)) { |
| 1175 msg = string(host_limit_message); | 1178 msg = string(host_limit_message); |
| 1176 return false; | 1179 return token_black; |
| 1177 } | 1180 } |
| 1178 return true; | 1181 return token_unknown; |
| 1179 } | 1182 } |
| 1180 | 1183 |
| 1181 | 1184 |
| 1182 void CONTEXT::dump(bool isdefault, bool &spamass, int level) { | 1185 void CONTEXT::dump(bool isdefault, bool &spamass, int level) { |
| 1183 char indent[maxlen]; | 1186 char indent[maxlen]; |