Mercurial > dnsbl
comparison src/context.cpp @ 329:c9932c4d8053
allow multiple dkim signers in authentication results
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Mon, 19 Dec 2016 08:29:16 -0800 |
| parents | 5e4b5540c8cc |
| children | b5b93a7e1e6d |
comparison
equal
deleted
inserted
replaced
| 328:b4f766947202 | 329:c9932c4d8053 |
|---|---|
| 1097 if (!dnswl_list_parsed && parent) return parent->get_dnswl_list(); | 1097 if (!dnswl_list_parsed && parent) return parent->get_dnswl_list(); |
| 1098 return dnswl_list; | 1098 return dnswl_list; |
| 1099 } | 1099 } |
| 1100 | 1100 |
| 1101 | 1101 |
| 1102 bool CONTEXT::acceptable_content(recorder &memory, int score, int bulk, string_set &signers, const char *from, string& msg) { | 1102 void CONTEXT::log(const char *queueid, const char *msg, const char *v) { |
| 1103 char buf[maxlen]; | |
| 1104 snprintf(buf, maxlen, msg, v); | |
| 1105 my_syslog(queueid, buf); | |
| 1106 } | |
| 1107 | |
| 1108 | |
| 1109 bool CONTEXT::acceptable_content(recorder &memory, int score, int bulk, const char *queueid, string_set &signers, const char *from, string& msg) { | |
| 1103 DKIMP dk = find_dkim_from(from); | 1110 DKIMP dk = find_dkim_from(from); |
| 1104 bool requirement = false; | 1111 bool requirement = false; |
| 1105 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { | 1112 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { |
| 1106 const char *st = find_dkim_signer(*s); | 1113 const char *st = find_dkim_signer(*s); |
| 1107 // signed by a white listed signer | 1114 // signed by a white listed signer |
| 1108 if (st == token_white) return true; | 1115 if (st == token_white) { |
| 1116 log(queueid, "whitelisted dkim signer %s", *s); | |
| 1117 return true; | |
| 1118 } | |
| 1109 // signed by a black listed signer | 1119 // signed by a black listed signer |
| 1110 if (st == token_black) { | 1120 if (st == token_black) { |
| 1111 char buf[maxlen]; | 1121 char buf[maxlen]; |
| 1112 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", *s); | 1122 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", *s); |
| 1113 msg = string(buf); | 1123 msg = string(buf); |
| 1115 } | 1125 } |
| 1116 | 1126 |
| 1117 if (dk) { | 1127 if (dk) { |
| 1118 st = dk->action; | 1128 st = dk->action; |
| 1119 // signed by a white listed signer | 1129 // signed by a white listed signer |
| 1120 if ((st == token_signed_white) && (strcasecmp(*s,dk->signer) == 0)) return true; | 1130 if ((st == token_signed_white) && (strcasecmp(*s,dk->signer) == 0)) { |
| 1121 // is it signed by the required signer | 1131 log(queueid, "whitelisted dkim signer %s", *s); |
| 1122 if ((st == token_require_signed) && (strcasecmp(*s,dk->signer) == 0)) requirement = true; | 1132 return true; |
| 1133 } | |
| 1134 // signed by the required signer | |
| 1135 if ((st == token_require_signed) && (strcasecmp(*s,dk->signer) == 0)) { | |
| 1136 log(queueid, "required dkim signer %s", *s); | |
| 1137 requirement = true; | |
| 1138 } | |
| 1123 // signed by a black listed signer | 1139 // signed by a black listed signer |
| 1124 if ((st == token_signed_black) && (strcasecmp(*s,dk->signer) == 0)) { | 1140 if ((st == token_signed_black) && (strcasecmp(*s,dk->signer) == 0)) { |
| 1125 char buf[maxlen]; | 1141 char buf[maxlen]; |
| 1126 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", dk->signer); | 1142 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", dk->signer); |
| 1127 msg = string(buf); | 1143 msg = string(buf); |
| 1209 for (string_map::iterator i=dkim_signer_names.begin(); i!=dkim_signer_names.end(); i++) { | 1225 for (string_map::iterator i=dkim_signer_names.begin(); i!=dkim_signer_names.end(); i++) { |
| 1210 const char *n = (*i).first; | 1226 const char *n = (*i).first; |
| 1211 const char *a = (*i).second; | 1227 const char *a = (*i).second; |
| 1212 printf("%s %s %s; \n", indent, n, a); | 1228 printf("%s %s %s; \n", indent, n, a); |
| 1213 } | 1229 } |
| 1214 printf("%s } \n", indent); | 1230 printf("%s }; \n", indent); |
| 1215 printf("%s dkim_from { \n", indent); | 1231 printf("%s dkim_from { \n", indent); |
| 1216 for (dkimp_map::iterator i=dkim_from_names.begin(); i!=dkim_from_names.end(); i++) { | 1232 for (dkimp_map::iterator i=dkim_from_names.begin(); i!=dkim_from_names.end(); i++) { |
| 1217 const char *n = (*i).first; | 1233 const char *n = (*i).first; |
| 1218 DKIM &d = *(*i).second; | 1234 DKIM &d = *(*i).second; |
| 1219 printf("%s %s %s %s; \n", indent, n, d.action, d.signer); | 1235 printf("%s %s %s %s; \n", indent, n, d.action, d.signer); |
| 1220 } | 1236 } |
| 1221 printf("%s } \n", indent); | 1237 printf("%s }; \n", indent); |
| 1222 if (content_suffix) { | 1238 if (content_suffix) { |
| 1223 printf("%s filter %s \"%s\"; \n", indent, content_suffix, content_message); | 1239 printf("%s filter %s \"%s\"; \n", indent, content_suffix, content_message); |
| 1224 } | 1240 } |
| 1225 if (uribl_suffix) { | 1241 if (uribl_suffix) { |
| 1226 printf("%s uribl %s \"%s\"; \n", indent, uribl_suffix, uribl_message); | 1242 printf("%s uribl %s \"%s\"; \n", indent, uribl_suffix, uribl_message); |