Mercurial > dnsbl
comparison src/context.cpp @ 329:c9932c4d8053
allow multiple dkim signers in authentication results
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Mon, 19 Dec 2016 08:29:16 -0800 |
parents | 5e4b5540c8cc |
children | b5b93a7e1e6d |
comparison
equal
deleted
inserted
replaced
328:b4f766947202 | 329:c9932c4d8053 |
---|---|
1097 if (!dnswl_list_parsed && parent) return parent->get_dnswl_list(); | 1097 if (!dnswl_list_parsed && parent) return parent->get_dnswl_list(); |
1098 return dnswl_list; | 1098 return dnswl_list; |
1099 } | 1099 } |
1100 | 1100 |
1101 | 1101 |
1102 bool CONTEXT::acceptable_content(recorder &memory, int score, int bulk, string_set &signers, const char *from, string& msg) { | 1102 void CONTEXT::log(const char *queueid, const char *msg, const char *v) { |
1103 char buf[maxlen]; | |
1104 snprintf(buf, maxlen, msg, v); | |
1105 my_syslog(queueid, buf); | |
1106 } | |
1107 | |
1108 | |
1109 bool CONTEXT::acceptable_content(recorder &memory, int score, int bulk, const char *queueid, string_set &signers, const char *from, string& msg) { | |
1103 DKIMP dk = find_dkim_from(from); | 1110 DKIMP dk = find_dkim_from(from); |
1104 bool requirement = false; | 1111 bool requirement = false; |
1105 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { | 1112 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { |
1106 const char *st = find_dkim_signer(*s); | 1113 const char *st = find_dkim_signer(*s); |
1107 // signed by a white listed signer | 1114 // signed by a white listed signer |
1108 if (st == token_white) return true; | 1115 if (st == token_white) { |
1116 log(queueid, "whitelisted dkim signer %s", *s); | |
1117 return true; | |
1118 } | |
1109 // signed by a black listed signer | 1119 // signed by a black listed signer |
1110 if (st == token_black) { | 1120 if (st == token_black) { |
1111 char buf[maxlen]; | 1121 char buf[maxlen]; |
1112 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", *s); | 1122 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", *s); |
1113 msg = string(buf); | 1123 msg = string(buf); |
1115 } | 1125 } |
1116 | 1126 |
1117 if (dk) { | 1127 if (dk) { |
1118 st = dk->action; | 1128 st = dk->action; |
1119 // signed by a white listed signer | 1129 // signed by a white listed signer |
1120 if ((st == token_signed_white) && (strcasecmp(*s,dk->signer) == 0)) return true; | 1130 if ((st == token_signed_white) && (strcasecmp(*s,dk->signer) == 0)) { |
1121 // is it signed by the required signer | 1131 log(queueid, "whitelisted dkim signer %s", *s); |
1122 if ((st == token_require_signed) && (strcasecmp(*s,dk->signer) == 0)) requirement = true; | 1132 return true; |
1133 } | |
1134 // signed by the required signer | |
1135 if ((st == token_require_signed) && (strcasecmp(*s,dk->signer) == 0)) { | |
1136 log(queueid, "required dkim signer %s", *s); | |
1137 requirement = true; | |
1138 } | |
1123 // signed by a black listed signer | 1139 // signed by a black listed signer |
1124 if ((st == token_signed_black) && (strcasecmp(*s,dk->signer) == 0)) { | 1140 if ((st == token_signed_black) && (strcasecmp(*s,dk->signer) == 0)) { |
1125 char buf[maxlen]; | 1141 char buf[maxlen]; |
1126 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", dk->signer); | 1142 snprintf(buf, sizeof(buf), "Mail rejected - dkim signed by %s", dk->signer); |
1127 msg = string(buf); | 1143 msg = string(buf); |
1209 for (string_map::iterator i=dkim_signer_names.begin(); i!=dkim_signer_names.end(); i++) { | 1225 for (string_map::iterator i=dkim_signer_names.begin(); i!=dkim_signer_names.end(); i++) { |
1210 const char *n = (*i).first; | 1226 const char *n = (*i).first; |
1211 const char *a = (*i).second; | 1227 const char *a = (*i).second; |
1212 printf("%s %s %s; \n", indent, n, a); | 1228 printf("%s %s %s; \n", indent, n, a); |
1213 } | 1229 } |
1214 printf("%s } \n", indent); | 1230 printf("%s }; \n", indent); |
1215 printf("%s dkim_from { \n", indent); | 1231 printf("%s dkim_from { \n", indent); |
1216 for (dkimp_map::iterator i=dkim_from_names.begin(); i!=dkim_from_names.end(); i++) { | 1232 for (dkimp_map::iterator i=dkim_from_names.begin(); i!=dkim_from_names.end(); i++) { |
1217 const char *n = (*i).first; | 1233 const char *n = (*i).first; |
1218 DKIM &d = *(*i).second; | 1234 DKIM &d = *(*i).second; |
1219 printf("%s %s %s %s; \n", indent, n, d.action, d.signer); | 1235 printf("%s %s %s %s; \n", indent, n, d.action, d.signer); |
1220 } | 1236 } |
1221 printf("%s } \n", indent); | 1237 printf("%s }; \n", indent); |
1222 if (content_suffix) { | 1238 if (content_suffix) { |
1223 printf("%s filter %s \"%s\"; \n", indent, content_suffix, content_message); | 1239 printf("%s filter %s \"%s\"; \n", indent, content_suffix, content_message); |
1224 } | 1240 } |
1225 if (uribl_suffix) { | 1241 if (uribl_suffix) { |
1226 printf("%s uribl %s \"%s\"; \n", indent, uribl_suffix, uribl_message); | 1242 printf("%s uribl %s \"%s\"; \n", indent, uribl_suffix, uribl_message); |