Mercurial > dnsbl
comparison src/context.cpp @ 423:c9b7b6dd1206 stable-6-0-59
use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Wed, 26 Jul 2017 08:52:31 -0700 |
| parents | 22027ad2a28f |
| children | 6f2db3d19a34 |
comparison
equal
deleted
inserted
replaced
| 422:9f47c3ad6443 | 423:c9b7b6dd1206 |
|---|---|
| 1143 strcpy(repl+n+wn, buf+n+4); // trailing part | 1143 strcpy(repl+n+wn, buf+n+4); // trailing part |
| 1144 strcpy(buf, repl); | 1144 strcpy(buf, repl); |
| 1145 } | 1145 } |
| 1146 } | 1146 } |
| 1147 | 1147 |
| 1148 bool CONTEXT::resolve_spf(const char *from, uint32_t ip, mlfiPriv *priv, int level) | 1148 |
| 1149 bool CONTEXT::resolve_spf(const char *from, uint32_t ip, mlfiPriv *priv) | |
| 1149 { | 1150 { |
| 1150 // ip is in host order | 1151 // ip is in host order |
| 1151 if ((level == 0) && (priv->mailaddr)) { | 1152 if (priv->mailaddr) { |
| 1152 const char *f = strchr(priv->mailaddr, '@'); | 1153 const char *f = strchr(priv->mailaddr, '@'); |
| 1153 if (f) { | 1154 if (f) { |
| 1154 f++; | 1155 f++; |
| 1155 size_t efl = strlen(f); // envelope from domain | 1156 size_t efl = strlen(f); // envelope from domain |
| 1156 size_t hfl = strlen(from); // header from domain | 1157 size_t hfl = strlen(from); // header from domain |
| 1157 if (efl > hfl) { | 1158 if (efl > hfl) { |
| 1158 size_t off = efl - hfl; | 1159 size_t off = efl - hfl; |
| 1159 if ((f[off-1] == '.') && (strcmp(f+off,from) == 0)) { | 1160 if ((f[off-1] == '.') && (strcmp(f+off,from) == 0)) { |
| 1160 // envelope from is a strict child of header from | 1161 // envelope from is a strict child of header from |
| 1161 from = f; // use envelope from rather than header from | 1162 // use envelope from rather than header from |
| 1162 } | 1163 if (resolve_one_spf(f, ip, priv)) return true; |
| 1163 } | 1164 } |
| 1164 } | 1165 } |
| 1165 } | 1166 } |
| 1167 } | |
| 1168 return resolve_one_spf(from, ip, priv); | |
| 1169 } | |
| 1170 | |
| 1171 | |
| 1172 bool CONTEXT::resolve_one_spf(const char *from, uint32_t ip, mlfiPriv *priv, int level) | |
| 1173 { | |
| 1166 char buf[maxlen]; | 1174 char buf[maxlen]; |
| 1167 log(priv->queueid, "looking for %s txt record", from); | 1175 log(priv->queueid, "looking for %s txt record", from); |
| 1168 dns_interface(*priv, from, ns_t_txt, false, NULL, buf, maxlen); | 1176 dns_interface(*priv, from, ns_t_txt, false, NULL, buf, maxlen); |
| 1169 if (*buf) { | 1177 if (*buf) { |
| 1170 log(priv->queueid, "found txt record %s", buf); | 1178 log(priv->queueid, "found txt record %s", buf); |
| 1282 } | 1290 } |
| 1283 } | 1291 } |
| 1284 } | 1292 } |
| 1285 else if ((level < 5) && (strncmp(p, "redirect=", 9) == 0)) { | 1293 else if ((level < 5) && (strncmp(p, "redirect=", 9) == 0)) { |
| 1286 p += 9; | 1294 p += 9; |
| 1287 if (resolve_spf(p, ip, priv, level+1)) return true; | 1295 if (resolve_one_spf(p, ip, priv, level+1)) return true; |
| 1288 } | 1296 } |
| 1289 else if ((level < 5) && (strncmp(p, "include:", 8) == 0)) { | 1297 else if ((level < 5) && (strncmp(p, "include:", 8) == 0)) { |
| 1290 p += 8; | 1298 p += 8; |
| 1291 if (resolve_spf(p, ip, priv, level+1)) return true; | 1299 if (resolve_one_spf(p, ip, priv, level+1)) return true; |
| 1292 } | 1300 } |
| 1293 } | 1301 } |
| 1294 p = (b) ? b+1 : e; | 1302 p = (b) ? b+1 : e; |
| 1295 } | 1303 } |
| 1296 } | 1304 } |