Mercurial > dnsbl

comparison src/context.cpp @ 393:dffedbdc8566 stable-6-0-51-2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
start parsing spf txt records
author Carl Byington <carl@five-ten-sg.com>
date Mon, 06 Mar 2017 18:39:09 -0800
parents ea458101de9b
children a8cf6a3da907
comparison
equal deleted inserted replaced
392:ea458101de9b 393:dffedbdc8566
1145 int mask = (s) ? atoi(s+1) : 32; 1145 int mask = (s) ? atoi(s+1) : 32;
1146 if ((mask >= 16) && (mask <= 32)) { 1146 if ((mask >= 16) && (mask <= 32)) {
1147 uint32_t low = (1 << (32-mask)) - 1; 1147 uint32_t low = (1 << (32-mask)) - 1;
1148 ipy &= low ^ 0xffffffff; 1148 ipy &= low ^ 0xffffffff;
1149 if ((ipy <= ip) && (ip <= ipy + low)) { 1149 if ((ipy <= ip) && (ip <= ipy + low)) {
1150 if (s) *s = '/';
1150 log(priv->queueid, "match %s", p); 1151 log(priv->queueid, "match %s", p);
1151 if (s) log(priv->queueid, "match /%s", s+1);
1152 return true; 1152 return true;
1153 } 1153 }
1154 } 1154 }
1155 } 1155 }
1156 if (b) *b = ' '; 1156 if (b) *b = ' ';
1183 } 1183 }
1184 } 1184 }
1185 1185
1186 if (dk) { 1186 if (dk) {
1187 const char *st = dk->action; 1187 const char *st = dk->action;
1188 if ((st == token_require_signed) &&
1189 dk->signer &&
1190 strcmp(dk->signer, " ") &&
1191 resolve_spf(from, priv->ip, priv)) {
1192 log(queueid, "spf pass for %s with required dkim signer", from);
1193 }
1194 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { 1188 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) {
1195 // signed by a white listed signer 1189 // signed by a white listed signer
1196 if ((st == token_signed_white) && in_signing_set(*s,dk->signer)) { 1190 if ((st == token_signed_white) && in_signing_set(*s,dk->signer)) {
1197 log(queueid, "whitelisted dkim signer %s", *s); 1191 log(queueid, "whitelisted dkim signer %s", *s);
1198 return token_white; 1192 return token_white;
1211 } 1205 }
1212 } 1206 }
1213 if (st == token_require_signed) { 1207 if (st == token_require_signed) {
1214 // not signed by a required signer, but maybe passes strong spf check 1208 // not signed by a required signer, but maybe passes strong spf check
1215 // only check spf if the list of required signers is not a single blank. 1209 // only check spf if the list of required signers is not a single blank.
1216 if (dk->signer && strcmp(dk->signer, " ") && resolve_spf(from, priv->ip, priv)) { 1210 if (strcmp(dk->signer, " ") && resolve_spf(from, priv->ip, priv)) {
1217 log(queueid, "spf pass for %s rather than required dkim signer", from); 1211 log(queueid, "spf pass for %s rather than required dkim signer", from);
1218 return token_white; 1212 return token_white;
1219 } 1213 }
1220 char buf[maxlen]; 1214 char buf[maxlen];
1221 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer); 1215 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer);