Mercurial > dnsbl
comparison src/context.cpp @ 393:dffedbdc8566 stable-6-0-51-2
start parsing spf txt records
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Mon, 06 Mar 2017 18:39:09 -0800 |
parents | ea458101de9b |
children | a8cf6a3da907 |
comparison
equal
deleted
inserted
replaced
392:ea458101de9b | 393:dffedbdc8566 |
---|---|
1145 int mask = (s) ? atoi(s+1) : 32; | 1145 int mask = (s) ? atoi(s+1) : 32; |
1146 if ((mask >= 16) && (mask <= 32)) { | 1146 if ((mask >= 16) && (mask <= 32)) { |
1147 uint32_t low = (1 << (32-mask)) - 1; | 1147 uint32_t low = (1 << (32-mask)) - 1; |
1148 ipy &= low ^ 0xffffffff; | 1148 ipy &= low ^ 0xffffffff; |
1149 if ((ipy <= ip) && (ip <= ipy + low)) { | 1149 if ((ipy <= ip) && (ip <= ipy + low)) { |
1150 if (s) *s = '/'; | |
1150 log(priv->queueid, "match %s", p); | 1151 log(priv->queueid, "match %s", p); |
1151 if (s) log(priv->queueid, "match /%s", s+1); | |
1152 return true; | 1152 return true; |
1153 } | 1153 } |
1154 } | 1154 } |
1155 } | 1155 } |
1156 if (b) *b = ' '; | 1156 if (b) *b = ' '; |
1183 } | 1183 } |
1184 } | 1184 } |
1185 | 1185 |
1186 if (dk) { | 1186 if (dk) { |
1187 const char *st = dk->action; | 1187 const char *st = dk->action; |
1188 if ((st == token_require_signed) && | |
1189 dk->signer && | |
1190 strcmp(dk->signer, " ") && | |
1191 resolve_spf(from, priv->ip, priv)) { | |
1192 log(queueid, "spf pass for %s with required dkim signer", from); | |
1193 } | |
1194 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { | 1188 for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { |
1195 // signed by a white listed signer | 1189 // signed by a white listed signer |
1196 if ((st == token_signed_white) && in_signing_set(*s,dk->signer)) { | 1190 if ((st == token_signed_white) && in_signing_set(*s,dk->signer)) { |
1197 log(queueid, "whitelisted dkim signer %s", *s); | 1191 log(queueid, "whitelisted dkim signer %s", *s); |
1198 return token_white; | 1192 return token_white; |
1211 } | 1205 } |
1212 } | 1206 } |
1213 if (st == token_require_signed) { | 1207 if (st == token_require_signed) { |
1214 // not signed by a required signer, but maybe passes strong spf check | 1208 // not signed by a required signer, but maybe passes strong spf check |
1215 // only check spf if the list of required signers is not a single blank. | 1209 // only check spf if the list of required signers is not a single blank. |
1216 if (dk->signer && strcmp(dk->signer, " ") && resolve_spf(from, priv->ip, priv)) { | 1210 if (strcmp(dk->signer, " ") && resolve_spf(from, priv->ip, priv)) { |
1217 log(queueid, "spf pass for %s rather than required dkim signer", from); | 1211 log(queueid, "spf pass for %s rather than required dkim signer", from); |
1218 return token_white; | 1212 return token_white; |
1219 } | 1213 } |
1220 char buf[maxlen]; | 1214 char buf[maxlen]; |
1221 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer); | 1215 snprintf(buf, sizeof(buf), "Mail rejected - not dkim signed by %s", dk->signer); |