Mercurial > dnsbl

diff src/dnsbl.cpp @ 326:5e4b5540c8cc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
allow multiple dkim signers in authentication results
author Carl Byington <carl@five-ten-sg.com>
date Sun, 18 Dec 2016 16:51:33 -0800
parents 28b6e0d97c5b
children 51846836ec92
line wrap: on
line diff
--- a/src/dnsbl.cpp	Sat Dec 17 21:59:23 2016 -0800
+++ b/src/dnsbl.cpp	Sun Dec 18 16:51:33 2016 -0800
@@ -525,7 +525,6 @@
     fromaddr                = NULL;
     header_count            = 0;
     dkim_ok                 = true;
-    dkim_signer             = NULL;
     queueid                 = NULL;
     authenticated           = NULL;
     client_name             = NULL;
@@ -574,11 +573,11 @@
     }
     if (mailaddr)        free((void*)mailaddr);
     if (fromaddr)        free((void*)fromaddr);
-    if (dkim_signer)     free((void*)dkim_signer);
     if (queueid)         free((void*)queueid);
     if (authenticated)   free((void*)authenticated);
     if (client_name)     free((void*)client_name);
     if (client_dns_name) free((void*)client_dns_name);
+    discard(dkim_signers);
     discard(hosts_uribl);
     delayer.clear();
     discard(env_to);
@@ -593,7 +592,6 @@
         fromaddr                = NULL;
         header_count            = 0;
         dkim_ok                 = true;
-        dkim_signer             = NULL;
         queueid                 = NULL;
         authenticated           = NULL;
         client_name             = NULL;
@@ -1474,14 +1472,17 @@
             if (priv.dkim_ok) {
                 const int nmatch = 2;
                 regmatch_t match[nmatch];
+                while (true) {
                 if (0 == regexec(&dkim_pattern, msg, nmatch, match, 0)) {
                     int s1 = match[1].rm_so;    // domain
                     int e1 = match[1].rm_eo;
                     if (s1 != -1) {
                         msg[e1] = '\0';
-                        priv.dkim_signer = strdup(msg+s1);
+                            priv.dkim_signers.insert(strdup(msg+s1));
                     }
                 }
+                    else break;
+                }
             }
         }
         if ((priv.header_count > 2) && (strcasecmp(headerf, "from"))) {
@@ -1582,13 +1583,23 @@
         string_set alive;
         bool random = false;
         int  limit  = 0;
-        snprintf(buf, sizeof(buf), "acceptable content from %s signer %s", (priv.fromaddr) ? priv.fromaddr : token_asterisk, (priv.dkim_signer) ? priv.dkim_signer : token_asterisk);
+        if (priv.dkim_signers.empty()) {
+            snprintf(buf, sizeof(buf), "acceptable content from %s signer *",
+                (priv.fromaddr) ? priv.fromaddr : token_asterisk);
         my_syslog(&priv, buf);
+        }
+        else {
+            for (string_set::iterator s=priv.dkim_signers.begin(); s!=priv.dkim_signers.end(); s++) {
+                snprintf(buf, sizeof(buf), "acceptable content from %s signer %s",
+                    (priv.fromaddr) ? priv.fromaddr : token_asterisk, *s);
+                my_syslog(&priv, buf);
+            }
+        }
 
         for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) {
             const char *rcpt   = (*i).first;
             CONTEXT &con = *((*i).second);
-            if (!con.acceptable_content(*priv.memory, score, bulk, priv.dkim_signer, priv.fromaddr, msg)) {
+            if (!con.acceptable_content(*priv.memory, score, bulk, priv.dkim_signers, priv.fromaddr, msg)) {
                 // bad html tags or excessive hosts or
                 // high spam assassin score or dcc bulk threshold exceedeed
                 // or signed by a dkim signer that we don't like