Mercurial > dnsbl
diff src/dnsbl.cpp @ 340:be776a246f97
when dkim require_signed overrides envelope from whitelisting, we still want to check dns based white/blacklists before content filtering
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Wed, 21 Dec 2016 15:08:28 -0800 |
parents | f375a67ee516 |
children | 6d27b4f45799 |
line wrap: on
line diff
--- a/src/dnsbl.cpp Tue Dec 20 17:25:25 2016 -0800 +++ b/src/dnsbl.cpp Wed Dec 21 15:08:28 2016 -0800 @@ -1267,7 +1267,7 @@ my_syslog(&priv, msg); } free((void*)loto); - status st; + status st = oksofar; if (replyvalue == token_black) { smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"recipient can not reply due to blacklisting"); return SMFIS_REJECT; @@ -1305,7 +1305,8 @@ } else st = white; // might be <>, envelope from has no @ } - else { + + if (st == oksofar) { // check the dns based lists, whitelist first DNSWLP acceptlist = NULL; // list that caused the whitelisting if (check_dnswl(priv, con.get_dnswl_list(), acceptlist)) { @@ -1317,13 +1318,6 @@ } } else if (check_dnsbl(priv, con.get_dnsbl_list(), rejectlist)) { - st = reject; - } - else { - st = oksofar; - } - } - if (st == reject) { // reject the recipient based on some dnsbl char adr[sizeof "255.255.255.255 "]; adr[0] = '\0'; @@ -1333,6 +1327,8 @@ smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", buf); return SMFIS_REJECT; } + } + if (st == oksofar) { // check forged rdns if (con.get_requirerdns() && (!priv.client_dns_name || priv.client_dns_forged)) {