Mercurial > dnsbl

diff src/context.h @ 321:e172dc10fe24

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add dkim white/black listing
author Carl Byington <carl@five-ten-sg.com>
date Sat, 17 Dec 2016 13:47:28 -0800
parents e27c24c1974a
children 9f8411f3919c
line wrap: on
line diff
--- a/src/context.h	Sat Dec 17 09:46:40 2016 -0800
+++ b/src/context.h	Sat Dec 17 13:47:28 2016 -0800
@@ -14,6 +14,7 @@
              black,         // blacklisted
              reject};       // rejected by a dns list
 
+class DKIM;
 class DNSBL;
 class DNSWL;
 class CONTEXT;
@@ -28,11 +29,13 @@
 typedef set<int32_t>                            int32_t_set;
 typedef int32_t_set *                           int32_t_set_p;
 typedef list<SMTP *>                            smtp_list;
+typedef DKIM *                                  DKIMP;
 typedef DNSBL *                                 DNSBLP;
 typedef DNSWL *                                 DNSWLP;
 typedef VERIFY *                                VERIFYP;
 typedef WHITELISTER *                           WHITELISTERP;
 typedef DELAYWHITE *                            DELAYWHITEP;
+typedef map<const char *, DKIMP, ltstr>         dkimp_map;
 typedef list<DNSBLP>                            dnsblp_list;
 typedef map<const char *, DNSBLP, ltstr>        dnsblp_map;
 typedef list<DNSWLP>                            dnswlp_list;
@@ -126,6 +129,13 @@
     CONTEXTP        get_con()  {return con;};
 };
 
+struct DKIM {
+    const char *action;
+    const char *signer;
+public:
+    DKIM(const char *action_, const char *signer_);
+};
+
 struct DNSBL {
     const char    *name;    // nickname for this dns based list
     const char    *suffix;  // blacklist suffix like blackholes.five-ten-sg.com
@@ -179,6 +189,8 @@
     bool            require_rdns;           // require proper rdns on client ip
     bool            dcc_greylist;           // should we do dcc greylisting?
     int             dcc_bulk_threshold;     // off = 0, many = 1000
+    dkimp_map       dkim_from_names;        // map header from domains to dkim constraints
+    string_map      dkim_signer_names;      // map dkim signers to actions
     dnsblp_map      dnsbl_names;            // name to dnsbl mapping for lists that are available in this context and children
     dnsblp_list     dnsbl_list;             // list of dnsbls to be used in this context
     bool            dnsbl_list_parsed;      // true iff we have actually parsed a dnsbl_list
@@ -252,6 +264,13 @@
     void        set_tag_message(const char *message)        {tag_limit_message  = message;};
     void        add_tag(const char *tag)                    {html_tags.insert(tag);       };
 
+    const char *find_dkim_signer(const char *name);
+    void        add_dkim_signer(const char *signer, const char *action)
+                                                            {dkim_signer_names[signer] = action;};
+    DKIMP       find_dkim_from(const char *name);
+    void        add_dkim_from(const char *from, const char *action, const char *signer)
+                                                            {dkim_from_names[from] = new DKIM(action,signer);};
+
     void        add_dnsbl(const char *name, DNSBLP dns)     {dnsbl_names[name] = dns;  };
     void        add_dnsbl(DNSBLP dns)                       {dnsbl_list.push_back(dns);};
     DNSBLP      find_dnsbl(const char *name);
@@ -370,6 +389,10 @@
 extern const char *token_white;
 extern const char *token_white_regex;
 extern const char *token_yes;
+extern const char *token_dkim;
+extern const char *token_signed_white;
+extern const char *token_signed_black;
+extern const char *token_require_signed;
 
 extern pthread_mutex_t verifier_mutex;     // protect the verifier map
 extern pthread_mutex_t whitelister_mutex;  // protect the