# HG changeset patch # User Carl Byington # Date 1482164956 28800 # Node ID c9932c4d80534883940ad4468b1f4f7610e53685 # Parent b4f766947202aeefde4c16be856348dd010c3380 allow multiple dkim signers in authentication results diff -r b4f766947202 -r c9932c4d8053 src/context.cpp --- a/src/context.cpp Sun Dec 18 17:55:16 2016 -0800 +++ b/src/context.cpp Mon Dec 19 08:29:16 2016 -0800 @@ -1099,13 +1099,23 @@ } -bool CONTEXT::acceptable_content(recorder &memory, int score, int bulk, string_set &signers, const char *from, string& msg) { +void CONTEXT::log(const char *queueid, const char *msg, const char *v) { + char buf[maxlen]; + snprintf(buf, maxlen, msg, v); + my_syslog(queueid, buf); +} + + +bool CONTEXT::acceptable_content(recorder &memory, int score, int bulk, const char *queueid, string_set &signers, const char *from, string& msg) { DKIMP dk = find_dkim_from(from); bool requirement = false; for (string_set::iterator s=signers.begin(); s!=signers.end(); s++) { const char *st = find_dkim_signer(*s); // signed by a white listed signer - if (st == token_white) return true; + if (st == token_white) { + log(queueid, "whitelisted dkim signer %s", *s); + return true; + } // signed by a black listed signer if (st == token_black) { char buf[maxlen]; @@ -1117,9 +1127,15 @@ if (dk) { st = dk->action; // signed by a white listed signer - if ((st == token_signed_white) && (strcasecmp(*s,dk->signer) == 0)) return true; - // is it signed by the required signer - if ((st == token_require_signed) && (strcasecmp(*s,dk->signer) == 0)) requirement = true; + if ((st == token_signed_white) && (strcasecmp(*s,dk->signer) == 0)) { + log(queueid, "whitelisted dkim signer %s", *s); + return true; + } + // signed by the required signer + if ((st == token_require_signed) && (strcasecmp(*s,dk->signer) == 0)) { + log(queueid, "required dkim signer %s", *s); + requirement = true; + } // signed by a black listed signer if ((st == token_signed_black) && (strcasecmp(*s,dk->signer) == 0)) { char buf[maxlen]; @@ -1211,14 +1227,14 @@ const char *a = (*i).second; printf("%s %s %s; \n", indent, n, a); } - printf("%s } \n", indent); + printf("%s }; \n", indent); printf("%s dkim_from { \n", indent); for (dkimp_map::iterator i=dkim_from_names.begin(); i!=dkim_from_names.end(); i++) { const char *n = (*i).first; DKIM &d = *(*i).second; printf("%s %s %s %s; \n", indent, n, d.action, d.signer); } - printf("%s } \n", indent); + printf("%s }; \n", indent); if (content_suffix) { printf("%s filter %s \"%s\"; \n", indent, content_suffix, content_message); } diff -r b4f766947202 -r c9932c4d8053 src/context.h --- a/src/context.h Sun Dec 18 17:55:16 2016 -0800 +++ b/src/context.h Mon Dec 19 08:29:16 2016 -0800 @@ -312,7 +312,8 @@ dnsblp_list& get_dnsbl_list(); dnswlp_list& get_dnswl_list(); - bool acceptable_content(recorder &memory, int score, int bulk, string_set &signers, const char *from, string& msg); + void log(const char *queueid, const char *msg, const char *v); + bool acceptable_content(recorder &memory, int score, int bulk, const char *queueid, string_set &signers, const char *from, string& msg); bool ignore_host(const char *host); void dump(bool isdefault, bool &spamass, int level = 0); diff -r b4f766947202 -r c9932c4d8053 src/dnsbl.cpp --- a/src/dnsbl.cpp Sun Dec 18 17:55:16 2016 -0800 +++ b/src/dnsbl.cpp Mon Dec 19 08:29:16 2016 -0800 @@ -1603,7 +1603,7 @@ for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) { const char *rcpt = (*i).first; CONTEXT &con = *((*i).second); - if (!con.acceptable_content(*priv.memory, score, bulk, priv.dkim_signers, priv.fromaddr, msg)) { + if (!con.acceptable_content(*priv.memory, score, bulk, priv.queueid, priv.dkim_signers, priv.fromaddr, msg)) { // bad html tags or excessive hosts or // high spam assassin score or dcc bulk threshold exceedeed // or signed by a dkim signer that we don't like