# HG changeset patch # User Carl Byington # Date 1488934189 28800 # Node ID d08da4b058e8384296c46dc742cee3a21b157986 # Parent c889524e92e4872897cc1fc95c05ada40c495f8e only ntohl() once during recursive spf txt processing diff -r c889524e92e4 -r d08da4b058e8 dnsbl.spec.in --- a/dnsbl.spec.in Tue Mar 07 09:45:39 2017 -0800 +++ b/dnsbl.spec.in Tue Mar 07 16:49:49 2017 -0800 @@ -3,7 +3,7 @@ Summary: Sendmail milter for spam control Name: @PACKAGE@ Version: @VERSION@ -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ Group: System Environment/Daemons Source: http://www.five-ten-sg.com/%{name}/packages/%{name}-%{version}.tar.gz @@ -155,6 +155,9 @@ %changelog +* Tue Mar 07 2017 Carl Byington - 6.52-2 +- only ntohl() once during recursive spf txt processing. + * Tue Mar 07 2017 Carl Byington - 6.52-1 - document dkim/spf processing. diff -r c889524e92e4 -r d08da4b058e8 src/context.cpp --- a/src/context.cpp Tue Mar 07 09:45:39 2017 -0800 +++ b/src/context.cpp Tue Mar 07 16:49:49 2017 -0800 @@ -1125,7 +1125,7 @@ bool CONTEXT::resolve_spf(const char *from, uint32_t ip, mlfiPriv *priv, int level) { - ip = ntohl(ip); + // ip is in host order char buf[maxlen]; log(priv->queueid, "looking for %s txt record", from); dns_interface(*priv, from, ns_t_txt, false, NULL, buf, maxlen); @@ -1206,7 +1206,7 @@ } if (st == token_signed_white) { // not signed by a white signer, but maybe passes strong spf check - if (resolve_spf(from, priv->ip, priv)) { + if (resolve_spf(from, ntohl(priv->ip), priv)) { log(queueid, "spf pass for %s rather than whitelisted dkim signer", from); return token_white; } diff -r c889524e92e4 -r d08da4b058e8 xml/dnsbl.in --- a/xml/dnsbl.in Tue Mar 07 09:45:39 2017 -0800 +++ b/xml/dnsbl.in Tue Mar 07 16:49:49 2017 -0800 @@ -483,7 +483,7 @@ Otherwise, processing continues. - If any of the message signers is blacklisted, the message is rejected. + If any of the message signers are blacklisted, the message is rejected. If content filtering is enabled for this body, the mail text is decoded