Mercurial > dnsbl

diff src/dnsbl.cpp @ 436:7b072e16bd69 stable-6-0-64

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix syslog for long messages, supress dkim checks for mail from localhost
author Carl Byington <carl@five-ten-sg.com>
date Fri, 03 Nov 2017 09:57:13 -0700
parents 4ffa356316d5
children 1686cb639269
line wrap: on
line diff
--- a/src/dnsbl.cpp	Tue Oct 24 09:17:10 2017 -0700
+++ b/src/dnsbl.cpp	Fri Nov 03 09:57:13 2017 -0700
@@ -849,23 +849,35 @@
 // syslog a message
 //
 void my_syslog(const char *queueid, const char *text) {
-    char buf[maxlen];
-    if (queueid && queueid[0]) {
+    const char* noqueue = "NOQUEUE";
+    if (!queueid || !queueid[0]) queueid = noqueue;
+
+    const int syslogmaxlen = 400;  // buffer size
+    char buf[syslogmaxlen];
+    snprintf(buf, sizeof(buf), "%s: ", queueid);
+    size_t hdrlen = strlen(buf);
+    const size_t maxsegment = syslogmaxlen - hdrlen - 1;
+    size_t msglen = strlen(text);
+    while (msglen > 0) {
         snprintf(buf, sizeof(buf), "%s: %s", queueid, text);
-        text = buf;
-    }
     if (use_syslog) {
         pthread_mutex_lock(&syslog_mutex);
             if (!syslog_opened) {
                 openlog("dnsbl", LOG_PID, LOG_MAIL);
                 syslog_opened = true;
             }
-            syslog(LOG_NOTICE, "%s", text);
+                syslog(LOG_NOTICE, "%s", buf);
         pthread_mutex_unlock(&syslog_mutex);
     }
     else {
-        printf("%s \n", text);
+            printf("%s \n", buf);
     }
+        size_t segmentlen = min(msglen, maxsegment);
+        text   += segmentlen;
+        msglen -= segmentlen;
+        // assert(msglen == strlen(text))
+    }
+
 }
 
 void my_syslog(mlfiPriv *priv, const char *text) {
@@ -1408,7 +1420,7 @@
         // whitelisting based on envelope from value, but ignore it if
         // we have a dkim requirement for the original domain
         const char *domain = strchr(priv.origaddr, '@');
-        if (domain) {
+        if (domain && !local_source) {
             DKIMP dk = con.find_dkim_from(domain+1);
             if (dk && (dk->action == token_require_signed)) {
                 my_syslog(&priv, "dkim require_signed overrides envelope from whitelist");
@@ -1716,6 +1728,8 @@
     else {
         // assert env_to not empty, it contains the
         // non-whitelisted folks that want content filtering
+        const u_char *src = (const u_char *)&priv.ip;
+        bool local_source = (src[0] == 127);
         int score = (priv.want_spamassassin) ? priv.assassin->mlfi_eom() : 0;
         bool grey = false;
         int  bulk = 0;
@@ -1748,7 +1762,7 @@
             CONTEXT    *next = (*i).second;
             if (con != next) {
                 con = next;
-                st = con->acceptable_content(*priv.memory, score, bulk, priv.queueid, priv.dkim_signers, priv.fromaddr, &priv, msg);
+                st = con->acceptable_content(local_source, *priv.memory, score, bulk, priv.queueid, priv.dkim_signers, priv.fromaddr, &priv, msg);
             }
             if (st == token_black) {
                 // bad html tags or excessive hosts or