[Minor] Do not perform arc signing before dkim checks

Issue: #3613

diff --git a/src/plugins/lua/arc.lua b/src/plugins/lua/arc.lua
index 2927c5f6933e6a3cacce71c6e80822172da86516..17be630e9c672a3c5a3492f053b8c698e5f7e3e8 100644 (file)
--- a/src/plugins/lua/arc.lua
+++ b/src/plugins/lua/arc.lua
@@ -446,8 +446,8 @@ if settings.whitelisted_signers_map then
   end
 end
 
-rspamd_config:register_dependency('ARC_CALLBACK', symbols['spf_allow_symbol'])
-rspamd_config:register_dependency('ARC_CALLBACK', symbols['dkim_allow_symbol'])
+rspamd_config:register_dependency('ARC_CALLBACK', 'SPF_CHECK')
+rspamd_config:register_dependency('ARC_CALLBACK', 'DKIM_CHECK')
 
 local function arc_sign_seal(task, params, header)
   local arc_sigs = task:cache_get('arc-sigs')
@@ -758,3 +758,6 @@ rspamd_config:register_symbol(sym_reg_tbl)
 
 -- Do not sign unless checked
 rspamd_config:register_dependency(settings['sign_symbol'], 'ARC_CALLBACK')
+-- We need to check dmarc before signing as we have to produce valid AAR header
+-- see #3613
+rspamd_config:register_dependency(settings['sign_symbol'], 'DMARC_CALLBACK')

diff --git a/src/plugins/lua/dmarc.lua b/src/plugins/lua/dmarc.lua
index c96e524551f89cb06df30fff14905501477def41..2ef82a0e549205843350069c875648cf0024b801 100644 (file)
--- a/src/plugins/lua/dmarc.lua
+++ b/src/plugins/lua/dmarc.lua
@@ -1381,7 +1381,7 @@ if dkim_opts then
 end
 
 local id = rspamd_config:register_symbol({
-  name = 'DMARC_CALLBACK',
+  name = 'DMARC_CALLBACK', -- why is it called 'CALLBACK' not 'CHECK' :(
   type = 'callback',
   group = 'policies',
   groups = {'dmarc'},