[Feature] Descriptive options for DMARC failure symbols

src/plugins/lua/dmarc.lua

@@ -126,6 +126,7 @@ local function dmarc_callback(task)
       return maybe_force_action('na')
     end
 
+    local reason = {}
     local strict_spf = false
     local strict_dkim = false
     local strict_policy = false
@@ -243,32 +244,47 @@ local function dmarc_callback(task)
     if task:has_symbol(symbols['spf_allow_symbol']) then
       efrom = task:get_from(1)
       if efrom and efrom[1] and efrom[1]['domain'] then
-        if rspamd_util.strequal_caseless(efrom[1]['domain'], from[1]['domain']) then
+        if strict_spf and rspamd_util.strequal_caseless(efrom[1]['domain'], from[1]['domain']) then
           spf_ok = true
-        elseif not strict_spf then
+        elseif strict_spf then
+          table.insert(reason, "SPF not aligned (strict)")
+        end
+        if not strict_spf then
           local spf_tld = rspamd_util.get_tld(efrom[1]['domain'])
           if rspamd_util.strequal_caseless(spf_tld, dmarc_domain) then
             spf_ok = true
+          else
+            table.insert(reason, "SPF not aligned (relaxed)")
           end
         end
       end
+    else
+      table.insert(reason, "No SPF")
     end
     local das = task:get_symbol(symbols['dkim_allow_symbol'])
     if das and das[1] and das[1]['options'] then
       for i,dkim_domain in ipairs(das[1]['options']) do
-        if rspamd_util.strequal_caseless(from[1]['domain'], dkim_domain) then
+        if strict_dkim and rspamd_util.strequal_caseless(from[1]['domain'], dkim_domain) then
           dkim_ok = true
-        elseif not strict_dkim then
+        elseif strict_dkim then
+          table.insert(reason, "DKIM not aligned (strict)")
+        end
+        if not strict_dkim then
           local dkim_tld = rspamd_util.get_tld(dkim_domain)
           if rspamd_util.strequal_caseless(dkim_tld, dmarc_domain) then
             dkim_ok = true
+          else
+            table.insert(reason, "DKIM not aligned (relaxed)")
           end
         end
       end
+    else
+      table.insert(reason, "No DKIM")
     end
 
     local disposition = 'none'
     if not (spf_ok or dkim_ok) then
+      local reason_str = table.concat(reason, ", ")
       res = 1.0
       local spf_tmpfail = task:get_symbol(symbols['spf_tempfail_symbol'])
       local dkim_tmpfail = task:get_symbol(symbols['dkim_tempfail_symbol'])
@@ -278,16 +294,16 @@ local function dmarc_callback(task)
       end
       if quarantine_policy then
         if not pct or pct == 100 or (math.random(100) <= pct) then
-          task:insert_result(dmarc_symbols['quarantine'], res, lookup_domain)
+          task:insert_result(dmarc_symbols['quarantine'], res, lookup_domain .. ' : ' .. reason_str)
           disposition = "quarantine"
         end
       elseif strict_policy then
         if not pct or pct == 100 or (math.random(100) <= pct) then
-          task:insert_result(dmarc_symbols['reject'], res, lookup_domain)
+          task:insert_result(dmarc_symbols['reject'], res, lookup_domain .. ' : ' .. reason_str)
           disposition = "reject"
         end
       else
-        task:insert_result(dmarc_symbols['softfail'], res, lookup_domain)
+        task:insert_result(dmarc_symbols['softfail'], res, lookup_domain .. ' : ' .. reason_str)
       end
     else
       task:insert_result(dmarc_symbols['allow'], res, lookup_domain)