diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2015-04-08 14:06:04 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2015-04-08 14:06:04 +0100 |
| commit | 03be6f5c884dd0c78f653f31ab303e5950cec3b9 (patch) | |
| tree | 83e875352004e8238cf6ad10b55308993ac391ea | |
| parent | 05d414237995f72d57e4a0b38a5252589039867b (diff) | |
| parent | 1792090c783d765b155a5806ab0090d38a5bb786 (diff) | |
| download | rspamd-03be6f5c884dd0c78f653f31ab303e5950cec3b9.tar.gz rspamd-03be6f5c884dd0c78f653f31ab303e5950cec3b9.zip | |
Merge pull request #259 from fatalbanana/master
DMARC: Allow bogus backslashes; ignore non-policy; fail on multiple policy
| -rw-r--r-- | src/plugins/lua/dmarc.lua | 33 |
1 files changed, 25 insertions, 8 deletions
diff --git a/src/plugins/lua/dmarc.lua b/src/plugins/lua/dmarc.lua index 70fd34e29..94ef119a5 100644 --- a/src/plugins/lua/dmarc.lua +++ b/src/plugins/lua/dmarc.lua @@ -1,5 +1,6 @@ --[[ Copyright (c) 2011-2015, Vsevolod Stakhov <vsevolod@highsecure.ru> +Copyright (c) 2015, Andrew Lewis <nerf@judo.za.org> All rights reserved. Redistribution and use in source and binary forms, with or without @@ -46,7 +47,7 @@ local default_port = 6379 local upstreams = nil local dmarc_redis_key_prefix = "dmarc_" -local elts_re = rspamd_regexp.create_cached(";\\s+") +local elts_re = rspamd_regexp.create_cached("\\\\*;\\s+") local function dmarc_report(task, spf_ok, dkim_ok) local ip = task:get_from_ip() @@ -77,10 +78,26 @@ local function dmarc_callback(task) local strict_dkim = false local strict_policy = false local quarantine_policy = false + local found_policy = false + local failed_policy = false local rua - if results then - for _,r in ipairs(results) do + if not results then + return + end + for _,r in ipairs(results) do + if failed_policy then break end + (function() + if(string.sub(r,1,8) ~= 'v=DMARC1') then + return + else + if found_policy then + failed_policy = true + return + else + found_policy = true + end + end local elts = elts_re:split(r) if elts then @@ -93,7 +110,7 @@ local function dmarc_callback(task) if spf_pol and spf_pol == 's' then strict_spf = true end - policy = string.match(e, '^p=(.*)$') + policy = string.match(e, '^p=(%a+)$') if policy then if (policy == 'reject') then strict_policy = true @@ -102,7 +119,7 @@ local function dmarc_callback(task) quarantine_policy = true end end - pct = string.match(e, '^pct=(.*)$') + pct = string.match(e, '^pct=(%d+)$') if pct then pct = tonumber(pct) end @@ -112,11 +129,11 @@ local function dmarc_callback(task) end end end - end - else - return + end)() end + if not found_policy or failed_policy then return end + -- Check dkim and spf symbols local spf_ok = false local dkim_ok = false |