diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2015-04-16 16:30:24 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2015-04-16 16:30:24 +0100 |
| commit | 043363c55f4c03c0546bdc052358649371467fe4 (patch) | |
| tree | 5e76f47b341f668de1b888f0723bc3ae60529879 | |
| parent | 3ede5bfff22925fd6d88ce0636a73940009b4700 (diff) | |
| parent | 7ed7e590aeec4bda5894c5898f6d382cbcf5b2da (diff) | |
| download | rspamd-043363c55f4c03c0546bdc052358649371467fe4.tar.gz rspamd-043363c55f4c03c0546bdc052358649371467fe4.zip | |
Merge pull request #265 from fatalbanana/master
DMARC: handle relaxed policy; return policy domain with symbol
| -rw-r--r-- | src/plugins/lua/dmarc.lua | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/src/plugins/lua/dmarc.lua b/src/plugins/lua/dmarc.lua index d6241331b..0ca3ac4fd 100644 --- a/src/plugins/lua/dmarc.lua +++ b/src/plugins/lua/dmarc.lua @@ -48,7 +48,7 @@ local symbols = { local default_port = 6379 local upstreams = nil local dmarc_redis_key_prefix = "dmarc_" - +local dmarc_domain = nil local elts_re = rspamd_regexp.create_cached("\\\\{0,1};\\s+") local function dmarc_report(task, spf_ok, dkim_ok) @@ -177,7 +177,11 @@ local function dmarc_callback(task) if efrom[1]['domain'] == from[1]['domain'] then spf_ok = true elseif not strict_spf then - -- XXX: use tld list here and generate top level domain + if string.sub(efrom[1]['domain'], + -string.len('.' .. dmarc_domain)) + == '.' .. dmarc_domain then + spf_ok = true + end end end end @@ -186,7 +190,11 @@ local function dmarc_callback(task) if from[1]['domain'] == das[1]['options'][0] then dkim_ok = true elseif not strict_dkim then - -- XXX: use tld list here and generate top level domain + if string.sub(das[1]['options'][0], + -string.len('.' .. dmarc_domain)) + == '.' .. dmarc_domain then + dkim_ok = true + end end end @@ -195,17 +203,17 @@ local function dmarc_callback(task) res = 1.0 if quarantine_policy then if not pct or pct == 100 or (math.random(100) <= pct) then - task:insert_result('DMARC_POLICY_QUARANTINE', res, from[1]['domain']) + task:insert_result('DMARC_POLICY_QUARANTINE', res, dmarc_domain) end elseif strict_policy then if not pct or pct == 100 or (math.random(100) <= pct) then - task:insert_result('DMARC_POLICY_REJECT', res, from[1]['domain']) + task:insert_result('DMARC_POLICY_REJECT', res, dmarc_domain) end else - task:insert_result('DMARC_POLICY_SOFTFAIL', res, from[1]['domain']) + task:insert_result('DMARC_POLICY_SOFTFAIL', res, dmarc_domain) end else - task:insert_result('DMARC_POLICY_ALLOW', res, from[1]['domain']) + task:insert_result('DMARC_POLICY_ALLOW', res, dmarc_domain) end if rua and not(spf_ok or dkim_ok) and upstreams then @@ -228,9 +236,9 @@ local function dmarc_callback(task) if from and from[1]['domain'] and not from[2] then local url_from = rspamd_url.create(task:get_mempool(), from[1]['domain']) if url_from then - local dmarc_domain = '_dmarc.' .. url_from:get_tld() + dmarc_domain = url_from:get_tld() task:get_resolver():resolve_txt(task:get_session(), task:get_mempool(), - dmarc_domain, dmarc_dns_cb) + '_dmarc.' .. dmarc_domain, dmarc_dns_cb) end end end |